ffmpeg

Author	SHA1	Message	Date
Michael Niedermayer	c9784a783b	avformat/mxfdec: Check size for shrinking av_shrink_packet() takes int size, so size must fit in int Fixes: out of array access Fixes: 35607/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4875541323841536 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `65b862ab59`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
maryam ebr	ff3ae69999	avcodec/dnxhddec: check and propagate function return value Similar to CVE-2013-0868, here return value check for 'init_vlc' is needed. crafted DNxHD data can cause unspecified impact. Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `7150f95756`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	ffc6af3157	swscale/slice: Fix wrong return on error Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7874d40f10`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	3908552840	swscale/slice: Check slice for allocation failure Fixes: null pointer dereference Fixes: alloc_slice.mp4 Found-by: Rafael Dutra <rafael.dutra@cispa.de> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `997f9cfc12`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	eed7a662af	avformat/matroskadec: Fix handling of huge default durations Fixes: negation of -9223372036854775808 cannot be represented in type 'int64_t' (aka 'long'); cast to an unsigned type to negate this value to itself Fixes: 33997/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-6752039691485184 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `343d950a4a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	3631197f67	avcodec/lpc: check for zero err in normalization in compute_lpc_coefs() Fixes: floating point division by 0 Fixes: Ticket8213 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `70874e024a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	fdff986dc4	avformat/ftp: Check for av_strtok() failure Fixes: CID1396258 Dereference null return value Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9d40782088`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	5878ac1007	tools/cws2fws: Check read() for failure Fixes: CID1452579 Argument cannot be negative Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0b3cdd7cc2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	5246201182	avcodec/cpia: Fix missing src_size update Fixes: out of array read Fixes: 35210/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CPIA_fuzzer-5669199688105984 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `cea05864e6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	9b6158958c	avcodec/clearvideo: Check tile_size to be not too large Fixes: left shift of 1 by 31 places cannot be represented in type 'int' Fixes: 35023/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CLEARVIDEO_fuzzer-6740166587842560 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `11fac9613e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	2beb60777f	avcodec/utils: Use 64bit for intermediate in AV_CODEC_ID_ADPCM_THP* duration calculation Fixes: signed integer overflow: 486539264 * 14 cannot be represented in type 'int' Fixes: 35281/clusterfuzz-testcase-minimized-ffmpeg_dem_RSD_fuzzer-6068262742917120 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `00ae9b77ef`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	fd21f6a0cc	avformat/rmdec: Check old_format len for overflow Maybe such large values could be disallowed earlier and closer to where they are set. Fixes: signed integer overflow: 538976288 * 8224 cannot be represented in type 'int' Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_RM_fuzzer-6704350354341888 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `06d174e289`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	c7678193cf	avformat/realtextdec: Check the pts difference before using it for the duration computation Fixes: signed integer overflow: 5404200000 - -9223372031709351616 cannot be represented in type 'long' Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_REALTEXT_fuzzer-6737340551790592 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `fe12aa6890`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	14b04b9fd6	avformat/qcp: Avoid negative nb_rates Fixes: signed integer overflow: 2 * -1725947872 cannot be represented in type 'int' Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_QCP_fuzzer-6726807632084992 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1b865cc703`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	2c9e43e7f8	avformat/nutdec: Check tmp_size Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_NUT_fuzzer-6739990530883584 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1ca00b5e44`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	2b11977c9e	avformat/msf: Check that channels doesnt overflow during extradata construction Fixes: signed integer overflow: 2048 * 1122336 cannot be represented in type 'int' Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_MSF_fuzzer-6726959600107520 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a1a277926b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	dea3933dd5	avformat/mpc8: Check for position overflow in mpc8_handle_chunk() Fixes: signed integer overflow: 15 + 9223372036854775796 cannot be represented in type 'long' Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6723520756318208 Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_MPC8_fuzzer-6739833034768384 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8ef25d1182`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	b38d513080	avformat/iff: Use 64bit in duration computation Fixes: signed integer overflow: 588 * 16719904 cannot be represented in type 'int' Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_IFF_fuzzer-6748331936186368 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `93d964689c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	a059124e84	avformat/dxa: Check fps to be within the supported range more precissely Fixes: negation of -2147483648 cannot be represented in type 'int32_t' (aka 'int'); cast to an unsigned type to negate this value to itself Fixes: assertion failure Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-6744985740378112 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6ea494befc`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	459a60c3b1	avcodec/iff: Only write palette to plane 1 if its PAL8 Fixes: null pointer passed as argument 1, which is declared to never be null Fixes: 33791/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5107575256383488.fuzz Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `216eb60b85`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	d358379349	avformat/tta: Check for EOF in index reading loop Fixes: OOM Fixes: 33585/clusterfuzz-testcase-minimized-ffmpeg_dem_TTA_fuzzer-4564665830080512 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b72d657b73`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	37449dfb92	Update missed irc links Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c067d20177`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	81a32fe24e	avformat/rpl: The associative law doesnt hold for signed integers in C Add () to avoid undefined behavior Fixes: signed integer overflow: 9223372036854775790 + 57 cannot be represented in type 'long' Fixes: 34983/clusterfuzz-testcase-minimized-ffmpeg_dem_RPL_fuzzer-5765822923538432 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `480f11bdd7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	386190d873	avcodec/faxcompr: Check available bits in decode_uncompressed() Fixes: Timeout Fixes: 34950/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5686764151898112 Fixes: 34966/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-4587409334468608 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ff56c139e0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	791d33c57a	avcodec/faxcompr: Check if bits are available before reading in cmode == 9 \|\| cmode == 10 Fixes: Timeout Fixes: 34950/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5686764151898112 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7d8421e3d5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	b2c565a40c	avcodec/utils: do "calc from frame_bytes, channels, and block_align" in 64bit Fixes: signed integer overflow: 104962766 * 32 cannot be represented in type 'int' Fixes: 33614/clusterfuzz-testcase-minimized-ffmpeg_dem_RSD_fuzzer-6252129036664832 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3447979d08`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	e6799156d8	avcodec/ttadata: Add sentinel at the end of ff_tta_shift_1 Fixes: out of array access Fixes: 34933/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TTA_fuzzer-5629322560929792 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `dbbcfbcc4e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	c9b39340f9	avformat/mov: Check for duplicate mdcv Fixes: memleak Fixes: 34932/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5456227658235904 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f54d85cee6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	5498836d7d	avfilter/vf_dctdnoiz: Check threads Fixes: floating point division by 0 Fixes: Ticket 8269 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4a3917c02c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	5625dc1f32	avfilter/vf_ciescope: Fix undefined behavior in rgb_to_xy() with black Fixes: floating point division by 0 Fixes: undefined behavior in handling NaN Fixes: Ticket 8268 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3d500e62f6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	d9c4cfba9f	avformat/rpl: Check for EOF and zero framesize Fixes: Infinite loop Fixes: 34751/clusterfuzz-testcase-minimized-ffmpeg_dem_RPL_fuzzer-5439330800762880 Fixes: 34774/clusterfuzz-testcase-minimized-ffmpeg_dem_RPL_fuzzer-5851571660390400 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a0a4a527c3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	68765c25cd	avcodec/vc2enc: Check for non negative slice bounds Fixes: invalid shifts Fixes: Ticket 8221 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f7862e8268`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	97d0d3ae61	avformat/rpl: Use 64bit in bitrate computation and check it Fixes: signed integer overflow: 777777776 * 4 cannot be represented in type 'int' Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_RPL_fuzzer-6726188921913344 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `29b244ffc1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	d2e90cde29	avcodec/svq1enc: Do not print debug RD value before it has been computed Avoids floating point division by 0 Fixes: Ticket8191 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c297f7e57a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	b2094c5415	avcodec/aacpsy: Check bandwidth Fixes: Ticket8011 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `36dead4bc2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	8b67497df0	avcodec/aacenc: Do not divide by lambda_count if it is 0 Avoids Floating point division by 0 Fixes: Ticket8011 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c520b98691`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	9546b0a9d3	avcodec/aacenc: Use FLT_EPSILON for lambda minimum (cherry picked from commit `4b89cf7aa4`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	5b15e02fa4	avformat/cinedec: Fix index_entries size check Fixes: out of array access Fixes: 29868/clusterfuzz-testcase-minimized-ffmpeg_dem_CINE_fuzzer-5692001957445632 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	b5ffefdd61	avfilter/vf_yadif: Fix handing of tiny images Fixes: out of array access Fixes: Ticket8240 Fixes: CVE-2020-22021 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7971f62120`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	c7da0dad1f	avfilter/vf_vmafmotion: Check dimensions Fixes: out of array access Fixes: Ticket8241 Fixes: Ticket8246 Fixes: CVE-2020-22019 Fixes: CVE-2020-22033 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `82ad1b7675`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	14e172600e	avformat/movenc: Check pal_size before use Fixes: assertion failure Fixes: out of array read Fixes: Ticket8190 Fixes: CVE-2020-22015 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4c1afa2925`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	9dd54c28df	avcodec/lpc: Avoid floating point division by 0 Fixes: Ticket7996 Fixes: CVE-2020-20445 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `38d18fb578`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	b290d6b41e	avcodec/aacpsy: Avoid floating point division by 0 of norm_fac Fixes: Ticket7995 Fixes: CVE-2020-20446 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `223b5e8ac9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	e431babf71	avcodec/aacenc: Avoid 0 lambda Fixes: Ticket8003 Fixes: CVE-2020-20453 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a7a7f32c8a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	892f0ac5b2	avcodec/exr: x/ymax cannot be INT_MAX The code uses x/ymax + 1 so the maximum is INT_MAX-1 Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' Fixes: 33158/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5545462457303040 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `48342aa075`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	69ef25f012	avformat/avio: Check av_opt_copy() for failure Fixes: CID1477416 Unchecked return value Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f8611ae1ef`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	f2685c9ec3	avcodec/clearvideo: Check for 0 tile_shift Fixes: shift exponent -1 is negative Fixes: 33401/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CLEARVIDEO_fuzzer-5908683596890112 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `63e75e09ae`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	9ce7856341	avcodec/vc1: Check remaining bits in ff_vc1_parse_frame_header() Fixes: Timeout Fixes: 33156/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3_fuzzer-6259655027326976 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `38c4761588`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	ed99d350bc	avformat/mov: Ignore duplicate CoLL Fixes: memleak Fixes: 32146/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5377612845285376 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9548dc74d8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00
Michael Niedermayer	e7dc9e1d25	avformat/mov: Limit nb_chapter_tracks to input size Fixes: Timeout (15k loop iterations instead of 400m) Fixes: 31368/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6601583174483968 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `299a56c900`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-09 13:54:52 +02:00

1 2 3 4 5 ...

93549 Commits