ffmpeg/FFmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2024-09-20 05:16:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
85,849 Commits 36 Branches 398 Tags 535 MiB
1a577c59d0
Commit Graph

85849 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Rheinhardt
1a577c59d0 libavcodec/libmp3lame: Don't free user-provided AVPacket 
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
(cherry picked from commit 7e6941e185)
 2020-05-23 20:47:33 +02:00
Andreas Rheinhardt
174ce949d7 avcodec/libopusenc: Don't free user-provided AVPacket 
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
(cherry picked from commit b803993b6d)
 2020-05-23 20:47:33 +02:00
Andreas Rheinhardt
c13febd843 avformat/matroskadec: Fix default value of BlockAddID 
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit dbc50f8a93)
 2020-04-03 22:08:49 +02:00
Mark Harris
9d3509f401 avutil/mem: Fix invalid use of av_alloc_size 
The alloc_size attribute is valid only on functions that return a
pointer.  GCC 9 (not yet released) warns about invalid usage:

./libavutil/mem.h:342:1: warning: 'alloc_size' attribute ignored on a function returning int' [-Wattributes]
  342 | av_alloc_size(2, 3) int av_reallocp_array(void *ptr, size_t nmemb, size_t size);
      | ^~~~~~~~~~~~~

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4361293fcf)
 2019-07-23 01:22:27 -03:00
James Almer
884ecede17 avcodec/hevcdec: decode at most one slice reporting being the first in the picture 
Fixes deadlocks when decoding packets containing more than one of the aforementioned
slices when using frame threads.

Tested-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 70c8c8a818)
 2019-03-20 21:20:20 -03:00
Paul B Mahol
3d5762380d avfilter/af_silenceremove: fix possible crash if supplied duration is negative 
Signed-off-by: Paul B Mahol <onemda@gmail.com>

Fixes ticket #7697.
(cherry picked from commit 2d1594a8d6)
 2019-01-25 00:58:14 +01:00
Michael Niedermayer
9cba90e5ef Changelog: update 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-18 01:33:38 +01:00
Michael Niedermayer
14778d3fda avcodec/pngdec: Check compression method 
method 0 (inflate/deflate) is the only specified in the specification and the only supported

Fixes: Timeout
Fixes: 10976/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PNG_fuzzer-5729372588736512

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1f99674ddd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-16 18:24:31 +01:00
Michael Niedermayer
3c4a874388 fftools/ffmpeg: Repair reinit_filter feature 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3504004879)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-16 18:21:27 +01:00
Michael Niedermayer
2661025679 avcodec/shorten: Fix integer overflow with offset 
Fixes: signed integer overflow: -1625810908 - 582229060 cannot be represented in type 'int'
Fixes: 10977/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5732602018267136

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2f888771cd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-16 13:18:23 +01:00
Michael Niedermayer
14c8795361 avcodec/cavsdec: Propagate error codes inside decode_mb_i() 
Fixes: Timeout
Fixes: 10702/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CAVS_fuzzer-5669940938407936

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c1cee05656)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-04 20:26:01 +01:00
Michael Niedermayer
ecbf42e13a avcodec/mpegaudio_parser: Consume more than 0 bytes in case of the unsupported mp3adu case 
Fixes: Timeout
Fixes: 10966/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MP3ADU_fuzzer-5348695024336896
Fixes: 10969/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MP3ADUFLOAT_fuzzer-5691669402877952

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit df91af140c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-04 20:24:19 +01:00
Michael Niedermayer
6fe9f36dd9 Update for FFmpeg 3.3.9 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 01:32:12 +01:00
Michael Niedermayer
72e1c43d6d avutil/integer: Fix integer overflow in av_mul_i() 
Found-by: fate
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3cc3cb663b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
2405af5081 avcodec/msrle: Check that the input is large enough to contain a end of picture code 
Fixes: Timeout
Fixes: 10625/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSRLE_fuzzer-5659651283091456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 203ccb8746)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
98444e0222 avcodec/jpeg2000dec: Fix off by 1 error in JPEG2000_PGOD_CPRL handling 
Fixes: assertion failure
Fixes: 10785/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5672160496975872

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 305e523105)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
947f7af048 avcodec/mpeg4videodec: Fix typo in sprite delta check 
Fixes: Integer overflow
Fixes: 10890/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5636062181851136

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b737317a88)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
65710b7e6c avcodec/h264_cavlc: Check mb_skip_run 
Fixes: 10300/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-6292205497483264
Fixes: signed integer overflow: -2147483648 - 1 cannot be represented in type 'int'

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f72b9904fe)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
caddb7890a avcodec/ra144: Fix integer overflow in add_wav() 
Fixes: signed integer overflow: -2144033225 + -5208934 cannot be represented in type 'int'
Fixes: 10633/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RA_144_fuzzer-5679133791617024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c6282141cb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
a1f4fe165a avformat/utils: Never store negative values in last_IP_duration 
Fixes: integer overflow compute_pkt_fields()
Fixes: compute_pkt_usan

Reported-by: Thomas Guilbert <tguilbert@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 079d1a7175)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
1e59d05e48 avformat/utils: Fix integer overflow in discontinuity check 
Fixes: signed integer overflow: 7738135736989908991 - -7954308516317364223 cannot be represented in type 'long'
Fixes: find_stream_info_usan

Reported-by: Thomas Guilbert <tguilbert@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4e19cfcfa3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
a9ce7cfc59 avcodec/unary: Improve get_unary() docs 
Found-by: kierank
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ad89e203bf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
6177ed2a9b avcodec/dvdsubdec: Sanity check len in decode_rle() 
Fixes: Timeout
Fixes: 9778/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DVDSUB_fuzzer-5186007132536832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e7b023e1db)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
43a80efee6 avcodec/mpeg4videodec: Fix undefined shift in get_amv() 
Fixes: runtime error: shift exponent -1 is negative
Fixes: 9938/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5653783529914368

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c88afa44c4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
7fb45ccf4e avcodec/zmbv: Check that the decompressed data size is correct 
This checks the value exactly for intra frames and checks it against a
minimum for inter frames as they can be variable.

Fixes: Timeout
Fixes: 10182/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ZMBV_fuzzer-6245951174344704

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e33b28cc79)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
bf4026fcbe avcodec/zmbv: Update decomp_len in raw frames 
decomp_len is used in raw frames, so it should not be left at the value from
whatever was decoded previously (which may be any other frame)

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3d201b83cd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
3c3b437d79 avcodec/shorten: Fix bitstream end check in read_header() 
Fixes: Timeout
Fixes: 9961/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5687856176562176

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 28b80c2d52)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
46875255bc avcodec/dvdsubdec: Avoid branch in decode_run_8bit() 
Speed improvment 35.5 sec -> 34.7sec

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 71bf033050)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
fa5498cb4d avcodec/h264_refs: Document last if() in ff_h264_execute_ref_pic_marking() 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 697984b9db)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
5c91bb1881 avcodec/ra144: Fix undefined integer overflow in add_wav() 
Fixes: signed integer overflow: -26884 * 91439 cannot be represented in type 'int'
Fixes: 9687/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RA_144_fuzzer-4995588121690112

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 93a203662f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
78a1db00c4 avcodec/indeo4: Check dimensions in decode_pic_hdr() 
Fixes: Timeout
Fixes: 9654/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-6289863463665664

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7592e88bfe)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Dale Curtis
1acec9bbf5 avformat/mov: Error on too large stsd entry counts. 
Entries are always at least 8 bytes per the parsing code, so if we
see an impossible entry count avoid massive allocations. This is
similar to an existing check in mov_read_stsc().

Since ff_mov_read_stsd_entries() does eof checks, an alternative
approach could be to clamp the entry count to atom.size / 8.

Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 320b631a99)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Bunk
7266a6d23c examples: Fix use of AV_CODEC_FLAG_GLOBAL_HEADER 
AV_CODEC_FLAG_GLOBAL_HEADER should be set before calling avcodec_open2() to have any effect.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a82e4fb8c6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
66331499a7 avcodec/hq_hqa: Check remaining input bits in hqa_decode_mb() 
Fixes: Timeout
Fixes: 9634/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HQ_HQA_fuzzer-6267852259590144

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c9222b972d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
347c50b0d4 avcodec/vb: Check for end of bytestream before reading blocktype 
Fixes: Timeout
Fixes: 9601/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VB_fuzzer-4550228702134272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1cbac9ce20)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
dc8ec1a5bc avcodec/snowdec: Fix integer overflow with motion vector residual 
Fixes: signed integer overflow: -19818 + -2147483648 cannot be represented in type 'int'
Fixes: 9545/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-4928769537081344

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit acba153a14)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
b80d7d4a09 avformat/nsvdec: Do not parse multiple NSVf 
The specification states "NSV files may contain a single file header. "
Fixes: out of array access
Fixes: nsv-asan-002f473f726a0dcbd3bd53e422c4fc40b3cf3421

Found-by: Paul Ch <paulcher@icloud.com>
Tested-by: Paul Ch <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 78d4b6bd43)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
24add16a32 avformat/mlvdec: read_string() received unsigned size, make the argument unsigned 
Fixes: infinite loop
Fixes: mlv-timeout-e3b8cab9835edecad6823baa057e029671329d04

Found-by: Paul Ch <paulcher@icloud.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1e71cb2c8e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
44ebea8657 avformat/rmdec: Fix EOF check in the stream loop in ivr_read_header() 
Fixes: long running loop
Fixes: ivr-timeout-42468cb797f52f025fb329394702f5d4d64322d6

Found-by: Paul Ch <paulcher@icloud.com>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c2eec1762d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
907699d120 avcodec/scpr: Check for min > max in decompress_p() 
Fixes: Timeout
Fixes: 9342/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-4795990841229312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3378194ce8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
298ca73ab1 avcodec/shorten: Fix signed 32bit overflow in shift in shorten_decode_frame() 
Fixes: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes: 9480/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-6647324284551168 -rss_limit_mb=2000

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9b604e96a5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
d16d851238 avcodec/shorten: Fix integer overflow in residual/LPC combination 
Fixes: signed integer overflow: -540538872 + -2012739576 cannot be represented in type 'int'
Fixes: 9255/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5758630052757504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit db7e9082e1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
488c246bf5 avcodec/shorten: Check verbatim length 
Fixes: Timeout
Fixes: 9252/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5780720709533696

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7007dabec0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
0ea1b62b9a avcodec/mpegaudio_parser: Initialize poutbuf* 
Possibly fixes: null pointer dereference
Possibly fixes: 9352/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MP3ADUFLOAT_fuzzer-5146068961460224
Fixes: Heap-use-after-free
Fixes: 9453/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MP3ADUFLOAT_fuzzer-5137954375729152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0f4c3b0b8e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
0678985c14 avcodec/aacpsdsp_template: Fix integer overflow in ps_stereo_interpolate_c() 
Fixes: signed integer overflow: -1813244069 + -1407981383 cannot be represented in type 'int'
Fixes: 8823/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5643295618236416

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 47db5763e2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
0026d00742 avformat/flvenc: Check audio packet size 
Fixes: Assertion failure
Fixes: assert_flvenc.c:941_1.swf

Found-by: #CHEN HONGXU# <HCHEN017@e.ntu.edu.sg>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6b67d7f059)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Nikolas Bowe
e2d052d5c8 lavc/svq3: Fix regression decoding some files. 
Fixes some SVQ3 encoded files which fail to decode correctly after 6d6faa2a2d.
These files exhibit lots of artifacts and logs show "Media key encryption is not implemented".
However they decode without artifacts before 6d6faa2a2d.
The attatched patch allows these files to successfully decode, but also reject media key files.

Tested on the files in #6094 and http://samples.mplayerhq.hu/V-codecs/SVQ3/Vertical400kbit.sorenson3.mov

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5aeb3b0080)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
1e1c02c51b avcodec/qtrle: Check remaining bytestream in qtrle_decode_XYbpp() 
Fixes: Timeout
Fixes: 9213/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QTRLE_fuzzer-5649753332252672

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7dd836a3f9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
c1a3212d45 avcodec/diracdec: Check bytes count in else branch in decode_lowdelay() too 
Fixes: signed integer overflow: 8 * 340018243 cannot be represented in type 'int'
Fixes: 9441/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5194665207791616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bed125b710)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00
Michael Niedermayer
c07d568603 avcodec/diracdec: Check slice numbers for overflows in relation to picture dimensions 
Fixes: signed integer overflow: 88 * 33685506 cannot be represented in type 'int'
Fixes: 9433/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5725943535501312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f457c0ad7f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-11-01 00:52:46 +01:00