Age | Commit message (Collapse) | Author |
|
Fixes: out of array access
Fixes: 21469/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5199357982015488
Alternatively the arrays can be made bigger or the index can be clipped.
In case a real file with such huge tiles exist we ask the user to upload it.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: Timeout (100sec -> 0.7sec)
Fixes: 8668/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5174143888130048
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
This basically checks if a pixel that was coded with prediction
and residual could have been stored using a previous case.
This avoids basically a string of 0 symbols stored in less than
50 bytes to hit a O(n²) codepath.
Fixes: Timeout (too slow to wait -> immediately)
Fixes: 8668/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-4895946310680576
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Suggested-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: runtime error: left shift of 1876744317 by 16 places cannot be represented in type 'int'
Fixes: 6799/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5115274731716608
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: signed integer overflow: 65280 * 196032 cannot be represented in type 'int'
Fixes: 7279/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5977332473921536
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: 6798/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5135899701542912
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes: OOM
Fixes: 6216/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-4983807968018432
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Also modify the required alignment, to 32 instead of 16
for several codecs
Signed-off-by: James Almer <jamrial@gmail.com>
|
|
* commit '67deba8a416d818f3d95aef0aa916589090396e2':
Use avpriv_report_missing_feature() where appropriate
Merged-by: Clément Bœsch <cboesch@gopro.com>
|
|
|
|
|
|
epic_decode_run_length()
Fixes invalid shift
Fixes: g2m_left_shift_2.wmv
Found-by: Piotr Bandurski <ami_stuff@o2.pl>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
* commit '3a4d369ea4ded91b1178ae6e2ff0ab9ea470e344':
g2m: Relax resolution change constraints
Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
|
|
Do not fail when original resolution is smaller than current one,
as the frame buffer is resized automatically.
Signed-off-by: Vittorio Giovara <vittorio.giovara at gmail.com>
|
|
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes CID1322351
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
* commit '059a934806d61f7af9ab3fd9f74994b838ea5eba':
lavc: Consistently prefix input buffer defines
Conflicts:
doc/examples/decoding_encoding.c
libavcodec/4xm.c
libavcodec/aac_adtstoasc_bsf.c
libavcodec/aacdec.c
libavcodec/aacenc.c
libavcodec/ac3dec.h
libavcodec/asvenc.c
libavcodec/avcodec.h
libavcodec/avpacket.c
libavcodec/dvdec.c
libavcodec/ffv1enc.c
libavcodec/g2meet.c
libavcodec/gif.c
libavcodec/h264.c
libavcodec/h264_mp4toannexb_bsf.c
libavcodec/huffyuvdec.c
libavcodec/huffyuvenc.c
libavcodec/jpeglsenc.c
libavcodec/libxvid.c
libavcodec/mdec.c
libavcodec/motionpixels.c
libavcodec/mpeg4videodec.c
libavcodec/mpegvideo.c
libavcodec/noise_bsf.c
libavcodec/nuv.c
libavcodec/nvenc.c
libavcodec/options.c
libavcodec/parser.c
libavcodec/pngenc.c
libavcodec/proresenc_kostya.c
libavcodec/qsvdec.c
libavcodec/svq1enc.c
libavcodec/tiffenc.c
libavcodec/truemotion2.c
libavcodec/utils.c
libavcodec/utvideoenc.c
libavcodec/vc1dec.c
libavcodec/wmalosslessdec.c
libavformat/adxdec.c
libavformat/aiffdec.c
libavformat/apc.c
libavformat/apetag.c
libavformat/avidec.c
libavformat/bink.c
libavformat/cafdec.c
libavformat/flvdec.c
libavformat/id3v2.c
libavformat/isom.c
libavformat/matroskadec.c
libavformat/mov.c
libavformat/mpc.c
libavformat/mpc8.c
libavformat/mpegts.c
libavformat/mvi.c
libavformat/mxfdec.c
libavformat/mxg.c
libavformat/nutdec.c
libavformat/oggdec.c
libavformat/oggparsecelt.c
libavformat/oggparseflac.c
libavformat/oggparseopus.c
libavformat/oggparsespeex.c
libavformat/omadec.c
libavformat/rawdec.c
libavformat/riffdec.c
libavformat/rl2.c
libavformat/rmdec.c
libavformat/rtpdec_latm.c
libavformat/rtpdec_mpeg4.c
libavformat/rtpdec_qdm2.c
libavformat/rtpdec_svq3.c
libavformat/sierravmd.c
libavformat/smacker.c
libavformat/smush.c
libavformat/spdifenc.c
libavformat/takdec.c
libavformat/tta.c
libavformat/utils.c
libavformat/vqf.c
libavformat/westwood_vqa.c
libavformat/xmv.c
libavformat/xwma.c
libavformat/yop.c
Merged-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
* commit 'def97856de6021965db86c25a732d78689bd6bb0':
lavc: AV-prefix all codec capabilities
Conflicts:
cmdutils.c
ffmpeg.c
ffplay.c
libavcodec/8svx.c
libavcodec/aacenc.c
libavcodec/ac3dec.c
libavcodec/adpcm.c
libavcodec/alac.c
libavcodec/atrac3plusdec.c
libavcodec/bink.c
libavcodec/dnxhddec.c
libavcodec/dvdec.c
libavcodec/dvenc.c
libavcodec/ffv1dec.c
libavcodec/ffv1enc.c
libavcodec/fic.c
libavcodec/flacdec.c
libavcodec/flacenc.c
libavcodec/flvdec.c
libavcodec/fraps.c
libavcodec/frwu.c
libavcodec/gifdec.c
libavcodec/h261dec.c
libavcodec/hevc.c
libavcodec/iff.c
libavcodec/imc.c
libavcodec/libopenjpegdec.c
libavcodec/libvo-aacenc.c
libavcodec/libvorbisenc.c
libavcodec/libvpxdec.c
libavcodec/libvpxenc.c
libavcodec/libx264.c
libavcodec/mjpegbdec.c
libavcodec/mjpegdec.c
libavcodec/mpegaudiodec_float.c
libavcodec/msmpeg4dec.c
libavcodec/mxpegdec.c
libavcodec/nvenc_h264.c
libavcodec/nvenc_hevc.c
libavcodec/pngdec.c
libavcodec/qpeg.c
libavcodec/ra288.c
libavcodec/rv10.c
libavcodec/s302m.c
libavcodec/sp5xdec.c
libavcodec/takdec.c
libavcodec/tiff.c
libavcodec/tta.c
libavcodec/utils.c
libavcodec/v210dec.c
libavcodec/vp6.c
libavcodec/vp9.c
libavcodec/wavpack.c
libavcodec/yop.c
Merged-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
|
|
Express bitfields more simply.
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
|
|
Fixes: asan_double-free_d34593_861_smp3.wmv
Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
Fixes double free
Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
* commit '9eec23b8a7fd0f91827bbc3ed0792c39a8cc9a8a':
g2meet: use av_ceil_log2 instead of a custom function
Merged-by: Michael Niedermayer <michaelni@gmx.at>
|
|
* commit '4ccccd6c40a6d0ce85e96a6e37f558236e2a6a75':
g2meet: use an unsigned type for the djb hash
Merged-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
|
|
* commit '08c2d8f0aa679c2f060721d1d0d4f33d2ae32368':
Go2Meeting decoder
Conflicts:
Changelog
libavcodec/g2meet.c
libavcodec/version.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
|
|
ELS and ePIC decoder courtesy of Maxim Poliakovski,
cleanup and integration by Diego Biurrun.
Signed-off-by: Diego Biurrun <diego@biurrun.de>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
|
|
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
|
|
* commit 'bb815dfc38b8ef7a89d6b9684ce0cdc296385d6d':
g2meet: K&R formatting cosmetics
Merged-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
* commit '4978850ca2cb1ec6908f5bc79cc592ca454d11e8':
build: Split JPEG-related tables off into a separate component
Conflicts:
configure
Merged-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
CC: libav-stable@libav.org
Bug-Id: CID 1135739
|
|
Fixes out of array access
Fixes: asan_heap-oob_12a55d3_30_029.wmv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
This has also been independently found and fixed similarly by carl in
f4a3bbf4a3cd375121ea2495817f3e50e831ed48
The 2nd magic check is taken from carls implementation
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
|
|
* commit '14b4e64eabc84c5a5e57c8ccc56bbeb95380823b':
g2meet: allow size changes within original sizes
Merged-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
* commit 'e3fcb14347466095839c2a3c47ebecff02da891e':
dsputil: Split off IDCT bits into their own context
Conflicts:
configure
libavcodec/aic.c
libavcodec/arm/Makefile
libavcodec/arm/dsputil_init_arm.c
libavcodec/arm/dsputil_init_armv6.c
libavcodec/asvdec.c
libavcodec/dnxhdenc.c
libavcodec/dsputil.c
libavcodec/dvdec.c
libavcodec/dxva2_mpeg2.c
libavcodec/intrax8.c
libavcodec/mdec.c
libavcodec/mjpegdec.c
libavcodec/mjpegenc_common.h
libavcodec/mpegvideo.c
libavcodec/ppc/dsputil_altivec.h
libavcodec/ppc/dsputil_ppc.c
libavcodec/ppc/idctdsp.c
libavcodec/x86/Makefile
libavcodec/x86/dsputil_init.c
libavcodec/x86/dsputil_mmx.c
libavcodec/x86/dsputil_x86.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
* commit 'e74433a8e6fc00c8dbde293c97a3e45384c2c1d9':
dsputil: Split clear_block*/fill_block* off into a separate context
Conflicts:
configure
libavcodec/asvdec.c
libavcodec/dnxhddec.c
libavcodec/dnxhdenc.c
libavcodec/dsputil.h
libavcodec/eamad.c
libavcodec/intrax8.c
libavcodec/mjpegdec.c
libavcodec/ppc/dsputil_ppc.c
libavcodec/vc1dec.c
libavcodec/x86/dsputil_init.c
libavcodec/x86/dsputil_mmx.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|
|
* commit 'cba4e6062a02d5bf684e13a770be88aa1fec717e':
More correct printf format specifiers
Conflicts:
libavcodec/h264_ps.c
libavcodec/h264_refs.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
|
|
This avoids compiler warnings about argument and specifier type mismatch.
|
|
* commit 'cc8163e1a3601a56f722a4720516e860bf1c6198':
avcodec: more correct printf specifiers
Conflicts:
libavcodec/4xm.c
libavcodec/alsdec.c
libavcodec/dfa.c
libavcodec/h264_ps.c
libavcodec/jpeg2000dec.c
libavcodec/lagarith.c
libavcodec/mpeg12dec.c
libavcodec/rv10.c
libavcodec/svq3.c
libavcodec/wmaprodec.c
libavcodec/xwddec.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
|
|
|