Fixes: runtime error: shift exponent -1 is negative
Fixes: 7486/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-4977380939530240
Fixes: runtime error: index 36 out of bounds for type 'const uint8_t [32]'
Fixes: 7566/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-6536620682510336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: left shift of 1876744317 by 16 places cannot be represented in type 'int'
Fixes: 6799/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5115274731716608
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
A few days ago ossfuzz stoped testing new FFmpeg as it run out of diskspacee
https://oss-fuzz-build-logs.storage.googleapis.com/index.html
An alternative would be to revert the API.
This changes for example
-rwxr-x--- 1 michael michael 144803654 May 14 12:54 tools/target_dec_ac3_fixed_fuzzer*
to
-rwxr-x--- 1 michael michael 30333852 May 14 12:51 tools/target_dec_ac3_fixed_fuzzer*
Which should massively decrease space requirements
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
'-sei xxx' is added to control SEI insertion, so far only mastering
display colour volume is available for testing.
Signed-off-by: Haihao Xiang <haihao.xiang@intel.com>
Similar to H264, cbs_h265_{read, write}_nal_unit() can handle HEVC
prefix SEI NAL units. Currently mastering display colour volume SEI
message is added only, we may add more SEI message if needed later
Signed-off-by: Haihao Xiang <haihao.xiang@intel.com>
The flag of input_available must be set when pic_start is not NULL, so
add an assert to ensure it is true. In addition, the assert on last_pic
is unnecessary now, so remove this assert.
Signed-off-by: Haihao Xiang <haihao.xiang@intel.com>
The main issue here was the use of [i] instead of [i * 3] for the 32x32
matrix. As part of fixing this, I changed the code to match that used
in vdpau_hevc, which I spent a lot of time verifying.
I also changed to calculating NumPocTotalCurr using the existing helper,
which is what vdpau does.
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
Replaces the data pointers with the mapped cuvid ones.
Adds buffer_refs to the frame to ensure the needed contexts stay alive
and the cuvid idx stays allocated.
Adds another buffer_ref to unmap the frame when it's unreferenced itself.
This reverts commit 7d4e1f7cfb.
Accidentially pushed this with a batch of other patches, and it didn't
seem to break anything, so I went with it.
Except it does, so reverting it it is.
No longer required since 63d875772d. The equivalent hack
for h264 was removed in that commit, but this one was missed.
Signed-off-by: Aman Gupta <aman@tmm1.net>
Removes unnecessary data copies, and partially fixes potential issues
with dangling references held in said lists.
Reviewed-by: Mark Thompson <sw@jkqxz.net>
Signed-off-by: James Almer <jamrial@gmail.com>
Most decoders (pgssubdec, ccaption_dec) are using -1 or UINT32_MAX for a
subtitle event which should be cleared at the next event.
Signed-off-by: Marton Balint <cus@passwd.hu>
Fixes: shift exponent 47 is too large for 32-bit type 'int'
Fixes: 7955/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-6016721977606144
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is large enough for all jpeg2000 files i tested. If some need more then this
should be changed to dynamic allocation. Dynamic allocation would need to be done
carefully as these are many relatively small arrays so repeatly reallocating them
would not be good.
The decrease is a clean and simple solution assuming it works for all files.
Fixes: OOM
Fixes: 6534/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-4821490731057152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 65280 * 196032 cannot be represented in type 'int'
Fixes: 7279/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5977332473921536
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer
Marton Balint
Jun Zhao
James Almer
Mark Thompson
Carl Eugen Hoyos
Haihao Xiang
Philip Langdale
Timo Rothenpieler
Aman Gupta
Clément Bœsch
Rostislav Pehlivanov
Zhong Li
Paul B Mahol