ffmpeg

Author	SHA1	Message	Date
Michael Niedermayer	7af6fba145	Update for 3.3.7 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 01:54:06 +02:00
James Almer	3e3704da0c	avformat/utils: fix mixed declarations and code Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `31de45d20b`)	2018-04-13 01:20:14 +02:00
Michael Niedermayer	6de499caed	avcodec/mjpegdec: Check input buffer size. Fixes: Timeout Fixes: 6381/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-5665032743419904 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8d381b57fd`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	41458534aa	avcodec/h264_slice: Fix integer overflow with last_poc Fixes: signed integer overflow: 2147483646 - -2816 cannot be represented in type 'int' Fixes: crbug 823145 Reported-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8c02cd8ca0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	9b56e65e8c	avformat/mov: Fix extradata memleak Fixes: crbug 822705 Reported-by: Matt Wolenetz <wolenetz@google.com> Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0a8133119c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Matt Wolenetz	9b1a4da668	lavc/libopusdec: Allow avcodec_open2 to call .close If there is a decoder initialization failure detected in avcodec_open2 after .init is called, allow graceful decoder .close to prevent leaking libopus decoder allocations. BUG=828526 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e43e97f0e0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	c9452899db	avcodec/movtextdec: Check style_start/end Limits based on 3GPP TS 26.245 V14.0.0 Fixes: Timeout Fixes: 6377/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOVTEXT_fuzzer-5175929115508736 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Philip Langdale <philipl@overt.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `249aca8f98`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	0e5946d5b2	avcodec/aacsbr_fixed: Fix integer overflow in sbr_hf_assemble() Fixes: runtime error: signed integer overflow: 2052929346 + 204817098 cannot be represented in type 'int' This was missed in `b1bef755f6` Fixes: 5275/clusterfuzz-testcase-minimized-5367635958038528 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c837918f50`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	23f13130f1	libavcodec/rv34: error out earlier on missing references Fixes visual corruption on seeking Fixes: downloadTest_clip_24M.rmvb Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6cd81d68c5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Hendrik Schreiber	30c26bb78f	swresample/swresample: Fix for seg fault in swr_convert_internal() -> sum2_float during dithering. Removed +len1 in call to s->mix_2_1_f() as I found no logical explanation for it. After removal, problem was gone. Signed-off-by: Hendrik Schreiber <hs@tagtraum.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `647fd4b829`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	ae2c159b87	avcodec/aacdec_fixed: Fix integer overflow in apply_independent_coupling_fixed() I was not able to reproduce this, this fix is based on just the fuzzer log. Fixes: 4959/clusterfuzz-testcase-minimized-6035350934781952 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `197a4e8fee`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	1d3c141af4	avcodec/cscd: Error out when LZ* decompression fails Fixes: Timeout Fixes: 6304/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CSCD_fuzzer-5754772461191168 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d52be5d4e9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
heimdallr	3f949b7a64	avcodec/imgconvert: Fix loss mask bug in avcodec_find_best_pix_fmt_of_list() example: AVPixelFormat pixFmts[] = { AV_PIX_FMT_RGB24, AV_PIX_FMT_RGBA }; int loss = 0; AVPixelFormat best = avcodec_find_best_pix_fmt_of_list(pixFmts, AV_PIX_FMT_BGRA, 1, &loss); best is AV_PIX_FMT_RGB24. But AV_PIX_FMT_RGBA is better. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `354b26a394`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	49336482fd	avfilter/vf_signature: use av_strlcpy() Fixes: out of array access Found-by: Kira <kira_cxy@foxmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `35eeff30ca`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	15d4dc0da1	avcodec/utvideodec: Set pro flag based on fourcc This avoids mixing 8bit variants with pro and 10bit with non pro mode. Fixes: out of array read Fixes: poc_03_30.avi Found-by: GwanYeong Kim <gy741.kim@gmail.com> Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `47b7c68ae5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	d79b274acc	avcodec/wmalosslessdec: Fix null pointer dereference in decode_frame() Fixes: 2018_03_23_poc.wav Found-by: GwanYeong Kim <gy741.kim@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ea15915b2d`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	769cb89738	avcodec/tableprint_vlc: Fix build failure with --enable-hardcoded-tables Found-by: James Almer <jamrial@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5c75438b89`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	8a89cce372	avformat/mov: Move +1 in check to avoid hypothetical overflow in add_ctts_entry() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `eb60b9d3aa`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	899d40c17f	avcodec/get_bits: Make sure the input bitstream with padding can be addressed Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e529fe7633`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	a89b45b492	avformat/mov: Check STSC and remove invalid entries Fixes assertion failure Fixes: crbug 822547, crbug 822666 and crbug 823009 Affects: aark15sd_9A62E2FA.mp4 Found-by: ClusterFuzz Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9e67447a4f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	5b586f0bc8	avcodec/nuv: rtjpeg with dimensions less than 16 would result in no decoded pixels thus reject it Fixes: Timeout Fixes: 6297/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NUV_fuzzer-4882404863901696 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `939440ad1a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	719b9b673c	avcodec/nuv: Check for minimum input size for uncomprssed and rtjpeg Fixes: Timeout Fixes: 6297/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NUV_fuzzer-4882404863901696 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8ee3265dbe`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	02bf1c617c	avcodec/wmalosslessdec: Reset num_saved_bits on error path Fixes: NULL pointer dereference Fixes: poc-201803.wav Found-by: GwanYeong Kim <gy741.kim@gmail.com> Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `64c9ce0abc`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	edfe9ae63b	avformat/mov: Fix integer overflows related to sample_duration Fixes: runtime error: signed integer overflow: -9166684017437101870 + -2495066639299164439 cannot be represented in type Fixes: Chromium bug 791349 Reported-by: Matt Wolenetz <wolenetz@google.com> Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `2f37082827`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	3a29fda42a	avformat/oggparsedaala: Do not adjust AV_NOPTS_VALUE Fixes: potential signed integer overflow Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f655ddfb47`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	e61cdbe271	avformat/oggparseogm: Check lb against psize No testcase, this was found during code review Found-by: Matt Wolenetz <wolenetz@google.com> Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3e7c847aaf`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	e0a08c833d	avformat/oggparseogm: Fix undefined shift in ogm_packet() Fixes: shift exponent 48 is too large for 32-bit type 'int' Fixes: Chromium bug 786793 Reported-by: Matt Wolenetz <wolenetz@google.com> Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `010b7b30b7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	8cf7205a72	avformat/avidec: Fix integer overflow in cum_len check Fixes: signed integer overflow: 3775922176 * 4278190080 cannot be represented in type 'long' Fixes: Chromium bug 791237 Reported-by: Matt Wolenetz <wolenetz@google.com> Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `06e092e781`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	42bd425205	avformat/oggparsetheora: Do not adjust AV_NOPTS_VALUE Fixes: Chromium bug 795653 Fixes: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'long' Reported-by: Matt Wolenetz <wolenetz@google.com> Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `02ecda4aba`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	e89d8ed7cb	avformat/utils: Fix integer overflow of fps_first/last_dts Fixes: runtime error: signed integer overflow: 7738135736989908991 - -7898362169240453118 cannot be represented in type 'long' Fixes: Chromium bug 796778 Reported-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1b1362e408`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	fef832c188	avformat/oggdec: Fix metadata memleak on multiple headers Fixes: Chromium bug 800123 Reported-by: Matt Wolenetz <wolenetz@google.com> Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `da069e9c68`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	6daa205cd3	libavformat/oggparsevorbis: Fix memleak on multiple headers Fixes: Chromium bug 800123 Reported-by: Matt Wolenetz <wolenetz@google.com> Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3934aa495d`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	e908a595db	avcodec/truemotion2rt: Check input buffer size Fixes: Timeout Fixes: 6250/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2RT_fuzzer-5479814011027456 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8b5c29b6c2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	c3e774784b	avcodec/g2meet: Check tile dimensions with av_image_check_size2() Fixes: OOM Fixes: 6216/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-4983807968018432 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3981fb8d2a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	4d45d5b606	avcodec/exr: fix invalid shift in unpack_14() Fixes: 6154/clusterfuzz-testcase-minimized-5762231061970944 Fixes: runtime error: shift exponent 63 is too large for 32-bit type 'int' Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `49062a9017`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	5909508e8d	avcodec/bintext: sanity check dimensions Fixes: Timeout Fixes: 6277/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XBIN_fuzzer-6047202288861184 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `090c0abff9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	bafb13dc0f	avcodec/utvideodec: Check subsample factors Fixes: Out of array read Fixes: heap_poc Found-by: GwanYeong Kim <gy741.kim@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7414d0bda7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	bcc6d40928	avcodec/smc: Check input packet size Fixes: Timeout Fixes: 6261/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMC_fuzzer-5811309653262336 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0293663483`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	f3562ee6fc	avcodec/cavsdec: Check alpha/beta offset Fixes: Integer overflow Fixes: 6183/clusterfuzz-testcase-minimized-6269224436629504 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ae2eb04648`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	b9d5b1f05d	avcodec/diracdec: Fix integer overflow in mv computation Fixes: signed integer overflow: -2072 + -2147483646 cannot be represented in type 'int' Fixes: 6097/clusterfuzz-testcase-minimized-5034145253163008 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `47e65ad63b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	4018d8586f	avcodec/h264_parse: Clear invalid chroma weights in ff_h264_pred_weight_table() Fixes: 6037/clusterfuzz-testcase-minimized-5030249784934400 Fixes: signed integer overflow: 256 * 16992036 cannot be represented in type 'int' Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `85c85fffff`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	b172815c3c	avcodec/aacdec_templat: Fix integer overflow in apply_ltp() Fixes: signed integer overflow: -1625276744 + -1041893960 cannot be represented in type 'int' Fixes: 5948/clusterfuzz-testcase-minimized-5791479856365568 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `33fe17bdc8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	1a387f1ce6	avcodec/jpeg2000dwt: Fix integer overflows in sr_1d53() Fixes: 5918/clusterfuzz-testcase-minimized-5120505435652096 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `793347a545`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	205689ae8a	avcodec/diracdec: Use int64 in global mv to prevent overflow Fixes: runtime error: signed integer overflow: 361 * -6295541 cannot be represented in type 'int' Fixes: 5911/clusterfuzz-testcase-minimized-6450382197751808 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `cbcbefdc3b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	af5c12c029	avcodec/dxtory: Remove code that corrupts dimensions Fixes: Timeout Fixes: 5796/clusterfuzz-testcase-minimized-5206729085157376 Does someone have a valid sample that triggers this path ? Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3748746a4d`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	93a16aebf2	avcodec/dirac_dwt_template: Fix Integer overflow in horizontal_compose_dd137i() Fixes: 5894/clusterfuzz-testcase-minimized-5315325420634112 Fixes: runtime error: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `647fa49495`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	37cd7f3375	avcodec/hevcdec: Check luma/chroma_log2_weight_denom Fixes: signed integer overflow: 3 + 2147483647 cannot be represented in type 'int' Fixes: 5888/clusterfuzz-testcase-minimized-5634701067812864 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f82dd4c09b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	1a4f8de03d	avcodec/jpeg2000dec: Use av_image_check_size2() Fixes: OOM Fixes: 5733/clusterfuzz-testcase-minimized-4906757966004224 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `01370b31ac`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	2a85ead5a3	avcodec/vp8: Check for bitstream end before vp7_fade_frame() Fixes: Timeout Fixes: 5653/clusterfuzz-testcase-5497680018014208 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `de675648ce`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00
Michael Niedermayer	659a23e89f	avcodec/exr: Check remaining bits in last get code loop Fixes: runtime error: shift exponent -7 is negative Fixes: 3902/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-6081926122176512 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `dd8351b118`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-04-13 00:35:15 +02:00

1 2 3 4 5 ...

85709 Commits