FFmpeg

mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-19 05:49:09 +02:00

Author	SHA1	Message	Date
Michael Niedermayer	edb8d29ca5	avcodec/xwddec: Check bpp more completely Fixes out of array access Fixes: 1399/clusterfuzz-testcase-minimized-4866094172995584 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 441026fcb13ac23aa10edc312bdacb6445a0ad06) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	bf4b8b1677	avcodec/aacdec_template: Do not decode 2nd PCE if it will lead to failure Fixes: out of array read Fixes: 1072/clusterfuzz-testcase-6456688074817536 Fixes: 1398/clusterfuzz-testcase-minimized-4576913622302720 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a5e0dbf530d447f36099aed575b34e9258c5d75a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	298de0a183	avcodec/s302m: Fix left shift of 8 by 28 places cannot be represented in type 'int' Fixes: 1395/clusterfuzz-testcase-minimized-5330939741732864 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a38e9797cb4123d13ba871d166a737786ba04a9b) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	8795bf9e5d	avcodec/eamad: Fix runtime error: signed integer overflow: 49674 * 49858 cannot be represented in type 'int' Fixes: 1394/clusterfuzz-testcase-minimized-6493376885030912 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 0ac1c87194a67e6104a3d241a4dd1ca0808784bd) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	77af726871	avcodec/g726: Fix runtime error: left shift of negative value -2 Fixes: 1393/clusterfuzz-testcase-minimized-5948366791901184 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c04aa148824f4fb7f4b70830ad3ca7a6cba8ab79) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	9970fa10c0	avcodec/magicyuv: Check len to be supported Fixes: shift exponent -1 is negative Fixes: 1390/clusterfuzz-testcase-minimized-5452757630713856 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2162b862eba5aadb59c0cf7cc304c67f4a5fb946) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	ffa39cd574	avcodec/ra144: Fix runtime error: left shift of negative value -798 Fixes: 1388/clusterfuzz-testcase-minimized-6680800936329216 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 78bf446852a7e5e8aa52c7ca9889632e167b665f) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	3f7a9eef51	avcodec/mss34dsp: Fix multiple signed integer overflow Fixes: 1387/clusterfuzz-testcase-minimized-4802757766676480 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 464c4b86ee43b7912e6f23fd3e5ba40381b4c371) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	eec20b665a	avcodec/targa_y216dec: Fix width type Fixes out of array access Fixes: 1376/clusterfuzz-testcase-minimized-6361794975105024 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 3e56db892600c2fbe34782c6140f1ee832a2c344) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	4f0fecf9fa	avcodec/texturedsp: Fix multiple runtime error: left shift of 255 by 24 places cannot be represented in type 'int' Fixes: 1386/clusterfuzz-testcase-minimized-5323086394032128 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e92fb2bea1800b987ebc3cbeef9d48cfe4bcd191) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	fca86d3e28	avcodec/ivi_dsp: Fix multiple left shift of negative value -2 Fixes: 1385/clusterfuzz-testcase-minimized-5552882663292928 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 9e88cc94e58e9e4d1293f9f56c973510e30495fd) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	bd739bce1c	avcodec/svq3: Fix multiple runtime error: signed integer overflow: 44161 * 61694 cannot be represented in type 'int' Fixes: 1382/clusterfuzz-testcase-minimized-6013445293998080 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 669419939c1d36be35196859dc73ec9a194157ad) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	f8eea96d64	avcodec/msmpeg4dec: Correct table depth Fixes undefined shift Fixes: 1381/clusterfuzz-testcase-minimized-5513944540119040 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1121d9270783b284a70af317d8785eac7df1b72f) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	c108bba1ae	avcodec/dds: Fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int' Fixes: 1380/clusterfuzz-testcase-minimized-650122545122508 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 8a8335de030aa6cb6356bb16c7d3aefc5a80e362) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	973a66108b	avcodec/cdxl: Check format parameter Fixes out of array access Fixes: 1378/clusterfuzz-testcase-minimized-5715088008806400 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e1b60aad77c27ed5d4dfc11e5e6a05a38c70489d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	cbc5796fc3	avutil/softfloat: Fix overflow in av_div_sf() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 277e397eb5964999bd76909f52d4bd3350289c22) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	66b7e165db	avcodec/hq_hqa: Fix runtime error: left shift of negative value -207 Fixes: 1375/clusterfuzz-testcase-minimized-6070134701555712 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1283c4244767bd19918f355c31d702a94ee0cc1b) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	99bedf74ac	avcodec/mss3: Change types in rac_get_model_sym() to match the types they are initialized from Fixes integer overflow Fixes: 1372/clusterfuzz-testcase-minimized-5712192982745088 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2ef0f392711445e173a56b2c073dedb021ae3783) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	2ff5e3f54e	avcodec/shorten: Check k in get_uint() Fixes: undefined shift Fixes: 1371/clusterfuzz-testcase-minimized-5770822591447040 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7b6a51f59c467ab9f4b73122dc269206fb517425) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	28c618355c	avcodec/webp: Fix null pointer dereference Fixes: 1369/clusterfuzz-testcase-minimized-5048908029886464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 9bf4523e40148fdd27064ab570952bd8c4d1016e) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	88a3e4c34e	avcodec/dfa: Fix signed integer overflow: -2147483648 - 1 cannot be represented in type 'int' Fixes: 1368/clusterfuzz-testcase-minimized-4507293276176384 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 12936a4585bc293c0f88327d6840f49e8e744b62) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	e2462c8828	avcodec/g723_1: Fix multiple runtime error: left shift of negative value Fixes: 1367/clusterfuzz-testcase-minimized-571496882346393 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4ace2d22192f3995911ec926940125dcb29d606a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	139d881273	avcodec/mimic: Fix runtime error: left shift of negative value -1 Fixes: 1365/clusterfuzz-testcase-minimized-5624158450876416 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit fc2c420b82939a8f30838a6aa08bfd936099d3ce) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	6f590bf05f	avcodec/clearvideo: Fix multiple runtime error: left shift of negative value -1024 Fixes: 1360/clusterfuzz-testcase-minimized-5606472043986944 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c0ffcb34c7e94817be934a1ee4a0b4c054723549) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	cab8d31804	avcodec/fic: Fix multiple left shift of negative value -15 Fixes: 1356/clusterfuzz-testcase-minimized-6008489086287872 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b20c71409b24460983ba5d9afa0716714f9e0f7d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	3585986a00	avcodec/mlpdec: Fix runtime error: left shift of negative value -22 Fixes: 1355/clusterfuzz-testcase-minimized-6662205472768000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c535436cbeeab89be64e9f3fd652bc736f2f3245) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	645b36ce64	avcodec/snowdec: Check qbias Fixes: signed integer overflow: -1094995529 * 131 cannot be represented in type 'int' Fixes: 1353/clusterfuzz-testcase-minimized-5208180449607680 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 523205ce1ed9415183c162998c68f573479e78fe) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	67835afd79	avutil/softfloat: Fix multiple runtime error: left shift of negative value -8 Fixes: 1352/clusterfuzz-testcase-minimized-5757565017260032 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 35f3df0d76e28969fa77f2b865e2e40b3ba69722) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	955b97704f	avcodec/aacsbr_template: Do not leave bs_num_env invalid Fixes out of array read Fixes: 1349/clusterfuzz-testcase-minimized-5370707196248064 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a8ad83b793e883b8c6d114f81073a4e40c0308a3) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	28b6588b48	avcodec/mdec: Fix signed integer overflow: 28835400 * 83 cannot be represented in type 'int' Fixes: 1346/clusterfuzz-testcase-minimized-5776732600664064 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a234b5ade3ca6cde805b92b8b6ecacf693460a8c) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	7617b90f07	avcodec/dfa: Fix off by 1 error Fixes out of array access Fixes: 1345/clusterfuzz-testcase-minimized-6062963045695488 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit f52fbf4f3ed02a7d872d8a102006f29b4421f360) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	2adf20b3da	avcodec/nellymoser: Fix multiple left shift of negative value -8591 Fixes: 1342/clusterfuzz-testcase-minimized-5490842129137664 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 0953736b7e97f6e121a0587a95434bf1857a27da) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	b80d4f58d8	avcodec/cdxl: Fix signed integer overflow: 14243456 * 164 cannot be represented in type 'int' Fixes: 1341/clusterfuzz-testcase-minimized-5441502618583040 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1002932a3b16d35c46a08455f76462909eebb5aa) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	85bf84c96c	avcodec/g722: Fix multiple runtime error: left shift of negative value -1 Fixes: 1340/clusterfuzz-testcase-minimized-4669892148068352 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit f55df62998681c7702f008ce7c12a00b15e33f53) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	5520e00a49	avcodec/dss_sp: Fix multiple left shift of negative value -466 Fixes: 1339/clusterfuzz-testcase-minimized-4614671485108224 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 38152d9368beb080b4acd6cd9e5ccc89b3f733bf) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	671530ccb4	avcodec/wnv1: Fix runtime error: left shift of negative value -1 Fixes: 1338/clusterfuzz-testcase-minimized-6485546354343936 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 9fac508ca46f93450ec232299dfd15ac70b6f326) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	1e8212798c	avcodec/tiertexseqv: set the fixed dimenasions, do not depend on the demuxer doing so Fixes: out of array access Fixes: 1348/clusterfuzz-testcase-minimized-6195673642827776 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ce551a3925a1cf9c7824e26a246b99b6773bda4b) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	484ce1af75	avcodec/mjpegdec: Fix runtime error: signed integer overflow: -24543 * 2031616 cannot be represented in type 'int' Fixes: 943/clusterfuzz-testcase-5114865297391616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a78ae465fda902565ed041d93403e04490b4be0d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	175a569f5b	avcodec/cavsdec: Fix undefined behavior from integer overflow Fixes: 1335/clusterfuzz-testcase-minimized-5566961566089216 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a0e5f7f363555d2befafb1c9e1579dbe0a2fbca7) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	dd3a5f04b9	avcodec/dvdsubdec: Fix runtime error: left shift of 242 by 24 places cannot be represented in type 'int' Fixes: 1080/clusterfuzz-testcase-5353236754071552 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ce7098b8f2b59c62b5abdb3d74819db75cf67698) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	a5bcb36874	libavcodec/mpeg4videodec: Convert sprite_offset to 64bit This avoids intermediates from overflowing (the final values are checked) Fixes: runtime error: signed integer overflow: -167712 + -2147352576 cannot be represented in type 'int' Fixes: 1298/clusterfuzz-testcase-minimized-5955580877340672 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c1c3a14073b33f790075f2884ea5c64451a6c876) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	142c65ba9c	avcodec/pngdec: Use ff_set_dimensions() Fixes OOM Fixes: 1314/clusterfuzz-testcase-minimized-4621997222920192 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a0296fc056f0d86943c697c505a181744b07dd45) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	dfda395b2f	avcodec/msvideo1: Check buffer size before re-getting the frame Fixes timeout Fixes: 1306/clusterfuzz-testcase-minimized-6152296217968640 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit cabfed6895fcc679cd6a6244a12d800e0f3f2d20) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	927ff67ab4	avcodec/h264_cavlc: Fix undefined behavior on qscale overflow Fixes: 1214/clusterfuzz-testcase-minimized-6130606599569408 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit fc8cff96ed45dfdb91ed03e9942845f28be0e770) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	44eabc5d5d	avcodec/dcadsp: Fix runtime error: signed integer overflow Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 9244b839b788e4677019041907ff5a4378a23490) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	78fd652af4	avcodec/svq3: Reject dx/dy beyond 16bit The code does use 16bit sized arrays later so larger deltas would not work Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 48b3117844177d8442bc9fa3ede1d31ce82ae6fc) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	65a9d0c66c	avcodec/svq3: Increase offsets to prevent integer overflows Fixes: 1280/clusterfuzz-testcase-minimized-6102353767825408 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 382b4fc9b5f3102f59743bf9c8619b31dd8ede1b) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	b1fc2c5c25	avcodec/indeo2: Check remaining bits in ir2_decode_plane() Fixes: 1290/clusterfuzz-testcase-minimized-5815578902134784 Fixes: timeout Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b29feec9829cfab2523c8d95e35bd69e689ea4af) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	b6a4aeb2f6	avcodec/vp3: Check remaining bits in unpack_dct_coeffs() Decreases the time spend decoding junk. May fix: 1283/clusterfuzz-testcase-minimized-6221126759874560 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2f00300b779e7b247c85db0d7daef448225105ff) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00
Michael Niedermayer	0875b2651d	doc/developer: Add terse documentation of assumed C implementation defined behavior Suggested-by: "Ronald S. Bultje" <rsbultje@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b706ddbae3f4a11c58560b914807931556108b55) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 00:21:49 +02:00

1 2 3 4 5 ...

85199 Commits