Fixes: tickets/3933/128.jls
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 011006874cb46325b6bc83234f81879ff421c05f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: Timeout
Fixes: left shift of 33046 by 16 places cannot be represented in type 'int'
Fixes: 29258/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-4889231489105920
Fixes: 29515/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-6161940391002112
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This affected all decoders that used ff_mjpeg_decode_init() as init
function; and it also affected decoders that open jpeg decoders via
ff_codec_open2_recursive() as well as MxPEG.
Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* commit '5a0e953c2465be9d449d5f523c3d3e2b886910b2':
mjpeg: Mark decoder family as thread safe
Conflicts:
libavcodec/mjpegbdec.c
libavcodec/mjpegdec.c
libavcodec/mxpegdec.c
libavcodec/sp5xdec.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
No global variables are used and the VLC tables are allocated without
static elements. This will allow using a JPEG decoding context within
other decoders.
previously it could have been by 1 too large
Fixes out of array access
Fixes: asan_heap-oob_12240f5_1_asan_heap-oob_12240f5_448_t8c1e3.jls
Fixes: asan_heap-oob_12240f5_1_asan_heap-oob_12240f5_448_t8nde0.jls
Fixes: asan_heap-oob_12240fa_1_asan_heap-oob_12240fa_448_t16e3.jls
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master: (27 commits)
libxvid: Give more suitable names to libxvid-related files.
libxvid: Separate libxvid encoder from libxvid rate control code.
jpeglsdec: Remove write-only variable in ff_jpegls_decode_lse().
fate: cosmetics: lowercase some comments
fate: Give more consistent names to some RealVideo/RealAudio tests.
lavfi: add avfilter_get_audio_buffer_ref_from_arrays().
lavfi: add extended_data to AVFilterBuffer.
lavc: check that extended_data is properly set in avcodec_encode_audio2().
lavc: pad last audio frame with silence when needed.
samplefmt: add a function for filling a buffer with silence.
samplefmt: add a function for copying audio samples.
lavr: do not try to copy to uninitialized output audio data.
lavr: make avresample_read() with NULL output discard samples.
fate: split idroq audio and video into separate tests
fate: improve dependencies
fate: add convenient shorthands for ea-vp6, libavcodec, libavutil tests
fate: split some combined tests into separate audio and video tests
fate: fix dependencies for probe tests
mips: intreadwrite: fix inline asm for gcc 4.8
mips: intreadwrite: remove unnecessary inline asm
...
Conflicts:
cmdutils.h
configure
doc/APIchanges
doc/filters.texi
ffmpeg.c
ffplay.c
libavcodec/internal.h
libavcodec/jpeglsdec.c
libavcodec/libschroedingerdec.c
libavcodec/libxvid.c
libavcodec/libxvid_rc.c
libavcodec/utils.c
libavcodec/version.h
libavfilter/avfilter.c
libavfilter/avfilter.h
libavfilter/buffersink.h
tests/Makefile
tests/fate/aac.mak
tests/fate/audio.mak
tests/fate/demux.mak
tests/fate/ea.mak
tests/fate/image.mak
tests/fate/libavutil.mak
tests/fate/lossless-audio.mak
tests/fate/lossless-video.mak
tests/fate/microsoft.mak
tests/fate/qt.mak
tests/fate/real.mak
tests/fate/screen.mak
tests/fate/video.mak
tests/fate/voice.mak
tests/fate/vqf.mak
tests/ref/fate/ea-mad
tests/ref/fate/ea-tqi
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
rtpdec_asf: Set the no_resync_search option for the chained asf demuxer
asfdec: Add an option for not searching for the packet markers
cosmetics: Clean up the tiffenc pix_fmts declaration to match the style of others
cosmetics: Align codec declarations
cosmetics: Convert mimic.c to utf-8
avconv: remove an unused function parameter.
avconv: remove now pointless variables.
avconv: drop support for building without libavfilter.
nellymoserenc: fix crash due to memsetting the wrong area.
libavformat: Only require first packet to be known for audio/video streams
avplay: Don't try to scale timestamps if the tb isn't set
Conflicts:
Changelog
configure
ffmpeg.c
libavcodec/aacenc.c
libavcodec/bmpenc.c
libavcodec/dnxhddec.c
libavcodec/dnxhdenc.c
libavcodec/ffv1.c
libavcodec/flacenc.c
libavcodec/fraps.c
libavcodec/huffyuv.c
libavcodec/libopenjpegdec.c
libavcodec/mpeg12enc.c
libavcodec/mpeg4videodec.c
libavcodec/pamenc.c
libavcodec/pgssubdec.c
libavcodec/pngenc.c
libavcodec/qtrleenc.c
libavcodec/rawdec.c
libavcodec/sgienc.c
libavcodec/tiffenc.c
libavcodec/v210dec.c
libavcodec/wmv2dec.c
libavformat/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
