highperfocused/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
81,198 Commits 36 Branches 392 Tags
1e5d151417a6150f657887a9a841eba1ff860875
Commit Graph

81198 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Niedermayer
c26c8bb23a avcodec/dca_lbr: Fix off by 1 error in freq check 
Fixes out of array read
Fixes: 510/clusterfuzz-testcase-5737865715646464

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 61f70416f8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Michael Niedermayer
e23768b8ff avcodec/mjpegdec: Check for for the bitstream end in mjpeg_decode_scan_progressive_ac() 
Fixes timeout
Fixes: 496/clusterfuzz-testcase-5805083497332736

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3782656631)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Frank Liberato
197e4693f6 avformat/flacdec: Check avio_read result when reading flac block header. 
Return AVERROR_INVALIDDATA if all four bytes aren't present.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 95bde49982)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Michael Niedermayer
e6b3f3ff81 avcodec/utils: correct align value for interplay 
Fixes out of array access
Fixes: 452/fuzz-1-ffmpeg_VIDEO_AV_CODEC_ID_INTERPLAY_VIDEO_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2080bc3371)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Michael Niedermayer
c4a0b84b58 avcodec/vp56: Check for the bitstream end, pass error codes on 
Fixes timeout
Fixes: 446/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_VP6_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9e6a242755)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Michael Niedermayer
777f8b9fe1 avcodec/mjpegdec: Check remaining bitstream in ljpeg_decode_yuv_scan() 
Fixes timeout
Fixes: 445/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_MJPEG_fuzzer
Fixes: 456/fuzz-2-ffmpeg_VIDEO_AV_CODEC_ID_JPEGLS_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 755933cb5c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Michael Niedermayer
00bbf3063c avcodec/pngdec: Fix off by 1 size in decode_zbuf() 
Fixes out of array access
Fixes: 444/fuzz-2-ffmpeg_VIDEO_AV_CODEC_ID_PNG_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e371f031b9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Michael Niedermayer
25778b2692 avcodec/omx: Do not pass negative value into av_malloc() 
Fixes CID1396849

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bd83c295fc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Tobias Rapp
c26cbe6c2e avformat/avidec: skip odml master index chunks in avi_sync 
Fixes pts gaps when reading AVI files > 256GiB generated by FFmpeg.

Signed-off-by: Tobias Rapp <t.rapp@noa-archive.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6d579d7c1b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Michael Niedermayer
d5948243f5 avcodec/mjpegdec: Check for rgb before flipping 
Fixes assertion failure due to unsupported case

Fixes: 356/fuzz-1-ffmpeg_VIDEO_AV_CODEC_ID_MJPEG_fuzzer
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 25d9643f11)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Michael Niedermayer
8c3e90f5ed avutil/random_seed: Reduce the time needed on systems with very low precission clock() 
This should fix issues on BSD
CLOCKS_PER_SEC is 128 on BSD while SUSv2 requires it to be a million

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c4152fc42e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Michael Niedermayer
f0862b18c5 avutil/random_seed: Improve get_generic_seed() with higher precission clock() 
Tested-by: Thomas Turner <thomastdt@googlemail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit da73d95bad)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Chris Cunningham
693288c344 avformat/mp3dec: fix msan warning when verifying mpa header 
MPEG Audio frame header must be 4 bytes. If we fail to read
4 bytes bail early to avoid Use-of-uninitialized-value msan error.
Reference https://crbug.com/666874.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ab87df9a47)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Michael Niedermayer
3d9c007b61 avformat/utils: Print verbose error message if stream count exceeds max_streams 
Reviewed-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f0bdd53871)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Michael Niedermayer
5b8ee8f013 avformat/options_table: Set the default maximum number of streams to 1000 
Fixes CVE-2016-9561, Note the security relevance of this is disputed as
running out of memory can happen with valid files

Suggested-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>
Reviewed-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 30581c51e7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-02-08 20:32:01 +01:00
Andreas Cadhalpun
f77bb85b08 pgssubdec: reset rle_data_len/rle_remaining_len on allocation error 
The code relies on their validity and otherwise can try to access a NULL
object->rle pointer, causing segmentation faults.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
(cherry picked from commit 842e98b4d8)
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
 2017-02-01 02:28:36 +01:00
Michael Niedermayer
6c96200ceb avutil: Add av_image_check_size2() 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f542b152aa)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-11 00:43:29 +01:00
Michael Niedermayer
b18a571e23 avformat: Add max_streams option 
This allows user apps to stop OOM due to excessive number of streams

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1296f84495)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-11 00:43:29 +01:00
Michael Niedermayer
0131f5c376 avcodec/ffv1enc: Allocate smaller packet if the worst case size cannot be allocated 
We are checking during encoding if there is enough space as version 4 needs that
check.

Fixes Ticket6005

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 38a7834bbb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-11 00:43:29 +01:00
Michael Niedermayer
255e61c25b avcodec/mpeg4videodec: Fix undefined shifts in mpeg4_decode_sprite_trajectory() 
Fixes: part of 670190.ogg

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8258e36385)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-11 00:43:29 +01:00
Michael Niedermayer
119301d312 avformat/oggdec: Skip streams in duration correction that did not had their duration set. 
Fixes: part of 670190.ogg
Fixes integer overflow

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ee2a6f5df8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-11 00:43:29 +01:00
Michael Niedermayer
0c2d6a219f avcodec/ffv1enc: Fix size of first slice 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cff1c0edaa)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-11 00:43:29 +01:00
Srinath K R
8a4b18c639 avfilter/vf_hwupload_cuda: Add min/max limits for the 'device' option 
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
 2016-12-08 11:27:36 +01:00
James Almer
a57b701bdc configure: check for strtoull on msvc 
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit b52d3574d4)
 2016-12-05 19:22:13 -03:00
Michael Niedermayer
e08b1cf2df Update for 3.1.6 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
n3.1.6 		2016-12-05 23:05:26 +01:00
Ronald S. Bultje
ce44100cb0 http: move chunk handling from http_read_stream() to http_buf_read(). 
(cherry picked from commit 845bb40178)
 2016-12-05 16:20:06 -05:00
Ronald S. Bultje
18e3e322b3 http: make length/offset-related variables unsigned. 
Fixes #5992, reported and found by Paul Cher <paulcher@icloud.com>.

(cherry picked from commit 2a05c8f813)
 2016-12-05 16:20:06 -05:00
Michael Niedermayer
37904d1177 ffserver: Check chunk size 
Fixes out of array access

Fixes: poc_ffserver.py
Found-by: Paul Cher <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a5d25faa3f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 21:37:48 +01:00
Michael Niedermayer
518934b5f1 Avoid using the term "file" and prefer "url" in some docs and comments 
This should make it less ambigous that these are URLs

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a5f27a9c3a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 21:37:48 +01:00
Michael Niedermayer
b0ebef0578 avformat/rtmppkt: Check for packet size mismatches 
Fixes out of array access

Found-by: Paul Cher <paulcher@icloud.com>
Reviewed-by: Paul Cher <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7d57ca4d9a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 21:37:48 +01:00
Timothy Gu
540a4433bd zmqsend: Initialize ret to 0 
Fixes CID1396857.

(cherry picked from commit d903b4e3ad)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 21:37:48 +01:00
James Almer
a1d9c17368 avcodec/rawdec: check for side data before checking its size 
Fixes valgrind warnings about usage of uninitialized values.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 51e329918d)
 2016-12-05 14:57:01 -03:00
Michael Niedermayer
f788507607 avcodec/flacdec: Fix undefined shift in decode_subframe() 
Fixes undefined behavior
Fixes: 639961-media

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1f5630af51)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
5c1540553d avcodec/get_bits: Fix get_sbits_long(0) 
Fixes undefined behavior
Fixes: 640889-media

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c72fa43234)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
a7c7543a3d avformat/ffmdec: Check media type for chunks 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e706e2e775)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
140626b386 avcodec/flacdec: Fix signed integer overflow in decode_subframe_fixed() 
Fixes undefined behavior
Fixes: 640912-media

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 83a75bf6c3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
4a2f30eeff avcodec/flacdsp_template: Fix undefined shift in flac_decorrelate_indep_c 
Fixes: left shift of negative value
Fixes: 668346-media

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit acc163c6ab)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
c2e4ced78e avformat/oggparsespeex: Check frames_per_packet and packet_size 
The speex specification does not seem to restrict these values, thus
the limits where choosen so as to avoid multiplicative overflow

Fixes undefined behavior
Fixes: 635422.ogg

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit afcf15b0db)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
cc27b8e09f avformat/utils: Check start/end before computing duration in update_stream_timings() 
Fixes undefined behavior
Fixes: 637428.ogg

Found-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 90da187f1d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
0d8a17410b avcodec/flac_parser: Update nb_headers_buffered 
Fixes infinite loop
Fixes: fuzz.flac

Found-by: Frank Liberato <liberato@google.com>
Reviewed-by: Frank Liberato <liberato@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2475858889)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
60ca730d21 avformat/idroqdec: Check chunk_size for being too large 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 744a0b5206)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
ebe104e827 avformat/utils: Fix type mismatch 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a06e84b56e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
42a20f1fea avformat/mpeg: Adjust vid probe threshold to correct mis-detection 
Fixes: _ij.mp3

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4e5049a230)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
936d07ab25 avcodec/rv40: Test remaining space in loop of get_dimension() 
Fixes infinite loop
Fixes: 178/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_RV40_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1546d487cf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
571d4af281 avcodec/ituh263dec: Avoid spending a long time in slice sync 
Fixes: 177/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_FLV1_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2baf36caed)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
5f3043e51c avcodec/movtextdec: Add error message for tsmb_size check 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0eb3198005)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
096aab12a3 avcodec/movtextdec: Fix tsmb_size check==0 check 
Fixes: 173/fuzz-3-ffmpeg_SUBTITLE_AV_CODEC_ID_MOV_TEXT_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a609905723)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
04310c11aa avcodec/movtextdec: Fix potential integer overflow 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6ea2715768)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
eaf2f750c3 avcodec/sunrast: Fix input buffer pointer check 
Fixes: out of array read
Fixes: poc.dat

Found-by: Bingchang, Liu @VARAS of IIE
Tested-by: bc L <l.bing.chang.bc@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 37138338ff)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00
Michael Niedermayer
755d6e4190 avcodec/tscc: Check side data size before use 
Fixes out of array read

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 979bca5134)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2016-12-05 18:29:12 +01:00