FFmpeg

mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-13 21:28:01 +02:00

Author	SHA1	Message	Date
Michael Niedermayer	ebea366ea9	avcodec/huffyuvdec: avoid undefined behavior with get_vlc2() failure Fixes: left shift of negative value -1 Fixes: 59889/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HUFFYUV_fuzzer-5472742275940352 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `90647a9249`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 18:40:47 +02:00
Michael Niedermayer	83a6af7f1a	avcodec/hevcdec: Fix undefined memcpy() There is likely a better way to fix this, this is mainly to show the problem Fixes: MC within same frame resulting in overlapping memcpy() Fixes: 60189/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-4992746590175232 Fixes: 61753/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5022150806077440 Fixes: 58062/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-4717458841010176 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `94bd1796ff`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 18:35:32 +02:00
Michael Niedermayer	1c9ae4ada6	avcodec/mpeg4videodec: more unsigned in amv computation Fixes: signed integer overflow: -2147483648 + -1048576 cannot be represented in type 'int' Fixes: 59365/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-642654923954585 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0adaa90d89`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 18:34:33 +02:00
Michael Niedermayer	5e57f3c8de	avcodec/tta: fix signed overflow in decorrelate Fixes: signed integer overflow: 2079654542 - -139267653 cannot be represented in type 'int' Fixes: 60811/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TTA_fuzzer-5915858409750528 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `283bf5c35b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 18:33:15 +02:00
Michael Niedermayer	c123a4dd0c	avcodec/xvididct: Fix integer overflow in idct_row() Fixes: signed integer overflow: -1403461578 + -843974775 cannot be represented in type 'int' Fixes: 60868/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-4599793035378688 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0ce322a51e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 18:25:41 +02:00
Michael Niedermayer	717b15de1d	avformat/avr: Check sample rate Fixes: 54979/clusterfuzz-testcase-minimized-ffmpeg_dem_AVR_fuzzer-6681035461230592 Fixes: Timeout Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `32556fa62b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 18:23:49 +02:00
Michael Niedermayer	f2937fde73	avcodec/jpeg2000dec: Check for reduction factor and image offset This combination is not working (it writes out of array) Reviewed-by: Tomas Härdin <git@haerdin.se> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9b6d191a66`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 11:32:27 +02:00
Michael Niedermayer	d4fcb508d1	avutil/softfloat: Basic documentation for av_sincos_sf() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4aa1a42a91`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 11:31:35 +02:00
Michael Niedermayer	f7f742a519	avutil/softfloat: fix av_sincos_sf() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d84677abd8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 11:30:45 +02:00
Michael Niedermayer	9c7334b053	avcodec/utils: fix 2 integer overflows in get_audio_frame_duration() Fixes: signed integer overflow: 256 * 668003712 cannot be represented in type 'int' Fixes: 59819/clusterfuzz-testcase-minimized-ffmpeg_dem_MATROSKA_fuzzer-4674636538052608 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a4bf559683`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 11:28:13 +02:00
Michael Niedermayer	781fdc6964	avcodec/hevcdec: Avoid null pointer dereferences in MC Fixes: runtime error: pointer index expression with base 0x000000000000 overflowed to 0xfffffffffffffff8 Fixes: 58440/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5956015530311680 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a0f4d4e650`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 11:22:54 +02:00
Michael Niedermayer	4e6b5097f2	avcodec/takdsp: Fix integer overflows Fixes: avcodec/takdsp.c:44:23: runtime error: signed integer overflow: -2097158 - 2147012608 cannot be represented in type 'int' Fixes: 58417/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-5268919664640000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ff8a496d41`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 11:21:58 +02:00
Michael Niedermayer	7167952f0e	avcodec: Ignoring errors is only possible before the input end Fixes: out of array read Fixes: Ticket 10308 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `fead656a7b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-10-18 11:08:00 +02:00
Michael Niedermayer	c721020755	Changelog: update	2023-06-10 22:49:06 +02:00
Michael Niedermayer	7b4662fae5	avcodec/noise_bsf: Check for wrapped frames Wrapped frames contain pointers so they need specific code to noise them, the generic code would lead to segfaults Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0889ebc577`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-07 01:35:38 +02:00
Michael Niedermayer	5a797e7c23	Update for 3.4.13 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:26:33 +02:00
Michael Niedermayer	30cdacf8c2	avcodec/pngdec: Do not pass AVFrame into global header decode The global header should not contain a frame, and decoding it would result in leaks Fixes: memleak Fixes: 45982/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-6603443149340672 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d31d4f3228`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:24:48 +02:00
Michael Niedermayer	b79b50a308	avformat/wavdec: Check that smv block fits in available space Fixes: OOM Fixes: 56271/clusterfuzz-testcase-minimized-ffmpeg_dem_WAV_fuzzer-5290810045497344 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a76efafdb9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:24:43 +02:00
Michael Niedermayer	77d1ae5d94	avcodec/tak: Check remaining bits in ff_tak_decode_frame_header() Fixes: out of array access Fixes: 45982/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-6682195323650048 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `19b66b89da`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:24:43 +02:00
Michael Niedermayer	40f962e569	avcodec/utils: the IFF_ILBM implementation assumes that there are a multiple of 16 allocated Fixes: out of array access Fixes: 45982/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5124452659888128 Fixes: 45982/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-6362836707442688 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `34056a94ea`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:24:43 +02:00
Michael Niedermayer	0b003c0828	avcodec/vorbisdec: Check codebook float values to be finite Fixes: Timeout Fixes: 55116/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VORBIS_fuzzer-4572159970508800 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `cadd7e7a75`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:24 +02:00
Michael Niedermayer	99bab6e961	avcodec/g2meet: Replace fake allocation avoidance for framebuf framebuf is only allocated when the new width/height are larger than the old but nothing sets the old so its always allocated. Use av_fast_mallocz() instead. Fixes: Timeout Fixes: 55094/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5116909932904448 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `38adbc6eeb`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:24 +02:00
Michael Niedermayer	dc530f258c	avcodec/lcldec: More space for rgb24 Fixes: Ticket 10239 Fixes: zlib_306_306_rgb24.av Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e2c3aa8e2b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:24 +02:00
Michael Niedermayer	09e16d736b	avcodec/lcldec: Support 4:1:1 and 4:2:2 with odd width Fixes: Ticket10240 Fixes: zlib_306_306_yuv422.avi Fixes: zlib_306_306_yuv411.avi Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0cf1ac905d`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:23 +02:00
Michael Niedermayer	9989fd4516	libavcodec/lcldec: width and height should not be unsigned Computations like col < width - 3 will not work with unsigned width=1 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3eb4e28c26`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:23 +02:00
Michael Niedermayer	e7ae341c2a	avcodec/escape124: Check that blocks are allocated before use Fixes: NULL pointer dereference Fixes: 57819/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ESCAPE124_fuzzer-5077280228769792 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5366ae12b9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:23 +02:00
Michael Niedermayer	8c8821b545	avcodec/huffyuvdec: Fix undefined behavior with shift Fixes: left shift of negative value -1 Fixes: 57554/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFVHUFF_fuzzer-4853603839115264 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `27e7857bd1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:22 +02:00
Michael Niedermayer	db29a66295	avcodec/j2kenc: fix 5/3 DWT identifer Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f6955b6df4`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:22 +02:00
Michael Niedermayer	e52276f77a	avcodec/vp3: Check width to avoid assertion failure Fixes: Assertion failure on x86-32 av_assert2(block_w * sizeof(pixel) <= FFABS(buf_linesize)); in ff_emulated_edge_mc() Fixes: 39641/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THEORA_fuzzer-5925660741206016 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `dab1cd2dc0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:22 +02:00
Michael Niedermayer	192353f7c1	avcodec/g729postfilter: Limit shift in long term filter Fixes: shift exponent 34 is too large for 32-bit type 'int' Fixes: 57389/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ACELP_KELVIN_fuzzer-6229522659016704 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6d1d8609ac`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:21 +02:00
Lynne	a159bfb3ba	configure: update copyright year (cherry picked from commit `62da0b4a74`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:21 +02:00
Michael Niedermayer	789e189779	avcodec/tests/snowenc: Fix 2nd test (cherry picked from commit `163013c724`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:21 +02:00
Michael Niedermayer	62a0bbfa54	avcodec/tests/snowenc: return a failure if DWT/IDWT mismatches Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `771c266c0b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:20 +02:00
Michael Niedermayer	872c74b3ba	avcodec/snowenc: Fix visual weight calculation Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5b5fcadea0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:20 +02:00
Michael Niedermayer	bf6bff0b75	avcodec/tests/snowenc: unbreak DWT tests the IDWT data type mismatched current code Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8b3351bbea`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:20 +02:00
Jiasheng Jiang	5cd450dd7a	avcodec/vp3: Add missing check for av_malloc Since the av_malloc() may fail and return NULL pointer, it is needed that the 's->edge_emu_buffer' should be checked whether the new allocation is success. Fixes: `d14723861b` ("VP3: fix decoding of videos with stride > 2048") Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> (cherry picked from commit `656cb0450a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:19 +02:00
Michael Niedermayer	f8ef4290e3	avcodec/escape124: Fix some return codes Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `98df605f7a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:19 +02:00
Michael Niedermayer	800ba7107e	avcodec/escape124: fix signdness of end of input check Fixes: Timeout Fixes: 56561/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ESCAPE124_fuzzer-5560363635834880 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `87ad0a5dd7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:19 +02:00
Michael Niedermayer	03b34a884f	Use https for repository links Reviewed-by: Stefano Sabatini <stefasab@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `011f30fc82`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:18 +02:00
Michael Niedermayer	d85f407e0d	avcodec/motionpixels: Mask pixels to valid values Fixes: out of array access Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOTIONPIXELS_fuzzer-6724203352555520 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ac6eec1fc2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:18 +02:00
Michael Niedermayer	2ca69aa42d	avcodec/xpmdec: Check size before allocation to avoid truncation Fixes:OOM Fixes:out of array access (no testcase) Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XPM_fuzzer-6573323838685184 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `95f0f84dae`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:18 +02:00
Michael Niedermayer	a2da41e03a	avcodec/bink: Avoid undefined out of array end pointers in binkb_decode_plane() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ea9deafd3b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:17 +02:00
Michael Niedermayer	e152447bb5	avcodec/bink: Fix off by 1 error in ref end Fixes: out of array access Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BINK_fuzzer-6657932926517248 Alterantivly to this it is possibly to allocate a bigger array Note: oss-fuzz assigned this issue to a unrelated theora bug so the bug number matches that Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `49487045dd`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:17 +02:00
Michael Niedermayer	06fe955608	avcodec/utils: Ensure linesize for SVQ3 Fixes: Assertion block_w * sizeof(uint8_t) <= ((buf_linesize) >= 0 ? (buf_linesize) : (-(buf_linesize)) Fixes: 54861/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SVQ3_fuzzer-5352418248622080 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4eef658ca5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:17 +02:00
Michael Niedermayer	331d1d5677	avcodec/utils: allocate a line more for VC1 and WMV3 Fixes: out of array read on 32bit Fixes: 54857/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-5840588224462848 The chroma MC code reads over the currently allocated frame. Alternative fixes would be allocating a few bytes more at the end instead of a whole line extra or to adjust the threshold where the edge emu code is activated Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `01636a63d4`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:16 +02:00
Michael Niedermayer	6047f056af	avcodec/videodsp_template: Adjust pointers to avoid undefined pointer things Fixes: subtraction of unsigned offset from 0xf6602770 overflowed to 0xf6638c80 Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THEORA_fuzzer-495074400600064 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f0150cd41c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:16 +02:00
Michael Niedermayer	3b39e8a3b8	avcodec/pngdec: Check deloco index more exactly Fixes: out of array access: Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PNG_fuzzer-6716193709096960 Alternatively it should be possible to limit this to 3 plane RGB 8 /16bit to ensure the size is what it should be Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d5bae70406`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:16 +02:00
Michael Niedermayer	a928367cba	avcodec/ffv1dec: Check that num h/v slices is supported Fixes: out of array access Fixes: 55597/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFV1_fuzzer-4898293416329216 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8ead0ae68e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:15 +02:00
Michael Niedermayer	a919346b63	avformat/mov: Check samplesize and offset to avoid integer overflow Fixes: signed integer overflow: 9223372036854775584 + 536870912 cannot be represented in type 'long' Fixes: 55844/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-510613920664780 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `53c1f5c2e2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:15 +02:00
Michael Niedermayer	07dd5b4d69	avcodec/pictordec: Remove mid exit branch This causes the RLE decoder to exit before applying the last RLE run All images i tested with are unchanged, this makes the special case for handling the last run unused for non truncated images. Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `88f0e05c72`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2023-06-04 20:18:15 +02:00

1 2 3 4 5 ...

89326 Commits