Fixes: runtime error: signed integer overflow: 25984 * 130560 cannot be represented in type 'int'
Fixes: 1404/clusterfuzz-testcase-minimized-5000441286885376
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The MMX state must be cleared between using MMX and using memory allocation
thats basically the only location between the 2
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This fixes asserts (from commit 13aae8) in av_frame_ref and
av_frame_move_ref.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
When decoding, this field holds the inverse of the framerate that can be
written in the headers for some codecs. Using a field called 'time_base'
for this is very misleading, as there are no timestamps associated with
it. Furthermore, this field is used for a very different purpose during
encoding.
Add a new field, called 'framerate', to replace the use of time_base for
decoding.
in this case current MB size is forced to 16x16 (AVS standard section 9.9.1)
Signed-off-by: Yao Wang <jiayaowang@gmail.com>
Fixes Ticket 1901
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Also move the declaration to internal.h, and add restrict qualifiers
to the declaration (as in the implementation).
Signed-off-by: Martin Storsjö <martin@martin.st>
It does not use any of the mpegvideo infrastructure, just a few fields
from the context.
Fixes a segfault with the emu edge flag, since emu edge buffer is now
allocated as a part of the frame buffer allocation and cavs calls
ff_get_buffer() directly, it does not use mpegvideo buffer management.
Fixes a memleak of the last frame.
This table doesn't need to be shared with libavformat any longer.
Add mpeg12 to the name to make it less ambiguous, while renaming it.
Signed-off-by: Martin Storsjö <martin@martin.st>
Some invocations include a verb in the log message, others do not. Yet
av_log_missing_feature expects callers to provide a verb. Change the
function to include a verb instead and update the callers accordingly.
The result is a more natural function API and correct English in the
function invocations.
Our decoder does not support changing w/h.
Fixes CVE-2012-2777 and CVE-2012-2784.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Anton Khirnov <anton@khirnov.net>
The assert in decode_mb_b() is replaced by a normal error check for the
case that can occur with a damaged or crafted bitstream.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>