Michael Niedermayer
d8ea7a67ba
avcodec/vqavideo: reset accounting on error
...
Fixes: Timeout (same growing chunk is decoded to failure repeatedly)
Fixes: 42582/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VQA_fuzzer-6531195591065600
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
3 years ago
Michael Niedermayer
2877ddddda
avcodec/vqavideo: Use GetByteContext and check for end
...
Fixes: out of array access
Fixes: Timeout
Fixes: 40481/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VQA_fuzzer-6502647583080448
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
3 years ago
Andreas Rheinhardt
5593f5cf24
avcodec/vqavideo: Remove dead code
...
Fixes Coverity issue #1493344 .
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
3 years ago
Pekka Väänänen
947d0ce0ea
avcodec/vqavideo: Decode 15-bit VQA3 files
...
Adds support for 15-bit VQA3 videos used in Westwood Studios' games.
Signed-off-by: Pekka Väänänen <pekka.vaananen@iki.fi>
3 years ago
Andreas Rheinhardt
5b4aa634f2
avcodec/vqavideo: Cleanup generically on init failure
...
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 years ago
Andreas Rheinhardt
c4c077ada5
avcodec/vqavideo: Mark decoder as init-threadsafe
...
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
4 years ago
Andreas Rheinhardt
a247ac640d
avcodec: Constify AVCodecs
...
Given that the AVCodec.next pointer has now been removed, most of the
AVCodecs are not modified at all any more and can therefore be made
const (as this patch does); the only exceptions are the very few codecs
for external libraries that have a init_static_data callback.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
4 years ago
Michael Niedermayer
8a1a9588fb
avcodec/vqavideo: Limit resolution
...
Fixes: Timeout (288sec -> 1ms)
Fixes: 16353/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VQA_fuzzer-5633402606190592
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
6 years ago
Michael Niedermayer
02f909dc24
avcodec/vqavideo: Set video size
...
Fixes: out of array access
Fixes: 15919/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VQA_fuzzer-5657368257363968
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
6 years ago
Clément Bœsch
2d12b910f7
lavc: use av_fourcc2str() where appropriate
8 years ago
Vittorio Giovara
41ed7ab45f
cosmetics: Fix spelling mistakes
...
Signed-off-by: Diego Biurrun <diego@biurrun.de>
9 years ago
Vittorio Giovara
def97856de
lavc: AV-prefix all codec capabilities
...
Express bitfields more simply.
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
10 years ago
Michael Niedermayer
8a62b80ce6
avcodec/vqavideo: Check chunk size
...
Fixes CID1239154
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
10 years ago
Michael Niedermayer
5bebd13d2d
avcodec/vqavideo: Use ff_tlog() for byte and opcode tracing
...
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
10 years ago
Vittorio Giovara
6a85dfc830
lavc: Replace av_dlog and tprintf with internal macros
10 years ago
Paul B Mahol
6dfa70f272
Correct few "ffmpeg" typos
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
11 years ago
Michael Niedermayer
e6364ea26d
avcodec/vqavideo: use av_mallocz() for decode_buffer()
...
Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7f62eaba897d_595_4D6EFA92.VQA
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
11 years ago
Michael Niedermayer
03acb035d1
avcodec/vqavideo: clear uninitialized parts of the decode buffer
...
Fixes use of uninitialized memory
Fixes part of msan_uninit-mem_7f841fe2ab3b_4608_cow2_1.vqa
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
11 years ago
Michael Niedermayer
263105deeb
avcodec/vqavideo: check destination size on all exit pathes
...
Fixes part of msan_uninit-mem_7f841fe2ab3b_4608_cow2_1.vqa
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
11 years ago
Diego Biurrun
b2bed9325d
cosmetics: Group .name and .long_name together in codec/format declarations
12 years ago
Luca Barbato
c4abc9098c
vqavideo: check the version
...
Prevent out of buffer write.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
12 years ago
Clément Bœsch
1ec94b0f06
lavc: factorize ff_{thread_,re,}get_buffer error messages.
...
Coccinelle profile used:
@@
expression r, ctx, f, loglevel, str, flags;
@@
-if ((r = ff_get_buffer(ctx, f, flags)) < 0) {
- av_log(ctx, loglevel, str);
- return r;
-}
+if ((r = ff_get_buffer(ctx, f, flags)) < 0)
+ return r;
@@
expression r, ctx, f, loglevel, str;
@@
-if ((r = ff_reget_buffer(ctx, f)) < 0) {
- av_log(ctx, loglevel, str);
- return r;
-}
+if ((r = ff_reget_buffer(ctx, f)) < 0)
+ return r;
@@
expression r, ctx, f, loglevel, str, flags;
@@
-if ((r = ff_thread_get_buffer(ctx, f, flags)) < 0) {
- av_log(ctx, loglevel, str);
- return r;
-}
+if ((r = ff_thread_get_buffer(ctx, f, flags)) < 0)
+ return r;
...along with some manual patches for the remaining ones.
12 years ago
Anton Khirnov
759001c534
lavc decoders: work with refcounted frames.
12 years ago
Michael Niedermayer
f7d18deb73
vqavideo: check chunk sizes before reading chunks
...
Fixes out of array writes
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit ab6c9332bf
)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 13093f9767
)
CC: libav-stable@libav.org
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
12 years ago
Michael Niedermayer
ab6c9332bf
vqavideo: check chunk sizes before reading chunks
...
Fixes out of array writes
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
12 years ago
Anton Khirnov
26a161a166
vqavideo: return meaningful error codes.
12 years ago
Anton Khirnov
df9b956751
lavc: fix decode_frame() third parameter semantics for video decoders
...
It's got_frame, not data size
12 years ago
Anton Khirnov
594d4d5df3
lavc: add a wrapper for AVCodecContext.get_buffer().
...
It will be useful in the upcoming transition to refcounted AVFrames.
12 years ago
Carl Eugen Hoyos
dd6abc921a
vqavideo: Reinitialise the actually used partial codebook bytestream-reader.
...
Fixes ticket #1942 .
12 years ago
Paul B Mahol
5f614bcf2c
vqavideo: return more meaningful error codes
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
12 years ago
Michael Niedermayer
b12d92efd6
avoid "0xFF << 24" as it is considered a integer overflow in C99
...
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
13 years ago
Anton Khirnov
716d413c13
Replace PIX_FMT_* -> AV_PIX_FMT_*, PixelFormat -> AVPixelFormat
13 years ago
Anton Khirnov
36ef5369ee
Replace all CODEC_ID_* with AV_CODEC_ID_*
13 years ago
Paul B Mahol
0f73ac3fc8
vqavideo: pass context to remaining av_(d)log
...
Finally get rid of all superfluous strings from av_log messages.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
13 years ago
Mans Rullgard
c776531aef
vqavideo: change x/y loop counters to the usual pattern
...
Signed-off-by: Mans Rullgard <mans@mansr.com>
13 years ago
Mans Rullgard
58b2e0f0f2
vqavideo: return error if image size is not a multiple of block size
...
The decoder assumes in various places that the image size
is a multiple of the block size, and there is no obvious
way to support odd sizes. Bailing out early if the header
specifies a bad size avoids various errors later on.
Fixes CVE-2012-0947.
Signed-off-by: Mans Rullgard <mans@mansr.com>
13 years ago
Martin Storsjö
00c3b67b8a
cosmetics: Align codec declarations
...
Also break some long lines, remove codec function placeholder comments
and add spaces in sample/pixel format lists.
Signed-off-by: Martin Storsjö <martin@martin.st>
13 years ago
Reimar Döffinger
535eed9301
vqavideo: fix decoding of samples with no partial updates.
...
Fixes playback of
http://samples.mplayerhq.hu/game-formats/vqa/landsoflore/B0EB8711.VQA
(trac issue #710 ).
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
13 years ago
Michael Niedermayer
3583c8706d
vqavideodev: Check image dimensions
...
Fixes out of heap array read
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
13 years ago
Ronald S. Bultje
75d7975268
vqa: check palette chunk size before reading data.
...
Prevents overreads beyond buffer boundaries.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
13 years ago
Paul B Mahol
36440982a0
vqavideo: remove some superfluous " VQA video: "
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
13 years ago
Paul B Mahol
5a3a906ba2
vqavideo: port to bytestream2 API
...
Protects against overreads.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
13 years ago
Paul B Mahol
341404f753
vqavideo: check malloc return values
...
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
13 years ago
Reimar Döffinger
4278023240
Check for overread in vqa video decoder.
...
This issue was discovered while decoding the FATE sample vqa/ws_snd.vqa.
For some unknown reason only audio decoding is tested by FATE for that file,
but not video.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
13 years ago
Carl Eugen Hoyos
eb664d4ae3
Increase Westwood Studios VQA palette dynamics.
13 years ago
Carl Eugen Hoyos
1d38c746fd
Set Westwood Studios VQA palette opaque.
13 years ago
Laurent Aimar
6d45702f7f
vqavideo: check for out of bound reads.
...
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
14 years ago
Laurent Aimar
b226af3910
vqavideo: check for invalid/unsupported version
...
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
14 years ago
Anton Khirnov
ec6402b7c5
lavc: use designated initialisers for all codecs.
...
It's more readable and less prone to breakage.
14 years ago
Diego Biurrun
ad4cd0c2a4
doxygen: use Doxygen markup for authors and web links where appropriate
14 years ago