ffmpeg

Author	SHA1	Message	Date
Andreas Rheinhardt	2722fc2bcf	avcodec/extract_extradata_bsf: Don't unref uninitialized buffers This happens if allocating extradata fails and s->remove is unset. Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `76e0ecec0b`)	2019-12-06 21:33:54 -03:00
Andreas Rheinhardt	40123639fe	avformat/av1: Fix leak of dynamic buffer in case of parsing failure Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `27c6c92534`)	2019-12-06 21:33:47 -03:00
Ross Nicholson	289838b7bd	libavformat/rtsp: return error if rtsp_hd_out is null instead of crash Signed-off-by: Aman Gupta <aman@tmm1.net> (cherry picked from commit `460f74495f`)	2019-12-02 16:41:32 -08:00
Mark Thompson	82a3a623f0	cbs_h264: Fix missing inferred colour description fields With video_signal_type_present_flag set but colour_description_present_flag unset the colour fields would not have had their correct values inferred. (cherry picked from commit `f9b8503639`)	2019-11-19 23:40:02 -03:00
James Almer	252ef2329a	avcodec/cbs_av1: keep separate reference frame state for reading and writing In scearios where a Temporal Unit is written right after reading it using the same CBS context (av1_metadata, av1_frame_merge, etc), the reference frame state used by the writer must not be the state that's the result of the reader having already parsed the current frame in question. This fixes writing Switch frames, and frames using short ref signaling. Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `4e2bef6a82`)	2019-11-19 23:37:49 -03:00
James Almer	8da31e9eef	avcodec/cbs_av1: fix reading reference order hint in skip_mode_params() Reviewed-by: Ronald S. Bultje <rsbultje@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `2703068110`)	2019-11-19 23:36:54 -03:00
James Almer	57365f67a0	avcodec/amfnec: allocate packets using av_new_packet() This ensures they will be reference counted, as required by the AVCodec.receive_packet() API. Should fix ticket #8386. Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `fdf46b4a6b`)	2019-11-19 19:48:33 -03:00
Timo Rothenpieler	44fe41a1ca	avcodec/nvenc: make sure newly allocated packets are refcounted Fixes ticket 8383 Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>	2019-11-17 01:41:11 +01:00
Jun Zhao	61853f7503	lavc/mpeg4audio: add chan_config check to avoid indeterminate channels add chan_config check to avoid indeterminate channels. Signed-off-by: Jun Zhao <barryjzhao@tencent.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `333109f469`)	2019-09-27 22:28:16 -03:00
James Almer	2ec1b096b1	aformat/movenc: add missing padding to output track extradata Fixes ticket #8183. Tested-by: Thierry Foucu <tfoucu@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `58aa0ed8f1`)	2019-09-26 16:02:39 -03:00
Timo Rothenpieler	0eb1088960	avcodec/nvenc: add driver version info for SDK 9.1 Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>	2019-09-24 12:05:16 +02:00
James Almer	25273ef23a	avcodec/bsf: check that AVBSFInternal was allocated before dereferencing it This can happen when av_bsf_free() is called on av_bsf_alloc() failure. Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `d889ae3396`)	2019-09-23 10:11:25 -03:00
Michael Niedermayer	1529dfb73a	Update for 4.2.1 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> n4.2.1	2019-09-06 23:23:41 +02:00
Michael Niedermayer	e66d4725c7	avcodec/qdm2: Check frame size Fixes: index 2304 out of bounds for type 'float [2304]' Fixes: 16332/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QDM2_fuzzer-5679142481166336 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `12b909ba31`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-06 23:00:46 +02:00
Michael Niedermayer	5a1e0cae2f	avformat/vividas: check for tiny blocks using alignment Ask for a sample for these Fixes: out of array access Fixes: 16624/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5762455661182976 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `55d4e22d71`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-06 23:00:46 +02:00
Michael Niedermayer	d3b45f1378	avcodec/vc1_pred: Fix refdist in scaleforopp() Fixes: out of array access Fixes: 16601/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5656105392275456 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `413e0f2516`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-06 23:00:46 +02:00
Michael Niedermayer	5b44aec196	avcodec/vorbisdec: fix FASTDIV usage for vr_type == 2 This reverts a hunk from `f1ca40ee00` Fixes: out of array read Fixes: 16924/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VORBIS_fuzzer-5157893162139648 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `722fd46965`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-06 23:00:46 +02:00
Michael Niedermayer	6c583ec9bd	avcodec/iff: Check for overlap in cmap_read_palette() Fixes: undefined memcpy() use Fixes: 16302/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5678750575886336 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `dfa5d1a366`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-06 23:00:46 +02:00
Michael Niedermayer	ee89d9e3d6	avcodec/apedec: Fix 32bit int overflow in do_apply_filter() Fixes: signed integer overflow: 2147480546 + 4096 cannot be represented in type 'int' Fixes: 16280/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5123442566758400 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9d3ddef519`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-06 23:00:46 +02:00
Carl Eugen Hoyos	1dec90d456	lavf/rawenc: Only accept the appropriate stream type for raw muxers. This does not affect the rawvideo muxer. Fixes ticket #7979. (cherry picked from commit `aef24efb0c`)	2019-09-06 16:25:05 -03:00
James Almer	3de33c6e76	avformat/matroskadec: use av_fast_realloc to reallocate ebml list arrays Speeds up the process considerably. Fixes ticket #8109. Suggested-by: nevcairiel Suggested-by: cehoyos Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `3b3150c45f`)	2019-09-04 16:30:46 -03:00
James Almer	6a19167a6f	avformat/matroskadec: use proper types for some EbmlSyntax fields Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `f34aabfbae`)	2019-09-04 16:30:46 -03:00
Michael Niedermayer	457ed86478	avcodec/ralf: fix undefined shift in extend_code() Fixes: left shift of negative value -3 Fixes: 16147/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5658392722407424 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4778407ab3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	a7f6b27e3c	avcodec/ralf: fix undefined shift Fixes: left shift of negative value -2 Fixes: 16145/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5146671058518016 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0ee886988e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	517fd68acd	avcodec/bgmc: Check input space in ff_bgmc_decode_init() Fixes: Infinite loop Fixes: 16608/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5636229827133440 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Thilo Borgmann <thilo.borgmann@mail.de> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b54031a6e9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	69db79074f	avcodec/vp3: Check for end of input in 2 places of vp4_unpack_macroblocks() Fixes: Timeout (82sec -> 1sec) Fixes: 16411/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP3_fuzzer-5166958151991296 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `daf92cc074`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	372c91b199	avcodec/truemotion2: Fix multiple integer overflows in tm2_null_res_block() Fixes: signed integer overflow: 1795032576 + 598344192 cannot be represented in type 'int' Fixes: 16196/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5636723419119616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `cc78783ce5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	ba7ba6db74	avcodec/vc1_block: Check the return code from vc1_decode_p_block() Fixes: left shift of negative value -1 Fixes: 16424/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3_fuzzer-5656579055026176 Fixes: 16358/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5714436358144000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `fe536b6d99`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	fd235d7428	avcodec/vc1dec: Require res_sprite for wmv3images non res_sprite leads to decoder delay which leads to assertion failure Fixes: Assertion failure Fixes: 16402/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3IMAGE_fuzzer-5704510034411520 Fixes: left shift of 1073741824 by 1 places cannot be represented in type 'int' Fixes: 16425/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3IMAGE_fuzzer-5692858838810624 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9c6b400492`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	7edcd88a3f	avcodec/vc1_block: Check for double escapes Fixes: out of array read Fixes: 16331/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3IMAGE_fuzzer-5672735195267072 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6962fd586e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	948e655d13	avcodec/vorbisdec: Check get_vlc2() failure Fixes: out of array read Fixes: 16510/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VORBIS_fuzzer-5754510382727168 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `07b948fe60`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	92e021ff95	avcodec/tta: Fix integer overflow in prediction Fixes: signed integer overflow: -395281576 + -1827578048 cannot be represented in type 'int' Fixes: 16038/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TTA_fuzzer-5646109705240576 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7e9aecc9f3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	b34033dec2	avcodec/vb: Check input packet size to be large enough to contain flags Fixes: Timeout (->9sec) Fixes: 16292/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VB_fuzzer-5747063496638464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `dea2591d4f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	7a9b43671a	avcodec/cavsdec: Limit the number of access units per packet to 2 Fixes: Timeout (122sec -> 13ms) Fixes: 15978/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CAVS_fuzzer-5148925004087296 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `37bc8e3249`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	ada9293402	avcodec/atrac9dec: Check block_align Fixes: Infinite loop Fixes: 16260/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ATRAC9_fuzzer-5676365617037312 Fixes: 16260/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ATRAC9_fuzzer-5768093879500800 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `dead949a1f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	7823b70004	avcodec/alac: Check for bps of 0 Fixes: shift exponent 32 is too large for 32-bit type 'unsigned int' Fixes: 15764/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5102101203517440 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: James Almer <jamrial@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8f49176e84`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	fc2bb55605	avcodec/alac: Fix multiple integer overflows in lpc_prediction() Fixes: signed integer overflow: 2088795537 + 2147254401 cannot be represented in type 'int' Fixes: signed integer overflow: -1500363496 + -1295351808 cannot be represented in type 'int' Fixes: signed integer overflow: -79560 * 32640 cannot be represented in type 'int' Fixes: signed integer overflow: 2088910005 + 2088796058 cannot be represented in type 'int' Fixes: signed integer overflow: -117258064 - 2088725225 cannot be represented in type 'int' Fixes: signed integer overflow: 2088725225 - -117258064 cannot be represented in type 'int' Fixes: 15739/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5630664122040320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ae3d6a337a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	cf65da16f8	avcodec/rl2: set dimensions The dimensions are always 320x200 they are hardcoded in the demuxer. Hardcode them instead in the decoder. Fixes: Timeout (16sec -> 400ms) Fixes: 15574/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RL2_fuzzer-5158614072819712 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `965e766e48`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	209a28bb74	avcodec/aacdec: Add FF_CODEC_CAP_INIT_CLEANUP Fixes: memleaks Fixes: 16289/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer-5200695692623872 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `48b86dd8a6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	53ed19f374	avcodec/idcinvideo: Add 320x240 default maximum resolution Fixes: Timeout (128sec -> 2ms) Fixes: 16568/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IDCIN_fuzzer-5675004095627264 See: [FFmpeg-devel] [PATCH 4/4] tools/target_dec_fuzzer: Adjust max_pixels for IDCIN Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c9fcf881e6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	818a3fd27c	avformat/realtextdec: free queue on error Fixes: memleak Fixes: 16277/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5696629440512000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: James Almer <jamrial@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `493438fafc`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	b881ea0f9e	avcodec/vp5/6/8: use vpX_rac_is_end() Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ab56e62e8f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	da3e2efad6	avformat/vividas: Check av_xiphlacing() return value before use Fixes: out of array access Fixes: 16277/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5696629440512000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5937f05503`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	61268f2454	avcodec/alsdec: Fix integer overflow in decode_var_block_data() Fixes: signed integer overflow: 1927975249 - -514719744 cannot be represented in type 'int' Fixes: 16413/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5651206856245248 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Thilo Borgmann <thilo.borgmann@mail.de> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `661a9b274b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	d34b5c938b	avcodec/alsdec: Limit maximum channels to 512 There seems to be no limit in the specification and upto 64k could be stored 512 is choosen as limit as thats the maximum in a conformance sample An alternative to this patch would be a max_channels variable Fixes: OOM Fixes: 16200/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5764788793114624 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Suggested-by: Thilo Borgmann <thilo.borgmann@mail.de> Reviewed-by: Thilo Borgmann <thilo.borgmann@mail.de> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f51e4d026c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	9f61f2f1ea	avcodec/anm: Check input size for a frame with just a stop code Fixes: Timeout (11sec -> 6sec) Fixes: 16344/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ANM_fuzzer-5673032000995328 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1965161ef6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	36019fc088	avcodec/flicvideo: Optimize and Simplify FLI_COPY in flic_decode_frame_24BPP() by using bytestream2_get_buffer() Fixes: Timeout (31sec -> 22sec) Fixes: 16217/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLIC_fuzzer-5658084189405184 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e301736862`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	3349be5745	avcodec/loco: Check left column value Fixes: Timeout (42sec -> 379 ms) Fixes: 16323/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LOCO_fuzzer-5679178099195904 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c812db814e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	80ecb421fe	avcodec/ffwavesynth: Fixes invalid shift with pink noise seeking Fixes: left shift of negative value -961533698048 Fixes: 16242/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5738550670131200 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Nicolas George <george@nsup.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `cdea0206ef`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00
Michael Niedermayer	bcc1fe5165	avcodec/ffwavesynth: Fix integer overflow for some corner case values Fixes: left shift of negative value -14671840 Fixes: 16000/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5145977817661440 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c4a88fb546`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-09-04 20:26:35 +02:00

... 2 3 4 5 6 ...

94659 Commits