Fixes: CID1604398 Unchecked return value
Fixes: CID1604542 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ace2e25720b8a26906b15aab7eebbac860bb7bf0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: part of CID1355110 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2af95b9214a6bf75f946440d36c349963396e23b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1452759 Uninitialized scalar variable
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9385847af47211e8c618198499ffea99614bb55d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: index -2 out of bounds for type 'const enum AVCodecID [3]'
Fixes: 69866/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-4971166119821312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9b9e02f2ff6575e934e8e991a471b3086d1c0d53)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: -1082982400 + -1068681048 cannot be represented in type 'int'
Fixes: 69995/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-6285740271534080
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bcab9789ef750670277956e79736bca442aec2ff)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 9223372036854775807 - -1 cannot be represented in type 'long'
Fixes: 68578/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6032171648221184
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d8d288479d3431d65318d957aab710b13714fc05)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 68550/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6424065930756096
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d5ca373d7efa37d2d3911f0afbc85fad0dc86b38)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array read
Fixes: poc3
Reported-by: VulDB CNA Team
Found-by: CookedMelon
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3faadbe2a27e74ff5bb5f7904ec27bb1f5287dc8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 20 * 2314885530818453759 cannot be represented in type 'long'
Fixes: 69098/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG2VIDEO_fuzzer-6107989688778752
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0993ef675f06042402a97b08a60155c65dae8ba7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: left shift of 255 by 24 places cannot be represented in type 'int'
Fixes: 69083/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_UTVIDEO_fuzzer-5608202363273216
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 69e90491f15d8eef643f8dfd1b75805829496678)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This moves computations out of a loop
This may help with UB in vsynth*-jpeg2000-yuva444p16
Fixes: signed integer overflow: 31665934879948800 * 9998 cannot be represented in type 'long'
Fixes: 69024/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5949662967169024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a84fbd747119841942c67d2f55cc796ab25cd245)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: left shift of 1431634944 by 2 places cannot be represented in type 'int'
Fixes: left shift of 1073741824 by 1 places cannot be represented in type 'int'
Fixes: 69061/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC2_fuzzer-6325700826038272
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit af9935835335cae1ae5a4ec7fc14c1b5e25c1f2d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array access
Fixes: 69098/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG2VIDEO_fuzzer-6107989688778752
Fixes: 69599/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-4848626296225792.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9c8881cb3534b257d6e6539f563006599cd96b48)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1604593 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 66d6b8033b4bf8e9b33f26729c4ab9f9b328c5a2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Helps with: CID1439572 Uninitialized pointer read
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 19a5a8997c93d72d6fe169c42a2a04ad4bb6e03a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1439581 Result is not floating-point
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ec18ec9fc1080c37a02f3709afda5c4b08d4ea89)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The pointer is used before the check
Fixes: CID1591884 Dereference before null check
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Roger Pack <rogerdpack@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 989e11acb65e640d336d0d911e958a6008311a9d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Maybe Fixes: CID1598557 Explicit null dereferenced
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Roger Pack <rogerdpack@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2c2e72708831ca0cc76f72368676a8ccf624a2fe)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1591931 Explicit null dereferenced
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Roger Pack <rogerdpack@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 175c19166824bd93b02f60c5178365014212366e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1598550 Resource leak
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Roger Pack <rogerdpack@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 25f9211bdd61641cb8739efcb45bf31b46557178)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1591929 Copy into fixed size buffer
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Roger Pack <rogerdpack@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit daf61dddc8e27424c320d5c3abe3e0c5182cd5c0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Helps: CID1454676 Out-of-bounds read
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9af348bd1aa41ea10d6719c56ed2b4eda97642f3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 865309950 * 256 cannot be represented in type 'int'
Fixes: 69191/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OSQ_fuzzer-6310214413385728
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ed34b0c54ebdce7f741d9fb6a9ac11a1816df59c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found by reviewing code related to CID1604365 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0474614e6cf8edcd0077b95772c29fae894a7db9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1604552 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f18b442370d714b930e3e983c2e5d789229f3356)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1604429 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 06f01d9fa0ecfa7dd785b3dfe2957999472930b2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1604495 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d55327684349b4db5d5905eefaa7d2aec597908d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1604400 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b9899866418cb3bd930846271470e3096917f5f6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1604416 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0e3e7e8aeb4448a355979ddec87b0e1676ca9f15)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1604356 Overflowed constant
Fixes: CID1604573 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6e4c037833c3ca0e0bd3e348701c4c0dc58bed91)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is more a style fix than a bugfix (CID1604392 Overflowed constant)
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cfe66dfebb8a1e1394bcf834b6cc785f280ccecf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found by code review related to CID1604563 Overflowed return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b2aaeb81f65aaa61238d74a77034b118055340d3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found while reviewing code related to CID1604409 Overflowed return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7cf5b83f6fa367f99aefc1321bafc0a7e8db33cd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found by code review related to CID1604386 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e5af1c6e91e86b184101ef2abb49178ff409703b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1604394 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 69dcd123f19acf851f85166159a3719565813fd0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1604490 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 96fd9417e250540f228d1ad5b43a77c120208eba)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
width and height > 32bit is not supported and its easier to check in a central place
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ba63e329572b74207045fd82c93fcc0fa0479bc4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1559901 Resource leak
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 20e59af07e5e9a73cb3227355fe0a78afffdfe45)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found through code review related to CID1604493 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e6c0c5731e85f00b5840d9a7d14e38cc3e07d5bc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: left shift of negative value -208
Fixes: 69073/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_KS_fuzzer-4745020002336768
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 93e0265e27e6dd567812a8661988109421c5447a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found while reviewing: CID1494441 Untrusted value as argument
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f13ae632591b043cb69b66de01e8b178037cdd0e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found by reviewing: CID1530166 Free of array-typed value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 38c2e6a2c7c993d2076984de4ddd9776259397db)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found while reviewing: CID1530313 Untrusted loop bound
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cedbef03946625bc0f7f96e9f77ad59c512b9900)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
It is not entirely clear what would prevent such overflow so even if it is
not possible, it is better to use 64bit
Fixes: CID1491898 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 665be4fa2f47910bf85a6f17b6cac9dabc6591f0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1591930 Wrong sizeof argument
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Steve Lhomme <robux4@ycbcr.xyz>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e9e8bea2e79bc3c481a6f81f75f6c871e3e0f367)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1591944 Wrong sizeof argument
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Steve Lhomme <robux4@ycbcr.xyz>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 628ba061c8d5ae018c3e8aa8ce05b8dfcdfd8410)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1598558 Resource leak
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Steve Lhomme <robux4@ycbcr.xyz>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cf22f944d55c8eb0119fb20354a625f8c41eb11f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
