Fixes: signed integer overflow: 234080282628234040 * 100 cannot be represented in type 'long long'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_REALTEXT_fuzzer-6649867065753600
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Note, the value is checked a few lines later already
Fixes: signed integer overflow: -440402016 - 1879048064 cannot be represented in type 'int'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_NUT_fuzzer-6603876618469376
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 65535 * 65535 cannot be represented in type 'int'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_MVI_fuzzer-6649291124899840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: -9223372036853488158 - 90000000 cannot be represented in type 'long long'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_MPSUB_fuzzer-6696625298866176
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 9223372036850000000 + 9000000 cannot be represented in type 'long long'
Fixes: 26910/clusterfuzz-testcase-minimized-ffmpeg_dem_MPSUB_fuzzer-665448017480908
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array access
Fixes: 29440/clusterfuzz-testcase-minimized-ffmpeg_dem_KUX_fuzzer-5985279812960256.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array access
Fixes: 29202/clusterfuzz-testcase-minimized-ffmpeg_dem_KUX_fuzzer-5112845840809984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 29053/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-4814432697974784
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
A macro that expands to a function definition might look like a
declaration, but it isn't and therefore an extra ';' at the end is
unnecessary and actually invalid (both GCC and Clang warn about this
when using -pedantic).
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
It has been deprecated for 4 years and certain new codecs do not work
with it.
Also include AVCodecContext.refcounted_frames, as it has no effect with
the new API.
Also fix the indentation of decode_studio_vol_header while at it;
it was wrong since 177133a0f4b41b3c98b9cbc7f8f45755412c537b.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
All callers only use the index into ff_dnxhd_cid_table to get a pointer
to the desired entry.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Neither module should depend on the other.
Move shared functions to its own file for this purpose, and ensure
source files are compiled only when the required modules are enabled.
Signed-off-by: James Almer <jamrial@gmail.com>
Up until now, ff_h263_rl_inter was initialized by both ituh263dec and
ituh263enc; this is an obstacle in making the codecs that use this code
init-threadsafe.
This obstacle is eliminated by only initializing this RLTable from
a single place that is guarded by a dedicated AVOnce.
Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
The RLTable ff_rl_intra_aic is only used by ituh263dec and ituh263enc;
the former only uses the RLTable's VLC, the latter only index_run,
max_level and max_run. Yet ituh263dec also initializes the latter.
This commit stops doing so.
Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
This is easy now that the H.261 encoder is the only user that
initializes the non-VLC parts of ff_h261_rl_tcoeff.
Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
The H.261 decoder only uses an RLTable's VLC table, yet it also
initializes its index_run, max_level and max_run. This commit stops
doing so; it will also simplify making this decoder init-threadsafe,
as the H.261 decoder and encoder now initialize disjoint parts of their
common RLTable.
Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
This is a prerequisite for making any encoder that uses
ff_mpv_encode_init() init-threadsafe; it already makes the AMV,
the MJPEG and the MPEG-1/2 encoders init-threadsafe.
Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
msmpeg4dec and ituh263dec both create VLCs with identical parameters out
of ff_mvtab. Given that ff_msmpeg4_decode_init() always (indirectly) calls
ff_h263_decode_init_vlc(), the VLC initialized by the latter can be
directly used by msmpeg4dec. Doing so saves a bit more than 2KB from the
.bss segment as well as the code to initialize a VLC.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Some of the RLTables used by msmpeg4dec actually coincide with other
RLTables: ff_rl_table[5] coincides with ff_h263_rl_inter (and
ff_rl_table[2] with ff_mpeg4_rl_intra). Given that ff_h263_rl_inter is
always initialized before msmpeg4dec's RLTables are initialized, one can
just reuse the VLC tables by copying the pointers; after all, there are
no ownership issues for static data. This saves 70912B from the .bss
segment, translating into actual memory savings when this decoder is
actually used.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
The ff_rl_intra_aic RLTable is only used by ituh263dec and ituh263enc;
the former is the only user of its RL VLC tables. It uses only the very
first one of these VLC tables, but up until now all 32 are initialized,
wasting 68696B from the .bss segment (or that amount of memory if this
decoder has actually been used). This commit changes this.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
The RLTables whose VLC tables are only used for intra blocks only use
the very first VLC table; yet all 32 have been initialized. This commit
stops this by switching to INIT_FIRST_VLC_RL. This saves 201624B from
the .bss segment; in case the decoder is actually used, this translates
into less memory used.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
For the RLTables ff_rl_table[0..2] only the very first VLC is only ever
used, so it makes no sense to create 32 of them. This saves 285200B from
the .bss segment; this amount of memory is actually saved when this
decoder is used.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>