ffmpeg

Author	SHA1	Message	Date
Aaron Levinson	7793fc5b33	avutil/hwcontext_dxva2: Don't improperly free IDirect3DSurface9 objects Add dxva2_pool_release_dummy() and use it in call to av_buffer_create() in dxva2_pool_alloc(). Prior to this change, av_buffer_create() was called with NULL for the third argument, which indicates that av_buffer_default_free() should be used to free the buffer's data. Eventually, it gets to buffer_pool_free() and calls buf->free() on a surface object (which is av_buffer_default_free()). This can result in a crash when the debug version of the C-runtime is used on Windows. While it doesn't appear to result in a crash when the release version of the C-runtime is used on Windows, it likely results in memory corruption, since av_free() is being called on memory that was allocated using IDirectXVideoAccelerationService::CreateSurface(). Signed-off-by: Aaron Levinson <alevinsn@aracnet.com> Reviewed-by: wm4 <nfxjfg@googlemail.com> Reviewed-by: Steven Liu <lingjiujianke@gmail.com> Reviewed-by: Mark Thompson <sw@jkqxz.net> (cherry picked from commit `0c1c514643`)	2017-05-16 22:03:21 +01:00
James Almer	e958bfac8b	avcodec/hevc_sei: fix amount of bits skipped when reading picture timing SEI message The code was skipping the entire reported SEI message size regardless of the amount of bits read. While in theory safe for NALU where the picture timing SEI message is alone or at the end as we're using the checked bitstream reader, it isn't in any other situation, where every SEI message in the NALU after the picture timing one would potentially fail to parse. Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `f738140807`) Conflicts: libavcodec/hevc_sei.c	2017-05-16 14:09:01 -03:00
James Almer	d4241affd8	avcodec/aac_adtstoasc: fix ASC passthrough on small frames ASC frames smaller than AAC_ADTS_HEADER_SIZE were being discarded. Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `0f05f2c7e6`)	2017-05-16 11:58:23 -03:00
Gregory J. Wolfe	5d737a3d0c	avformat/tests/fifo_muxer: includes libavformat/network.h to define ETIMEDOUT for fate build. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9c041a3cd5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> n3.2.5	2017-05-16 04:00:30 +02:00
Michael Niedermayer	f61c888743	Update for FFmpeg 3.2.5 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-16 03:34:43 +02:00
Michael Niedermayer	1274e92015	avcodec/truemotion1: Fix multiple runtime error: signed integer overflow: 1246906962 * 2 cannot be represented in type 'int' Fixes: 1616/clusterfuzz-testcase-minimized-5119196578971648 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 5ea6bc2a166edac37042f2bbc28eb603a0fbeccb) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-16 03:30:40 +02:00
Michael Niedermayer	8e6d9d48a0	avcodec/svq3: Fix runtime error: left shift of negative value -6 Fixes: 1604/clusterfuzz-testcase-minimized-5312060206350336 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a6eb006ad4`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-16 02:24:34 +02:00
Michael Niedermayer	c521f9a5cd	avcodec/tiff: reset sampling[] if its invalid Fixes divission by 0 Fixes: clusterfuzz-testcase-minimized-5592896440893440 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f08122fbe0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-16 02:24:01 +02:00
Michael Niedermayer	826515083a	avcodec/aacps: Fix undefined behavior Fixes: 1337/clusterfuzz-testcase-minimized-5212314171080704 Fixes the existence of a potentially invalid pointer intermediate Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `527f89e059`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 17:52:43 +02:00
Michael Niedermayer	0f5cb5c111	avcodec/opus_silk: Fix integer overflow and out of array read Fixes: 1362/clusterfuzz-testcase-minimized-6097275002552320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4654baff12`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 17:52:03 +02:00
Michael Niedermayer	6131115d27	avcodec/flacdec: Return error code instead of 0 for failures Fixes: infinite loop Fixes: 1418/clusterfuzz-testcase-minimized-5934472438480896 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3f5a68533d`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 17:50:21 +02:00
Michael Niedermayer	3078fc9de7	avcodec/snowdec: Check width Fixes: out of array read Fixes: 1419/clusterfuzz-testcase-minimized-6108700873850880 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `78aa93807b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 17:49:03 +02:00
Michael Niedermayer	5d7b87af7e	avcodec/webp: Update canvas size in vp8_lossy_decode_frame() as in vp8_lossless_decode_frame() Fixes: 1407/clusterfuzz-testcase-minimized-6044604124102656 Fixes: 1420/clusterfuzz-testcase-minimized-6059927359455232 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `72810d20b7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 17:48:29 +02:00
Michael Niedermayer	2384c67d06	avcodec/webp: Factor update_canvas_size() out Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c4f63b78b7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 17:34:17 +02:00
Michael Niedermayer	d835d6cd08	avcodec/cllc: Check prefix Fixes: runtime error: left shift of 1610706944 by 1 places cannot be represented in type 'int' Fixes: 1421/clusterfuzz-testcase-minimized-6239947507892224 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `62c5949bec`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 17:32:51 +02:00
Michael Niedermayer	3c428a5ff7	avcodec/rscc: Check pixel_size for overflow Fixes: 1509/clusterfuzz-testcase-minimized-5129419876204544 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `934572c5c3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 17:28:25 +02:00
Michael Niedermayer	9b76264241	avcodec/dds: Fix runtime error: left shift of 210 by 24 places cannot be represented in type 'int' Fixes: 1510/clusterfuzz-testcase-minimized-5826231746428928 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `afb4632cc3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 17:27:52 +02:00
Michael Niedermayer	36847fd7f1	avcodec/mpeg4videodec: Clear sprite wraping on unsupported cases in VOP decode Fixes: Integer overflow Fixes: 1572/clusterfuzz-testcase-minimized-4578773729017856 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `467677769a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 17:24:57 +02:00
Michael Niedermayer	322077091c	avcodec/ac3dec: Fix: runtime error: index -1 out of bounds for type 'INTFLOAT [2]' It seems dual mono with a LFE channel is not forbidden Fixes: 1570/clusterfuzz-testcase-minimized-6455337349545984 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c55e637072`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 15:31:43 +02:00
Michael Niedermayer	d736890eed	avcodec/hqxdsp: Fix runtime error: signed integer overflow: -196264 * 11585 cannot be represented in type 'int' Fixes: 1568/clusterfuzz-testcase-minimized-5944868608147456 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b923213276`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 15:31:26 +02:00
Michael Niedermayer	08a4305128	avcodec/g723_1dec: Fix LCG type Fixes: 1567/clusterfuzz-testcase-minimized-5693653555085312 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f2c539d350`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 15:31:17 +02:00
Michael Niedermayer	45a0a449bd	libswscale/tests/swscale: Fix uninitialized variables Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7796f29065`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	82bcbad1fd	avcodec/ffv1dec: Fix runtime error: signed integer overflow: 1550964438 + 1550964438 cannot be represented in type 'int' Fixes: 1559/clusterfuzz-testcase-minimized-5048096079740928 Fixes: 1560/clusterfuzz-testcase-minimized-6011037813833728 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8630b2cd36`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	79bfa4a663	avcodec/webp: Fix signedness in prefix_code check Fixes: out of array read Fixes: 1557/clusterfuzz-testcase-minimized-6535013757616128 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8c5cd1c9d3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	ea57abac8d	avcodec/svq3: Fix runtime error: signed integer overflow: 169 * 12717677 cannot be represented in type 'int' Fixes: 1556/clusterfuzz-testcase-minimized-5027865978470400 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `86b1b0d33d`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	2366285207	avcodec/mlpdec: Check that there is enough data for headers Fixes: out of array access Fixes: 1541/clusterfuzz-testcase-minimized-6403410590957568 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e3e51f8c14`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	85d5f5502c	avcodec/ac3dec: Keep track of band structure It is needed in some corner cases that seem not to be forbidden Fixes: out of array index Fixes: 1538/clusterfuzz-testcase-minimized-4696904925446144 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9351a156de`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	7ed2d4dcb7	avcodec/webp: Add missing input padding Fixes: 1536/clusterfuzz-testcase-minimized-5973925404082176 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a3508cc3fe`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	95ccad6758	avcodec/aacdec_fixed: Fix runtime error: left shift of negative value -1 Fixes: 1535/clusterfuzz-testcase-minimized-5826695535788032 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `26227d9186`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	4d47113c66	avcodec/aacsbr_template: Do not change bs_num_env before its checked Fixes: 1489/clusterfuzz-testcase-minimized-5075102901207040 Fixes: out of array access Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `87b08ee6d2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	39a24c1fa8	avcodec/mlp: Fix multiple runtime error: left shift of negative value -1 Fixes: 1512/clusterfuzz-testcase-minimized-4713846423945216 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `74dc728a2c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	5983ae55ec	avcodec/vp8dsp: vp7_luma_dc_wht_c: Fix multiple runtime error: signed integer overflow: -1366381240 + -1262413604 cannot be represented in type 'int' Fixes: 1440/clusterfuzz-testcase-minimized-5785716111966208 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ccce2248bf`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	9c6577035e	avcodec/avcodec: Limit the number of side data elements per packet Fixes: 1293/clusterfuzz-testcase-minimized-6054752074858496 See: [FFmpeg-devel] [PATCH] avcodec/avcodec: Limit the number of side data elements per packet Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d5711cb891`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	7d37865af0	avcodec/texturedsp: Fix runtime error: left shift of 255 by 24 places cannot be represented in type 'int' Fixes: 1505/clusterfuzz-testcase-minimized-4561688818876416 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f225003d17`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	bec98cd8bd	avcodec/g723_1dec: Fix runtime error: left shift of negative value -1 Fixes: 1504/clusterfuzz-testcase-minimized-6249212138225664 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c4c0245686`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	2964778d7e	avcodec/wmv2dsp: Fix runtime error: signed integer overflow: 181 * -17047030 cannot be represented in type 'int' Fixes: 1503/clusterfuzz-testcase-minimized-5369271855087616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `df640dbbc9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	a1a7dd4da0	avcodec/diracdec: Fix Assertion frame->buf[0] failed at libavcodec/decode.c:610 Fixes: 1487/clusterfuzz-testcase-minimized-6288036495097856 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6899e6e560`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	54eaad7c6e	avcodec/msmpeg4dec: Check for cbpy VLC errors Fixes: runtime error: left shift of negative value -1 Fixes: 1480/clusterfuzz-testcase-minimized-5188321007370240 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `15e892aad1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	af52a28f4d	avcodec/cllc: Check num_bits Fixes: runtime error: shift exponent -2 is negative Fixes: 1479/clusterfuzz-testcase-minimized-6638493360979968 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `2bfd0a9758`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	0a75880b64	avcodec/cllc: Factor VLC_BITS/DEPTH out, do not use repeated literal numbers Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e717fa1f0a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	b83e839f1e	avcodec/dvbsubdec: Check entry_id Fixes: randomly writing over the array end Fixes: 1473/clusterfuzz-testcase-minimized-5768907824562176 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8a69f2602f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	b36be353b8	avcodec/aacdec_fixed: Fix multiple shift exponent 33 is too large for 32-bit type 'int' Fixes: 1471/clusterfuzz-testcase-minimized-6376460543590400 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3a0ff78168`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	8bdef54c19	avcodec/mpeg12dec: Fixes runtime error: division by zero Fixes: 1464/clusterfuzz-testcase-minimized-4925445571084288 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c0ece1f4ad`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	869e8b1d0f	avcodec/webp: Always set pix_fmt Fixes: out of array access Fixes: 1434/clusterfuzz-testcase-minimized-6314998085189632 Fixes: 1435/clusterfuzz-testcase-minimized-6483783723253760 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Reviewed-by: "Ronald S. Bultje" <rsbultje@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6b5d3fb26f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	fa3bbd77c1	avfilter/vf_uspp: Fix currently unused input frame dimensions Found-by: Nicolas Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `942036e97c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	89a2384828	avcodec/truemotion1: Fix multiple runtime error: left shift of negative value -1 Fixes: 1446/clusterfuzz-testcase-minimized-5577409124368384 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `db5fae3229`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	d757c9428c	avcodec/eatqi: Fix runtime error: signed integer overflow: 4466147 * 1075 cannot be represented in type 'int' Fixes: 1443/clusterfuzz-testcase-minimized-4826998612426752 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a8de60ba27`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	d6c2b08e73	avcodec/dss_sp: Fix runtime error: signed integer overflow: 2147481189 + 4096 cannot be represented in type 'int' Fixes: 1441/clusterfuzz-testcase-minimized-6223152357048320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6ea4287893`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
李赞	a4fb44723d	avformat/wavdec: Check chunk_size Fixes integer overflow and out of array access Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3d23219637`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00
Michael Niedermayer	25a592e5d4	avcodec/cavs: Check updated MV Fixes: runtime error: signed integer overflow: 251 + 2147483647 cannot be represented in type 'int' Fixes: 1438/clusterfuzz-testcase-minimized-4917542646710272 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5871adc90f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-05-14 12:20:16 +02:00

1 2 3 4 5 ...

82500 Commits