ffmpeg

Author	SHA1	Message	Date
Timo Rothenpieler	8e98dfc57f	lavf/tls_mbedtls: add support for mbedtls version 3 - certs.h is gone. Only contains test data, and was not used at all. - config.h is renamed. Was seemingly not used, so can be removed. - MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE is gone, instead MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE will be thrown. - mbedtls_pk_parse_keyfile now needs to be passed a properly seeded RNG. Hence, move the call to after RNG seeding. Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>	2022-04-27 18:47:11 +02:00
Michael Niedermayer	d61977cbe4	Changelog: update Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> n4.4.2	2022-04-14 21:48:15 +02:00
James Almer	869683430d	fate: update reference files after the recent dash manifest muxer changes Missed in `487b49d8f2`. Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `aa0829d834`)	2022-04-08 16:11:00 -03:00
James Almer	472af5873f	avformat/webmdashenc: fix on-demand profile string Fixes ticket #9596 Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `487b49d8f2`)	2022-04-08 00:05:40 -03:00
Michael Niedermayer	dcb2ad9125	Update for FFmpeg 4.4.2 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:29:51 +02:00
Michael Niedermayer	15006f48cd	avcodec/exr: Avoid signed overflow in displayWindow The inputs are unused except for this computation so wraparound does not give an attacker any extra values as they are already fully controlled Fixes: signed integer overflow: 0 - -2147483648 cannot be represented in type 'int' Fixes: 45820/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5766159019933696 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1291568c98`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	977cfb7197	avcodec/diracdec: avoid signed integer overflow in global mv Fixes: signed integer overflow: -128275513086 * -76056576 cannot be represented in type 'long' Fixes: 45818/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5129799149944832 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7f1279684e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	30194a348e	avcodec/takdsp: Fix integer overflow in decorrelate_sf() Fixes: signed integer overflow: -101 * 71041254 cannot be represented in type 'int' Fixes: 45938/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-4687974320701440 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `01d8c887f6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	27a609a8b9	avcodec/apedec: fix a integer overflow in long_filter_high_3800() Fixes: signed integer overflow: -2146549696 - 3923884 cannot be represented in type 'int' Fixes: 45907/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5992380584558592 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b085b400be`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Oneric	7ccd77a8ff	avfilter/vf_subtitles: pass storage size to libass Due to a quirk of the ASS format some tags depend on the exact storage resolution of the video, so tell libass via ass_set_storage_size.	2022-04-06 20:27:35 +02:00
Michael Niedermayer	b90c01a501	avformat/aqtitledec: Skip unrepresentable durations Fixes: signed integer overflow: -5 - 9223372036854775807 cannot be represented in type 'long' Fixes: 45665/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-475618463934054 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c2d1597a8a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	fde82db169	avformat/cafdec: Do not store empty keys in read_info_chunk() Fixes: Timeout Fixes: 45543/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-5684953164152832 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7ec28e1d4c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	45a021aba1	avformat/mxfdec: Do not clear array in mxf_read_strong_ref_array() before writing Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7aebdb8bf1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	2ad47d59af	avformat/mxfdec: Check for avio_read() failure in mxf_read_strong_ref_array() Fixes: 42827/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4900528511909888 Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8d6f49cfc3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	2a549b2e7d	avformat/mxfdec: Check count in mxf_read_strong_ref_array() Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3015c556f3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	79ad18ddbd	avformat/hls: Check target_duration Fixes: signed integer overflow: 77777777777777 * 1000000 cannot be represented in type 'long long' Fixes: 45545/clusterfuzz-testcase-minimized-ffmpeg_dem_HLS_fuzzer-6438101247983616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Steven Liu <lingjiujianke@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a8fd3f7fab`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	b27833f066	avcodec/pixlet: Avoid signed integer overflow in scaling in filterfn() Fixes: signed integer overflow: 11494 * 1073741824000000 cannot be represented in type 'long' Fixes: 26586/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PIXLET_fuzzer-5752633970917376 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0c1f20c6c8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	78eed60822	avformat/matroskadec: Check pre_ns Fixes: division by 0 Fixes: 44615/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6681108677263360 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `710e51677a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	cd310f0502	avcodec/sonic: Use unsigned for predictor_k to avoid undefined behavior Fixes: signed integer overflow: -1094995529 * 24 cannot be represented in type 'int' Fixes: 44436/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-4874459459223552 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `28008bf95e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	cc53ce7e5b	avcodec/libuavs3d: Check ff_set_dimensions() for failure Untested, no testcase Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e88b99afdf`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	1064cf413a	avcodec/mjpegbdec: Set buf_size Fixes: Timeout Fixes: 45170/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEGB_fuzzer-5874820431085568 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	326dafe40a	avformat/matroskadec: Use rounded down duration in get_cue_desc() check Floating point is evil, it would be better if duration was not a double Fixes: Infinite loop Fixes: 45123/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6725052291219456 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `bd3a03db9a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	310a060e77	avcodec/argo: Check packet size Fixes: Timeout Fixes: 45052/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ARGO_fuzzer-6033489206575104 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1bed27acef`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	e9e2ddbc6c	avcodec/g729_parser: Check channels Fixes: signed integer overflow: 10 * 808464428 cannot be represented in type 'int' Fixes: assertion failure Fixes: ticket9651 Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `757da974b2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	061f8b941e	avformat/avidec: Check height Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself Fixes: Ticket8486 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ec8ff659f5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	261557160f	avformat/rmdec: Better duplicate tags check Fixes: memleaks Fixes: 44810/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5619494647627776 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `15a646e501`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	338444c016	avformat/mov: Disallow empty sidx It appears this is not allowed "Each Segment Index box documents how a (sub)segment is divided into one or more subsegments (which may themselves be further subdivided using Segment Index boxes)." Fixes: Null pointer dereference Fixes: Ticket9517 Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4419433d77`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	811047f7c2	avformat/argo_asf: Fix order of operations in error check in argo_asf_write_trailer() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c8c12fb5d6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	5cdceec2f2	avformat/matroskadec: Check duration Fixes: -nan is outside the range of representable values of type 'long' Fixes: 44614/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6216204841254912 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `36680078ca`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	166ee5fa68	avformat/mov: Corner case encryption error cleanup in mov_read_senc() Fixes: memleak Fixes: 42341/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-4566632823914496 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8ee0e4abcb`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	badf284b52	avcodec/jpeglsdec: Fix if( code style Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f306b8e80a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	1caf4f91fb	avcodec/jpeglsdec: Check get_ur_golomb_jpegls() for error Fixes: Timeout Fixes: Invalid shift Fixes: 44548/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-556487680891289 Fixes: 44569/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AMV_fuzzer-6302543246917632 Fixes: 44570/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THP_fuzzer-4550196556595200 Fixes: 44592/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5651610385121280 Fixes: 44571/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5094698987945984 Fixes: 44607/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5341352013987840 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `151f83584e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	1d8caf2e1f	avcodec/motion_est: fix indention of ff_get_best_fcode() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ce43e1c581`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	f73e9b73ce	avcodec/motion_est: Fix xy indexing on range violation in ff_get_best_fcode() This codepath seems untested, no testcases change Found-by: <mkver> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `634312a70f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	faf66d99c0	avformat/hls: Use unsigned for iv computation Fixes: signed integer overflow: 9223372036854775748 + 60 cannot be represented in type 'long' Fixes: 44417/clusterfuzz-testcase-minimized-ffmpeg_dem_HLS_fuzzer-5802443881971712 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Steven Liu <lingjiujianke@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `bf33a38499`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	b356dcb2fe	avcodec/jpeglsdec: Increase range for N in ls_get_code_runterm() by using unsigned Fixes: left shift of 32768 by 16 places cannot be represented in type 'int' Fixes: Timeout Fixes: 44219/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMVJPEG_fuzzer-4679455379947520 Fixes: 44088/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMVJPEG_fuzzer-4885976600674304 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6ee283d7d0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	cc4707601d	avformat/matroskadec: Check desc_bytes Fixes: Division by 0 Fixes: 44035/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-4826721386364928 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5038933977`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	032672a8f1	avformat/utils: Fix invalid NULL pointer operation in ff_parse_key_value() Fixes: pointer index expression with base 0x000000000000 overflowed to 0xffffffffffffffff Fixes: 44012/clusterfuzz-testcase-minimized-ffmpeg_dem_HLS_fuzzer-5670607746891776 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `59328aabd2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	d3456a374d	avformat/matroskadec: Fix infinite loop with bz decompression The same check is added to zlib too, it seems not needed there though Fixes: Infinite loop Fixes: 43932/clusterfuzz-testcase-minimized-ffmpeg_dem_MATROSKA_fuzzer-6175167573786624 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9c3d2cbb51`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	673f8d3641	avformat/mov: Check size before subtraction Fixes: signed integer overflow: -9223372036854775808 - 8 cannot be represented in type 'long' Fixes: 43542/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5237670148702208 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d8d9d506a3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	447b9a0f03	avcodec/cfhd: Avoid signed integer overflow in coeff Fixes: signed integer overflow: 15244032 * 256 cannot be represented in type 'int' Fixes: 43504/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CFHD_fuzzer-4865014842916864 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `cd6ac013a0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	65d8418e11	avcodec/apedec: Fix integer overflows in predictor_update_3930() Fixes: signed integer overflow: 1074134419 - -1075212485 cannot be represented in type 'int' Fixes: 43273/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-4706880883130368 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0c9c9bbd01`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	6c5e26821e	avcodec/apedec: fix integer overflow in 8bit samples Fixes: signed integer overflow: 2147483542 + 128 cannot be represented in type 'int' Fixes: 42812/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6344057861832704 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7cee3b3718`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	be0109b881	avformat/flvdec: timestamps cannot use the full int64 range We do not support this as we multiply by 1000 Fixes: signed integer overflow: -45318575073853696 * 1000 cannot be represented in type 'long' Fixes: 42804/clusterfuzz-testcase-minimized-ffmpeg_dem_LIVE_FLV_fuzzer-4630325425209344 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c217ca7718`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	3fe61f91b3	avcodec/tiff: Remove messing with jpeg context The whole concept is just not correct, also as it seems not to be needed at all, all dng files i have decode without this. Fixes: various crashes Fixes: 42937/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-4625073334517760 Fixes: 42938/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-4643368217477120 Fixes: 42939/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-4925325908246528 Fixes: 42940/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-4925378806808576 Fixes: 42941/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-6202009265504256 Fixes: 42944/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-6076860998483968 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `afdbc940c6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	14249d8a03	avcodec/tiff: Use ff_set_dimensions() for setting up mjpeg context dimensions sets coded_width / coded_height too to keep them consistent with width / height Fixes: OOM Fixes: 42263/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5653333619113984 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `cfa1f0e214`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	24da8685f0	avcodec/tiff: Pass max_pixels to mjpeg context Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d6c16f42cc`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	e2ae9adbe1	avcodec/vqavideo: reset accounting on error Fixes: Timeout (same growing chunk is decoded to failure repeatedly) Fixes: 42582/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VQA_fuzzer-6531195591065600 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d8ea7a67ba`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	02b0143522	avcodec/alacdsp: fix integer overflow in decorrelate_stereo() Fixes: signed integer overflow: -16777216 * 131 cannot be represented in type 'int' Fixes: 23835/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5669943160078336 Fixes: 41101/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-4636330705944576 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `68457c1e85`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00
Michael Niedermayer	59287d3880	avformat/4xm: Check for duplicate track ids Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `dd94912479`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-06 20:27:35 +02:00

1 2 3 4 5 ...

102141 Commits