summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* avcodec/proresenc_anatoliy: Fix memleak upon init errorAndreas Rheinhardt2021-04-021-0/+2
| | | | | | | A buffer may leak in case of YUVA444P10 with dimensions that are not both divisible by 16. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/bsf: Fix segfault when freeing half-allocated BSFAndreas Rheinhardt2021-04-021-19/+20
| | | | | | | When allocating a BSF fails, it could happen that the BSF's close function has been called despite a failure to allocate the private data. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/av1_metadata_bsf: Check for the existence of unitsAndreas Rheinhardt2021-04-021-1/+1
| | | | | | | Fixes a crash with ISOBMFF extradata containing no OBUs. Reviewed-by: James Almer <[email protected]> Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/h264_metadata_bsf: Don't add AUD to extradataAndreas Rheinhardt2021-04-021-1/+1
| | | | | | | This is a regression since switching to the generic CBS BSF code. Reviewed-by: James Almer <[email protected]> Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/tiff: Don't use separate temporary buffer for faxAndreas Rheinhardt2021-04-021-22/+6
| | | | | | | | Also don't unnecessarily copy the input data around if it needn't be reversed; and remove a redundant memset -- av_fast_padded_malloc() already does this for us. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/msmpeg4enc: Don't use code for static init that can failAndreas Rheinhardt2021-04-023-18/+10
| | | | Signed-off-by: Andreas Rheinhardt <[email protected]>
* avformat/dss: Don't prematurely modify context variableAndreas Rheinhardt2021-04-021-20/+17
| | | | | | | | | | | | | | | | The DSS demuxer currently decrements a counter that should be positive at the beginning of read_packet; should it become negative, it means that the data to be read can't be read contiguosly, but has to be read in two parts. In this case the counter is incremented again after the first read if said read succeeded; if not, the counter stays negative. This can lead to problems in further read_packet calls; in tickets #9020 and #9023 it led to segfaults if one tries to seek lateron if the seek failed and generic seek tried to read from the beginning. But it could also happen when av_new_packet() failed and the user attempted to read again afterwards. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avformat/utils: Check allocations for failureAndreas Rheinhardt2021-04-021-4/+12
| | | | | | There would be leaks in case of failure. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/ac3enc: Simplify AC-3 bit countingAndreas Rheinhardt2021-04-021-7/+7
| | | | | | | | | | | | | | When encoding E-AC-3, whether coupling is on or not determines whether an additional frame based coupling exponent strategy element frmcplexpstr (of size five bits) is present in the bitstream. So just add five to the number of bits when counting them instead of adding 5*s->cpl_on (the latter field is currently only 0 or 1, so it doesn't make a difference). Furthermore, move some parts of the bit allocation that doesn't change per-frame to count_frame_bits_fixed() (which is only run once during init). Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/[e]ac3enc: Fix indentationAndreas Rheinhardt2021-04-022-26/+27
| | | | Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/ac3enc: Avoid needlessly copying encoded packets aroundAndreas Rheinhardt2021-04-021-1/+2
| | | | | | | | | AC-3 and EAC-3 are codecs whose packet sizes are known in advance, so one can use the min_size parameter of ff_alloc_packet2() to allocate exactly this amount. This avoids a memcpy later in av_packet_make_refcounted() in encode_simple_internal(). Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/ac3enc: Use actual size of buffer in init_put_bits()Andreas Rheinhardt2021-04-022-2/+1
| | | | | | | | | | | | Since the very beginning (since de6d9b6404bfd1c589799142da5a95428f146edd) the AC-3 encoder used AC3_MAX_CODED_FRAME_SIZE (namely 3840) for the size of the output buffer (without any check at all). This causes problems when encoding EAC-3 for which the maximum is too small, smaller than the actual size of the buffer: One can run into asserts used by the PutBits API. Ticket #8513 is about such a case and this commit fixes it by using the real size of the buffer. Signed-off-by: Andreas Rheinhardt <[email protected]>
* doc/muxers: add entry for A64 muxerGyan Doshi2021-04-021-0/+5
|
* doc/encoders: add entry for a64 encodersGyan Doshi2021-04-021-0/+4
|
* avcodec/adpcmenc: don't share a single AVClass between multiple AVCodecs.Zane van Iperen2021-04-021-8/+8
| | | | | | | Temporary fix until AVClass::child_class_next is gone. Reviewed-By: James Almer <[email protected]> Signed-off-by: Zane van Iperen <[email protected]>
* libswscale/x86/yuv2yuvX: Removes unrolling for mmx and mmxextAlan Kelly2021-04-011-1/+13
| | | | Signed-off-by: Michael Niedermayer <[email protected]>
* libswscale/x86/swscale: Only call ff_yuv2yuvX functions if the input size is > 0Alan Kelly2021-04-011-2/+4
| | | | Signed-off-by: Michael Niedermayer <[email protected]>
* tests/checkasm/sw_scale: adds additional tests sizes for yux2yuvXAlan Kelly2021-04-011-3/+3
| | | | Signed-off-by: Michael Niedermayer <[email protected]>
* avformat/asf: Use ff_add_attached_pic() to read attached picsAndreas Rheinhardt2021-04-011-14/+3
| | | | | | Also removes a stack packet. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avformat/utils: Free new streams in ff_add_attached_pic on errorAndreas Rheinhardt2021-04-012-2/+10
| | | | Signed-off-by: Andreas Rheinhardt <[email protected]>
* avformat: Add and use helper function to add attachment streamsAndreas Rheinhardt2021-04-018-77/+66
| | | | | | | | | All instances of adding attached pictures to a stream or adding a stream and an attached packet to said stream have several things in common like setting the index and flags of the packet, setting the stream disposition etc. This commit therefore factors this out. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/flashsv2enc: Fix undefined NULL + 0Andreas Rheinhardt2021-04-011-1/+1
| | | | | | Affected the vsynth*-flashsv2 FATE-tests. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avutil/pixdesc: Fix 1 << 32Andreas Rheinhardt2021-04-011-1/+1
| | | | Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/motion_est: Fix invalid left shift of negative numbersAndreas Rheinhardt2021-04-012-31/+32
| | | | | | Affected many FATE-tests. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avfilter/vf_codecview: Fix undefined left shifts of negative numbersAndreas Rheinhardt2021-04-011-4/+4
| | | | | | Affected the filter-codecview-mvs FATE-test. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/g2meet: Fix undefined NULL + 0Andreas Rheinhardt2021-04-011-1/+1
| | | | | | Affected the g2m4 FATE-test. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avutil/base64: Fix undefined NULL + 0Andreas Rheinhardt2021-04-011-2/+7
| | | | | | Affected the base64 FATE test. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/vmdvideo: Fix NULL + 0Andreas Rheinhardt2021-04-011-7/+12
| | | | | | Affected the FATE tests filter-gradfun-sample and sierra-vmd-video. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/mss12: Don't apply non-zero offset to null pointerAndreas Rheinhardt2021-04-011-7/+10
| | | | | | Affected the FATE tests mss2-wmv and mss1-pal. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/lcldec: Fix undefined NULL + 0Andreas Rheinhardt2021-04-011-3/+5
| | | | | | Affected the FATE tests vsynth*-zlib, mszh and zlib. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/qtrleenc: Fix negative linesizes, don't use NULL + offsetAndreas Rheinhardt2021-04-011-8/+11
| | | | | | | | | | | | | | | | | | | | | | | | | Before commit f1e17eb446577180ee9976730aacb46563766518, the qtrle encoder had undefined pointer arithmetic: Outside of a loop, two pointers were set to point to the ith element (with index i-1) of a line of a frame. At the end of each loop iteration, these pointers were decremented, so that they pointed to the -1th element of the line after the loop. Furthermore, one of these pointers can be NULL (in which case all pointer arithmetic is automatically undefined behaviour). Commit f1e17eb44 added a check in order to ensure that the elements never point to the -1th element of the array: The pointers are only decremented if they are bigger than the frame's base pointer (i.e. AVFrame.data[0]). Yet this check does not work at all in case of negative linesizes; furthermore in case the pointer that can be NULL is NULL initializing it still involves undefined pointer arithmetic. This commit fixes both of these issues: First, non-NULL pointers are initialized to point to the element after the ith element and decrementing is moved to the beginning of the loop. Second, if a pointer is NULL, it is just made to point to the other pointer, as this allows to avoid checks before decrementing it. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/qtrleenc: Use keyframe when no previous frame is availableAndreas Rheinhardt2021-04-011-1/+2
| | | | | | | If keeping a reference to an earlier frame failed, the next frame must be an I frame for lack of reference frame. This commit implements this. Signed-off-by: Andreas Rheinhardt <[email protected]>
* libswresample/audioconvert: Fix undefined NULL + 0Andreas Rheinhardt2021-04-011-2/+2
| | | | | | Affected 26 FATE tests like swr-resample_async-s16p-44100-8000. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/proresdec2: Don't apply non-zero offset to null pointerAndreas Rheinhardt2021-04-011-6/+8
| | | | | | | Affected ProRes without alpha; affected 32 FATE tests, e.g. prores-422, prores-422_proxy, prores-422_lt or matroska-prores-header-insertion-bz2. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/mpegvideo_enc: Don't apply non-zero offset to null pointerAndreas Rheinhardt2021-04-011-1/+2
| | | | | | Affected many FATE tests (mostly vsynth ones). Signed-off-by: Andreas Rheinhardt <[email protected]>
* avfilter/af_hdcd: Fix undefined shiftsAndreas Rheinhardt2021-04-011-4/+4
| | | | | | Affected the filter-hdcd-* FATE tests. Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/dcaenc: Fix undefined left shift of negative numbersAndreas Rheinhardt2021-04-011-4/+4
| | | | | | Affected the acodec-dca and acodec-dca2 FATE tests. Signed-off-by: Andreas Rheinhardt <[email protected]>
* tests/matroska: Add test for remuxing annex B H.264 into MatroskaAndreas Rheinhardt2021-04-012-0/+82
| | | | Signed-off-by: Andreas Rheinhardt <[email protected]>
* avcodec/pnm_parser: Check image size addition for overflowMichael Niedermayer2021-04-011-1/+1
| | | | | | | | | | Fixes: assertion failure Fixes: out of array access Fixes: 32664/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGMYUV_fuzzer-6533642202513408.fuzz Fixes: 32669/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGMYUV_fuzzer-6001928875147264 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* avcodec/lscrdec: Check length in decode_idat()Michael Niedermayer2021-04-011-0/+4
| | | | | | | | Fixes: out of array access Fixes: 32264/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LSCR_fuzzer-6684504010915840 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* tools/target_dem_fuzzer: Fix packet leakMichael Niedermayer2021-04-011-4/+3
| | | | | | Fixes: 32121/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-4512973109460992 Signed-off-by: Michael Niedermayer <[email protected]>
* avformat/imx: Check palette chunk sizeMichael Niedermayer2021-04-011-0/+2
| | | | | | | | Fixes: out of array write Fixes: 32116/clusterfuzz-testcase-minimized-ffmpeg_dem_SIMBIOSIS_IMX_fuzzer-6702533894602752 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* avcodec/h265_metadata_bsf: Check nb_units before accessing the first in ↵Michael Niedermayer2021-04-011-1/+1
| | | | | | | | | | | | h265_metadata_update_fragment() Fixes: null pointer dereference Fixes: 32113/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-4803262287052800 Same as 0c48c332eeb2866d9353125f701e099c48889463 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* avformat/rmdec: use larger intermediate type for audio_framesize * ↵Michael Niedermayer2021-04-011-1/+1
| | | | | | | | | | sub_packet_h check Fixes: signed integer overflow: 65535 * 65535 cannot be represented in type 'int' Fixes: 31406/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5024692843970560 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* avcodec/exr: Check oe in huf_decode() before useMichael Niedermayer2021-04-011-1/+6
| | | | | | | | Fixes: out of array access Fixes: 31386/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5773234709594112 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <[email protected]>
* tls_gnutls: Print the underlying IO error message and pass the error code ↵Martin Storsjö2021-04-011-9/+21
| | | | | | through Signed-off-by: Martin Storsjö <[email protected]>
* tls_openssl: Improve quality of printed error messages, pass IO error codes ↵Martin Storsjö2021-04-011-12/+29
| | | | | | | | | | | | through Print every error in the stack, if more than one, and don't print bogus errors if there's none logged within OpenSSL. Retain the underlying IO error code, print an error message out of it, and pass the error code on to the caller. Signed-off-by: Martin Storsjö <[email protected]>
* rtpenc_mpegts: add AVClass to the muxer contextGyan Doshi2021-04-011-0/+1
|
* avcodec/h264_slice: Check input SPS in ff_h264_update_thread_context()Michael Niedermayer2021-03-311-3/+2
| | | | | | | | Fixes: crash Fixes: check_pkt.mp4 Found-by: Rafael Dutra <[email protected]> Signed-off-by: Michael Niedermayer <[email protected]>
* avcodec/mpegpicture: Keep ff_mpeg_framesize_alloc() failure state consistentMichael Niedermayer2021-03-311-1/+4
| | | | | | | | | Fixes: null pointer dereference Fixes: ff_put_pixels16_sse2.mp4 Found-by: Rafael Dutra <[email protected]> Regression-since: 4b2863ff01b1fe93d9a518523c9098d17a9d8c6f Signed-off-by: Michael Niedermayer <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-09 22:59:21 +0000