ffmpeg

Author	SHA1	Message	Date
Michael Niedermayer	9687cae2b4	Update for 5.0.1 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> n5.0.1	2022-04-04 00:07:14 +02:00
Michael Niedermayer	70522b7262	avcodec/exr: Avoid signed overflow in displayWindow The inputs are unused except for this computation so wraparound does not give an attacker any extra values as they are already fully controlled Fixes: signed integer overflow: 0 - -2147483648 cannot be represented in type 'int' Fixes: 45820/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5766159019933696 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1291568c98`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-04 00:05:36 +02:00
Michael Niedermayer	1ed490b9dc	avcodec/diracdec: avoid signed integer overflow in global mv Fixes: signed integer overflow: -128275513086 * -76056576 cannot be represented in type 'long' Fixes: 45818/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5129799149944832 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7f1279684e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-04 00:05:36 +02:00
Michael Niedermayer	9cd9f958eb	avcodec/takdsp: Fix integer overflow in decorrelate_sf() Fixes: signed integer overflow: -101 * 71041254 cannot be represented in type 'int' Fixes: 45938/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-4687974320701440 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `01d8c887f6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-04 00:05:36 +02:00
Michael Niedermayer	89374decf6	avcodec/apedec: fix a integer overflow in long_filter_high_3800() Fixes: signed integer overflow: -2146549696 - 3923884 cannot be represented in type 'int' Fixes: 45907/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5992380584558592 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b085b400be`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-04 00:05:36 +02:00
Diederick Niehorster	3010773508	avdevice/dshow: fix regression `a1c4929f` accidentally undid part of `d9a9b4c8`, so the bug in ticket #9420 resurfaced. Fixing again. Signed-off-by: Diederick Niehorster <dcnieho@gmail.com> Reviewed-by: Roger Pack <rogerdpack2@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f125c504d8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-04 00:05:36 +02:00
Oneric	482d51884c	avfilter/vf_subtitles: pass storage size to libass Due to a quirk of the ASS format some tags depend on the exact storage resolution of the video, so tell libass via ass_set_storage_size. Reviewed-by: Soft Works <softworkz@hotmail.com> Signed-off-by: James Almer <jamrial@gmail.com>	2022-04-04 00:05:36 +02:00
Andreas Rheinhardt	a50aa980eb	avcodec/vp9_superframe_split_bsf: Don't read inexistent data Fixes: Out of array read Fixes: 45137/clusterfuzz-testcase-minimized-ffmpeg_BSF_VP9_SUPERFRAME_SPLIT_fuzzer-4984270639202304 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> (cherry picked from commit `d311d820a7`)	2022-04-01 13:20:56 +02:00
Andreas Rheinhardt	550d70fde3	avcodec/vp9_superframe_split_bsf: Discard invalid zero-sized frames They are invalid in VP9. If any of the frames inside a superframe had a size of zero, the code would either read into the next frame or into the superframe index; so check for the length to stop this. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> (cherry picked from commit `d20ef30f53`)	2022-04-01 13:20:56 +02:00
Andreas Rheinhardt	f93ca3a278	avcodec/vp9_superframe_bsf: Check for existence of data before reading it Packets without data need to be handled specially in order to avoid undefined reads. Pass these packets through unchanged in case there are no cached packets* and error out in case there are cached packets: Returning the packet would mess with the order of the packets; if one returned the zero-sized packet before the superframe that will be created from the packets in the cache, the zero-sized packet would overtake the packets in the cache; if one returned the packet later, the packets that complete the superframe will overtake the zero-sized packet. *: This case e.g. encompasses the scenario of updated extradata side-data at the end. Fixes: Out of array read Fixes: 45722/clusterfuzz-testcase-minimized-ffmpeg_BSF_VP9_SUPERFRAME_fuzzer-5173378975137792 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> (cherry picked from commit `c12e8c97b1`)	2022-04-01 13:20:56 +02:00
Andreas Rheinhardt	4e61bf403f	avcodec/vp9_raw_reorder_bsf: Check for existence of data before reading it Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> (cherry picked from commit `ab25b6aee6`)	2022-04-01 13:20:56 +02:00
Pierre-Anthony Lemieux	cffa10a0cb	avformat/imf: fix packet pts, dts and muxing The IMF demuxer does not set the DTS and PTS of packets accurately in all scenarios. Moreover, audio packets are not trimmed when they exceed the duration of the underlying resource. imf-cpl-with-repeat FATE ref file is regenerated. Addresses https://trac.ffmpeg.org/ticket/9611 (cherry picked from commit `b0193e26ca`)	2022-03-31 21:28:42 +10:00
Pierre-Anthony Lemieux	08206484bc	avformat/imf: open resources only when first needed IMF CPLs can reference thousands of files, which can result in system limits for the number of open files to be exceeded. The following patch opens and closes files as needed. Addresses https://trac.ffmpeg.org/ticket/9623 (cherry picked from commit `ef0d5245d6`)	2022-03-31 21:28:29 +10:00
Zane van Iperen	afa04c1e9e	avformat/imf: cosmetics s/++i/i++/g Signed-off-by: Zane van Iperen <zane@zanevaniperen.com> (cherry picked from commit `40766ae1da`)	2022-03-31 21:28:29 +10:00
Marton Balint	07d953187b	avformat/imf_cpl: do not use filesize when reading XML file Similar to the earlier patch applied to imfdec. Signed-off-by: Marton Balint <cus@passwd.hu> (cherry picked from commit `8a9d3d3dec`)	2022-03-31 21:28:29 +10:00
Andreas Rheinhardt	2ae18635da	avformat/imfdec: Use proper logcontext Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> (cherry picked from commit `b7a543707f`)	2022-03-29 20:03:14 +10:00
Marton Balint	d0e9e8c5d0	avformat/imfdec: do not use filesize when reading XML file Signed-off-by: Marton Balint <cus@passwd.hu> (cherry picked from commit `ae690d5cf5`)	2022-03-29 20:03:08 +10:00
James Almer	8fd2dc3f2b	doc/utils: add missing 22.2 layout entry Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `1e24fad867`)	2022-03-28 20:36:04 -03:00
James Almer	fd4121a0aa	avcodec/av1: only set the private context pix_fmt field if get_pixel_format() succeeds Otherwise get_pixel_format() will not be called when parsing a subsequent Sequence Header in non hwaccel enabled scenarios, allowing frame parsing when it shouldn't. This prevents the scenario seqhdr -> frame_hdr/redundant_frame_hdr -> seqhdr -> redundant_frame_hdr from having the latter redundant frame header parsed as if it was a frame header by the decoder because the former was discarded. Since CBS did not discard it, the latter redundant frame header is output with a zeroed AV1RawFrameHeader struct, which can have undesired results, like division by zero with fields normally guaranteed to be anything else. Fixes: division by zero Fixes: 43769/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AV1_fuzzer-5392562205097984 Fixes: 43950/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AV1_fuzzer-5769210217758720 Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `5670eddf8c`)	2022-03-28 20:36:04 -03:00
Michael Niedermayer	ba595e8d83	avformat/aqtitledec: Skip unrepresentable durations Fixes: signed integer overflow: -5 - 9223372036854775807 cannot be represented in type 'long' Fixes: 45665/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-475618463934054 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c2d1597a8a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	518b7474b2	avformat/cafdec: Do not store empty keys in read_info_chunk() Fixes: Timeout Fixes: 45543/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-5684953164152832 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7ec28e1d4c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	5c1ae6738a	avformat/mxfdec: Do not clear array in mxf_read_strong_ref_array() before writing Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7aebdb8bf1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	d63e7c3b39	avformat/mxfdec: Check for avio_read() failure in mxf_read_strong_ref_array() Fixes: 42827/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4900528511909888 Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8d6f49cfc3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	8b13cfcc3c	avformat/mxfdec: Check count in mxf_read_strong_ref_array() Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3015c556f3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	478bd4c73f	avformat/hls: Check target_duration Fixes: signed integer overflow: 77777777777777 * 1000000 cannot be represented in type 'long long' Fixes: 45545/clusterfuzz-testcase-minimized-ffmpeg_dem_HLS_fuzzer-6438101247983616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Steven Liu <lingjiujianke@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a8fd3f7fab`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	e35f910591	avcodec/pixlet: Avoid signed integer overflow in scaling in filterfn() Fixes: signed integer overflow: 11494 * 1073741824000000 cannot be represented in type 'long' Fixes: 26586/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PIXLET_fuzzer-5752633970917376 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0c1f20c6c8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	ffe1ded457	avformat/matroskadec: Check pre_ns Fixes: division by 0 Fixes: 44615/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6681108677263360 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `710e51677a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	af2913d46f	avcodec/sonic: Use unsigned for predictor_k to avoid undefined behavior Fixes: signed integer overflow: -1094995529 * 24 cannot be represented in type 'int' Fixes: 44436/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-4874459459223552 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `28008bf95e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	debfbad67a	avcodec/libuavs3d: Check ff_set_dimensions() for failure Untested, no testcase Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e88b99afdf`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	ee16bb81de	avcodec/speexdec: Align some comments Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6530c240c8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	637bda4cdd	avcodec/speexdec: Use correct doxygen comments Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `487679cc50`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	780de33f32	avcodec/mjpegbdec: Set buf_size Fixes: Timeout Fixes: 45170/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEGB_fuzzer-5874820431085568 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	49f8f8ba20	avformat/matroskadec: Use rounded down duration in get_cue_desc() check Floating point is evil, it would be better if duration was not a double Fixes: Infinite loop Fixes: 45123/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6725052291219456 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `bd3a03db9a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	849a20343d	avcodec/argo: Check packet size Fixes: Timeout Fixes: 45052/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ARGO_fuzzer-6033489206575104 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1bed27acef`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	95322e0767	avcodec/g729_parser: Check channels Fixes: signed integer overflow: 10 * 808464428 cannot be represented in type 'int' Fixes: assertion failure Fixes: ticket9651 Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `757da974b2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	432cbff7bb	avformat/avidec: Check height Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself Fixes: Ticket8486 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ec8ff659f5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	32778e5a5e	avformat/rmdec: Better duplicate tags check Fixes: memleaks Fixes: 44810/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5619494647627776 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `15a646e501`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	f87f100558	avformat/mov: Disallow empty sidx It appears this is not allowed "Each Segment Index box documents how a (sub)segment is divided into one or more subsegments (which may themselves be further subdivided using Segment Index boxes)." Fixes: Null pointer dereference Fixes: Ticket9517 Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4419433d77`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	5c4fdf111e	avformat/argo_cvg:: Fix order of operations in error check in argo_cvg_write_trailer() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `70a1024290`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	6bd882f98a	avformat/argo_asf: Fix order of operations in error check in argo_asf_write_trailer() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c8c12fb5d6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:56 +02:00
Michael Niedermayer	405c75998d	avcodec/movtextdec: add () to CMP() macro to avoid unexpected behavior Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c182c70658`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:55 +02:00
Michael Niedermayer	f514336829	avformat/matroskadec: Check duration Fixes: -nan is outside the range of representable values of type 'long' Fixes: 44614/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6216204841254912 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `36680078ca`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:55 +02:00
Michael Niedermayer	096a936567	avformat/mov: Corner case encryption error cleanup in mov_read_senc() Fixes: memleak Fixes: 42341/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-4566632823914496 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8ee0e4abcb`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:55 +02:00
Michael Niedermayer	025bf57f77	avcodec/jpeglsdec: Fix if( code style Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f306b8e80a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:55 +02:00
Michael Niedermayer	473ea811db	avcodec/jpeglsdec: Check get_ur_golomb_jpegls() for error Fixes: Timeout Fixes: Invalid shift Fixes: 44548/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-556487680891289 Fixes: 44569/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AMV_fuzzer-6302543246917632 Fixes: 44570/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THP_fuzzer-4550196556595200 Fixes: 44592/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5651610385121280 Fixes: 44571/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5094698987945984 Fixes: 44607/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5341352013987840 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `151f83584e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:55 +02:00
Michael Niedermayer	e086aeb792	avcodec/motion_est: fix indention of ff_get_best_fcode() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ce43e1c581`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:55 +02:00
Michael Niedermayer	2e901b1304	avcodec/motion_est: Fix xy indexing on range violation in ff_get_best_fcode() This codepath seems untested, no testcases change Found-by: <mkver> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `634312a70f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:55 +02:00
Michael Niedermayer	0ea439dab7	avformat/hls: Use unsigned for iv computation Fixes: signed integer overflow: 9223372036854775748 + 60 cannot be represented in type 'long' Fixes: 44417/clusterfuzz-testcase-minimized-ffmpeg_dem_HLS_fuzzer-5802443881971712 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Steven Liu <lingjiujianke@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `bf33a38499`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:55 +02:00
Michael Niedermayer	0dabd7f603	avcodec/jpeglsdec: Increase range for N in ls_get_code_runterm() by using unsigned Fixes: left shift of 32768 by 16 places cannot be represented in type 'int' Fixes: Timeout Fixes: 44219/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMVJPEG_fuzzer-4679455379947520 Fixes: 44088/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMVJPEG_fuzzer-4885976600674304 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6ee283d7d0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:55 +02:00
Michael Niedermayer	0a5feebc57	avformat/matroskadec: Check desc_bytes Fixes: Division by 0 Fixes: 44035/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-4826721386364928 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5038933977`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-03-28 23:18:55 +02:00

1 2 3 4 5 ...

105283 Commits