highperfocused/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
105,271 Commits 36 Branches 392 Tags
Commit Graph

105271 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Niedermayer
89685f280a
avcodec/ffv1dec: Limit golomb rice coded slices to width 8M 
This limit is possibly not reachable due to other restrictions on buffers but
the decoder run table is too small beyond this, so explicitly check for it.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b4431399ec1e10afff458cf1ffae2a75987d725a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
b5fc01adbe
avformat/iff: simplify duration calculation 
Fixes: signed integer overflow: 315680096256 * 134215943 cannot be represented in type 'long long'
Fixes: 48713/clusterfuzz-testcase-minimized-ffmpeg_dem_IFF_fuzzer-5886272312311808

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0740641e932551342cc1737d981e950ecffa3b63)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
048f3714c2
avcodec/wnv1: Check for width =1 
The decoder only outputs pixels for width >1 images, fail early

Fixes: Timeout
Fixes: 48298/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WNV1_fuzzer-6198626319204352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d98d5a436aa70d3cef8f914c0467ef2fb2dd1dfc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
ae8aabe398
avcodec/ffv1dec_template: fix indention 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit eee7364c90699f50a36aaada38c52ccc0d6bf501)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
47dc801ec0
avformat/sctp: close socket on errors 
This is untested as i have no testcase

Fixes: CID1302709

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c9a2996544187f67e533bc24f4cf773e50d2362b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
abbf22ac63
avformat/cinedec: Check size and pos more 
Fixes: signed integer overflow: 9223372036848019263 + 134232320 cannot be represented in type 'long'
Fixes: 48155/clusterfuzz-testcase-minimized-ffmpeg_dem_CINE_fuzzer-5751429207293952

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 884a108121d027ee4aa7d5a70247565cf0105afa)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
ab936ed53e
avcodec/aasc: Fix indention 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit af2ed09220fe82e0aa479d1b93be6aadc4930efc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
0ba8bf7011
avcodec/qdrw: adjust max colors to array size 
Fixes: out of array access
Fixes: 48429/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QDRAW_fuzzer-4608329791438848

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cd847f86d31f87f0f7733ca6ab7a2c022a1398bd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
b03a42587f
avcodec/alacdsp: Make intermediates unsigned 
Fixes: signed integer overflow: -14914387 + -2147418648 cannot be represented in type 'int'
Fixes: 46464/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-474307197311385

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8709f4c10a216cb3e11564bc392841e832f8e3b1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
9764ec67b2
avformat/aiffdec: cleanup size handling for extreem cases 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c6f1e48b86471b1cc91c468e78a065075ed409bd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
dccf8c591a
avformat/matroskadec: avoid integer overflows in SAR computation 
This ignores >64bit
Alternatively we could support that if it occurs in reality

Fixes: negation of -9223372036854775808
Fixes: integer overflows
Fixes: 46072/clusterfuzz-testcase-minimized-ffmpeg_dem_MATROSKA_fuzzer-5029840966778880

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e6cad01122c6dea0435d042d68a56045a214492d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
bc24cf32f3
avcodec/jpeglsdec: fix end check for xfrm 
Fixes: out of array access
Fixes: 47871/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AMV_fuzzer-5646305956855808

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6a82412bf33108111eb3f63076fd5a51349ae114)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
ccf14bcbe4
avcodec/cdgraphics: limit scrolling to the line 
Fixes: out of array access
Fixes: 47877/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CDGRAPHICS_fuzzer-5690504626438144

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b7e30a13d4e4557b87f977b76a6bb5e3cbe5ac78)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
40ed3f6e84
avformat/hls: Limit start_seq_no to one bit less 
This avoids overflow checks on additions with 32bit numbers

Fixes: signed integer overflow: 9223372036854775806 + 2 cannot be represented in type 'long'
Fixes: 44012/clusterfuzz-testcase-minimized-ffmpeg_dem_HLS_fuzzer-4747770734444544
Fixes: 48065/clusterfuzz-testcase-minimized-ffmpeg_dem_HLS_fuzzer-5372410355908608

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d8ee01425459aaafe36acc7743b3f9f28a01821b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
a9ccfc1210
avformat/aiffdec: avoid integer overflow in get_meta() 
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 45891/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-6159183893889024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6a02de21278ec3bea1d2c62665f2629d5a62210f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
9db37b02ed
avformat/aaxdec: Check for overlaping segments 
Fixes: Timeout
Fixes: 45875/clusterfuzz-testcase-minimized-ffmpeg_dem_AAX_fuzzer-6121689903136768

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c16a0ed2422a86e0f3286f59281d119c4d8d159a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
39f15f6663
avformat/ape: more bits in size for less overflows 
Fixes: signed integer overflow: 2147483647 + 3 cannot be represented in type 'int'
Fixes: 46184/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-4678059519770624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e5f6707a7b91664491041526ef3cce7412258b89)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
540ad9ddbd
avformat/aviobuf: Check buf_size in ffio_ensure_seekback() 
buffer_size is an int

Fixes: signed integer overflow: 9223372036854775754 + 32767 cannot be represented in type 'long'
Fixes: 45691/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5263458831040512

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c4b130e876fe9ac5875a2f2480e96de4fdac7760)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
25d7f2eed5
avformat/bfi: Check offsets better 
Fixes: signed integer overflow: -2145378272 - 538976288 cannot be represented in type 'int'
Fixes: 45690/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5015496544616448

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 35dc93ab44a57d78956414624c4e011414220e98)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
6a60c92be0
avformat/asfdec_f: Check packet_frag_timestamp 
Fixes: signed integer overflow: -9223372036854775808 - 4607 cannot be represented in type 'long'
Fixes: 45685/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5280102802391040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ffc877215056e8f0feb1ff23ba7dc4c19277b94b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
bfb365e851
avcodec/texturedspenc: Fix indexing in color distribution determination 
Fixes CID1396405

MSE and PSNR is slightly improved, and some noticable corruptions disappear as
well.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit ade36d61de8ea5a5acb30a05a0cbcda069127143)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
b9bda06ea5
avformat/act: Check ff_get_wav_header() for failure 
Fixes: missing error check
Fixes: CID717495

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5982da87e3464e7df529a169352748560d70ba80)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
0cbe98cbbe
avcodec/libxavs2: Improve r redundancy in occured 
Reviewed-by: "mypopy@gmail.com" <mypopy@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f3b7ba21ba49b32b4476a8c7c5a9bcdad15e3943)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
b00df63465
avformat/libzmq: Improve r redundancy in occured 
Reviewed-by: "mypopy@gmail.com" <mypopy@gmail.com>
(cherry picked from commit e06b1ba7d79ac15f23fb08947949dcfec8bfb408)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
0327a29c93
avfilter/vf_libplacebo: Match AV_OPT_TYPE_FLOAT to dbl 
Reviewed-by: "mypopy@gmail.com" <mypopy@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0a3e121798081f40a377951a8c2a847a629ec7e7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
e509fa78c1
avfilter/vsrc_mandelbrot: Check for malloc failure 
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fbd22504c4148d2a01ccfe38df26c144f56db76b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
6a32a608dc
avfilter/vf_frei0r: Copy to frame allocated according to frei0r requirements 
Fixes: issues with non trivial linesize

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d353909e773ba8a8201fa13d6c35251351dd567a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
5e821d9143
avfilter/video: Add ff_default_get_video_buffer2() to set specific alignment 
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d74078270198b97fdda258840f0d501a3ffcc693)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-09-01 00:41:28 +02:00
Michael Niedermayer
0af520417b
avformat/genh: Check sample rate 
Fixes: signed integer overflow: -2515507630940093440 * 4 cannot be represented in type 'long'
Fixes: 46318/clusterfuzz-testcase-minimized-ffmpeg_dem_GENH_fuzzer-5009637474172928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a3d790f1977ed6c326eb93bb61757297a7905dcc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-08-31 21:35:14 +02:00
Michael Niedermayer
14d8814edc
avformat/demux: Use unsigned to check duration vs duration_text 
Fixes: signed integer overflow: 9223371898743775808 - -138111000000 cannot be represented in type 'long'
Fixes: 46245/clusterfuzz-testcase-minimized-ffmpeg_dem_OGG_fuzzer-5075129786302464

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6007d5688c8b0efe5bb8489cca3a0e32b2001263)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-08-31 21:35:14 +02:00
Timo Rothenpieler
54e0971edb avutil/hwcontext_d3d11va: fix texture_infos writes on non-fixed-size pools 2022-07-18 02:13:25 +02:00
Zhao Zhili
7389a49fd3 avcodec/cuviddec: fix null pointer dereference 
It can happened on error path of cuvid_decode_init().

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
 2022-06-26 21:50:30 +02:00
Zhao Zhili
3607d7bbea avcodec/cuviddec: fix AV1 decoding error 
cuvidParseVideoData only supports pure OBUs, it reports an unknown
error with AV1CodecConfigurationRecord. Check whether extradata
is AV1CodecConfigurationRecord and skip the first 4 bytes to fix
the issue.

The bug is revealed in ffmpeg cmd since 45e3b6a68 and ffd1316e.

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
 2022-06-26 21:50:28 +02:00
Christopher Degawa
240d82f26e configure: extend SDL check to accept all 2.x versions 
sdl2 recently changed their versioning, moving the patch level to minor level
cd7c2f1de7
and have said that they will instead ship sdl3.pc for 3.0.0

Fixes ticket 9768

Signed-off-by: Christopher Degawa <ccom@randomderp.com>
Signed-off-by: Gyan Doshi <ffmpeg@gyani.pro>
 2022-06-10 13:56:26 +02:00
Timo Rothenpieler
a5ebb3d25e lavf/tls_mbedtls: add support for mbedtls version 3 
- certs.h is gone. Only contains test data, and was not used at all.
- config.h is renamed. Was seemingly not used, so can be removed.
- MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE is gone, instead
  MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE will be thrown.
- mbedtls_pk_parse_keyfile now needs to be passed a properly seeded
  RNG. Hence, move the call to after RNG seeding.

Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
 2022-04-27 18:46:14 +02:00
James Almer
b655beb025 fate: update reference files after the recent dash manifest muxer changes 
Missed in 487b49d8f2e1e81dce86230fc957ca2ee9de00ee.

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit aa0829d834232b13e513fb88b2b9a2b74918e05c)
 2022-04-08 16:10:34 -03:00
James Almer
2db2bdabbd avformat/webmdashenc: fix on-demand profile string 
Fixes ticket #9596

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 487b49d8f2e1e81dce86230fc957ca2ee9de00ee)
 2022-04-08 00:05:07 -03:00
James Almer
0d487be837 avcodec/libdav1d: don't depend on the event flags API to init sequence params the first time 
A bug was found in dav1d <= 1.0.0 where the event flag New Sequence Header would
not be signaled for some samples using delayed random access points.
It has since been fixed, but nonetheless it's best to ensure the AVCodecContext
is filled with parameters when parsing the first frame, regardless of what events
were signaled.

Fixes ticket #9694.

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 3e186148ca9ac0c47cec253fdea62b48c9feadd2)
 2022-04-07 15:33:19 -03:00
Michael Niedermayer
9687cae2b4 Update for 5.0.1 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
n5.0.1 		2022-04-04 00:07:14 +02:00
Michael Niedermayer
70522b7262 avcodec/exr: Avoid signed overflow in displayWindow 
The inputs are unused except for this computation so wraparound
does not give an attacker any extra values as they are already fully
controlled

Fixes: signed integer overflow: 0 - -2147483648 cannot be represented in type 'int'
Fixes: 45820/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5766159019933696

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1291568c9834c02413ab5d87762308f15b4ae9c6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-04 00:05:36 +02:00
Michael Niedermayer
1ed490b9dc avcodec/diracdec: avoid signed integer overflow in global mv 
Fixes: signed integer overflow: -128275513086 * -76056576 cannot be represented in type 'long'
Fixes: 45818/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5129799149944832

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7f1279684e8e1e33c78577b7f0265c062e4e6232)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-04 00:05:36 +02:00
Michael Niedermayer
9cd9f958eb avcodec/takdsp: Fix integer overflow in decorrelate_sf() 
Fixes: signed integer overflow: -101 * 71041254 cannot be represented in type 'int'
Fixes: 45938/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TAK_fuzzer-4687974320701440

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 01d8c887f63bcb1f870034ed441504b3daffc645)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-04 00:05:36 +02:00
Michael Niedermayer
89374decf6 avcodec/apedec: fix a integer overflow in long_filter_high_3800() 
Fixes: signed integer overflow: -2146549696 - 3923884 cannot be represented in type 'int'
Fixes: 45907/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5992380584558592

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b085b400becb93ccc68d786ab738b1fc50408b89)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-04 00:05:36 +02:00
Diederick Niehorster
3010773508 avdevice/dshow: fix regression 
a1c4929f accidentally undid part of d9a9b4c8, so the bug in ticket #9420
resurfaced. Fixing again.

Signed-off-by: Diederick Niehorster <dcnieho@gmail.com>
Reviewed-by: Roger Pack <rogerdpack2@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f125c504d8fece6420bb97767f9e72414c26312a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-04-04 00:05:36 +02:00
Oneric
482d51884c avfilter/vf_subtitles: pass storage size to libass 
Due to a quirk of the ASS format some tags depend on the exact storage
resolution of the video, so tell libass via ass_set_storage_size.

Reviewed-by: Soft Works <softworkz@hotmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
 2022-04-04 00:05:36 +02:00
Andreas Rheinhardt
a50aa980eb avcodec/vp9_superframe_split_bsf: Don't read inexistent data 
Fixes: Out of array read
Fixes: 45137/clusterfuzz-testcase-minimized-ffmpeg_BSF_VP9_SUPERFRAME_SPLIT_fuzzer-4984270639202304

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
(cherry picked from commit d311d820a77550740d3b868440e476adaf12a872)
 2022-04-01 13:20:56 +02:00
Andreas Rheinhardt
550d70fde3 avcodec/vp9_superframe_split_bsf: Discard invalid zero-sized frames 
They are invalid in VP9. If any of the frames inside a superframe
had a size of zero, the code would either read into the next frame
or into the superframe index; so check for the length to stop this.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
(cherry picked from commit d20ef30f534151ce749b064034c339562724cc34)
 2022-04-01 13:20:56 +02:00
Andreas Rheinhardt
f93ca3a278 avcodec/vp9_superframe_bsf: Check for existence of data before reading it 
Packets without data need to be handled specially in order to avoid
undefined reads. Pass these packets through unchanged in case there
are no cached packets* and error out in case there are cached packets:
Returning the packet would mess with the order of the packets;
if one returned the zero-sized packet before the superframe that will
be created from the packets in the cache, the zero-sized packet would
overtake the packets in the cache; if one returned the packet later,
the packets that complete the superframe will overtake the zero-sized
packet.

*: This case e.g. encompasses the scenario of updated extradata
side-data at the end.

Fixes: Out of array read
Fixes: 45722/clusterfuzz-testcase-minimized-ffmpeg_BSF_VP9_SUPERFRAME_fuzzer-5173378975137792

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
(cherry picked from commit c12e8c97b13f33897bd9c6095432c9740504f5c7)
 2022-04-01 13:20:56 +02:00
Andreas Rheinhardt
4e61bf403f avcodec/vp9_raw_reorder_bsf: Check for existence of data before reading it 
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
(cherry picked from commit ab25b6aee6295b6fb77c076c85c89df9f2af08e7)
 2022-04-01 13:20:56 +02:00
Pierre-Anthony Lemieux
cffa10a0cb
avformat/imf: fix packet pts, dts and muxing 
The IMF demuxer does not set the DTS and PTS of packets accurately in all
scenarios. Moreover, audio packets are not trimmed when they exceed the
duration of the underlying resource.

imf-cpl-with-repeat FATE ref file is regenerated.

Addresses https://trac.ffmpeg.org/ticket/9611

(cherry picked from commit b0193e26ca32914bdd3d05be5d1f474ca8c52124)
 2022-03-31 21:28:42 +10:00