virtualenv/FFmpeg
1
0
Fork 0
mirror of https://github.com/FFmpeg/FFmpeg.git synced 2025-01-24 13:56:33 +02:00
Code Issues Releases Activity
91,026 Commits 37 Branches 400 Tags
Commit Graph

91026 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikolas Bowe
8591d16ce5 lavc/svq3: Fix regression decoding some files. 
Fixes some SVQ3 encoded files which fail to decode correctly after 6d6faa2a2d.
These files exhibit lots of artifacts and logs show "Media key encryption is not implemented".
However they decode without artifacts before 6d6faa2a2d.
The attatched patch allows these files to successfully decode, but also reject media key files.

Tested on the files in #6094 and http://samples.mplayerhq.hu/V-codecs/SVQ3/Vertical400kbit.sorenson3.mov

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5aeb3b008080d8d4a38f245d557dbc9bd6c36dcf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-10-07 21:34:00 +02:00
Michael Niedermayer
07255282d0 avcodec/mlp_parser: Check if synccode is within buffer 
Fixes: undefined shift
Fixes: 9216/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEHD_fuzzer-6281404575907840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 51ac3f43b8bf3b7f2af555af319cd240bb8b4ebf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-10-07 21:34:00 +02:00
Michael Niedermayer
f9235773d6 avcodec/qtrle: Check remaining bytestream in qtrle_decode_XYbpp() 
Fixes: Timeout
Fixes: 9213/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QTRLE_fuzzer-5649753332252672

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7dd836a3f9771e0e44df1b27e67d6866d91e06d7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-10-07 21:34:00 +02:00
Michael Niedermayer
4f51a21c30 avcodec/diracdec: Check bytes count in else branch in decode_lowdelay() too 
Fixes: signed integer overflow: 8 * 340018243 cannot be represented in type 'int'
Fixes: 9441/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5194665207791616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bed125b7108481574f36fdd6ee699b27354602e8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-10-07 21:34:00 +02:00
Michael Niedermayer
6cf72a56e7 avcodec/diracdec: Check slice numbers for overflows in relation to picture dimensions 
Fixes: signed integer overflow: 88 * 33685506 cannot be represented in type 'int'
Fixes: 9433/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5725943535501312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f457c0ad7f73e31e99761f2ad3738cf3b3c24ca0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-10-07 21:34:00 +02:00
Michael Niedermayer
88093d2c1f avcodec/diracdec: Change frame_number to 64bit as its a 32bit from the bitstream and we also have a -1 special case 
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 9291/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6324345860259840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 462d1be6dec5ff4768be8c202f359cbf037db3c6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-10-07 21:34:00 +02:00
Michael Niedermayer
8147da2bad avcodec/dirac_dwt_template: Fix several integer overflows in horizontal_compose_daub97i() 
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 8926/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6047609228623872

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 69cac9e130dc8c9d2a5b8012011df372974adf35)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-10-07 21:34:00 +02:00
Michael Niedermayer
f291acafbb avcodec/diracdec: Prevent integer overflow in intermediate in global_mv() 
Fixes: signed integer overflow: -393471 * 5460 cannot be represented in type 'int'
Fixes: 8890/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6299775379963904

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 51290406461ed40b70e0e05b389a461a283f3367)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-10-07 21:34:00 +02:00
Michael Niedermayer
cec6df48ba swresample/swresample: Fix input channel count in resample_first computation 
Found-by: Marcin Gorzel <gorzel@google.com>
Reviewed-by: Marcin Gorzel <gorzel@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bce4da85e8110b66040a5fb07ffc724ab4e09a86)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-10-07 21:34:00 +02:00
Michael Niedermayer
1a4a6d94cc avutil/pixfmt: Document chroma plane size for odd resolutions 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit be0b77e6e83b61c2da338201b5ddfae1c9acedc5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-10-07 21:34:00 +02:00
Nicolas George
2be51cbeea lavf/libsmbclient: return AVERROR_EOF for EOF. 
Fix trac ticket #7387.
 2018-09-02 18:42:47 +02:00
Thilo Borgmann
49a90d5d31 lavc/videotoolboxenc: Fix compilation on osx 10.10.5 Yosemite 
Signed-off-by: Aman Gupta <aman@tmm1.net>
(cherry picked from commit 72d9b8f4c53ce3de48ba43ddeeccc62f6932b376)
 2018-08-14 10:02:05 -07:00
Aman Gupta
fab3418cb9 avcodec/mediacodecdec: fix SEGV on modern nvidia decoders 
This code came originally from gstreamer, where it was added in [1]
as a work-around for the Tegra 3. (The alignment was changed in [2]
as a response to [3], from 32-bit to 16-bit).

gstreamer only used this workaround in the case where the decoder
didn't return a slice-height property, but when the code was copied
into avcodec the conditional got lost. This commit restores the guard
and prefers the slice-height from the decoder when it is available.

This fixes segfaults decoding 1920x1080 h264 and mpeg2 videos on the
NVidia SHIELD after upgrading to Android Oreo.

[1] a870e6a5c3
[2] 21ff3ae0b0
[3] https://bugzilla.gnome.org/show_bug.cgi?id=748867

Signed-off-by: Aman Gupta <aman@tmm1.net>
(cherry picked from commit 476fd6ba3a7d74ed8be9af10cb9f4d4b3fdaf3e1)
 2018-08-03 11:07:31 -07:00
James Almer
9cc5337247 avcodec/bitstream_filters: check the input argument of av_bsf_get_by_name() for NULL 
Fixes crashes like "ffmpeg -h bsf" caused by passing NULL to strcmp()

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 3258cc6507a2012d54889ce5f8efbde7e81d927d)
 2018-07-28 22:43:09 -03:00
Timo Rothenpieler
d6d7853b4b avformat/librtmp: fix returning EOF from Read/Write 
Ticket #7052
 2018-07-28 01:11:30 +02:00
Thomas Guillem
db923b3fbd avcodec/videotoolboxenc: fix undefined behavior with rc_max_rate=0 
On macOS, a zero rc_max_rate cause an error from
VTSessionSetProperty(kVTCompressionPropertyKey_DataRateLimits).

on iOS (depending on device/version), a zero rc_max_rate cause invalid
arguments from the vtenc_output_callback after few frames and then a crash
within the VideoToolbox library.

Signed-off-by: Aman Gupta <aman@tmm1.net>
(cherry picked from commit 93e157f40f415119ea0f94b35596965e9870f863)
 2018-07-19 09:26:30 -07:00
Michael Niedermayer
0a155c57bd Update for 4.0.2 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
n4.0.2 		2018-07-18 14:04:51 +02:00
Michael Niedermayer
3ef38c414e avcodec/dvdsub_parser: Allocate input padding 
Fixes: out of array read
Fixes: 9350/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DVDSUB_fuzzer-5746777750765568

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cd86b5cfe278af79d6b147e122d9a72c270a9fde)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
40ed40902a avcodec/dvdsub_parser: Init output buf/size 
No testcase

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9e6c8437761661441d836876934314cb2b8fafe7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
0561cde128 avcodec/dirac_dwt_template: Fix signedness regression in interleave() 
Found-by: <jdarnley>
Tested-by: James Darnley <james.darnley@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 181435a4de6e38e0a15ddaf16de9a157ef41cb18)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
670b565ba2 avformat/mov: Simplify last element computation in mov_estimate_video_delay() 
Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Reviewed-by: Sasi Inguva <isasi@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b0644f7f72a9ae64c7285d26ec720441c25d4cf5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
6b65f46673 avformat/mov: Break out of inner loop early in mov_estimate_video_delay() 
0.266 <- 0.299 sec (this is time ffmpeg so containing alot other things)

Sample for benchmark was: ffmpeg -f rawvideo -pix_fmt yuv420p -s 32x32 -i /dev/zero -t 24:00:00.00 out.mp4

Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Reviewed-by: Sasi Inguva <isasi@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit aba13dc13e5233545bdd06f514e0addbb0155c69)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
052edeec55 avformat/mov: Eliminate variable buf_size from mov_estimate_video_delay() 
Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Reviewed-by: Sasi Inguva <isasi@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3ce4034308a3726395a2c1b18a3dff3554e0b619)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
48479937c3 avformat/mov: remove modulo operations from mov_estimate_video_delay() 
0.324 <-0.491 sec

Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Reviewed-by: Sasi Inguva <isasi@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c995e01b1e01ac11cf2545b3ce86569a482ff434)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
fd53179f4a avformat/movenc: Write version 2 of audio atom if channels is not known 
The version 1 needs the channel count and would divide by 0
Fixes: division by 0
Fixes: fpe_movenc.c_1108_1.ogg
Fixes: fpe_movenc.c_1108_2.ogg
Fixes: fpe_movenc.c_1108_3.wav

Found-by: #CHEN HONGXU# <HCHEN017@e.ntu.edu.sg>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fa19fbcf712a6a6cc5a5cfdc3254a97b9bce6582)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Rahul Chaudhry
5db47b3983 swresample/arm: rename labels to fix xcode build error 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e84212b78e00df17799e01be1e153a073eb8f689)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
0981dfee7d avformat/movenc: Check input sample count 
Fixes: division by 0
Fixes: fpe_movenc.c_199_1.wav
Fixes: fpe_movenc.c_199_2.wav
Fixes: fpe_movenc.c_199_3.wav
Fixes: fpe_movenc.c_199_4.wav
Fixes: fpe_movenc.c_199_5.wav
Fixes: fpe_movenc.c_199_6.wav
Fixes: fpe_movenc.c_199_7.wav

Found-by: #CHEN HONGXU# <HCHEN017@e.ntu.edu.sg>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3a2d21bc5f97aa0161db3ae731fc2732be6108b8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
d8c4b2ae57 avcodec/mjpegdec: Check for odd progressive RGB 
Fixes: out of array access
Fixes: 9225/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-5684770334834688

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ee1e3ca5eb1ec7d34e925d129c893e33847ee0b7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
fc92ca5b8e avcodec/vp8_parser: Do not leave data/size uninitialized 
This is identical to what the VP9 parser does

Fixes: 9215/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBVPX_VP8_fuzzer-5768227253649408
Fixes: out of memory access

This may also fix oss fuzz issue 9212

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 284dde24dab30225ed3e233b0e5908d67d7e13e7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
6d992a51c7 avformat/mms: Add missing chunksize check 
Fixes: out of array read
Fixes: mms-crash-01b6c5d85f9d9f40f4e879896103e9f5b222816a

Found-by: Paul Ch <paulcher@icloud.com>
1st hunk by Paul Ch <paulcher@icloud.com>
Tested-by: Paul Ch <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cced03dd667a5df6df8fd40d8de0bff477ee02e8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
6f4b82cc3a avformat/pva: Check for EOF before retrying in read_part_of_packet() 
Fixes: Infinite loop
Fixes: pva-4b1835dbc2027bf3c567005dcc78e85199240d06

Found-by: Paul Ch <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
37f505cc85 avformat/rmdec: Do not pass mime type in rm_read_multi() to ff_rm_read_mdpr_codecdata() 
Fixes: use after free()
Fixes: rmdec-crash-ffe85b4cab1597d1cfea6955705e53f1f5c8a362

Found-by: Paul Ch <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a7e032a277452366771951e29fd0bf2bd5c029f0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
a21703ca5d avformat/asfdec_o: Check size_bmp more fully 
Fixes: integer overflow and out of array access
Fixes: asfo-crash-46080c4341572a7137a162331af77f6ded45cbd7

Found-by: Paul Ch <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
a28ab09e2a avformat/mxfdec: Fix av_log context 
Fixes: out of array access
Fixes: mxf-crash-1c2e59bf07a34675bfb3ada5e1ec22fa9f38f923

Found-by: Paul Ch <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
4439d6aa69 avcodec/mpeg4videodec: Check for bitstream end in read_quant_matrix_ext() 
Fixes: out of array read
Fixes: asff-crash-0e53d0dc491dfdd507530b66562812fbd4c36678

Found-by: Paul Ch <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
3bf80c7b22 avcodec/indeo4: Check for end of bitstream in decode_mb_info() 
Fixes: Timeout
Fixes: 8776/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-5361788798369792

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 267ba2aa96354c5b6a1ea89b2943fbd7a4893862)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
1361e4abb8 avcodec/ac3dec: Check channel_map index 
Fixes: out of array read
Fixes: 8924/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EAC3_fuzzer-5851861780267008

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 00f98d23b1462afb97116b947334db3754516207)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
5fd1dce39a avcodec/mpeg4videodec: Remove use of FF_PROFILE_MPEG4_SIMPLE_STUDIO as indicator of studio profile 
The profile field is changed by code inside and outside the decoder,
its not a reliable indicator of the internal codec state.
Maintaining it consistency with studio_profile is messy.
Its easier to just avoid it and use only studio_profile

Fixes: assertion failure
Fixes: ffmpeg_crash_9.avi

Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bd27a9364ca274ca97f1df6d984e88a0700fb235)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
de0a1d01ba avcodec/shorten: Fix undefined addition in shorten_decode_frame() 
Fixes: signed integer overflow: 1139785606 + 1454196085 cannot be represented in type 'int'
Fixes: 8937/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-6202943597445120

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3b10bb8772c76177cc47b8d15a6970f19dd11039)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
c4b23793d4 avcodec/shorten: Fix undefined integer overflow 
Fixes: signed integer overflow: 8454144 * 256 cannot be represented in type 'int'
Fixes: 8788/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5728205041303552

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 70832333bba3b915040f415548518e136b44280e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
e21e5c95c1 avcodec/jpeg2000dec: Fixes invalid shifts in jpeg2000_decode_packets_po_iteration() 
Fixes: shift exponent 47 is too large for 32-bit type 'int'
Fixes: 9163/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5661750182543360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 652d7c6348f96181fa69f8e2afb7b27a14c0a88a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
2b13c136c4 avcodec/jpeg2000dec: Check that there are enough bytes for all tiles 
Fixes: OOM
Fixes: 8781/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5810709081358336

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0898a3d9909960324e27d3a7a4f48c4effbb654a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
d3536ce839 avformat/movenc: Use mov->fc consistently for av_log() 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 872ea3dfe565098570ad213a6f1eb00a805aec5d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
679d749eab avcodec/mpeg4videodec: Check read profile before setting it 
Fixes: null pointer dereference
Fixes: ffmpeg_crash_7.avi

Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2aa9047486dbff12d9e040f917e5f799ed2fd78b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
7610538224 avformat/movenc: Do not pass AVCodecParameters in avpriv_request_sample 
Fixes: out of array read
Fixes: ffmpeg_crash_8.avi

Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 95556e27e2c1d56d9e18f5db34d6f756f3011148)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
0003ace83b avcodec/ac3_parser: Check init_get_bits8() for failure 
Fixes: null pointer dereference
Fixes: ffmpeg_crash_6.avi

Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 00e8181bd97c834fe60751b0c511d4bb97875f78)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
20c5fb9721 avformat/movenc: Check that frame_types other than EAC3_FRAME_TYPE_INDEPENDENT have a supported substream id 
Fixes: out of array access
Fixes: ffmpeg_bof_1.avi

Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ed22dc22216f74c75ee7901f82649e1ff725ba50)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
841e1399e6 avcodec/dpx: Check elements in 12bps planar path 
Fixes: null pointer dereference
Fixes: 8946/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DPX_fuzzer-5078915222601728

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Carl Eugen Hoyos <ceffmpeg@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 75a2db552423295b509546f3b0f8b2b46d3424b1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
9f76f0fab8 avcodec/escape124: Fix spelling errors in comment 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f59c4e43915ed0528e2789f27ddb1635b59779df)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00
Michael Niedermayer
bf3e331b76 avcodec/ra144: Fix integer overflow in ff_eval_refl() 
Fixes: signed integer overflow: -4096 * -524288 cannot be represented in type 'int'
Fixes: 8650/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RA_144_fuzzer-5734816036159488

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b31189881a4cf54b0057ecf3eab917ad56eecfea)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-07-16 19:02:12 +02:00