aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* avcodec/tscc: Check side data size before useMichael Niedermayer2017-08-231-2/+5
| | | | | | | | Fixes out of array read Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 979bca513424879ed0c653cb1b55fc4156a89576) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/rawdec: Check side data size before useMichael Niedermayer2017-08-231-1/+6
| | | | | | | | Fixes out of array read Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 5f0bc0215a0f7099a2bcba5dced2e045e70fee61) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/msvideo1: Check side data size before useMichael Niedermayer2017-08-231-2/+5
| | | | | | | | Fixes out of array read Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 161ccdaa06d1d109e8f77d2535bda11ce02720f5) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/qpeg: Check side data size before useMichael Niedermayer2017-08-231-2/+5
| | | | | | | | Fixes out of array read Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 16793504dfba44e738655807db3274301b9bc690) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/qtrle: Check side data size before useMichael Niedermayer2017-08-231-2/+5
| | | | | | | | Fixes out of array read Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7d196f2a5a48faf25fd904b33b1fd239daae9840) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/msrle: Check side data size before useMichael Niedermayer2017-08-231-2/+5
| | | | | | | | Fixes out of array read Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a6330119a099840c5279697cf80cb768df97a90a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/kmvc: Check side data size before useMichael Niedermayer2017-08-231-2/+5
| | | | | | | | Fixes out of array read Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2d99101d0964f754822fb4af121c4abc69047dba) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/idcinvideo: Check side data size before useMichael Niedermayer2017-08-231-2/+5
| | | | | | | | Fixes out of array read Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a2b8dde65947bfabf42269e124ef83ecf9c5974a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/cinepak: Check side data size before useMichael Niedermayer2017-08-231-2/+5
| | | | | | | | Fixes out of array read Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 121be310607879841d19a34d9f16d4fe9ba7f18c) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/8bps: Check side data size before useMichael Niedermayer2017-08-231-2/+5
| | | | | | | | Fixes out of array read Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 042faa847feea820451c474af0034fd3de9cff82) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/dvdsubdec: Fix off by 1 errorMichael Niedermayer2017-08-231-1/+1
| | | | | | | | | Fixes out of array read Found-by: Thomas Garnier using libFuzzer Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c92f55847a3d9cd12db60bfcd0831ff7f089c37c) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/dvdsubdec: Fix buf_size checkMichael Niedermayer2017-08-231-1/+2
| | | | | | | | | Fixes out of array access Found-by: Thomas Garnier using libFuzzer Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 25ab1a65f3acb5ec67b53fb7a2463a7368f1ad16) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* vp9: change order of operations in adapt_prob().Ronald S. Bultje2017-08-231-3/+2
| | | | | | | | | | | | | | This is intended to workaround bug "665 Integer Divide Instruction May Cause Unpredictable Behavior" on some early AMD CPUs, which causes a div-by-zero in this codepath, such as reported in Mozilla bug #1293996. Note that this isn't guaranteed to fix the bug, since a compiler is free to reorder instructions that don't depend on each other. However, it appears to fix the bug in Firefox, and a similar patch was applied to libvpx also (see Chrome bug #599899). (cherry picked from commit be885da3427c5d9a6fa68229d16318afffe67193) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/interplayvideo: Check side data size before useMichael Niedermayer2017-08-231-2/+5
| | | | | | | | | Fixes out of array read Found-by: Thomas Garnier using libFuzzer Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 85d23e5cbc9ad6835eef870a5b4247de78febe56) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/utils: Clear MMX state before returning from avcodec_default_execute*()Michael Niedermayer2017-08-231-0/+2
| | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4f96f9d1118e073d346d16be157fa5075434e7f2) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavfi: fix typosMoritz Barsnick2017-08-232-4/+4
| | | | | | | Signed-off-by: Moritz Barsnick <barsnick@gmx.net> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit f4e4bde1f4cff99d4ec59ed361ff9228b2050e6b) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* videodsp: fix 1-byte overread in top/bottom READ_NUM_BYTES iterations.Ronald S. Bultje2017-08-231-15/+6
| | | | | | | | | | This can overread (either before start or beyond end) of the buffer in Nx1 (i.e. height=1) images. Fixes mozilla bug 1240080. (cherry picked from commit 0f88b3f82fafd536979993aeaafcb11a22266dbd) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/avidec: Check nb_streams in read_gab2_sub()Michael Niedermayer2017-08-231-0/+2
| | | | | | | | | | Fixes null pointer dereference Fixes: 1/null_point.avi Found-by: 连一汉 <lianyihan@360.cn> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2679ad4773aa356e7c3da5c68bc81f02a194617f) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/avidec: Remove ancient assertMichael Niedermayer2017-08-231-1/+0
| | | | | | | | | | | | | This assert can with crafted files fail, a warning is already printed for this case. Fixes assertion failure Fixes:1/assert.avi Found-by: 连一汉 <lianyihan@360.cn> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 14bac7e00d72eac687612d9b125e585011a56d4f) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/ansi: Check dimensionsMichael Niedermayer2017-08-231-0/+3
| | | | | | | | | Fixes: 1.avi Found-by: 连一汉 <lianyihan@360.cn> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 69449da436169e7facaa6d1f3bcbc41cf6ce2754) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/cavsdsp: use av_clip_uint8() for idctMichael Niedermayer2017-08-231-9/+8
| | | | | | | | | | | Fixes out of array read Fixes: 1.swf Found-by: 连一汉 <lianyihan@360.cn> Tested-by: 连一汉 <lianyihan@360.cn> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 0e318f110bcd6bb8e7de9127f2747272e60f48d7) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/utils: fix timebase error in avformat_seek_file()Xinzheng Zhang2017-08-231-0/+1
| | | | | | | | | | When there is only one stream and stream_index has not specified, The ts has been transferd by the timebase of stream0 without modifying the stream_index In this condation it cause seek failure. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ecc04b4f2f29ac676e6c1d1ebf20ec45f5385f1e) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/g726: Add missing ADDB output maskMichael Niedermayer2017-08-231-1/+1
| | | | | | | | | | Fixes: 1.poc Fixes out of array read Found-by: 连一汉 <lianyihan@360.cn> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a5af1240fce845f645440364c1335e0f8e44ee6c) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/avpacket: clear side_data_elemsMichael Niedermayer2017-08-231-2/+5
| | | | | | | | | Fixes null pointer dereference Found-by: 连一汉 <lianyihan@360.cn> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 5e1bf9d8c0d2cdbbf17b06a5dfdf87a635b3203b) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* swscale/swscale_unscaled: Try to fix Rgb16ToPlanarRgb16Wrapper() with slicesMichael Niedermayer2017-08-231-0/+8
| | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e57d99dd4e0d8fe2992da0d65b563580e35ce728) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* swscale/swscale_unscaled: Fix packed_16bpc_bswap() with slicesMichael Niedermayer2017-08-231-0/+1
| | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 47bc1bdafb0950ccf128eaa491d8fd7cc0978813) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/avidec: Fix infinite loop in avi_read_nikon()Michael Niedermayer2017-08-231-2/+2
| | | | | | | | | Fixes: 360/test.poc Found-by: 连一汉 <lianyihan@360.cn> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e4e4a9cad7f21593d4bcb1f2404ea0d373c36c43) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* cmdutils: fix implicit declaration of SetDllDirectory functionTobias Rapp2017-08-231-0/+3
| | | | | | | | Pre-processor check changed by commiter. Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit c32ce247a026eda99b3ea5ad46c6bbc5c5907e1a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* cmdutils: check for SetDllDirectory() availabilityJames Almer2017-08-232-1/+3
| | | | | | | | | It's only available on Windows XP or newer. Should fix compilation with mingw32 using the default OS target. Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: James Almer <jamrial@gmail.com>
* libavcodec/wmalosslessdec: Check the remaining bitsMichael Niedermayer2017-08-231-0/+5
| | | | | | | | | | Fixes assertion failure Fixes: 24ebfda03228b5cc1ef792608cfba458/signal_sigabrt_7ffff6ae7c37_6473_3fa8a111dbc752b1a7c411c5ab79aaa4.wma Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 67318187fbba382d887f9581dde48a50842f1bea) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/diracdec: Check numx/yMichael Niedermayer2017-08-231-0/+7
| | | | | | | | | | Fixes division by 0 Fixes: 60261c4469ba3e11059890fb2832a515/asan_generic_135e694_2790_beb94eaa0aeb7d11c0437375a8964a99.drc Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a31e08fa1aa5c5f0518b8af850f28eb945268e66) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/indeo2: check ctabMichael Niedermayer2017-08-231-0/+6
| | | | | | | | | | Fixes out of array access Fixes: 6b73fa392ac808f02e95a4e0a5770026/asan_static-oob_1b15f9a_1969_e7778535e5f27225fe0d6ded14721430.AVI Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 9ffe44c5c75c485b4cbb12751e228f18da219df3) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/swfdec: Fix inflate() error code checkMichael Niedermayer2017-08-231-2/+2
| | | | | | | | | | Fixes infinite loop Fixes endless.poc Found-by: 连一汉 <lianyihan@360.cn> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a453bbb68f3eec202673728988bba3bc76071761) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* cmdutils: remove the current working directory from the DLL search path on win32Hendrik Leppkes2017-08-236-0/+22
| | | | | | | Reviewed-by: Matt Oliver <protogonoi@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 3bf142c77337814458ed8e036796934032d9837f) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/raw: Fix decoding of ilacetest.movMichael Niedermayer2017-08-231-0/+1
| | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit bbec14de3126dbc4e1ec2b32ed714dab173386aa) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/oggdec: Fix integer overflow with invalid ptsMichael Niedermayer2017-08-231-0/+5
| | | | | | | | | | | If negative pts are possible for some codecs in ogg then the code needs to be changed to use signed values. Found-by: Thomas Guilbert <tguilbert@google.com> Fixes: clusterfuzz_usan-2016-08-02 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c5cc3b08e56fc95665977544486bd9f06e4b7a72) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* libavformat/rtpdec_asf: zero initialize the AVIOContext structKacper Michajłow2017-08-231-1/+1
| | | | | | | | | | This fixes crash in avformat_open_input() when accessing protocol_whitelist field. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e947b75b1c76ef6793209c2c445b8c224a28717a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* libavutil/opt: Small bugfix in example.Kacper Michajłow2017-08-231-2/+2
| | | | | | | | | Fix const corectness and zero init the struct. This example code would actually crash when initializing string. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 69630f4d304a4e35d90957d6a170744af87cbf93) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* libx264: Increase x264 opts character limit to 4096Sasi Inguva2017-08-231-2/+2
| | | | | | | | Signed-off-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 282477bf4534439ecb06f14d46446a4f1ab82284) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Check sample sizeMichael Niedermayer2017-08-231-1/+10
| | | | | | | | | | | Fixes integer overflow Fixes: poc.mp4 Found-by: ajax secure <ajax4sec@hotmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 8a3221cc67a516dfc1700bdae3566ec52c7ee823) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/format: Fix registering a format more than once and related racesMichael Niedermayer2017-08-231-6/+10
| | | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4cc896ea5f06f8b1ebcde6d876d9c5b59ef9a016) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpc8: Correct end truncationMichael Niedermayer2017-08-231-2/+6
| | | | | | | | | Fixes Ticket5478 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b21f674876badefc68e4deecdb4a1d46de10b67c) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpegvideo: Do not clear the parse context during initMichael Niedermayer2017-08-231-3/+1
| | | | | | | | | | It is allocated before, this cannot work Fixes Ticket5613 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 24f513619680b5bef40b02db6ca07a8a009c2ece) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/utils: check skip_samples signednessMichael Niedermayer2017-08-231-1/+1
| | | | | | | | | | | Fixes Ticket5528 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 153ab83bd37cbbcc79d8303cc6efbf81089b8123) Conflicts: libavcodec/utils.c
* avformat/mpegts: Do not trust BSSD descriptor, it is sometimes not an S302M ↵Michael Niedermayer2017-08-231-1/+4
| | | | | | | | | | | stream Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a5eb70ad9569c62158b4b2d18f2143db791f7d27) Conflicts: libavformat/mpegts.c
* avcodec/bmp_parser: Check fsizeMichael Niedermayer2017-08-231-1/+2
| | | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 43a4276c6964a2ec57e08c3c622bb94d35c0441f) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/bmp_parser: reset stateMichael Niedermayer2017-08-231-1/+3
| | | | | | | | | Fixes part of ticket 5598 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 37005e65eb17b1480d9e1755eeba3f50ee3b9555) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/bmp_parser: Fix remaining sizeMichael Niedermayer2017-08-231-1/+1
| | | | | | | | | Fixes part of ticket 5598 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 250b620d296adba7bd3a3104a9c30e820fb0bc36) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/bmp_parser: Fix frame_start_found in cross frame casesMichael Niedermayer2017-08-231-1/+4
| | | | | | | | | Fixes part of ticket 5598 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit bfe945ac3a0c328371dc4b4cc3409b7da5784cb8) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avfilter/af_amix: dont fail if there are no samples in output_frame()Michael Niedermayer2017-08-231-0/+3
| | | | | | | | | Fixes Ticket5326 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit abc957e896beb3ce33c5691b9b3701993a381852) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-20 16:48:21 +0000