Michael Niedermayer
afa34cb36e
RELEASE: Update release number
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2017-08-04 15:52:22 +02:00
Michael Niedermayer
fef71d661b
Update for 3.1.10
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2017-08-04 12:13:51 +02:00
Michael Niedermayer
6d849e2706
avcodec/diracdec: Check weight_log2denom
...
Fixes: runtime error: shift exponent -1 is negative
Fixes: 2742/clusterfuzz-testcase-minimized-5724322402402304
Fixes: 2744/clusterfuzz-testcase-minimized-4672435653705728
Fixes: 2749/clusterfuzz-testcase-minimized-5298741273690112
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 880f5c5913michael@niedermayer.cc >
2017-08-01 14:13:31 +02:00
Michael Niedermayer
acedc53186
avcodec/dirac_dwt: Fix multiple integer overflows in COMPOSE_DD97iH0()
...
Fixes: runtime error: signed integer overflow: 9 * 335544320 cannot be represented in type 'int'
Fixes: 2739/clusterfuzz-testcase-minimized-6737297955356672
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit bf8ab72ae9michael@niedermayer.cc >
2017-07-29 19:13:20 +02:00
Michael Niedermayer
6b1c71040d
avcodec/diracdec: Fix integer overflow in divide3()
...
Fixes: runtime error: signed integer overflow: -1073746548 * 21845 cannot be represented in type 'int'
Fixes: 2729/clusterfuzz-testcase-minimized-5902915464069120
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c0220c768cmichael@niedermayer.cc >
2017-07-29 14:23:25 +02:00
Michael Niedermayer
6274709c1c
avcodec/takdec: Fix integer overflow in decode_subframe()
...
Fixes: runtime error: signed integer overflow: -536870912 - 1972191120 cannot be represented in type 'int'
Fixes: 2711/clusterfuzz-testcase-minimized-4975142398590976
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2c630d159fmichael@niedermayer.cc >
2017-07-29 14:18:35 +02:00
Michael Niedermayer
06ce68d8a0
avformat/rtmppkt: Convert ff_amf_get_field_value() to bytestream2
...
Fixes: out of array accesses
Found-by: JunDong Xie of Ant-financial Light-Year Security Lab
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit ffcc82219cmichael@niedermayer.cc >
2017-07-29 14:17:58 +02:00
Michael Niedermayer
54a6c1368c
avformat/rtmppkt: Convert ff_amf_tag_size() to bytestream2
...
Fixes: out of array accesses
Fixes: crash-9238fa9e8d4fde3beda1f279626f53812cb001cb-SEGV
Found-by: JunDong Xie of Ant-financial Light-Year Security Lab
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 08c073434emichael@niedermayer.cc >
2017-07-29 04:49:46 +02:00
Michael Niedermayer
f4c8449238
avcodec/diracdec: Fix integer overflow in signed multiplication in UNPACK_ARITH()
...
Fixes: runtime error: signed integer overflow: 1073741823 * 4 cannot be represented in type 'int'
Fixes: 2729/clusterfuzz-testcase-minimized-5902915464069120
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 8e275a74b0michael@niedermayer.cc >
2017-07-28 03:41:08 +02:00
Michael Niedermayer
956f2db21f
avcodec/dnxhddec: Move mb height check out of non hr branch
...
Fixes: out of array access
Fixes: poc.dnxhd
Found-by: Bingchang, Liu@VARAS of IIE
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 296debd213michael@niedermayer.cc >
2017-07-27 03:11:20 +02:00
Michael Niedermayer
7f3124e08c
avcodec/hevc_ps: fix integer overflow in log2_parallel_merge_level_minus2
...
Fixes: runtime error: signed integer overflow: -2147483647 - 2 cannot be represented in type 'int'
Fixes: 2702/clusterfuzz-testcase-minimized-4511932591636480
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 74c1c22d7fmichael@niedermayer.cc >
2017-07-26 17:24:59 +02:00
Michael Niedermayer
65304d33a2
avformat/oggparsecelt: Do not re-allocate os->private
...
Fixes: double free
Fixes: clusterfuzz-testcase-minimized-5080550145785856
Found-by: ClusterFuzz
Reviewed-by: Nicolas George <george@nsup.org >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 7140761481michael@niedermayer.cc >
2017-07-26 00:14:57 +02:00
Michael Niedermayer
a0edd7f583
avcodec/ylc: Fix shift overflow
...
Fixes: runtime error: shift exponent 32 is too large for 32-bit type 'unsigned int'
Fixes: 2698/clusterfuzz-testcase-minimized-4713541443518464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 03a9e6ff30michael@niedermayer.cc >
2017-07-26 00:14:22 +02:00
Michael Niedermayer
2755c73d55
avcodec/aacps: Fix multiple integer overflow in map_val_34_to_20()
...
Fixes: avcodec/aacps.c:511:40: runtime error: signed integer overflow: 1509077651 + 758068176 cannot be represented in type 'int'
Fixes: 2678/clusterfuzz-testcase-minimized-4702787684270080
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 0764fe1d09michael@niedermayer.cc >
2017-07-26 00:14:02 +02:00
Michael Niedermayer
918d45ec82
avcodec/aacdec_fixed: fix: left shift of negative value -1
...
Fixes: 2699/clusterfuzz-testcase-minimized-5631303862976512
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2dfb8c4178michael@niedermayer.cc >
2017-07-26 00:11:55 +02:00
Brice Waegeneire
2453c66b0f
doc/filters: typo in frei0r
...
Signed-off-by: Brice Waegeneire <brice.wge@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 6a6eec485dmichael@niedermayer.cc >
2017-07-23 15:01:04 +02:00
Vodyannikov Aleksandr
c6d9d00220
avcodec/cfhd: Fix decoding regression due to height check
...
Fixes: Ticket6546
Regression since: 54aaadf648mfcc64@gmail.com >
Reviewed-by: Kieran Kunhya <kierank@obe.tv >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 47c9365724michael@niedermayer.cc >
2017-07-23 15:00:52 +02:00
Michael Niedermayer
02bec657f3
avcodec/aacdec_template (fixed point): Check gain in decode_cce() to avoid undefined shifts later
...
Fixes: runtime error: shift exponent 47 is too large for 32-bit type 'int'
Fixes: 2581/clusterfuzz-testcase-minimized-4681474395602944
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2886142e0cmichael@niedermayer.cc >
2017-07-19 04:03:10 +02:00
Michael Niedermayer
a2c3c9bc60
avcodec/aacdec_template: Fix undefined integer overflow in apply_tns()
...
Fixes: runtime error: signed integer overflow: -2147483648 - 1202286525 cannot be represented in type 'int'
Fixes: 2071/clusterfuzz-testcase-minimized-6036414271586304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 0ef8f03133michael@niedermayer.cc >
2017-07-19 03:54:39 +02:00
Michael Niedermayer
94077cf673
avcodec/magicyuv: Check that vlc len is not too large
...
Fixes: runtime error: shift exponent -95 is negative
Fixes: 2568/clusterfuzz-testcase-minimized-4926115716005888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 341f01290cmichael@niedermayer.cc >
2017-07-19 03:53:54 +02:00
Michael Niedermayer
506bbbc099
avcodec/mjpegdec: Clip DC also on the negative side.
...
Fixes: runtime error: signed integer overflow: -16711425 + -2130772346 cannot be represented in type 'int'
Fixes: 2533/clusterfuzz-testcase-minimized-5372857678823424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c28f648b19michael@niedermayer.cc >
2017-07-19 03:48:00 +02:00
Michael Niedermayer
910878e4d9
avcodec/aacps (fixed point): Fix multiple signed integer overflows
...
Fixes: runtime error: signed integer overflow: 1421978265 - -1810326882 cannot be represented in type 'int'
Fixes: 2527/clusterfuzz-testcase-minimized-5260915396050944
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 80b9e40b6fmichael@niedermayer.cc >
2017-07-19 03:47:45 +02:00
Michael Niedermayer
51f0580c5f
avcodec/ylc: Fix vlc of 31 bits
...
Fixes: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes: 2515/clusterfuzz-testcase-minimized-6197200012967936
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit fe9242204dmichael@niedermayer.cc >
2017-07-19 03:40:22 +02:00
Michael Niedermayer
215d6f897d
avcodec/sbrdsp_fixed: Fix integer overflow in sbr_hf_apply_noise()
...
Fixes: runtime error: signed integer overflow: -2049425300 + -117591631 cannot be represented in type 'int'
Fixes: part of 2096/clusterfuzz-testcase-minimized-4901566068817920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2061de8a3fmichael@niedermayer.cc >
2017-07-19 03:39:53 +02:00
Michael Niedermayer
be1f146a0f
avcodec/wavpack: Fix invalid shift
...
Fixes: runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes: 2377/clusterfuzz-testcase-minimized-6108505935183872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c07af72098michael@niedermayer.cc >
2017-07-19 02:50:34 +02:00
Michael Niedermayer
965f15551f
avcodec/h264_slice: Fix signed integer overflow
...
Fixes: runtime error: signed integer overflow: 26 + 2147483644 cannot be represented in type 'int'
Fixes: 2456/clusterfuzz-testcase-minimized-4822695051001856
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 7592d97f10michael@niedermayer.cc >
2017-07-19 02:50:19 +02:00
Michael Niedermayer
0837678cbd
avcodec/hevc_ps: Fix integer overflow with beta/tc offsets
...
Fixes: runtime error: signed integer overflow: 2113929216 * 2 cannot be represented in type 'int'
Fixes: 2422/clusterfuzz-testcase-minimized-5242114713583616
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit de54a37c1dmichael@niedermayer.cc >
2017-07-19 02:50:00 +02:00
Michael Niedermayer
d2452b9e20
avcodec/cfhd: Fix invalid left shift of negative value
...
Fixes: runtime error: left shift of negative value -1
Fixes: 2395/clusterfuzz-testcase-minimized-6540529313513472
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c709f009damichael@niedermayer.cc >
2017-07-19 02:49:03 +02:00
Michael Niedermayer
73f42b7b58
avcodec/vb: Check vertical GMC component before multiply
...
Fixes: runtime error: signed integer overflow: 8224 * 663584 cannot be represented in type 'int'
Fixes: 2393/clusterfuzz-testcase-minimized-6128334993883136
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit bc6ab72bc7michael@niedermayer.cc >
2017-07-19 02:48:39 +02:00
Michael Niedermayer
634e9a696d
avcodec/jpeg2000dwt: Fix integer overflow in dwt_decode97_int()
...
Fixes: runtime error: signed integer overflow: -163654656 * 256 cannot be represented in type 'int'
Fixes: 2367/clusterfuzz-testcase-minimized-4648678897745920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit ea5366670emichael@niedermayer.cc >
2017-07-19 02:45:51 +02:00
Michael Niedermayer
750fec58e1
avcodec/apedec: Fix integer overflow
...
Fixes: out of array access
Fixes: PoC.ape and others
Found-by: Bingchang, Liu@VARAS of IIE
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit ba4beaf614michael@niedermayer.cc >
2017-07-16 17:02:31 +02:00
Michael Niedermayer
62e942ab1c
avcodec/wavpack: Fix integer overflow in wv_unpack_stereo()
...
Fixes: runtime error: signed integer overflow: 2080374785 + 2080374784 cannot be represented in type 'int'
Fixes: 2351/clusterfuzz-testcase-minimized-5359403240783872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 73ea2a028emichael@niedermayer.cc >
2017-06-25 02:52:41 +02:00
Michael Niedermayer
f626a479f4
avcodec/mpeg4videodec: Fix GMC with videos of dimension 1
...
Fixes: runtime error: shift exponent -1 is negative
Fixes: 2338/clusterfuzz-testcase-minimized-5153426541379584
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4976a3411fmichael@niedermayer.cc >
2017-06-25 02:48:01 +02:00
Michael Niedermayer
b3cf49b6f9
avcodec/wavpack: Fix integer overflow
...
Fixes: runtime error: signed integer overflow: 227511904 + 1964113935 cannot be represented in type 'int'
Fixes: 2331/clusterfuzz-testcase-minimized-6182185830711296
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 24e95f9d4dmichael@niedermayer.cc >
2017-06-23 03:05:55 +02:00
Michael Niedermayer
10a085a21f
avcodec/takdec: Fix integer overflow
...
Fixes: runtime error: signed integer overflow: 512 + 2147483146 cannot be represented in type 'int'
Fixes: 2314/clusterfuzz-testcase-minimized-4519333877252096
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 0c2ef4f6b4michael@niedermayer.cc >
2017-06-23 03:05:44 +02:00
Michael Niedermayer
62b536690d
avcodec/tiff: Update pointer only when the result is used
...
Fixes: runtime error: signed integer overflow: 538976288 * 32 cannot be represented in type 'int'
Fixes: 2310/clusterfuzz-testcase-minimized-4534784887881728
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 27f80ab016michael@niedermayer.cc >
2017-06-23 03:05:33 +02:00
Michael Niedermayer
a2d9595a4b
Changelog: update
2017-06-22 03:10:22 +02:00
Michael Niedermayer
9c52cf95ee
avcodec/cfhd: Check bpc before setting bpc in context
...
Fixes: runtime error: shift exponent 32 is too large for 32-bit type 'int'
Fixes: 2306/clusterfuzz-testcase-minimized-5002997392211968
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 6f1d2355a7michael@niedermayer.cc >
2017-06-22 03:09:17 +02:00
Michael Niedermayer
46842f6de9
avcodec/cfhd: Fix undefined shift
...
Fixes: runtime error: left shift of negative value -1
Fixes: 2303/clusterfuzz-testcase-minimized-5529675273076736
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 5a950f4e32michael@niedermayer.cc >
2017-06-22 03:08:57 +02:00
Michael Niedermayer
fc30465bcb
avcodec/hevc_filter: Fix invalid shift
...
Fixes: runtime error: left shift of negative value -1
Fixes: 2299/clusterfuzz-testcase-minimized-4843509351710720
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit d7b3d5c3f2michael@niedermayer.cc >
2017-06-22 03:08:45 +02:00
Michael Niedermayer
af1f0f815b
avcodec/mpeg4videodec: Fix overflow in virtual_ref computation
...
Fixes: runtime error: signed integer overflow: 262144 * -16120 cannot be represented in type 'int'
Fixes: 2292/clusterfuzz-testcase-minimized-6156080415506432
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 5443c4bdf4michael@niedermayer.cc >
2017-06-22 03:08:34 +02:00
Michael Niedermayer
feefeb4df1
avcodec/lpc: signed integer overflow in compute_lpc_coefs() (aacdec_fixed)
...
Fixes: runtime error: signed integer overflow: -1575818955 + -915383657 cannot be represented in type 'int'
Fixes: 2224/clusterfuzz-testcase-minimized-6208559949807616
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit e95fcfe8fbmichael@niedermayer.cc >
2017-06-22 03:08:23 +02:00
Michael Niedermayer
48b0e94a6c
avcodec/wavpack: Fix undefined integer negation
...
Fixes: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 2291/clusterfuzz-testcase-minimized-5538453481586688
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 5f89747086michael@niedermayer.cc >
2017-06-22 03:07:20 +02:00
Michael Niedermayer
1124df4639
avcodec/aacdec_fixed: Check s for being too small
...
Fixes: runtime error: shift exponent -8 is negative
Fixes: 2286/clusterfuzz-testcase-minimized-5711764169687040
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit cf7edbd6c5michael@niedermayer.cc >
2017-06-22 03:07:08 +02:00
Michael Niedermayer
5cd693fd42
avcodec/htmlsubtitles: Replace very slow redundant sscanf() calls by cleaner and faster code
...
This reduces the worst case from O(n²) to O(n) time
Fixes Timeout
Fixes: 2127/clusterfuzz-testcase-minimized-6595787859427328
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4132218b87michael@niedermayer.cc >
2017-06-22 03:06:43 +02:00
Anton Mitrofanov
70b7147926
avcodec/h264: Fix mix of lossless and lossy MBs decoding
...
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com >
(cherry picked from commit cf231b68damichael@niedermayer.cc >
2017-06-20 03:09:09 +02:00
Anton Mitrofanov
ac86dc7716
avcodec/h264_mb: Fix 8x8dct in lossless for new versions of x264
...
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com >
(cherry picked from commit 06dda70f1emichael@niedermayer.cc >
2017-06-20 03:03:12 +02:00
Anton Mitrofanov
8ead0d3806
avcodec/h264_cabac: Fix CABAC+8x8dct in 4:4:4
...
Use the correct ctxIdxInc calculation for coded_block_flag.
Keep old behavior for old versions of x264 for backward compatibility.
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com >
(cherry picked from commit 840b41b2a6michael@niedermayer.cc >
2017-06-20 01:55:50 +02:00
Michael Niedermayer
dcace98d08
Update for 3.1.9
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2017-06-18 16:07:25 +02:00
Michael Niedermayer
8a38efad42
avcodec/takdec: Fixes: integer overflow in AV_SAMPLE_FMT_U8P output
...
Fixes: runtime error: signed integer overflow: 2147483543 + 128 cannot be represented in type 'int'
Fixes: 2234/clusterfuzz-testcase-minimized-6266896041115648
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 27c2006805michael@niedermayer.cc >
2017-06-18 16:05:23 +02:00
