Michael Niedermayer
305f37e5be
avformat/hls: Fix DoS due to infinite loop
...
Fixes: loop.m3u
The default max iteration count of 1000 is arbitrary and ideas for a better solution are welcome
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Previous version reviewed-by: Steven Liu <lingjiujianke@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 7ec414892dmichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
85ffdcd8ff
ffprobe: Fix NULL pointer handling in color parameter printing
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 351e28f9a7michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
5474a7e93b
ffprobe: Fix null pointer dereference with color primaries
...
Found-by: AD-lab of venustech
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 837cb4325bmichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
eea01de3ff
avcodec/hevc_ps: Check delta_pocs in ff_hevc_decode_short_term_rps()
...
Fixes: integer overflow
Fixes: 2893/clusterfuzz-testcase-minimized-5809330567774208
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2b44dcbc44michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
deca5e7349
avformat/rtpdec_h264: Fix heap-buffer-overflow
...
Fixes: rtp_sdp/poc.sdp
Found-by: Bingchang <l.bing.chang.bc@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c42a1388a6michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Vitaly Buka
9739a269fb
avformat/aviobuf: Fix signed integer overflow in avio_seek()
...
Signed integer overflow is undefined behavior.
Detected with clang and -fsanitize=signed-integer-overflow
Signed-off-by: Vitaly Buka <vitalybuka@google.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit eca2a49716michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Vitaly Buka
c889041352
avformat/mov: Fix signed integer overflows with total_size
...
Signed integer overflow is undefined behavior.
Detected with clang and -fsanitize=signed-integer-overflow
Signed-off-by: Vitaly Buka <vitalybuka@google.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4a404cb5b9michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Vitaly Buka
b6a79b841d
avcodec/utils: Fix signed integer overflow in rc_initial_buffer_occupancy initialization
...
Signed integer overflow is undefined behavior.
Detected with clang and -fsanitize=signed-integer-overflow
Signed-off-by: Vitaly Buka <vitalybuka@google.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 8c2bb10ddfmichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
6ce9b2c1fe
avcodec/aacdec_template: Fix running cleanup in decode_ics_info()
...
Fixes: out of array read
Fixes: 2873/clusterfuzz-testcase-minimized-5924145713905664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Previous version reviewed-by: Alex Converse <alex.converse@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 6f03ffb47dmichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
4a122a0879
avcodec/me_cmp: Fix crashes on ARM due to misalignment
...
Adds a diff_pixels_unaligned()
Fixes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872503
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit bc488ec28amichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
736ef73f9c
avcodec/pixlet: Fixes: undefined shift in av_mod_uintp2()
...
Fixes: runtime error: shift exponent 4294967289 is too large for 32-bit type 'int'
Fixes: 3030/clusterfuzz-testcase-minimized-4649809254285312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 8754ccd3b3michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
253b7829e4
avcodec/dirac_dwt_template: Fix integer overflow in vertical_compose53iL0()
...
Fixes: runtime error: signed integer overflow: 2147483646 + 2 cannot be represented in type 'int'
Fixes: 3013/clusterfuzz-testcase-minimized-4644084197097472
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit a165b53daamichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
f5227c50b7
avcodec/fic: Fixes signed integer overflow
...
Fixes: runtime error: signed integer overflow: 1037142357 + 1227025305 cannot be represented in type 'int'
Fixes: 3024/clusterfuzz-testcase-minimized-5885660323905536
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 0c9d5b015cmichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
16772e43ef
avcodec/snowdec: Fix off by 1 error
...
Fixes: runtime error: index 4 out of bounds for type 'int8_t [4]'
Fixes: 3023/clusterfuzz-testcase-minimized-6421736130084864
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit d132683dddmichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
53dae9585f
avcodec/pixlet: fixes integer overflow in read_highpass()
...
Fixes: runtime error: negation of -2147483648 cannot be represented in type 'int32_t' (aka 'int'); cast to an unsigned type to negate this value to itself
Fixes: 2879/clusterfuzz-testcase-minimized-6317542639403008
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit cadab5a2a7michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
99491bd260
avcodec/zmbv: Check decomp_size
...
Fixes: OOM
Fixes: 2710/clusterfuzz-testcase-minimized-4750001420894208
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 931c0ac95cmichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
02d224406f
avcodec/diracdec: Fixes integer overflow
...
Fixes: runtime error: signed integer overflow: 340018243 * 27 cannot be represented in type 'int'
Fixes: 2861/clusterfuzz-testcase-minimized-5361070510178304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 92da23093cmichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
a33e375d7d
avcodec/diracdec: Check perspective_exp and zrs_exp.
...
Fixes: undefined shift
Fixes: runtime error: shift exponent 264 is too large for 32-bit type 'int'
Fixes: 2860/clusterfuzz-testcase-minimized-4672811689836544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 1e6cab8745michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
f5c6ce899f
avcodec/ffv1dec_template: Fix undefined shift
...
Fixes: runtime error: left shift of negative value -127
Fixes: 2834/clusterfuzz-testcase-minimized-5988039123795968
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 62702eebdemichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
dcf02ee6c6
avcodec/mpeg4videodec: Clear mcsel before decoding an image
...
Fixes: runtime error: signed integer overflow: 2146467840 + 1032192 cannot be represented in type 'int'
Fixes: 2826/clusterfuzz-testcase-minimized-5901511613743104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 7735ed2974michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
86b5a3d35d
avcodec/dirac_dwt: Fixes integer overflows in COMPOSE_DAUB97*
...
Fix multiple: runtime error: signed integer overflow: 6497 * 3409630 cannot be represented in type 'int'
Fixes: 2819/clusterfuzz-testcase-minimized-4743700301217792
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit a5380f9c1cmichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
818f73542d
avcodec/aacdec_fixed: fix invalid shift in predict()
...
Fixes: runtime error: shift exponent -2 is negative
Fixes: 2818/clusterfuzz-testcase-minimized-5062943676825600
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 1e443051b2michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
1dbfcd65b2
avcodec/h264_slice: Fix overflow in slice offset
...
Fixes: runtime error: signed integer overflow: 1610612736 * 2 cannot be represented in type 'int'
Fixes: 2817/clusterfuzz-testcase-minimized-5289691240726528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 1f53bde6d8michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Steven Siloti
fd871e24e6
avformat/utils: fix memory leak in avformat_free_context
...
The pointer to the packet queue is stored in the internal structure
so the queue needs to be flushed before internal is freed.
Signed-off-by: Steven Siloti <ssiloti@bittorrent.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 949debd1d1michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
James Cowgill
8aa32a8d5c
swscale: fix gbrap16 alpha channel issues
...
Fixes filter-pixfmts-scale test failing on big-endian systems due to
alpSrc not being cast to (const int32_t**).
Also fixes distortions in the output alpha channel values by copying the
alpha channel code from the rgba64 case found elsewhere in output.c.
Fixes ticket 6555.
Signed-off-by: James Cowgill <James.Cowgill@imgtec.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 013ec23cbemichael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
ef8db67c92
avcodec/h264idct_template: Fix integer overflow in ff_h264_idct_add()
...
Fixes: runtime error: signed integer overflow: 26215360 + 2121330944 cannot be represented in type 'int'
Fixes: 2809/clusterfuzz-testcase-minimized-4785181833560064
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
(cherry picked from commit d1bfa80ec4michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
c554788352
avcodec/diracdsp: fix integer overflow
...
Fixes: runtime error: signed integer overflow: 11 * 225726413 cannot be represented in type 'int'
Fixes: 2764/clusterfuzz-testcase-minimized-5382561922547712
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit b2d9d72269michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Michael Niedermayer
4306ddd87d
avcodec/diracdec: Check weight_log2denom
...
Fixes: runtime error: shift exponent -1 is negative
Fixes: 2742/clusterfuzz-testcase-minimized-5724322402402304
Fixes: 2744/clusterfuzz-testcase-minimized-4672435653705728
Fixes: 2749/clusterfuzz-testcase-minimized-5298741273690112
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 880f5c5913michael@niedermayer.cc >
2017-09-10 01:33:28 +02:00
Timo Rothenpieler
bab4cb3fb5
avcodec/nvenc: only push cuda context on encoder close if encoder exists
...
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org >
2017-09-01 11:02:07 +02:00
Muhammad Faiz
e51e07c34e
avfilter/vf_ssim: fix temp size calculation
...
Also use av_mallocz_array.
Fix Ticket6519.
Reviewed-by: Tobias Rapp <t.rapp@noa-archive.com >
Signed-off-by: Muhammad Faiz <mfcc64@gmail.com >
(cherry picked from commit f2d23ec03f
2017-08-06 14:53:28 +07:00
Michael Niedermayer
9079c70d20
Changelog:update
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2017-07-29 19:17:56 +02:00
Michael Niedermayer
4f71435248
avcodec/dirac_dwt: Fix multiple integer overflows in COMPOSE_DD97iH0()
...
Fixes: runtime error: signed integer overflow: 9 * 335544320 cannot be represented in type 'int'
Fixes: 2739/clusterfuzz-testcase-minimized-6737297955356672
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit bf8ab72ae9michael@niedermayer.cc >
2017-07-29 19:13:19 +02:00
Michael Niedermayer
934878f2a6
avcodec/diracdec: Fix integer overflow in divide3()
...
Fixes: runtime error: signed integer overflow: -1073746548 * 21845 cannot be represented in type 'int'
Fixes: 2729/clusterfuzz-testcase-minimized-5902915464069120
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c0220c768cmichael@niedermayer.cc >
2017-07-29 14:23:24 +02:00
Michael Niedermayer
38d9a782a5
avcodec/takdec: Fix integer overflow in decode_subframe()
...
Fixes: runtime error: signed integer overflow: -536870912 - 1972191120 cannot be represented in type 'int'
Fixes: 2711/clusterfuzz-testcase-minimized-4975142398590976
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2c630d159fmichael@niedermayer.cc >
2017-07-29 14:18:34 +02:00
Michael Niedermayer
6de5ec8ef8
avformat/rtmppkt: Convert ff_amf_get_field_value() to bytestream2
...
Fixes: out of array accesses
Found-by: JunDong Xie of Ant-financial Light-Year Security Lab
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit ffcc82219cmichael@niedermayer.cc >
2017-07-29 14:17:57 +02:00
Michael Niedermayer
0d2b67d17c
avformat/rtmppkt: Convert ff_amf_tag_size() to bytestream2
...
Fixes: out of array accesses
Fixes: crash-9238fa9e8d4fde3beda1f279626f53812cb001cb-SEGV
Found-by: JunDong Xie of Ant-financial Light-Year Security Lab
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 08c073434emichael@niedermayer.cc >
2017-07-29 04:49:45 +02:00
Michael Niedermayer
d40bb6f5e9
avcodec/diracdec: Fix integer overflow in signed multiplication in UNPACK_ARITH()
...
Fixes: runtime error: signed integer overflow: 1073741823 * 4 cannot be represented in type 'int'
Fixes: 2729/clusterfuzz-testcase-minimized-5902915464069120
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 8e275a74b0michael@niedermayer.cc >
2017-07-28 03:41:07 +02:00
Michael Niedermayer
aadfec7d6c
avcodec/pixlet: Simplify nbits computation
...
Fixes multiple integer overflows
Fixes: runtime error: signed integer overflow: 1 + 2147483647 cannot be represented in type 'int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit aeddb3607bmichael@niedermayer.cc >
2017-07-28 03:40:59 +02:00
Michael Niedermayer
47c0626ec7
avcodec/dnxhddec: Move mb height check out of non hr branch
...
Fixes: out of array access
Fixes: poc.dnxhd
Found-by: Bingchang, Liu@VARAS of IIE
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 296debd213michael@niedermayer.cc >
2017-07-27 03:11:19 +02:00
Michael Niedermayer
2f75ebe24a
avcodec/hevc_ps: fix integer overflow in log2_parallel_merge_level_minus2
...
Fixes: runtime error: signed integer overflow: -2147483647 - 2 cannot be represented in type 'int'
Fixes: 2702/clusterfuzz-testcase-minimized-4511932591636480
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 74c1c22d7fmichael@niedermayer.cc >
2017-07-26 17:24:25 +02:00
Michael Niedermayer
a9081b36f4
avformat/oggparsecelt: Do not re-allocate os->private
...
Fixes: double free
Fixes: clusterfuzz-testcase-minimized-5080550145785856
Found-by: ClusterFuzz
Reviewed-by: Nicolas George <george@nsup.org >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 7140761481michael@niedermayer.cc >
2017-07-26 00:14:56 +02:00
Michael Niedermayer
b120685dca
avcodec/ylc: Fix shift overflow
...
Fixes: runtime error: shift exponent 32 is too large for 32-bit type 'unsigned int'
Fixes: 2698/clusterfuzz-testcase-minimized-4713541443518464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 03a9e6ff30michael@niedermayer.cc >
2017-07-26 00:14:20 +02:00
Michael Niedermayer
b44a3cd06e
avcodec/aacps: Fix multiple integer overflow in map_val_34_to_20()
...
Fixes: avcodec/aacps.c:511:40: runtime error: signed integer overflow: 1509077651 + 758068176 cannot be represented in type 'int'
Fixes: 2678/clusterfuzz-testcase-minimized-4702787684270080
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 0764fe1d09michael@niedermayer.cc >
2017-07-26 00:14:01 +02:00
Michael Niedermayer
a930db5c82
avcodec/aacdec_fixed: fix: left shift of negative value -1
...
Fixes: 2699/clusterfuzz-testcase-minimized-5631303862976512
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2dfb8c4178michael@niedermayer.cc >
2017-07-26 00:11:54 +02:00
Michael Niedermayer
f10252e47d
avcodec/dirac_vlc: Fix undefined shift
...
Fixes: runtime error: shift exponent 64 is too large for 64-bit type 'residual' (aka 'unsigned long')
Fixes: 2674/clusterfuzz-testcase-minimized-4999700518273024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 69e7daf6cemichael@niedermayer.cc >
2017-07-24 03:03:14 +02:00
Brice Waegeneire
4627033a23
doc/filters: typo in frei0r
...
Signed-off-by: Brice Waegeneire <brice.wge@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 6a6eec485dmichael@niedermayer.cc >
2017-07-23 15:01:03 +02:00
Vodyannikov Aleksandr
20c440edbc
avcodec/cfhd: Fix decoding regression due to height check
...
Fixes: Ticket6546
Regression since: 54aaadf648mfcc64@gmail.com >
Reviewed-by: Kieran Kunhya <kierank@obe.tv >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 47c9365724michael@niedermayer.cc >
2017-07-23 15:00:51 +02:00
Michael Niedermayer
ab81ea1035
Update for 3.3.3
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2017-07-19 15:28:08 +02:00
Michael Niedermayer
2f2904030f
avcodec/aacdec_template (fixed point): Check gain in decode_cce() to avoid undefined shifts later
...
Fixes: runtime error: shift exponent 47 is too large for 32-bit type 'int'
Fixes: 2581/clusterfuzz-testcase-minimized-4681474395602944
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2886142e0cmichael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
Michael Niedermayer
064d0c6462
avcodec/ffv1dec_template: Fix signed integer overflow
...
Fixes: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 2634/clusterfuzz-testcase-minimized-4540890636877824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4de4308d2amichael@niedermayer.cc >
2017-07-19 15:26:37 +02:00
