Michael Niedermayer
5d81616be3
avcodec/mpegaudiodec_template: Correct return code on id3 tag discarding
...
Fixes: 665/clusterfuzz-testcase-4863789881098240
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Rostislav Pehlivanov
70259737cb
opus_pvq: prevent division by 0
...
res was 0 and divided K which made it infinity which caused K to
overflow.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
8 years ago
Paul B Mahol
e01c32f260
avcodec/scpr: remove 4 dead store
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Paul B Mahol
c583e701bd
avcodec/fmvc: initialize opcode to 0
...
It shouldn't really matter but it doesn't hurt.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Paul B Mahol
0a28c50506
avcodec/scpr: improve motion vectors checking for out of buffer write
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Michael Niedermayer
c87ea47481
tools/target_dec_fuzzer: Fix misaligned read
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Michael Niedermayer
2b8b7921c5
avcodec/vp3dsp: Fix multiple signed integer overflow: 46341 * 47523 cannot be represented in type 'int'
...
Fixes: 664/clusterfuzz-testcase-4917047475568640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Michael Niedermayer
8696f25444
avcodec/rv34: Simplify and factor get_slice_offset() code
...
This also fixes several integer overflows by checking each value before
use.
Fixes: 662/clusterfuzz-testcase-4898131432964096
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Paul B Mahol
178cd50c47
avcodec/scpr: make sure that component value is <= 0x1F for 16 bpc
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Paul B Mahol
fa3e49568d
avcodec/aic: unbreak decoding of files with slice_width != 16
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Carl Eugen Hoyos
560f5188c6
lavc/utils: Make second parameter to apply_param_change() const.
...
Fixes a compilation warning:
passing argument 2 of ‘apply_param_change’ discards ‘const’ qualifier from pointer target type
8 years ago
Rostislav Pehlivanov
f19442c069
opus_pvq: remove unneeded assert
...
Since the PVQ search has been well fuzzed and is guaranteed to never
break SUM(abs(y[])) == K, the assert is no longer needed.
Also the assert only prevented coding the wrong vector index but didn't
prevent crashes during searching for it, which made the assert rather
informational than practical.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
8 years ago
Rostislav Pehlivanov
22b8ada7b5
opus_pvq: improve PVQ search for low Ks
...
Since the probelm mentioned only happened when the phase was negative
(e.g. the sum had to be decreased), only discarding dimensions with a
zero pulse in that case restored the search's previously low distortion
at low Ks when the phase is never negative.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
8 years ago
Michael Niedermayer
0d85c7bb5a
avcodec/ituh263dec: Fix runtime error: left shift of 1342177279 by 1 places cannot be represented in type 'int'
...
Fixes: 659/clusterfuzz-testcase-5866673603084288
Huge DMV could be created by an encoder ignoring the spec
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Michael Niedermayer
e98dfeb27c
avcodec/jpeglsdec: check shift for values that cause overflow later
...
Fixes: 657/clusterfuzz-testcase-6674741433729024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Michael Niedermayer
76ba09d182
avcodec/mpeg4videodec: Check the other 3 sprite points for intermediate overflows
...
This is not necessarily specific to fuzzed files
Fixes: Multiple integer overflows
Fixes: 656/clusterfuzz-testcase-6463814516080640
Fixes: 658/clusterfuzz-testcase-6691260146384896
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Mark Thompson
359586f14f
lavfi: Add VAAPI deinterlacer
...
(cherry picked from commit ade370a4d7
)
(cherry picked from commit 2d518aec4c
)
8 years ago
Paul B Mahol
20789372da
avcodec/shorten: support decoding AIFF-C variant
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Lou Logan
f5fa12d6ee
doc/filters: mention 'ffmpeg -filters' in timeline section
...
So users can see which filters support the 'enable' option.
Signed-off-by: Lou Logan <lou@lrcd.com>
8 years ago
Paul B Mahol
45ed942e7e
avcodec/scpr: improve check for out of range motion vectors
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Paul B Mahol
95a5af446b
avcodec/scpr: check that current row is in valid range
...
Stops writing out of dst array.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Paul B Mahol
fd7af82c53
avcodec/scpr: do not allow out of array access for 16bit case
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Paul B Mahol
f062947261
avcodec/qdrw: do better w/h parsing for direct bit packing
...
Apparently using 0x0001 opcode solely is not correct.
Try this instead.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Rick Kern
dcd3418a35
lavc/videotoolboxenc: check for dictionary key symbols
...
Fixes #6081 . Some dictionary keys are not present on OS X 10.8.
This loads the symbols and uses a default value if not present.
Signed-off-by: Rick Kern <kernrj@gmail.com>
8 years ago
Michael Niedermayer
9568b2e425
avcodec/h264_ps: Check chroma_qp_index_offset
...
Fixes: 647/clusterfuzz-testcase-5195745823031296
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: BBB
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Jacek Manko
c104556448
avcodec/mips/Makefile: corrected conditional build of version 1 of vc1dsp optimizations for loongson mmi
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Carl Eugen Hoyos
6a22d2459d
lavd/opengl_enc: Fix a typo.
8 years ago
Marton Balint
436f00b10c
avcodec/wrapped_avframe: allocate a buffer with padding
...
This ensures that the wrapped avframe will not get reallocated later, which
would invalidate internal references such as extended data.
Reviewed-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
8 years ago
Paul B Mahol
039011b6b0
avcodec: add ScreenPressor decoder
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Michael Niedermayer
ec849f637e
avcodec/h264idct_template: Fix several runtime error: signed integer overflow
...
Fixes: 652/clusterfuzz-testcase-6174944410992640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Michael Niedermayer
6871df02d9
avcodec/mpeg4videodec: Check sprite_offset in addition to shifts
...
Fixes: 651/clusterfuzz-testcase-5710668915277824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Michael Niedermayer
5a8fec1b33
avcodec/mpegaudiodec_template: Fix multiple runtime error: signed integer overflow
...
Fixes: 648/clusterfuzz-testcase-5337961317007360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Paul B Mahol
fb5c9be82e
avcodec/qdrw: add support for 0x0001 code
...
Fixes decoding of files which sets frame width/height this way.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Paul B Mahol
2c5839254d
avcodec/dnxhddec: fix decoding of DNxHR HQX 10-bit
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Mulvya
8b768f68b0
doc: drawtext options update
...
Remove nonexistant "draw" option.
Add undocumented "tc24hmax" timecode wrap option.
Signed-off-by: Mulvya <mulvya@gmail.com>
Signed-off-by: Lou Logan <lou@lrcd.com>
8 years ago
James Almer
a267cac928
avcodec/cbrt_data: add missing header include
...
Fixes make checkheaders
8 years ago
James Almer
65d7d46f71
avcodec/mjpegenc_huffman: add missing header include
...
Fixes make checkheaders
8 years ago
Paul B Mahol
3f878aaedf
avcodec/flicvideo: update comment, 24bit support is implemented
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Michael Niedermayer
c93a07070a
MAINTAINERS: Add ffmpeg-security alias members
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Michael Niedermayer
c9e3952b82
avcodec/rv34: Forward error from rv34_decode_mv()
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Michael Niedermayer
6179dc8aa7
avcodec/mpeg4video: Fix runtime error: left shift of negative value
...
Fixes: 644/clusterfuzz-testcase-4726434209726464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Michael Niedermayer
92188c8f57
avcodec/dcadsp: Fix runtime error: signed integer overflow: 394625024 * 8 cannot be represented in type 'int'
...
Fixes: 643/clusterfuzz-testcase-5209078743695360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
Michael Niedermayer
24f6559bd2
avcodec/rv34: Fix runtime error: signed integer overflow: -2 + -2147483648 cannot be represented in type 'int'
...
Fixes: 642/clusterfuzz-testcase-558358808074649
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago
James Almer
1ad60e4e70
avformat/matroskaenc: don't write DisplayUnit with value Unknown on WebM files
...
Value 4 (Unknown) is for the time being part of the Matroska spec but not
supported by WebM
Addresses ticket #6176
8 years ago
James Almer
d04e0a6bcf
avcodec/qdrw: don't overwrite bpp when checking its value
...
Finishes fixing ticket #6171
8 years ago
Alex Converse
dde1bf074c
aacdec: When ignoring a PCE restore the previous config
...
This is related to, but doesn't solve ticker 6152.
8 years ago
Carl Eugen Hoyos
2ac381088d
lavd/opengl_enc: Support BGR48.
8 years ago
Paul B Mahol
770ac75ae9
avcodec/qdrw: add support for 2bpp and 4bpp packed pallette format
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Paul B Mahol
4e6b44559a
avcodec/qdrw: fix writing past end of row
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
8 years ago
Michael Niedermayer
631f748491
avcodec/ituh263dec: Fix runtime error: left shift of negative value -22
...
Fixes: 639/clusterfuzz-testcase-5143866241974272
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
8 years ago