| Age | Commit message (Collapse) | Author |
|---|
|
the timeDataSize argument to aacDecoder_DecodeFrame() seems undocumented and until
2016 04 (203e3f28fbebec7011342017fafc2a0bda0ce530) unused.
after that commit libfdk-aacdec interprets it as size in sample units and memsets that on error.
FFmpeg as well as others (like GStreamer) did interpret it as size in bytes
Fixes: 1442/clusterfuzz-testcase-minimized-4540199973421056 (This requires recent libfdk to reproduce)
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
849815297 + 1315389781 cannot be represented in type 'int'
Fixes: 1770/clusterfuzz-testcase-minimized-5285511235108864
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: runtime error: left shift of negative value -67108864
Fixes: 1738/clusterfuzz-testcase-minimized-6734814327603200
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: 1839/clusterfuzz-testcase-minimized-6238490993885184
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: runtime error: index 12 out of bounds for type 'uint8_t [8]'
Fixes: 1832/clusterfuzz-testcase-minimized-6574546079449088
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: 1830/clusterfuzz-testcase-minimized-5828293733384192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
cannot be represented in type 'int'
Fixes: 1829/clusterfuzz-testcase-minimized-5527165321871360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
This merges commit 1202b712690c14f0efb06e4ad8b06c5b3df6822a from libav,
originally written by Anton Khirnov and skipped in
fc63d5ceb357c4b760cb02772de0b50d0557140f.
libavcodec/vp3.c | 26 +++++++++-----------------
1 file changed, 9 insertions(+), 17 deletions(-)
|
|
This merges commit c3e84820d67cb1d8cfb4196f9b43971308a81571 from libav,
originally written by Anton Khirnov and skipped in
fc63d5ceb357c4b760cb02772de0b50d0557140f.
libavcodec/h264_picture.c | 3 ---
libavcodec/h264_ps.c | 9 ---------
libavcodec/h264_slice.c | 25 +++++++++++++++++++------
libavcodec/h264dec.c | 13 +------------
libavcodec/h264dec.h | 9 +++++----
5 files changed, 25 insertions(+), 34 deletions(-)
|
|
This merges commit 4fded0480f20f4d7ca5e776a85574de34dfead14 from libav,
originally written by Anton Khirnov and skipped in
fc63d5ceb357c4b760cb02772de0b50d0557140f.
libavcodec/h264_slice.c | 20 +++++++++++++-------
libavcodec/h264dec.c | 3 +++
libavcodec/h264dec.h | 5 +++++
3 files changed, 21 insertions(+), 7 deletions(-)
|
|
This merges commit a02ae1c6837a54ed9e7735da2b1f789b2f4b6e13 from libav,
originally written by Anton Khirnov and skipped in
fc63d5ceb357c4b760cb02772de0b50d0557140f.
libavcodec/hevc_parser.c | 6 ++++--
libavcodec/hevc_ps.c | 31 ++++++++++++-------------------
libavcodec/hevc_ps.h | 2 --
libavcodec/hevc_refs.c | 18 +++++-------------
libavcodec/hevcdec.c | 7 ++++---
libavcodec/hevcdec.h | 2 --
6 files changed, 25 insertions(+), 41 deletions(-)
Signed-off-by: James Almer <jamrial@gmail.com>
|
|
Fixes; Timeout
Fixes: 1826/clusterfuzz-testcase-minimized-5728569256837120
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
-2147483648 * -1 cannot be represented in type 'int'
Fixes: 1825/clusterfuzz-testcase-minimized-6002833050566656
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: Timeout
Fixes: 1818/clusterfuzz-testcase-minimized-5039166473633792
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: out of array read
Fixes: 1781/clusterfuzz-testcase-minimized-4617176877105152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Should fix tsan errors in utvideoenc_rgb_left and related tests.
|
|
These variables are shared between frame threads, but they are updated
post-setup_finished() if a EOB/EOS slice type occurs. Moving the EOB/EOS
slices to the next frame thread instance (by parsing them leading into
the next picture instead of trailing behind the last picture) effectively
prevents this race condition.
This fixes tsan failures on hevc-conformance-NoOutPrior_A_Qualcomm_1.
|
|
This turns CFR duplicated frames into skiped frames
Fixes: Timeout
Fixes: 1719/clusterfuzz-testcase-minimized-6375090079924224
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: 1778/clusterfuzz-testcase-minimized-5128953268273152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
-2147483648 cannot be represented in type 'int'
Fixes: 1776/clusterfuzz-testcase-minimized-6191258231898112
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Found-by: jamrial
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Tested-by: rcombs
Signed-off-by: James Almer <jamrial@gmail.com>
|
|
not found
|
|
This removes the current API violating behavior of overwritting the stream's
extradata during packet filtering, something that should not happen after the
av_bsf_init() call.
The bitstream filter generated extradata is no longer available during
write_header(), and as such not usable with non seekable output. The FATE
tests are updated to reflect this.
Signed-off-by: James Almer <jamrial@gmail.com>
|
|
Fixes timeout
Fixes: 1802/clusterfuzz-testcase-minimized-5008293510512640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: 1807/clusterfuzz-testcase-minimized-6258676199325696
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: runtime error: signed integer overflow: 4096 - -2147483648 cannot be represented in type 'int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: poc.snm
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
+ 381702783 cannot be represented in type 'int'
Fixes: 1766/clusterfuzz-testcase-minimized-6562020075765760
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
represented in type 'int'
Fixes: 1764/clusterfuzz-testcase-minimized-5394243164045312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
large for 32-bit type 'int'
Fixes: 1762/clusterfuzz-testcase-minimized-5150981081792512
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
|
|
JNIAMedia{Codec,CodecList,Format}Fields on the stack
|
|
|
|
keyframe
Fixes: fmvc-poc.avi
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes #6260
|
|
-1139123755 cannot be represented in type 'int'
See: LsptoA() and L_add()
Fixes: 1758/clusterfuzz-testcase-minimized-6054857184116736
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
2147483615 cannot be represented in type 'int'
Fixes: 1748/clusterfuzz-testcase-minimized-6690208340770816
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: Timeout
Fixes: 1747/clusterfuzz-testcase-minimized-6035451213250560
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes Timeout
Fixes: 1746/clusterfuzz-testcase-minimized-6687393392361472
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
2156738 cannot be represented in type 'int'
Fixes: 1743/clusterfuzz-testcase-minimized-4994834022531072
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: 1739/clusterfuzz-testcase-minimized-5399237707694080
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
4563386 cannot be represented in type 'int'
Fixes: 1706/clusterfuzz-testcase-minimized-6112772670619648
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes part of 1708/clusterfuzz-testcase-minimized-5035111957397504
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: runtime error: left shift of 66184 by 15 places cannot be represented in type 'int'
Fixes: 1707/clusterfuzz-testcase-minimized-6502767008940032
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: 1734/clusterfuzz-testcase-minimized-5385630815092736
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
-1071326067 - 1088238847 cannot be represented in type 'int'
Fixes: 1731/clusterfuzz-testcase-minimized-5123972414832640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
130560 cannot be represented in type 'int'
Fixes: 1724/clusterfuzz-testcase-minimized-4842395432648704
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
