Prevents out of array writes
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 842b6c14bc)
Conflicts:
libavformat/mpegtsenc.c
(cherry picked from commit e87de3f50b765134588d0b048c32ed4b8acc16fb)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array access
Fixes: asan_heap-oob_19c7a94_6470_cov_1453611734_luckynight-partial.tak
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f58eab1512)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Prevents out of array accesses with CODEC_FLAG_EMU_EDGE
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6ba02602aa)
Conflicts:
libavcodec/vmnc.c
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 7c17207ab9)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array access with RC_VARIANCE set to 0
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f1caaa1c61)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
avcodec_flush_buffers() must release all internally held references
according to its documentation, for which all the threads need to be
flushed.
Bug-Id: vlc/9665
(cherry picked from commit d1f9563d50)
Conflicts:
libavcodec/pthread_frame.c
This fixes playback of mp3 streams in rtp/asf. This used to work
until 950482bf, but mostly by coincidence.
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 2aec9e228c)
Fixes ticket #3223
With the current code it fails due to running out
of registers.
So code the store offsets manually into the assembler
instead.
Passes "make fate-dts".
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
(cherry picked from commit 8067f55edf)
Fixes ticket #2756.
This should make no difference but the variable will be used in a subsequent commit
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 8893f31e20)
Conflicts:
libavcodec/mjpegdec.c
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit c7a7605656)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes inconsistency that leads to out of array accesses with threads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 5a9e376049)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
When decoding succeeded the array is copied into the permanent one.
This prevents inconsistencies
Fixes assertion failure
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit c40f51e15b)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array read
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 11c3381ce3)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes inconsistency ultimately leading to an out of array read
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 746016598d)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 10ece44d09)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7f861d16355f_1664_File1_fixed.aac
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6433b393ba)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This fixes out of array reads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 66e9716a36)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This prevents out of array accesses
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e91fd754c6)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Other dimensions would not work correctly currently,
also ask for a sample for files that fail this check.
This fixes an integer overflow leading to out of array
accesses.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 1e00bbb10c)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes division by zero
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit a527e69259)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array reads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit ead590c256)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array reads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f96e0eb238)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
The specification wants round(abs(x))) * sign(x) which is
equivakent to round(x)
Fixes out of array access
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f18d2dff11)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array reads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e756635964)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
No valid samples i found use such copies
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit bdfe60c769)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array reads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit fb3e3808ae)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
If a reference is unavailable use a field from the current
picture
Fixes null pointer dereference
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 23daee0dcc)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 4c8ce750ab)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This occurs also with valid files.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 5ae484e350)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
These occur when no context is set for example, thus they are common
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit a044a183a3)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes incorrectly set error_occured and improves speed
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 90539cea33)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
20 ms is used by libopus encoder.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
(cherry picked from commit 74906d3727)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This code changes the input packet, which is read only and can in
rare circumstances lead to decoder errors. (i run into one of these in
the audio decoder, which corrupted the packet during av_find_stream_info()
so that actual decoding that single packet failed later)
Until a better fix is implemented, this commit limits the problem.
A better fix might be to make the subtitle decoders not depend on
data[size] = 0 or to copy their input when this is not the case.
(cherry picked from commit 01923bab98)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
