Fixes: CID1463550 Logically dead code
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 91d27f7e02)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Inspired-by: CID1473499 Uninitialized scalar variable
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a3bb269db9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 2097152000 + 107142979 cannot be represented in type 'int'
Fixes: 67919/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WAVARC_fuzzer-5955101769400320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a2ec2bd493)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: -1082982400 + -1079364728 cannot be represented in type 'int'
Fixes: 67910/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5329011971522560
The input is 9bit in 16bit, the fuzzer fills all 16bit thus generating "invalid" input
No overflow should happen with valid input.
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1330a73cca)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: -831176 * 9539 cannot be represented in type 'int'
Fixes: 67869/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5117342091640832
The input is 9bit in 16bit, the fuzzer fills all 16bit thus generating "invalid" input
No overflow should happen with valid input.
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a56559e688)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Suggested-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 69b4d9736b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1544265 Logically dead code
Sponsored-by: Sovereign Tech Fund
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fd7d24fa3f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1492867 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f9218e4d52)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1506708 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a7c4f119c9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1397741 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e757726e89)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 538976288 - -9223372036315799520 cannot be represented in type 'long'
Fixes: 68060/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5523457266745344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <git@haerdin.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 20a6bfda0f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1439569 Unchecked return value
Fixes: CID1439578 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Lynne <dev@lynne.ee>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 615c994739)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1420393 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Lynne <dev@lynne.ee>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 63415168db)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1517022 Logically dead code
Sponsored-by: Sovereign Tech Fund
Reviewed-by: "Xiang, Haihao" <haihao.xiang@intel.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 191950d1bf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1428858(1/2) Logically dead code
Sponsored-by: Sovereign Tech Fund
Reviewed-by: "mypopy@gmail.com" <mypopy@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c9c11a0866)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1428858(2/2) Logically dead code
Sponsored-by: Sovereign Tech Fund
Reviewed-by: "Xiang, Haihao" <haihao.xiang@intel.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 82cce20934)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found-by-reviewing: CID1419833 Untrusted loop bound
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b91e3c4c90)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1418336 Logically dead code
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Timo Rothenpieler <timo@rothenpieler.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 02301017d2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1403227 Division or modulo by float zero
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 25cb66369e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Regression since fd172185580c1ccdcfb90bbfdb59fa806fad3117;
triggered by vp4/KTkvw8dg1J8.avi in the FATE suite, but not
when running fate as this code is not used when the bitexact
flag is set.
Bisecting done by ami_stuff, patch from user Mika Fischer
in ticket #10027 (which this commit fixes).
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
(cherry picked from commit c3ca90a92e)
Because of ffio_ensure_seekback() a seek error normally should only happen if
the end of file is reached during checking for the junk run-in. Also use proper
error code.
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit 49e018d6fe)
We are protecting the checked buffer with ffio_ensure_seekback(), so if the
inner check fails with a seek error, that likely means the end of file was
reached when checking for the next frame. This could also be the result of a
wrongly guessed (larger than normal) frame size, so let's continue the loop
instead of breaking out early. It will end sooner or later anyway.
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit b75e604fe5)
Otherwise the subsequent ffio_ensure_seekback calls destroy the buffer of the
earlier. The worst case ~66kB seekback is so small it is easier to request it
entirely.
Fixes ticket #10837, a regression since
0d17f5228f.
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit b005317219)
we have to infer sh_collocated_from_l0_flag and sh_collocated_ref_idx from picture head if pps_rpl_info_in_ph_flag is true
(cherry picked from commit 191fbd7ddc)
vps_default_ptl_dpb_hrd_max_tid_flag needs to always be set, and
vps_direct_ref_layer_flag needs to be read even when
vps_max_tid_ref_present_flag is false.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit a48203d51a)
Use the machdep.altivec sysctl on NetBSD for AltiVec detection
as is done with OpenBSD.
(cherry picked from commit 115c96b9bd)
Signed-off-by: Brad Smith <brad@comstyle.com>
The proper type was used until 73251678c8.
This covers all of the OS's that currently have V4L2 support, permutations
of Linux glibc/musl, Android bionic, FreeBSD, NetBSD, OpenBSD, Solaris.
Copied from FreeBSD ports patch.
Signed-off-by: Brad Smith <brad@comstyle.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit 9e674b3160)
Signed-off-by: Brad Smith <brad@comstyle.com>
This is not the same as the syntax element value in the frame header
because the specification parsing tables override the value on intra
frames.
(cherry picked from commit 6f56e0e7e5)
We only support mdta as type, yet we were not skipping other types,
but rather reading key_size worth of bytes twice per entry.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 5a06d3810e)
Michael Niedermayer
Andreas Rheinhardt
Marton Balint
James Almer
Nuo Mi
Brad Smith
Brad Smith
Mark Thompson
Zhao Zhili