highperfocused/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
83,928 Commits 36 Branches 392 Tags
0744d7176ae1027d5ad7de28b283a78d58e64545
Commit Graph

83928 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Paul B Mahol
0744d7176a avfilter/vf_fieldmatch: fix heap-buffer overflow 
Also fix use of uninitialized values.

Fixes #8239

(cherry picked from commit ce5274c138)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-05-04 18:34:53 +02:00
James Almer
a95d2099b8 aformat/movenc: add missing padding to output track extradata 
Fixes ticket #8183.

Tested-by: Thierry Foucu <tfoucu@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 58aa0ed8f1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-05-04 18:21:01 +02:00
Paul B Mahol
322b066d65 avcodec/pngenc: remove monowhite from apng formats 
Monowhite pixel format is not supported, and it does not make sense
to add support for it.

Fixes #7989

(cherry picked from commit 5d9f44da46)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-05-04 18:17:48 +02:00
Michael Niedermayer
799cd3e2fe Update for 3.2.17 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
n3.2.17 		2022-04-22 21:34:01 +02:00
Gyan Doshi
a82872c283 configure: bump year 
(cherry picked from commit 2f6360ff21)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-16 10:49:30 +02:00
Paul B Mahol
350f2378c3 avfilter/vf_lenscorrection: make width/height int 
Somehow previous correct fix broke usage.

(cherry picked from commit 79522411fa)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-07 23:54:50 +02:00
Michael Niedermayer
07d533880c avcodec/diracdec: avoid signed integer overflow in global mv 
Fixes: signed integer overflow: -128275513086 * -76056576 cannot be represented in type 'long'
Fixes: 45818/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5129799149944832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7f1279684e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-03 23:56:10 +02:00
Michael Niedermayer
7221c80aae avcodec/takdsp: Fix integer overflow in decorrelate_sf() 
Fixes: signed integer overflow: -101 * 71041254 cannot be represented in type 'int'
Fixes: 45938/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-4687974320701440

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 01d8c887f6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-03 23:55:55 +02:00
Michael Niedermayer
6a6bb09a95 avcodec/apedec: fix a integer overflow in long_filter_high_3800() 
Fixes: signed integer overflow: -2146549696 - 3923884 cannot be represented in type 'int'
Fixes: 45907/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5992380584558592

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b085b400be)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-03 23:55:28 +02:00
Michael Niedermayer
e3f08b4162 avformat/aqtitledec: Skip unrepresentable durations 
Fixes: signed integer overflow: -5 - 9223372036854775807 cannot be represented in type 'long'
Fixes: 45665/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-475618463934054

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c2d1597a8a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-03-28 23:17:54 +02:00
Michael Niedermayer
f7dbbbdaf0 avformat/cafdec: Do not store empty keys in read_info_chunk() 
Fixes: Timeout
Fixes: 45543/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-5684953164152832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7ec28e1d4c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-03-28 23:16:44 +02:00
Michael Niedermayer
6d4c5f4e2b avformat/hls: Check target_duration 
Fixes: signed integer overflow: 77777777777777 * 1000000 cannot be represented in type 'long long'
Fixes: 45545/clusterfuzz-testcase-minimized-ffmpeg_dem_HLS_fuzzer-6438101247983616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Steven Liu <lingjiujianke@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a8fd3f7fab)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-03-28 23:14:15 +02:00
Michael Niedermayer
73bb1853b2 avformat/matroskadec: Check pre_ns 
Fixes: division by 0
Fixes: 44615/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6681108677263360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 710e51677a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-03-28 23:13:16 +02:00
Michael Niedermayer
8e68f7f7ba avcodec/sonic: Use unsigned for predictor_k to avoid undefined behavior 
Fixes: signed integer overflow: -1094995529 * 24 cannot be represented in type 'int'
Fixes: 44436/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-4874459459223552

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 28008bf95e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-03-28 23:11:36 +02:00
Michael Niedermayer
aee90d4064 avformat/matroskadec: Use rounded down duration in get_cue_desc() check 
Floating point is evil, it would be better if duration was not a double

Fixes: Infinite loop
Fixes: 45123/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6725052291219456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bd3a03db9a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-03-28 23:07:05 +02:00
Michael Niedermayer
34f075f3ff avformat/avidec: Check height 
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: Ticket8486

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ec8ff659f5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-03-28 22:51:59 +02:00
Michael Niedermayer
2063db041e avformat/rmdec: Better duplicate tags check 
Fixes: memleaks
Fixes: 44810/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5619494647627776

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 15a646e501)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-03-28 22:47:35 +02:00
Michael Niedermayer
4e7092faaa avformat/mov: Disallow empty sidx 
It appears this is not allowed "Each Segment Index box documents how a (sub)segment is divided into one or more subsegments
(which may themselves be further subdivided using Segment Index boxes)."
Fixes: Null pointer dereference
Fixes: Ticket9517

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4419433d77)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-03-28 22:40:33 +02:00
Michael Niedermayer
a874429298 avformat/matroskadec: Check duration 
Fixes: -nan is outside the range of representable values of type 'long'
Fixes: 44614/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6216204841254912

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 36680078ca)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-03-28 22:18:10 +02:00
Michael Niedermayer
d1234b92b3 avcodec/jpeglsdec: Fix if( code style 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f306b8e80a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-16 20:14:35 +01:00
Michael Niedermayer
df52930a84 avcodec/jpeglsdec: Check get_ur_golomb_jpegls() for error 
Fixes: Timeout
Fixes: Invalid shift
Fixes: 44548/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-556487680891289
Fixes: 44569/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AMV_fuzzer-6302543246917632
Fixes: 44570/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THP_fuzzer-4550196556595200
Fixes: 44592/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5651610385121280
Fixes: 44571/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5094698987945984
Fixes: 44607/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5341352013987840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 151f83584e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-16 20:13:53 +01:00
Michael Niedermayer
0915353777 avcodec/motion_est: fix indention of ff_get_best_fcode() 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ce43e1c581)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-16 20:12:37 +01:00
Michael Niedermayer
a198d7ab26 avcodec/motion_est: Fix xy indexing on range violation in ff_get_best_fcode() 
This codepath seems untested, no testcases change

Found-by: <mkver>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 634312a70f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-16 20:11:55 +01:00
Michael Niedermayer
fbffe56476 avcodec/jpeglsdec: Increase range for N in ls_get_code_runterm() by using unsigned 
Fixes: left shift of 32768 by 16 places cannot be represented in type 'int'
Fixes: Timeout
Fixes: 44219/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMVJPEG_fuzzer-4679455379947520
Fixes: 44088/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMVJPEG_fuzzer-4885976600674304

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6ee283d7d0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-16 20:10:53 +01:00
Michael Niedermayer
c787a27335 avformat/matroskadec: Check desc_bytes 
Fixes: Division by 0
Fixes: 44035/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-4826721386364928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5038933977)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-16 20:10:27 +01:00
Michael Niedermayer
73ca8b9a02 avformat/utils: Fix invalid NULL pointer operation in ff_parse_key_value() 
Fixes: pointer index expression with base 0x000000000000 overflowed to 0xffffffffffffffff
Fixes: 44012/clusterfuzz-testcase-minimized-ffmpeg_dem_HLS_fuzzer-5670607746891776

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 59328aabd2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-16 20:09:34 +01:00
Michael Niedermayer
28a1cc8138 avformat/matroskadec: Fix infinite loop with bz decompression 
The same check is added to zlib too, it seems not needed there though

Fixes: Infinite loop
Fixes: 43932/clusterfuzz-testcase-minimized-ffmpeg_dem_MATROSKA_fuzzer-6175167573786624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9c3d2cbb51)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-16 18:57:01 +01:00
Michael Niedermayer
446cfcf01a avformat/mov: Check size before subtraction 
Fixes: signed integer overflow: -9223372036854775808 - 8 cannot be represented in type 'long'
Fixes: 43542/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5237670148702208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d8d9d506a3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-02-16 18:55:55 +01:00
Michael Niedermayer
d577bde974 avcodec/apedec: Fix integer overflows in predictor_update_3930() 
Fixes: signed integer overflow: 1074134419 - -1075212485 cannot be represented in type 'int'
Fixes: 43273/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-4706880883130368

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0c9c9bbd01)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-01-13 23:23:23 +01:00
Michael Niedermayer
ee84c87edf avcodec/apedec: fix integer overflow in 8bit samples 
Fixes: signed integer overflow: 2147483542 + 128 cannot be represented in type 'int'
Fixes: 42812/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6344057861832704

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7cee3b3718)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-01-13 23:13:02 +01:00
Michael Niedermayer
da356c4eda avformat/flvdec: timestamps cannot use the full int64 range 
We do not support this as we multiply by 1000
Fixes: signed integer overflow: -45318575073853696 * 1000 cannot be represented in type 'long'
Fixes: 42804/clusterfuzz-testcase-minimized-ffmpeg_dem_LIVE_FLV_fuzzer-4630325425209344

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c217ca7718)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-01-13 23:10:57 +01:00
Michael Niedermayer
5650737134 avcodec/vqavideo: reset accounting on error 
Fixes: Timeout (same growing chunk is decoded to failure repeatedly)
Fixes: 42582/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VQA_fuzzer-6531195591065600

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d8ea7a67ba)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-01-13 23:06:10 +01:00
Michael Niedermayer
3541d4960b avcodec/alacdsp: fix integer overflow in decorrelate_stereo() 
Fixes: signed integer overflow: -16777216 * 131 cannot be represented in type 'int'
Fixes: 23835/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5669943160078336
Fixes: 41101/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-4636330705944576

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 68457c1e85)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-01-13 22:51:18 +01:00
Michael Niedermayer
dc78fd9404 avformat/4xm: Check for duplicate track ids 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit dd94912479)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-01-13 22:50:49 +01:00
Michael Niedermayer
0bcd3550a4 avformat/4xm: Consider max_streams on reallocating tracks array 
Fixes: OOM
Fixes: 41595/clusterfuzz-testcase-minimized-ffmpeg_dem_FOURXM_fuzzer-6355979363549184

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0dcd95ef8a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-01-13 22:50:16 +01:00
Michael Niedermayer
6cdc8b3c13 avformat/mov: Check next offset in mov_read_dref() 
Fixes: signed integer overflow: 9223372036200463215 + 1109914409 cannot be represented in type 'long'
Fixes: 41480/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6553086177443840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 562021e2fd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-01-13 22:46:52 +01:00
Michael Niedermayer
19a307f68d avformat/mxfdec: Check for duplicate mxf_read_index_entry_array() 
Fixes: memleak
Fixes: 41596/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6439060204290048

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4f44a218e5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-01-13 22:44:11 +01:00
Michael Niedermayer
5e8556dd36 avcodec/apedec: Change avg to uint32_t 
Fixes: Integer overflow
Fixes: 40973/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6739312704618496

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Suggested-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0ec75723a4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-01-13 22:43:27 +01:00
Michael Niedermayer
8e09257dca avformat/mov: Check for EOF in mov_read_glbl() 
Fixes: Infinite loop
Fixes: 41351/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5433895854669824

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 59b4e7cbd8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-12-06 22:06:45 +01:00
Michael Niedermayer
fe11596a73 avformat/aiffdec: sanity check block_align 
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 93f7776921)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-12-01 22:02:37 +01:00
Michael Niedermayer
2d2ed8b045 avformat/aiffdec: Check sample_rate 
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1b04836dff)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-12-01 22:02:17 +01:00
Paul B Mahol
f8b4426c10 avfilter/vf_gblur: fix heap-buffer overflow 
Fixes #8282

(cherry picked from commit 64a805883d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-31 19:22:45 +01:00
Paul B Mahol
94e502e96b avfilter/vf_lenscorrection: fix division by zero 
Fixes #8265

(cherry picked from commit 19587c9332)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-31 19:20:23 +01:00
Michael Niedermayer
abf9627f70 avcodec/g729dec: Avoid computing invalid temporary pointers for ff_acelp_weighted_vector_sum() 
Fixes: Ticket8176

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2c78a76cb0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-31 19:05:00 +01:00
Andreas Rheinhardt
f1a77222da avformat/movenc: Fix segfault when remuxing rtp hint stream 
When remuxing an rtp hint stream (or any stream with the tag "rtp "),
the mov muxer treats this as one of the rtp hint tracks it creates
internally when ordered to do so; yet this track lacks the
AVFormatContext for the hinting rtp muxer, leading to segfaults in
mov_write_udta_sdp() if a "trak" atom is written for this stream; if not,
the stream's codecpar is freed by mov_free() as if the mov muxer owned
it (it does for the internally created "rtp " tracks), but without
resetting st->codecpar, leading to double-frees lateron. This commit
therefore ignores said tag which makes rtp hint streams unremuxable.

This fixes tickets #8181 and #8186.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
(cherry picked from commit 22c3cd1760)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-31 18:56:40 +01:00
Paul B Mahol
7df2ff54e8 avformat/tty: add probe function 
(cherry picked from commit 3bce9e9b3e)
 2021-10-31 18:45:21 +01:00
Michael Niedermayer
a19bed14d6 avcodec/flac_parser: Consider AV_INPUT_BUFFER_PADDING_SIZE 
Fixes: out if array read
Fixes: 40109/clusterfuzz-testcase-minimized-ffmpeg_dem_FLAC_fuzzer-4805686811295744

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Mattias Wadman <mattias.wadman@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-22 22:49:44 +02:00
Michael Niedermayer
d57898b74b avcodec/ttadsp: Fix integer overflows in tta_filter_process_c() 
Fixes: signed integer overflow: 822841647 + 1647055738 cannot be represented in type 'int'
Fixes: 39935/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TTA_fuzzer-4592657142251520

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f24028c798)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 15:26:19 +02:00
Michael Niedermayer
e8363735fb avutil/mathematics: Document av_rescale_rnd() behavior on non int64 results 
Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e154353fdb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 15:25:58 +02:00
Michael Niedermayer
79ea2bba3f Changelog: update 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
n3.2.16 		2021-10-16 12:50:08 +02:00