Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/FFmpeg/FFmpeg.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-02-02avcodec/exr: Check line size for overflowMichael Niedermayer
Fixes: signed integer overflow: 570425356 * 6 cannot be represented in type 'int Fixes: 25929/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5099197739827200 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 9b72cea4463dd2fabcd9ba1454a0855e521d0148) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/exr: Check xdelta, ydeltaMichael Niedermayer
Fixes: assertion failure Fixes: 25617/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5648746061496320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 6949df35d0c69ae91bb0f49069e0703deb9bd676) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/celp_filters: Avoid invalid negation in ff_celp_lp_synthesis_filter()Michael Niedermayer
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself Fixes: 25675/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G729_fuzzer-4786580731199488 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 11a6347f9e544a1b9fba059ae02c30c0e512c195) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/takdsp: Fix negative shift in decorrelate_sf()Michael Niedermayer
Fixes: left shift of negative value -4 Fixes: 25723/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-6250580752990208 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4f54f530039db149808478796e8389c14eb73095) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/dxtory: Fix negative stride shift in dx2_decode_slice_420()Michael Niedermayer
Fixes: left shift of negative value -640 Fixes: 26044/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DXTORY_fuzzer-5631057602543616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 3291d994b76db4b6e67c8467367ce68f79785e60) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/asfdec_f: Change order or operations slightlyMichael Niedermayer
Fixes: signed integer overflow: 20 * 5184056935931942919 cannot be represented in type 'long' Fixes: 25466/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-4798660247552000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 686f0151901849de3b2073fa73265472073e0208) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/dxa: Use av_rescale() for duration computationMichael Niedermayer
Fixes: signed integer overflow: 8224000000 * 1629552639 cannot be represented in type 'long' Fixes: 24908/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-4658478506049536 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c313089fbe1df71b5406dd9d7e4d36361051c620) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/vc1_block: Fix integer overflow in ac valueMichael Niedermayer
Fixes: signed integer overflow: 25488 * 87381 cannot be represented in type 'int' Fixes: 24765/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-5108259565076480 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 3056e19e68122b9464b24870488f8faca4e78ea8) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/mv30: Fix several integer overflows in idct_1d()Michael Niedermayer
Fixes: signed integer overflow: -1846510390 + -361755993 cannot be represented in type 'int' Fixes: 23941/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MV30_fuzzer-5654696631730176 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ddf2ba54979387740b0b2fb319bb5a2c9f78debe) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/iff: Check data_size not overflowing int64Michael Niedermayer
Fixes: Infinite loop Fixes: 25844/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5660803318153216 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 24352ca79207d3311ee544fcba908a64004763ef) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/dxtory: Fix negative shift in dx2_decode_slice_410()Michael Niedermayer
Fixes: left shift of negative value -768 Fixes: 25574/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DXTORY_fuzzer-6012596027916288 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit abebd87764992dc22c82802bdc75d40aac14ab86) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/sonic: Check channels before deallocatingMichael Niedermayer
Fixes: heap-buffer-overflow Fixes: 25744/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-5172961169113088 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit f249981976b18438cfb646183d4c21fb051e1ad4) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/vividas: Check for EOF in first loop in track_header()Michael Niedermayer
Fixes: timeout (243sec -> a few ms) Fixes: 25716/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5764093666131968 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7170d342e597a39f48d1bedb3a2382f25a324155) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/wvdec: Check rate for overflowMichael Niedermayer
Fixes: signed integer overflow: 6000 * -2147483648 cannot be represented in type 'int' Fixes: 25700/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6578316302352384 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 688c1175ba91d0477cc461e5bfda210d6659a3b8) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/ansi: Check nb_args for overflowMichael Niedermayer
Fixes: Integer overflow (no testcase) Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit bc0e776c9aaf06f437bf21e05a713fd54dc85400) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/wc3movie: Cleanup on wc3_read_header() failureMichael Niedermayer
Fixes: memleak Fixes: 23660/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6007508031504384 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b78860e769876d9a18fc4f82dd8e808316d8e682) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/wc3movie: Move wc3_read_close() upMichael Niedermayer
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 0c635f2ce6c18d448e77605ee83b55bd8250f812) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/tiff: Fix default white levelMichael Niedermayer
According to the spec bits per sample should be used Fix invalid shift with bpp=32 Fixes: shift exponent 32 is too large for 32-bit type 'unsigned int' Fixes: 23507/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-4815432665268224 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit d54c24acde88a214489d5ef410982eedac7ffc29) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/diracdsp: Fix integer anomaly in dequant_subband_*Michael Niedermayer
Fixes: negation of -2147483648 cannot be represented in type 'int32_t' (aka 'int'); cast to an unsigned type to negate this value to itself Fixes: 23760/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-604209011412172 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ca3c6c981aa5b0af8a5576020b79fdd3cdf9ae9e) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avutil/fixed_dsp: Fix integer overflows in butterflies_fixed_c()Michael Niedermayer
Fixes: signed integer overflow: 0 - -2147483648 cannot be represented in type 'int' Fixes: 23646/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5480991098667008 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4a02ae49c26395fc3ae2d38c733a2a13bd3080e7) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/mv30: Check remaining mask in decode_inter()Michael Niedermayer
Fixes: timeout (too long -> 4sec) Fixes: 25129/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MV30_fuzzer-5642089713631232 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 142ae27b1d4d23b72396950ebaaeaca10ba600d9) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/wmalosslessdec: Check remaining space before padding and channel residueMichael Niedermayer
Fixes: Timeout (1101sec -> 0.4sec) Fixes: 24491/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5725337036783616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c467adf3bf9bb4b7fd28956ec698d884e63f145d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/cdg: Fix integer overflow in duration computationMichael Niedermayer
Fixes: signed integer overflow: 8398407 * 300 cannot be represented in type 'int' Fixes: 23914/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-4702539290509312 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit aa8935b395162f8438d1f055e671e92685ed1586) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/mpc: Fix multiple numerical overflows in ff_mpc_dequantize_and_synth()Michael Niedermayer
Fixes: -2.4187e+09 is outside the range of representable values of type 'int' Fixes: signed integer overflow: -14512205 + -2147483648 cannot be represented in type 'int' Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPC7_fuzzer-5747263166480384 Fixes: 23528/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPC7_fuzzer-5747263166480384 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2b9f39689ab19c68ff37b5a4ac71e8fb7f58c487) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/agm: Fix off by 1 error in decode_inter_plane()Michael Niedermayer
Fixes: Regression since 1f2096945709a32315da740691b5716da55893c3 Found-by: Paul B Mahol <onemda@gmail.com> Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 6d71a25cc460960c49997d52c1d1f1c39ccc38b4) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/electronicarts: Check if there are any streamsMichael Niedermayer
Fixes: Assertion failure (invalid stream index) Fixes: 25120/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6565251898933248 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 39a98623edbbdcf9d9b76e9d7aff3ce086ebfbfe) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/ffwavesynth: Fix integer overflow in wavesynth_synth_sample / WS_SINEMichael Niedermayer
Fixes: signed integer overflow: -1429092 * -32596 cannot be represented in type 'int' Fixes: 24419/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5157849974702080 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Nicolas George <george@nsup.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a0da95df77a528251a326fc8b7e2ff48c60e41d0) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/vp9dsp_template: Fix integer overflow in iadst8_1d()Michael Niedermayer
Fixes: signed integer overflow: 998938090 + 1169275991 cannot be represented in type 'int' Fixes: 23411/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP9_fuzzer-4644692330545152 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit d182d8f10cf69c59ef9c21df4b06e5478df063ef) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/avidec: Fix io_fsize overflowMichael Niedermayer
Fixes: signed integer overflow: 7958120835074169528 * 9 cannot be represented in type 'long long' Fixes: 23382/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6230683226996736 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit cf0c700b0c25f5d9fe50dd27086a06812822f11a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/cfhd: Check transform typeMichael Niedermayer
Fixes: out of array access Fixes: 24823/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CFHD_fuzzer-4855119863349248 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 659658d08bb2e7219001795c78efd24f381446e2) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/tiff: Check jpeg context against jpeg frame parametersMichael Niedermayer
Fixes: out of array access Fixes: 24825/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-6326925027704832 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b9ea493afe8576efe3de60f8c6723f9f155de0d8) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/tiff: Restrict tag order based on specificationMichael Niedermayer
"The entries in an IFD must be sorted in ascending order by Tag. Note that this is not the order in which the fields are described in this document." This way various dimensions, sample and bit sizes cannot be changed at arbitrary times which reduces the potential for bugs. The tag reading code also on various places assumes that numerically previous tags have already been parsed, so this needs to be enforced one way or another. If this commit causes problems with real world files which are not easy to fix then some other form of checks are needed to ensure the various dependencies in the tag reading are not violated. Fixes: out of array access Fixes: 24825/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-6326925027704832 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ad29f9e47cb848e11ee1d358d2bae15cd35ef04b) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/tiff: Avoid abort with DNG RAW TIFF with YA8Michael Niedermayer
Fixes: Assertion failure Fixes: 24707/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5179910197608448 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ca47402a06922f5280b4526007e32bf7847c7430) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/tiff: Check the linearization table sizeMichael Niedermayer
Fixes: out of array access Fixes: 24604/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-4843529818603520 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7577f8332a6bb2f227b876c83ec6fa45cc9670f9) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/siff: Reject audio packets without audio streamMichael Niedermayer
Fixes: Assertion failure Fixes: 24612/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6600899842277376.fuzz Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 8931c55789a69f717b4a6954c5bb7acf5475a134) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/mpeg: Check avio_read() return value in get_pts()Michael Niedermayer
Found-by: Thierry Foucu <tfoucu@gmail.com> Fixes: Use-of-uninitialized-value Reviewed-by: Thierry Foucu <tfoucu@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e8a88a16f78e66c8d7645b5f71dc8390b033fa70) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/tiff: Check bpp/bppcount for 0Michael Niedermayer
Fixes: division by zero Fixes: 24253/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-6250318007107584 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit be090da25f734460f3105075456877b8a66185c1) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/snowdec: Sanity check hcoeffMichael Niedermayer
Fixes: signed integer overflow: -2147483648 * -1 cannot be represented in type 'int' Fixes: 24011/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-5486376610168832 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit d51d569cf68f78aaea8464a156c847a0e294726a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/mov: Check comp_brand_sizeMichael Niedermayer
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' Fixes: 24457/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5760093644390400 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ffa6072fc727a14680a85449259f6b49b47587e6) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avformat/ape: Error out in case of EOF in the headerMichael Niedermayer
Fixes: OOM Fixes: 24375/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6216862443241472 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a6df1fd5e96c012ba477a56b3858a310e243b921) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/alac: Check decorr_shift to avoid invalid shiftMichael Niedermayer
Later the decorrelate_stereo call is guarded by channels == 2 and non-zero decorr_left_weight. Make sure decorr_shift is in the expected shift range for that case. Fixes: shift exponent 128 is too large for 32-bit type 'int' Fixes: 23860/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5751138914402304 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Alexander Strasser <eclipse7@gmx.net> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4333718b357a9ad195031e5d0ea080d37677b795) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-02-02avcodec/tdsc: Fix tile checksMichael Niedermayer
Fixes: out of array access Fixes: crash.asf Found-by: anton listov <greyfarn7@yandex.ru> Reviewed-by: anton listov <greyfarn7@yandex.ru> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 081e3001edb67dcd55fe0f68505df1fce667476d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2021-01-26opusdec: do not fail when LBRR frames are presentAnton Khirnov
Decode and discard them. Fixes ticket 4641. (cherry picked from commit 33b4b788aac91dfd522415baaedcbda160482816) Signed-off-by: Anton Khirnov <anton@khirnov.net>
2021-01-01configure: update copyright yearLynne
2020-12-31avfilter/vf_framerate: fix infinite loop with 1-frame inputMarton Balint
Fixes infinite loop in: ffmpeg -f lavfi -i testsrc=d=0.04 -vf framerate=50 -f null none Signed-off-by: Marton Balint <cus@passwd.hu> (cherry picked from commit 6d3b70c27ef1639784fdb3382e5a06b1afa3fe3e)
2020-12-31avformat/url: Change () position in ff_make_absolute_url()Michael Niedermayer
No testcase Reviewed-by: Nicolas George <george@nsup.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ef59a40c2a0df694cf6f23870f94b6e32deabfe1)
2020-11-19avformat/mpegts: make sure mpegts_read_header always stops at the first pmtMarton Balint
mpegts_read_header stops parsing the file at the first PMT. However the check that ensured this was wrong because streams can also be added before the first PMT is received (e.g. EIT). So let's make sure we are in the header reading phase by checking if ts->pkt is unset instead of checking if the number of streams found so far is 0. Signed-off-by: Marton Balint <cus@passwd.hu> (cherry picked from commit bf19833ae26b054a111de79b5ab1681c00cd8d0a)
2020-11-07avformat/alp: fix handling of TUN filesZane van Iperen
Sample rate is always 22050. Verified by trying various files in the game. (cherry picked from commit 5df7fd1cbefb51d3a3c89fe363dbafe0a89ada60)
2020-11-07avformat/argo_asf: fix handling of v1.1 filesZane van Iperen
Version 1.1 (FX Fighter) files all have a sample rate of 44100 in the header, but only play back correctly at 22050. Force the sample rate to 22050 when reading, and restrict it when muxing. (cherry picked from commit d2f7b399149f725138f5551ae980e755596d527c)
2020-11-02swscale/x86/yuv2rgb: fix crashes when loading alpha from unaligned buffersMarton Balint
Regression since fc6a5883d6af8cae0e96af84dda0ad74b360a084 on SSSE3 enabled CPUs. Fixes ticket #8955. Signed-off-by: Marton Balint <cus@passwd.hu> (cherry picked from commit 993429cfb4a1a8d491d124be228cb7d620a57ba9)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-21 08:15:11 +0300