virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-10-06 05:47:18 +02:00
Code Issues Releases Activity
95,902 Commits 38 Branches 411 Tags
e98a6be89b5554621ece683c824c475cc44b2195
Commit Graph

95902 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Niedermayer
e98a6be89b Update for 4.2.11 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
n4.2.11 		2025-05-16 19:01:16 +02:00
Michael Niedermayer
9ae2d3646b avcodec/takdec: Check remaining space for first predictors 
Fixes: Timeout
Fixes: 403673829/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-5498240154009600

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8e6db875af)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 19:00:02 +02:00
Michael Niedermayer
abd06f81c8 avcodec/sonic: Check num_taps 
The encoder uses max 128 taps, which is quiet a lot already
If work is done to improve sonic, it will be more radical than changing the taps

Fixes: Timeout
Fixes: 402539974/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-6122944271286272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fd0a792766)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 19:00:01 +02:00
Michael Niedermayer
329cd64a24 avformat/mov: reject negative ELST durations 
Fixes: multiple integer overflows
Fixes: 401016767/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6242067591790592

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9fc2702f6f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 19:00:01 +02:00
Michael Niedermayer
c52f0d2e0f avcodec/h264_mb: Fix tmp_cr for arm 
When decoding a bitstream with weighted-bipred enabled,
the results on ARM and x86 platforms may differ.

The reason for the inconsistency is that the value of
STRIDE_ALIGN differs between platforms. And STRIDE_ALIGN
is set to the buffer stride of temporary buffers for U
and V components in mc_part_weighted.

If the buffer stride is 32 or 64 (as on x86 platforms),
the U and V pixels can be interleaved row by row without
overlapping, resulting in correct output.
However, on ARM platforms where the stride is 16,
the V component did overwrite part of the U component's pixels,
leading to incorrect predicted pixels.

The bug can be reproduced by the following bitstream.

https://trac.ffmpeg.org/attachment/ticket/11357/inter_weighted_bipred2.264

Fixes: ticket 11357
Commit-msg-mostly-by: Bin Peng <pengbin@visionular.com>
Reviewed-by: Bin Peng <pengbin@visionular.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 74fd2c3ddb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 19:00:01 +02:00
Michael Niedermayer
fef450f3c5 avcodec/vorbisdec: Dont treat overread as error 
This differs from libvorbis by
stddev:    2.44 PSNR: 88.58 MAXDIFF:   41 bytes:   834304/   834304
for the file from the ticket

Fixes: Ticket11427

Regression since: dc89cf804a

This is a similar solution to what james proposed earlier in
[FFmpeg-devel] [PATCH] avcodec/vorbisdec: don't abort on EOD when decoding residuals

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fd5a3c5fed)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 19:00:00 +02:00
Michael Niedermayer
d553897a10 libpostproc: check minimum size 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 917c15435a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 19:00:00 +02:00
Michael Niedermayer
47d7bd31a9 avformat/hls: add fmp4 to allowed_extensions 
Fixes: yt-dlp/issues/12700

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d82016c730)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 19:00:00 +02:00
Michael Niedermayer
b5657755b5 avformat/hls: Add ec3 to allowed_extensions 
Fixes part of Ticket11435
Fixes: Elisa Viihde (Finnish online recording service)

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 68644994fd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:59 +02:00
Michael Niedermayer
9dd7ab049f avformat/hls: Add cmfv and cmfa to allowed_extensions 
Fixes: www.nicovideo.jp
Fixes: Ticket11526
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2352145e41)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:59 +02:00
Michael Niedermayer
237e877883 configure: Clearer documentation for "disable-safe-bitstream-reader" 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 979608dde7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:59 +02:00
Michael Niedermayer
b3f9eac35a swscale/output: Fix integer overflow in yuv2gbrp_full_X_c() 
Fixes: signed integer overflow: 1966895953 + 210305024 cannot be represented in type 'int'
Fixes: 391921975/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5916798905548800

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ce538ef97a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:58 +02:00
James Almer
eb88a2318e avcodec/libtheora: fix setting keyframe_mask 
t_info.keyframe_granule_shift is set to the library default of 6, which is ok
for gop sizes up to 63. Since there's apparently no way to query the updated
value after having forced a gop value with TH_ENCCTL_SET_KEYFRAME_FREQUENCY_FORCE,
calculate it manually instead.

Fixes ticket #11454.

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 22aa71d4da)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:58 +02:00
James Almer
20dee7be59 avfilter/buffersrc: check for valid sample rate 
A sample rate <= 0 is invalid.

Fixes an assert in ffmpeg_enc.c that assumed a valid sample rate would be set.
Fixes ticket #11385.

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 1446e37d3d)
 2025-05-16 18:59:57 +02:00
Michael Niedermayer
3c34ce7cfe doc: replace http/git by https urls 
These are more secure

Reviewed-by: Gyan Doshi <ffmpeg@gyani.pro>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b4d165c68f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:57 +02:00
Lynne
4b61be93b8 configure: update copyright year 
On 01/01/2025 19:05, Peter Ross wrote:
> FFmpeg turns 25 this year.

(cherry picked from commit d3aa99a4f4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:57 +02:00
Cosmin Stejerean
de0ec0d3af avfilter/bwdif: account for chroma sub-sampling in min size calculation 
The current logic for detecting frames that are too small for the
algorithm does not account for chroma sub-sampling, and so a sample
where the luma plane is large enough, but the chroma planes are not
will not be rejected. In that event, a heap overflow will occur.

This change adjusts the logic to consider the chroma planes and makes
the change to all three bwdif implementations.

Fixes #10688

Signed-off-by: Cosmin Stejerean <cosmin@cosmin.at>
Reviewed-by: Thomas Mundt <tmundt75@gmail.com>
Signed-off-by: Philip Langdale <philipl@overt.org>
(cherry picked from commit 737ede405b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:56 +02:00
Michael Niedermayer
1e0f85a54d avformat/iff: Check that we have a stream in read_dst_frame() 
Fixes: null pointer dereference
Fixes: 385644864/clusterfuzz-testcase-minimized-ffmpeg_dem_IFF_fuzzer-4551049565765632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8668957ef6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:56 +02:00
Michael Niedermayer
b847a91cd0 avformat/mlvdec: fix size checks 
Fixes: heap-buffer-overflow
Fixes: 391962476/clusterfuzz-testcase-minimized-ffmpeg_dem_MLV_fuzzer-5746746587676672

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 251d43aef0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:56 +02:00
Michael Niedermayer
2ad73fc12c avformat/mxfdec: Check edit unit for overflow in mxf_set_current_edit_unit() 
Fixes: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'long'
Fixes: 392672068/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6232335892152320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <git@haerdin.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8a6ad9eab2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:55 +02:00
Michael Niedermayer
9d5b967325 avcodec/h263dec: Check against previous dimensions instead of coded 
Fixes: out of array access
Fixes: crash-a41ef3db699013f669b076f02f36942925f5a98c

Found-by: Kacper Michajlow <kasper93@gmail.com>
Reviewed-by: Kacper Michajlow <kasper93@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0fe33c99a2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:55 +02:00
Michael Niedermayer
6b4205c95e avformat/mxfdec: Check avio_read() success in mxf_decrypt_triplet() 
Fixes: Use of uninitialized memory
Fixes: 71444/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5448597561212928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6ecc96f4d0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:55 +02:00
Michael Niedermayer
c5fac74428 avcodec/huffyuvdec: Initialize whole output for decode_gray_bitstream() 
Fixes: use of uninitialized memory
Fixes: 375286238/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HYMT_fuzzer-6352546854141952

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ef71552cf9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:54 +02:00
Michael Niedermayer
f8fda20ba6 avformat/ipmovie: Check signature_buffer read 
Fixes: use of uninitilaized data
Fixes: 385167047/clusterfuzz-testcase-minimized-ffmpeg_dem_IPMOVIE_fuzzer-5941477505564672

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 788abe0d25)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:54 +02:00
Michael Niedermayer
abb4a151ef avformat/wtvdec: Initialize buf 
ff_parse_mpeg2_descriptor() reads over what is initialized
Fixes: use of uninitialized memory
Fixes: 383825645/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-5144130618982400

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 17b019c517)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:54 +02:00
Michael Niedermayer
e2aac02c48 avcodec/cbs_vp9: Initialize VP9RawSuperframeIndex 
Fixes: use-of-uninitialized-value
Fixes: 70907/clusterfuzz-testcase-minimized-ffmpeg_BSF_VP9_METADATA_fuzzer-6339363208757248

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e81d410242)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 18:59:46 +02:00
Michael Niedermayer
a4c09cf37a avformat/vqf: Check avio_read() in add_metadata() 
Fixes: use of uninitialized data
Fixes: 383825642/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5380168801124352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c43dbecbda)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:50 +02:00
Michael Niedermayer
e029108cea avformat/dashdec: Check whitelist 
Fixes: CVE-2023-6602, V. DASH Playlist SSRF

Found-by: Harvey Phillips of Amazon Element55 (element55)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4c96d6bf75)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:50 +02:00
Michael Niedermayer
a6599d5108 avutil/avstring: dont mess with NULL pointers in av_match_list() 
Fixes: applying zero offset to null pointer

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c6c54943d1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:49 +02:00
Michael Niedermayer
a18b0ddf50 avcodec/mpegvideo_enc: Check FLV1 resolution limits 
Found-by: Elias Myllymäki <elias.myllymaki04p@gmail.com>
Reviewed-by: Alexander Strasser <eclipse7@gmx.net>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 827c073154)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:49 +02:00
Michael Niedermayer
5a9ca53ac2 avcodec/ffv1enc: Fix handling of 32bit unsigned symbols 
This may be needed for floats

Sponsored-by: Sovereign Tech Fund
Reviewed-by: Alexander Strasser <eclipse7@gmx.net>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 402824e9e9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:49 +02:00
Michael Niedermayer
977ced3323 avcodec/vc1dec: Clear block_index in vc1_decode_reset() 
Fixes: 377965565/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-4504434689769472
Fixes: out of array access

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 251de1791e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:48 +02:00
Michael Niedermayer
eef4ca9a67 avcodec/aacsbr_template: Clear n_q on error 
Fixes: index 5 out of bounds for type 'uint8_t [5]'
Fixes: 377748135/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer-5167109774049280

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3f029bfb7f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:48 +02:00
Michael Niedermayer
d67d0175db swscale/output: Fix undefined overflow in yuv2rgba64_full_X_c_template() 
Fixes: signed integer overflow: -1082982400 + -1195645138 cannot be represented in type 'int'
Fixes: 376136843/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-4791844321427456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 56faee21c1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:48 +02:00
Michael Niedermayer
6b43edeb24 avfilter/af_pan: Fix sscanf() use 
Fixes: Memory Data Leak

Found-by: Simcha Kosman <simcha.kosman@cyberark.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b5b6391d64)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:47 +02:00
Michael Niedermayer
12c9288d47 avformat/rmdec: check that buf if completely filled 
Fixes: use of uninitialized value
Fixes: 70988/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5298245077630976

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9578c135d0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:47 +02:00
Michael Niedermayer
66402ac52e avcodec/hapdec: Clear tex buffer 
The code following makes no attempt to initialize all of the buffer

Fixes: use of uninitialized value
Fixes: 70980/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5329909059223552

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7eeeda703b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:47 +02:00
Michael Niedermayer
777a03ebab avformat/mxfdec: Check that key was read sucessfull 
Fixes: use of uninitialized value
Fixes: 70932/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4870202133643264

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4c62cbcae2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:46 +02:00
Michael Niedermayer
72c8f46cb0 avformat/rpl: Fix check for negative values 
Fixes: signed integer overflow: 10 * -1923267925333400000 cannot be represented in type 'int64_t' (aka 'long')
Fixes: 378891963/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5714338935013376
Found-by: ossfuzz
Reported-by: Kacper Michajlow <kasper93@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit eab65379bf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:46 +02:00
Michael Niedermayer
50456eb8d4 avformat/mlvdec: Check avio_read() 
Fixes: use-of-uninitialized-value
Fixes: 383170476/clusterfuzz-testcase-minimized-ffmpeg_dem_MLV_fuzzer-4696002884337664

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bb85423142)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:45 +02:00
Michael Niedermayer
d53cf41505 avcodec/utils: Fix block align overflow for ADPCM_IMA_WAV 
Fixes: signed integer overflow: 529008646 * 8 cannot be represented in type 'int'
Fixes: 383379145/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-6674045107503104

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9327093079)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:45 +02:00
Michael Niedermayer
50f46db70d avformat/matroskadec: Check pre_ns for overflow 
Fixes: signed integer overflow: -3483479120376300096 - 7442323944145700864 cannot be represented in type 'long'
Fixes: 383187489/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-4561470580391936

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 361d24e6d9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:45 +02:00
Michael Niedermayer
c8fbdc5c6f avcodec/webp: Check ref_x/y 
Fixes: 70991/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WEBP_fuzzer-5544067620995072
Fixes: use of uninintailized value

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7c1e732ad2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:44 +02:00
Michael Niedermayer
9df3db27d5 avcodec/ilbcdec: Initialize tempbuff2 
Fixes: Use of uninitialized value
Fixes: 71350/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ILBC_fuzzer-6322020827070464

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4482218440)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:44 +02:00
Michael Niedermayer
ce9505775a avformat/dxa: check bpc 
Fixes: integer overflow: -2147483648 - 1 cannot be represented in type 'int'
Fixes: 373971762/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-4880491112103936

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7e020f2141)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:44 +02:00
Michael Niedermayer
201f2c5912 swscale/slice: clear allocated memory in alloc_lines() 
Fixes: use of uninitialized memory in hScale16To15_c()
Fixes: 373924007/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5841199968092160

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit aeec39f3c1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:43 +02:00
Michael Niedermayer
f7dda674af avformat/icodec: fix integer overflow with nb_pal 
Fixes: runtime error: signed integer overflow
Fixes: 42536949/clusterfuzz-testcase-minimized-fuzzer_loadfile-6199846684393472
Found-by: ossfuzz
Reported-by: Kacper Michajlow
Tested-by: Kacper Michajlow
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 84569b6c22)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:43 +02:00
Michael Niedermayer
6a638d42cc doc/developer: Document relationship between git accounts and MAINTAINERS 
This should have been documented long ago and i thought it was

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7051825b01)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:43 +02:00
Michael Niedermayer
f9eaf66e26 avformat/vividas: Check avio_read() for failure 
Fixes: use of uninitialized value (untested)
Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5505802505355264

Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 96d45c3b21)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:42 +02:00
Michael Niedermayer
3dec911f86 avformat/ilbc: Check avio_read() for failure 
Fixes: use of uninitialized value
Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_protocol_memory-6656646223298560-cut

Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e30d957a9b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2025-05-16 03:03:42 +02:00