0fbc7a2169
x86/float_dsp: remove usage of integer instructions
8 years ago
96cbaaa548
avcodec/rangecoder: Fix range coder corner case handling
...
Fixes: 1511/clusterfuzz-testcase-minimized-5906663800307712
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
afb4632cc3
avcodec/dds: Fix runtime error: left shift of 210 by 24 places cannot be represented in type 'int'
...
Fixes: 1510/clusterfuzz-testcase-minimized-5826231746428928
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
934572c5c3
avcodec/rscc: Check pixel_size for overflow
...
Fixes: 1509/clusterfuzz-testcase-minimized-5129419876204544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
0158b405a7
avcodec/fmvc: Check nb_blocks
...
Fixes: out of array read
Fixes: 1508/clusterfuzz-testcase-minimized-5011336327069696
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
e664882523
avcodec/hq_hqadsp: Fix runtime error: signed integer overflow: 80359 * 30274 cannot be represented in type 'int'
...
Fixes: 1507/clusterfuzz-testcase-minimized-4955228300378112
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
5ac17f187a
avcodec/cavsdec: Fix runtime error: signed integer overflow: 31 + 2147483640 cannot be represented in type 'int'
...
Fixes: 1506/clusterfuzz-testcase-minimized-5401272918212608
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
cb243972b1
avcodec/xpmdec: Fix multiple pointer/memory issues
...
Most of these were found through code review in response to
fixing 1466/clusterfuzz-testcase-minimized-5961584419536896
There is thus no testcase for most of this.
The initial issue was Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
73ae60d7df
libavcodec/exr : cosmetics variable name
...
rename tile variable to better follow ffmpeg coding style
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
28f60eeabb
avcodec/avpacket: allow only one element per type in packet side data
...
It was never meant to do otherwise, as av_packet_get_side_data() returns the first
entry it finds of a given type.
Based on code from libavformat's av_stream_add_side_data().
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
8 years ago
3d55e4883c
avfilter/aeval: remove comment that was left from some other file
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
c02921417b
avfilter/aeval: free input frame on error
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
e312ed0504
avfilter/af_astats: add RMS difference too
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
9cd62b2ca4
avfilter/vf_pad: revert part of 57c3670896
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
ccce2248bf
avcodec/vp8dsp: vp7_luma_dc_wht_c: Fix multiple runtime error: signed integer overflow: -1366381240 + -1262413604 cannot be represented in type 'int'
...
Fixes: 1440/clusterfuzz-testcase-minimized-5785716111966208
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
d5711cb891
avcodec/avcodec: Limit the number of side data elements per packet
...
Fixes: 1293/clusterfuzz-testcase-minimized-6054752074858496
See: [FFmpeg-devel] [PATCH] avcodec/avcodec: Limit the number of side data elements per packet
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
f225003d17
avcodec/texturedsp: Fix runtime error: left shift of 255 by 24 places cannot be represented in type 'int'
...
Fixes: 1505/clusterfuzz-testcase-minimized-4561688818876416
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
c4c0245686
avcodec/g723_1dec: Fix runtime error: left shift of negative value -1
...
Fixes: 1504/clusterfuzz-testcase-minimized-6249212138225664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
df640dbbc9
avcodec/wmv2dsp: Fix runtime error: signed integer overflow: 181 * -17047030 cannot be represented in type 'int'
...
Fixes: 1503/clusterfuzz-testcase-minimized-5369271855087616
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
eaf644e120
avfilter: add acopy filter
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
6899e6e560
avcodec/diracdec: Fix Assertion frame->buf[0] failed at libavcodec/decode.c:610
...
Fixes: 1487/clusterfuzz-testcase-minimized-6288036495097856
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
d05bdba242
avcodec/mss3: Fix runtime error: signed integer overflow: -2146318336 - 2139696256 cannot be represented in type 'int'
...
Fix is similar to rac_get_model_sym()
Fixes: 1483/clusterfuzz-testcase-minimized-6386507814273024
Fixes: 1485/clusterfuzz-testcase-minimized-6639880215986176
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
2752410c47
avcodec/golomb: Fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
...
Fixes: 1481/clusterfuzz-testcase-minimized-5264379509473280
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
15e892aad1
avcodec/msmpeg4dec: Check for cbpy VLC errors
...
Fixes: runtime error: left shift of negative value -1
Fixes: 1480/clusterfuzz-testcase-minimized-5188321007370240
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
2bfd0a9758
avcodec/cllc: Check num_bits
...
Fixes: runtime error: shift exponent -2 is negative
Fixes: 1479/clusterfuzz-testcase-minimized-6638493360979968
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
e717fa1f0a
avcodec/cllc: Factor VLC_BITS/DEPTH out, do not use repeated literal numbers
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
602ac48720
doc/libav-merge: mention the skipped AVFrame crop fields usage commits
8 years ago
fc63d5ceb3
Merge commit '1202b712690c14f0efb06e4ad8b06c5b3df6822a'
...
* commit '1202b712690c14f0efb06e4ad8b06c5b3df6822a':
theora: export cropping information instead of handling it internally
h264dec: export cropping information instead of handling it internally
h264dec: be more explicit in handling container cropping
hevcdec: export cropping information instead of handling it internally
This commit is a noop.
This changes the cropping behavior, when it's supposedly only meant to move
it outside of the decoder.
See https://ffmpeg.org/pipermail/ffmpeg-devel/2017-May/211239.html for the
discussion about it.
Merged-by: James Almer <jamrial@gmail.com>
8 years ago
7ac5067146
avcodec/scpr: Check y in first line loop in decompress_i()
...
Fixes: out of array access
Fixes: 1478/clusterfuzz-testcase-minimized-5285486908145664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
8a69f2602f
avcodec/dvbsubdec: Check entry_id
...
Fixes: randomly writing over the array end
Fixes: 1473/clusterfuzz-testcase-minimized-5768907824562176
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
3a0ff78168
avcodec/aacdec_fixed: Fix multiple shift exponent 33 is too large for 32-bit type 'int'
...
Fixes: 1471/clusterfuzz-testcase-minimized-6376460543590400
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
d9051f8f3e
avcodec/mimic: Fix runtime error: index 96 out of bounds for type 'const int8_t [64]'
...
Fixes: 1468/clusterfuzz-testcase-minimized-5235964056174592
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
1795dccde0
lavc/mediacodec_wrapper: fix local reference leaks
...
Reviewed-by: Clément Bœsch <u@pkh.me>
8 years ago
2f43897f65
lavc/ffjni: fix local reference leak
...
Reviewed-by: Clément Bœsch <u@pkh.me>
8 years ago
5d0b8b1ae3
lavc/aarch64/simple_idct: fix iOS build without gas-preprocessor
...
Separates macro arguments with commas and passes .4H/.8H as macro
arguments instead of 4H/8H (the later form being interpreted as an
hexadecimal value).
Fixes ticket #6324 .
Suggested-by: Martin Storsjö <martin@martin.st>
8 years ago
36cf422521
cmdutils_opencl: Fix read of uinitialized cl_mem
...
Fixes CID1396856, CID1396860, CID1396861
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
d712a5cddb
cmdutils_opencl: Fix read of uninitialized pointer
...
Fixes: CID1396856
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
ad2296ab3a
avcodec/aacdec_fixed: Fix various integer overflows
...
Fixes: 1377/clusterfuzz-testcase-minimized-5487049807233024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
8ba1fc2a4a
ffprobe: discard non-selected streams
8 years ago
7355c1dda2
avformat/hlsenc: move old_filename free operation earlier
...
Suggested-by: Aaron Levinson <alevinsn@aracnet.com>
Reviewed-by: Aaron Levinson <alevinsn@aracnet.com>
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
8 years ago
c0ece1f4ad
avcodec/mpeg12dec: Fixes runtime error: division by zero
...
Fixes: 1464/clusterfuzz-testcase-minimized-4925445571084288
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
60765cc42e
avcodec/pixlet: Fix runtime error: signed integer overflow: 436207616 * -5160230545260541 cannot be represented in type 'long'
...
Fixes: 1462/clusterfuzz-testcase-minimized-6558894463647744
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
6b5d3fb26f
avcodec/webp: Always set pix_fmt
...
Fixes: out of array access
Fixes: 1434/clusterfuzz-testcase-minimized-6314998085189632
Fixes: 1435/clusterfuzz-testcase-minimized-6483783723253760
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: "Ronald S. Bultje" <rsbultje@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
942036e97c
avfilter/vf_uspp: Fix currently unused input frame dimensions
...
Found-by: Nicolas
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
db5fae3229
avcodec/truemotion1: Fix multiple runtime error: left shift of negative value -1
...
Fixes: 1446/clusterfuzz-testcase-minimized-5577409124368384
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
a8de60ba27
avcodec/eatqi: Fix runtime error: signed integer overflow: 4466147 * 1075 cannot be represented in type 'int'
...
Fixes: 1443/clusterfuzz-testcase-minimized-4826998612426752
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
6ea4287893
avcodec/dss_sp: Fix runtime error: signed integer overflow: 2147481189 + 4096 cannot be represented in type 'int'
...
Fixes: 1441/clusterfuzz-testcase-minimized-6223152357048320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
bd404e3949
avfilter/af_afir: workaround nonsense limitation in vector_fmul_scalar()
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
6655939f03
avcodec/hevc_sei: remove bugus debug message
...
Also Change the active_parameter_sets function name to one more in line
with the rest of the file.
Signed-off-by: James Almer <jamrial@gmail.com>
8 years ago
f738140807
avcodec/hevc_sei: fix amount of bits skipped when reading picture timing SEI message
...
The code was skipping the entire reported SEI message size regardless of
the amount of bits read.
While in theory safe for NALU where the picture timing SEI message is alone
or at the end as we're using the checked bitstream reader, it isn't in any
other situation, where every SEI message in the NALU after the picture
timing one would potentially fail to parse.
Change the function name to one more in line with the rest of file, and
remove the bogus "Skipped SEI" debug message while at it.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
8 years ago
James Almer
Michael Niedermayer
Martin Vignali
Paul B Mahol
Matthieu Bouron
Clément Bœsch
Steven Liu