FFmpeg

Commit Graph

Author	SHA1	Message	Date
Michael Niedermayer	b33233bd53	avformat/icodec: Check for zero streams and stream creation failure Fixes: NULL pointer dereference Fixes: 26814/clusterfuzz-testcase-minimized-ffmpeg_dem_ICO_fuzzer-5758487797432320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	4 years ago
Michael Niedermayer	27ee67c00f	avformat/icodec: Factor failure code out in read_header() Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	4 years ago
Michael Niedermayer	3300f5c133	avformat/icodec: Change order of operations to avoid NULL dereference Fixes: SEGV on unknown address 0x000000000000 Fixes: 26379/clusterfuzz-testcase-minimized-ffmpeg_dem_ICO_fuzzer-5709011753893888 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	4 years ago
Andreas Rheinhardt	6a67d518d6	avformat: Remove unnecessary av_packet_unref() Since `bae8844e` the packet will always be unreferenced when a demuxer returns an error, so that a lot of calls to av_packet_unref() in lots of demuxers are now redundant and can be removed. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: Marton Balint <cus@passwd.hu>	5 years ago
Michael Niedermayer	54918b5116	avformat/icodec: Free ico->images on error paths Fixes: 15116/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5715173567889408 Fixes: memleak Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	5 years ago
Carl Eugen Hoyos	4d8875ec23	lavf: Constify the probe function argument. Reviewed-by: Lauri Kasanen Reviewed-by: Tomas Härdin	6 years ago
Andreas Cadhalpun	89eb398c7f	icodec: correctly check avio_read return value It can read less than the requested amount, in which case buf contains uninitialized data, causing problems like segmentation faults later on. Also make sure that image->size is positive, so that it can't match a negative error code. Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	8 years ago
Andreas Cadhalpun	d54c95a143	icodec: add ico_read_close to fix leaking ico->images Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	8 years ago
Andreas Cadhalpun	467eece1be	icodec: fix leaking pkt on error Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>	8 years ago
Mark Harris	56e2cd9c04	avformat/icodec: Fix crash probing fuzzed file Avoid invalid memory read/crash when frame offset >= 0xfffffff8. Base64-encoded example: AAABADAwMDAwMAAAMAAwMDAw/P///w== (The previous commit verifies that p->buf_size >= 22.) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	9 years ago
Mark Harris	1b4fbf8080	avformat/icodec: ico probe with unknown data Fix cases where unknown data (data beyond p->buf_size) could produce a higher ico probe score than if the unknown data was known and valid. For example: Header: OK, 2 frames Frame 0: Unknown (offset points beyond end of probe buffer) Frame 1: Invalid Previously this example had a score of 25, even though the score would be 1 if the unknown frame was known to be valid or 0 if it was known to be invalid. For this example the score is now 1. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	9 years ago
Carl Eugen Hoyos	9bc281beae	lavf/icodec: Improve autodetection. Avoids misdetection of MPEG (B-)frames. Reviewed-by: Michael Bradshaw	9 years ago
Michael Bradshaw	244184217c	Return EOF for ICO when the end is reached	9 years ago
Michael Niedermayer	dd77f6469a	avformat/ico: use avmalloc(z)_array() Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	11 years ago
Michael Niedermayer	4f0e85517f	avformat/icodec: reduce score returned on probing The ico probe function is pretty weak just checking a few bytes for being 0, 1 or not 0 Fixes probetest failure Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	11 years ago
Paul B Mahol	a9b424879f	lavc & lavf: replace deprecated av_log* functions Signed-off-by: Paul B Mahol <onemda@gmail.com>	12 years ago
Peter Ross	3a1df393b8	ico: favour BITMAPHEADER dimensions over IconEntry dimensions Fixes ticket 759. Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	13 years ago
Peter Ross	051257495a	ico: reject icon entries that are smaller than sizeof(BITMAPHEADER) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	13 years ago
Peter Ross	90dbd08127	ico: ignore IconEntry.bpp value, and favour BITMAPHEADER.NumColors value over that in IconEntry Fixes ticket 905. Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	13 years ago
Peter Ross	bd3a12d68d	ico: consider IconEntry.NumColors of 255 to be ambiguous Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	13 years ago
Peter Ross	ba8410cb44	Microsoft Windows ICO demuxer Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	13 years ago

24 Commits (1137ddf3302ef12525c9c95767e6daa0c1031ce7)