Age | Commit message (Collapse) | Author |
|
Fixes: Out of array read
Fixes: 45137/clusterfuzz-testcase-minimized-ffmpeg_BSF_VP9_SUPERFRAME_SPLIT_fuzzer-4984270639202304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
|
|
They are invalid in VP9. If any of the frames inside a superframe
had a size of zero, the code would either read into the next frame
or into the superframe index; so check for the length to stop this.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
|
|
This patch is analogous to 20f972701806be20a77f808db332d9489343bb78:
It hides the internal part of AVBitStreamFilter by adding a new
internal structure FFBitStreamFilter (declared in bsf_internal.h)
that has an AVBitStreamFilter as its first member; the internal
part of AVBitStreamFilter is moved to this new structure.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
|
|
|
|
This will allow adding a public header named bsf.h
|
|
Signed-off-by: James Almer <jamrial@gmail.com>
|
|
creation failure
Some function calls may fail after the output packet is initialized.
Signed-off-by: James Almer <jamrial@gmail.com>
|
|
There's no need to allocate a new packet for it.
Signed-off-by: James Almer <jamrial@gmail.com>
|
|
frame_size/total_size checks
Fixes: signed integer overflow: -1698586465 + -551542752 cannot be represented in type 'int'
Fixes: 4490/clusterfuzz-testcase-minimized-5210014592532480
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
* commit '03a80925effc2698d21dc0b00290eecf42dd9e68':
lavc: add a bitstream filter for splitting VP9 superframes
Merged-by: James Almer <jamrial@gmail.com>
|
|
Partially based on code by Ronald S. Bultje <rsbultje@gmail.com>.
|