Michael Niedermayer
3c98e4be89
avcodec/aacsbr_fixed: Check shift in sbr_hf_assemble()
...
Fixes: runtime error: shift exponent -10 is negative
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit d1992448d3michael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
Michael Niedermayer
d2567caea9
avcodec/sbrdsp_fixed: Return an error from sbr_hf_apply_noise() if operations are impossible
...
Fixes: 1775/clusterfuzz-testcase-minimized-5330288148217856
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit d549f026d8michael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
Michael Niedermayer
452c78a09c
avcodec/libvpxdec: Check that display dimensions fit in the storage dimensions
...
Fixes assertion failure
Fixes: 2112/clusterfuzz-testcase-minimized-4526878557732864
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit f8593c2f49michael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
Michael Niedermayer
cce9471373
avcodec/jpeg2000dwt: Fix runtime error: left shift of negative value -123
...
Fixes: 2208/clusterfuzz-testcase-minimized-5976593765761024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit d24043e1a2michael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
Michael Niedermayer
34282abc57
avcodec/wavpack: Fix runtime error: signed integer overflow: 1886191616 + 277872640 cannot be represented in type 'int'
...
Fixes: 2181/clusterfuzz-testcase-minimized-6314784322486272
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c996374d4dmichael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
Michael Niedermayer
e1b6d78bf7
avcodec/snowdec: Fix runtime error: left shift of negative value -1
...
Fixes: 2197/clusterfuzz-testcase-minimized-6010716676947968
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2e44126363michael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
Michael Niedermayer
53a32fdf0a
avcodec/aacdec_fixed: Fix runtime error: left shift of negative value -1297616
...
Fixes: 2195/clusterfuzz-testcase-minimized-4736721533009920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 6d499ecef9michael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
Michael Niedermayer
f3ac7e40d6
avcodec/tiff: Fix leak of geotags[].val
...
Fixes: 2176/clusterfuzz-testcase-minimized-5908197216878592
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 22a25ab389michael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
Michael Niedermayer
5217145824
avcodec/ra144: Fix runtime error: signed integer overflow: -2200 * 1033073 cannot be represented in type 'int'
...
Fixes: 2175/clusterfuzz-testcase-minimized-5809657849315328
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 71da0a5c97michael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
Michael Niedermayer
311f2f5aba
avcodec/flicvideo: Fix runtime error: signed integer overflow: 4864 * 459296 cannot be represented in type 'int'
...
Fixes: 2174/clusterfuzz-testcase-minimized-5739234533048320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 90e8317b3bmichael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
Michael Niedermayer
460abcd671
avcodec/cfhd: Check band parameters before storing them
...
Fixes out of array read
Fixes: 2169/clusterfuzz-testcase-minimized-5688641642823680
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 54aaadf648michael@niedermayer.cc >
2017-07-19 15:26:36 +02:00
Michael Niedermayer
741c341968
avcodec/h264_parse: Check picture structure when initializig weight table
...
Fixes: runtime error: index 49 out of bounds for type 'int [48][2][2]'
Fixes: 2159/clusterfuzz-testcase-minimized-5267945972301824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 3a1ad368a78b153b63ccc07af864b3611e2a4ac3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2017-07-19 15:26:36 +02:00
Michael Niedermayer
ad9ce1fa1d
avcodec/indeo4: Check remaining data in Pic hdr extension parsing code
...
Fixes: Timeout
Fixes: 2115/clusterfuzz-testcase-minimized-6594111748440064
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit a3b5b60bdfmichael@niedermayer.cc >
2017-07-19 15:26:36 +02:00
Michael Niedermayer
50c2ef91d3
avcodec/ac3dec_fixed: Fix multiple runtime error: signed integer overflow: -39271008 * 59 cannot be represented in type 'int'
...
Fixes: 2113/clusterfuzz-testcase-minimized-6510704959946752
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4e3ab1a5c1michael@niedermayer.cc >
2017-07-19 15:26:36 +02:00
Matthieu Bouron
20f5e2c177
lavc/aarch64/simple_idct: fix idct_col4_top coefficient
...
Fixes regression introduced by 5d0b8b1ae3
2017-06-13 17:48:13 +02:00
Michael Niedermayer
6d7192bcb7
Update for 3.3.2
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2017-06-06 22:11:21 +02:00
Michael Niedermayer
4c7477f132
avcodec/mpeg4videodec: Fix runtime error: signed integer overflow: 53098 * 40448 cannot be represented in type 'int'
...
Fixes: 2106/clusterfuzz-testcase-minimized-6136503639998464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 18bca25adbmichael@niedermayer.cc >
2017-06-06 16:56:47 +02:00
Michael Niedermayer
90b6425b12
avcodec/pafvideo: Fix assertion failure
...
Fixes: 2100/clusterfuzz-testcase-minimized-4522961547558912
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c4360559eemichael@niedermayer.cc >
2017-06-06 16:56:38 +02:00
Michael Niedermayer
07944df9a7
avcodec/takdec: Fix multiple runtime error: signed integer overflow: 637072 * 4096 cannot be represented in type 'int'
...
Fixes: 2079/clusterfuzz-testcase-minimized-5345861779324928
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit e4efd41b83michael@niedermayer.cc >
2017-06-06 16:56:23 +02:00
Michael Niedermayer
34887d091d
avcodec/mjpegdec: Check that reference frame matches the current frame
...
Fixes: out of array read
Fixes: 2097/clusterfuzz-testcase-minimized-5036861833609216
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4705edbbb9michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
ec5e262e1d
avcodec/tiff: Avoid loosing allocated geotag values
...
Fixes memleak
Fixes: 2076/clusterfuzz-testcase-minimized-6542640243802112
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit d7cbeab4c1michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
0fb432a23b
avcodec/cavs: Fix runtime error: signed integer overflow: -12648062 * 256 cannot be represented in type 'int'
...
Fixes: 2067/clusterfuzz-testcase-minimized-5578430902960128
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 1e6ee86d92michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
3dd1f38329
avformat/hls: Check local file extensions
...
This reduces the attack surface of local file-system
information leaking.
It prevents the existing exploit leading to an information leak. As
well as similar hypothetical attacks.
Leaks of information from files and symlinks ending in common multimedia extensions
are still possible. But files with sensitive information like private keys and passwords
generally do not use common multimedia filename extensions.
It does not stop leaks via remote addresses in the LAN.
The existing exploit depends on a specific decoder as well.
It does appear though that the exploit should be possible with any decoder.
The problem is that as long as sensitive information gets into the decoder,
the output of the decoder becomes sensitive as well.
The only obvious solution is to prevent access to sensitive information. Or to
disable hls or possibly some of its feature. More complex solutions like
checking the path to limit access to only subdirectories of the hls path may
work as an alternative. But such solutions are fragile and tricky to implement
portably and would not stop every possible attack nor would they work with all
valid hls files.
Developers have expressed their dislike / objected to disabling hls by default as well
as disabling hls with local files. There also where objections against restricting
remote url file extensions. This here is a less robust but also lower
inconvenience solution.
It can be applied stand alone or together with other solutions.
limiting the check to local files was suggested by nevcairiel
This recommits the security fix without the author name joke which was
originally requested by Nicolas.
Found-by: Emil Lerner and Pavel Cheremushkin
Reported-by: Thierry Foucu <tfoucu@google.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 189ff42196michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
d34d06d1e2
avcodec/qdrw: Fix null pointer dereference
...
The RGB555 PACKBITSRGN case tries to read a palette, if such
palette is actually stored then it accesses a null pointer.
All 16bit samples i could find use DIRECTBITSRGN.
Fixes: 2065/clusterfuzz-testcase-minimized-6298930457346048
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 46b865ea9fmichael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
cefbc513ea
avutil/softfloat: Fix sign error in and improve documentation of av_int2sf()
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 6019d721d4michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
0d19167a65
avcodec/hevc_ps: Fix runtime error: index 32 out of bounds for type 'uint8_t [32]'
...
Fixes: 2010/clusterfuzz-testcase-minimized-6209288450080768
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 29808fff33michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
00312b5ea4
avcodec/dxv: Check remaining bytes in dxv_decompress_raw()
...
Fixes: Timeout
Fixes: 2006/clusterfuzz-testcase-minimized-5766515037044736
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit eb50492270michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
b7904b58af
avcodec/pafvideo: Check packet size and frame code before ff_reget_buffer()
...
Fixes 1745/clusterfuzz-testcase-minimized-6160693365571584
Fixes: Timeout
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit faa5a2181dmichael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
aae731b9d3
avcodec/ac3dec_fixed: Fix runtime error: left shift of 419 by 23 places cannot be represented in type 'int'
...
Fixes: 1352/clusterfuzz-testcase-minimized-5757565017260032
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 136ce8baa4michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
4e6de49a5a
avformat/options: log filename on open
...
The loglevel is choosen so that the main filename and any images of
multi image sequences are shown only at debug level to avoid
clutter.
This makes exploits in playlists more visible. As they would show
accesses to private/sensitive files
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 53e0d5d724michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
52a7ae844b
avcodec/aacps: Fix runtime error: left shift of 1073741824 by 1 places cannot be represented in type 'INTFLOAT' (aka 'int')
...
Fixes: 2005/clusterfuzz-testcase-minimized-5744226438479872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 9faf098163michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
3dc62e679a
avcodec/wavpack: Fix runtime error: shift exponent 32 is too large for 32-bit type 'int'
...
Fixes: 1967/clusterfuzz-testcase-minimized-5757031199801344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 8b3e580b7fmichael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
4f02447d45
avcodec/cfhd: Fix runtime error: signed integer overflow: 65280 * 65288 cannot be represented in type 'int'
...
Fixes: 1925/clusterfuzz-testcase-minimized-5564569688735744
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit cd6f319a74michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
30abd8e6f9
avcodec/wavpack: Fix runtime error: signed integer overflow: 2013265955 - -134217694 cannot be represented in type 'int'
...
Fixes: 1922/clusterfuzz-testcase-minimized-5561194112876544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit a47273c803michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
706b427ff5
avcodec/cinepak: Check input packet size before frame reallocation
...
Reduces time spend decoding 1917/clusterfuzz-testcase-minimized-5023221273329664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit e47057e932michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
797621afab
avcodec/hevc_ps: Fix runtime error: signed integer overflow: 2147483628 + 256 cannot be represented in type 'int'
...
Fixes: 1909/clusterfuzz-testcase-minimized-6732072662073344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 6726328f79michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
e3a1d133f7
avcodec/ra144: Fixes runtime error: signed integer overflow: 7160 * 327138 cannot be represented in type 'int'
...
Fixes: 1908/clusterfuzz-testcase-minimized-5392712477966336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 08cb69e870michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
fc74ac463c
avcodec/pnm: Use ff_set_dimensions()
...
Fixes: OOM
Fixes: 1906/clusterfuzz-testcase-minimized-4599315114754048
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit a1c0d1d906michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Michael Niedermayer
eac6114e01
avcodec/cavsdec: Fix runtime error: signed integer overflow: 59 + 2147483600 cannot be represented in type 'int'
...
Fixes: 1903/clusterfuzz-testcase-minimized-5359318167715840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 58f8cd4ac5michael@niedermayer.cc >
2017-06-06 03:44:35 +02:00
Ganapathy Kasi
9b351d0d88
avcodec/nvenc: fix hw accelerated transcode with bframes
...
hw accelerated transcode (h264_cuvid -> h264_nvenc with -hwaccel cuvid) was
broken after the filtergraph initialization was changed to intialize decoder
first followed by encoder (commit af1761f7b5timo@rothenpieler.org >
2017-06-02 21:37:43 +02:00
Micah Galizia
e5e01d2477
libavformat/hls: Observe Set-Cookie headers
...
Signed-off-by: Micah Galizia <micahgalizia@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c4c73020f4micahgalizia@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2017-06-02 01:14:38 +02:00
Micah Galizia
771206c0db
libavformat/http: Ignore expired cookies
...
Signed-off-by: Micah Galizia <micahgalizia@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 28b2467074micahgalizia@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2017-06-02 01:14:38 +02:00
Michael Niedermayer
1998147f2e
avformat/avidec: Limit formats in gab2 to srt and ass/ssa
...
This prevents part of one exploit leading to an information leak
Found-by: Emil Lerner and Pavel Cheremushkin
Reported-by: Thierry Foucu <tfoucu@google.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit a5d849b149michael@niedermayer.cc >
2017-06-02 01:14:38 +02:00
Michael Niedermayer
003cce421d
avcodec/acelp_pitch_delay: Fix runtime error: value 4.83233e+39 is outside the range of representable values of type 'float'
...
Fixes: 1902/clusterfuzz-testcase-minimized-4762451407011840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 87bddba43bmichael@niedermayer.cc >
2017-06-02 01:14:38 +02:00
Michael Niedermayer
795f65eed5
avcodec/wavpack: Check float_shift
...
Fixes: runtime error: shift exponent 40 is too large for 32-bit type 'unsigned int'
Fixes: 1898/clusterfuzz-testcase-minimized-5970744880136192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4020b009d1michael@niedermayer.cc >
2017-06-02 01:14:38 +02:00
Michael Niedermayer
a24cd04074
avcodec/wavpack: Fix runtime error: signed integer overflow: 24 * -2147483648 cannot be represented in type 'int'
...
Fixes: 1894/clusterfuzz-testcase-minimized-4716739789062144
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit d90c5bf105michael@niedermayer.cc >
2017-06-02 01:14:38 +02:00
Michael Niedermayer
c1074aea71
avcodec/ansi: Fix frame memleak
...
Fixes: 1892/clusterfuzz-testcase-minimized-4519341733183488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit e091b9b3c7michael@niedermayer.cc >
2017-06-02 01:14:38 +02:00
Michael Niedermayer
d59e6cef79
avcodec/dds: Fix runtime error: left shift of 145 by 24 places cannot be represented in type 'int'
...
Fixes: 1891/clusterfuzz-testcase-minimized-6274417925554176
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c49fa2a514michael@niedermayer.cc >
2017-06-02 01:14:38 +02:00
Michael Niedermayer
0a0eec60c8
avcodec/jpeg2000dec: Use ff_set_dimensions()
...
Fixes: OOM
Fixes: 1890/clusterfuzz-testcase-minimized-6329019509243904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit f3da6fbff8michael@niedermayer.cc >
2017-06-02 01:14:38 +02:00
Michael Niedermayer
ece91a3918
avcodec/truemotion2: Fix passing null pointer to memset()
...
Fixes part of: 1888/clusterfuzz-testcase-minimized-5237704826552320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c901627918michael@niedermayer.cc >
2017-06-02 01:14:38 +02:00
