Fixes: signed integer overflow: -2147483648 + -1048576 cannot be represented in type 'int'
Fixes: 59365/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-642654923954585
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 2079654542 - -139267653 cannot be represented in type 'int'
Fixes: 60811/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TTA_fuzzer-5915858409750528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is the very last user of any lavc transform code.
This also *corrects* wmavoice decoding, as the previous DCT/DST
transforms were incorrect, bringing it closer to Microsoft's
own wmavoice decoder.
Add a full parser to libavcodec for AV_CODEC_ID_JPEGXL. It finds the
end of the stream in order to packetize the codec, and it looks at
the headers to set preliminary information like dimensions and pixel
format.
Note that much of this code is duplicated from avformat/jpegxl_probe.c,
but that code will be removed and call this instead in the next commit.
Signed-off-by: Leo Izen <leo.izen@gmail.com>
Before this commit, the decoder erroneously assumes that the AVFrame
passed to the receive_frame is the same one each time. Now it keeps an
internal AVFrame to write into, and copies it over when it's done.
Signed-off-by: Leo Izen <leo.izen@gmail.com>
Fixes an error that's caused by decoding a grayscale JXL image after an
RGB image is decoded, with the same decoder instance.
Signed-off-by: Leo Izen <leo.izen@gmail.com>
It is currently probably not possible for it to be negative as
the needed 2Mb input buf size is not achievable. But it is more
robust to check for it too.
If it would become negative than code like
s->samples[0][n] = s->samples[0][s->nb_samples + n];
would crash
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: shift exponent 1285 is too large for 32-bit type 'int'
Fixes: 60870/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WAVARC_fuzzer-5332050340347904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: -1403461578 + -843974775 cannot be represented in type 'int'
Fixes: 60868/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-4599793035378688
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
if !ph_deblocking_params_present_flag is true, ph_deblocking_filter_disabled_flag infered from pps
if !sh_deblocking_params_present_flag is true, sh_deblocking_filter_disabled_flag infered from ph
Failed clips:
ENT444MAINTIER_C_Sony_3.bit
ENT444HIGHTIER_D_Sony_3.bit
Signed-off-by: James Almer <jamrial@gmail.com>
if pps_alf_info_in_ph_flag is true
sh_alf_enabled_flag infered from ph
Failed clip:
LTRP_A_ERICSSON_3.bit
Signed-off-by: James Almer <jamrial@gmail.com>
if sh_picture_header_in_slice_header_flag is true
sh_lmcs_used_flag and sh_explicit_scaling_list_used_flag are infered from ph
Failed clips:
LMCS: CLM_A_KDDI_2.bit STILL444_A_KDDI_1.bit
Scaling: SCALING_B_InterDigital_1.bit SCALING_A_InterDigital_1.bit
Signed-off-by: James Almer <jamrial@gmail.com>
By default the OpenEXR decoder outputs linear light pixel data by
applying a gamma=1.0 transfer (i.e. a no-op). When it does so, it
should tag the data as linear so color-managed filters or other tools
can work with it correctly.
Signed-off-by: Leo Izen <leo.izen@gmail.com>
Stefano Sabatini
Paul B Mahol
Michael Niedermayer
Andreas Rheinhardt
Lynne
Tong Wu
Jun Zhao
Leo Izen
Christophe Gisquet
Kacper Michajłow
Benjamin Cheng
Rémi Denis-Courmont
Aleksoid
Nuo Mi
Haihao Xiang