highperfocused/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
101,978 Commits 36 Branches 392 Tags
cc33e73618a981de7fd96385ecb34719de031f16
Commit Graph

101978 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
James Almer
cc33e73618 avcodec/libdav1d: let libdav1d choose optimal max frame delay 
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 9a7fe439d9)
 2021-11-05 21:38:37 -03:00
James Almer
61ed1182ee avcodec/libdav1d: pass auto threads value to libdav1d 
libdav1d 1.0.0 will be the first version supporting Dav1dSettings.n_threads == 0.

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit d873b5fffc)
 2021-11-05 21:38:37 -03:00
Michael Niedermayer
7e0d640edf Changelog: update 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
n4.4.1 		2021-10-23 23:31:29 +02:00
Michael Niedermayer
73e60e4439 avcodec/flac_parser: Consider AV_INPUT_BUFFER_PADDING_SIZE 
Fixes: out if array read
Fixes: 40109/clusterfuzz-testcase-minimized-ffmpeg_dem_FLAC_fuzzer-4805686811295744

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Mattias Wadman <mattias.wadman@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-23 23:31:08 +02:00
Michael Niedermayer
404c9331dd avcodec/ttadsp: Fix integer overflows in tta_filter_process_c() 
Fixes: signed integer overflow: 822841647 + 1647055738 cannot be represented in type 'int'
Fixes: 39935/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TTA_fuzzer-4592657142251520

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f24028c798)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 19:21:14 +02:00
Michael Niedermayer
875fbddd7d avutil/mathematics: Document av_rescale_rnd() behavior on non int64 results 
Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e154353fdb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 19:21:14 +02:00
Michael Niedermayer
32b68a6232 avcodec/utils: Ensure 8x8 alignment for ARGO in avcodec_align_dimensions2() 
Fixes: out of array access
Fixes: 39736/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ARGO_fuzzer-4820016722214912

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 17e36fac0b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 19:21:14 +02:00
Michael Niedermayer
bac4bb747a avformat/matroskadec: Reset state also on failure in matroska_reset_status() 
The calling code does not handle failures and will fail with assertion failures later.
Seeking can always fail even when the position was previously read.

Fixes: Assertion failure
Fixes: 35253/clusterfuzz-testcase-minimized-ffmpeg_dem_MATROSKA_fuzzer-4693059982983168

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d115eec979)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 19:21:14 +02:00
Michael Niedermayer
ea190a10d3 avformat/wavdec: Check smv_block_size 
Fixes: Timeout
Fixes: 39554/clusterfuzz-testcase-minimized-ffmpeg_dem_WAV_fuzzer-4915221701984256

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 849138f476)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 19:21:14 +02:00
Michael Niedermayer
6de9986c78 avformat/rmdec: Check for multiple audio_stream_info 
Fixes: memleak
Fixes: 39166/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5153276690038784

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8fe3566b8f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 19:21:14 +02:00
Michael Niedermayer
1abb9ab266 avcodec/apedec: Use 64bit to avoid overflow 
Fixes: runtime error: signed integer overflow: 727298502 * 3 cannot be represented in type 'int'
Fixes: 39172/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-638602483033702

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f059b56195)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 19:21:14 +02:00
Michael Niedermayer
bda2d49896 avcodec/apedec: Fix undefined integer overflow in long_filter_ehigh_3830() 
Fixes: signed integer overflow: -2145648640 - 3357696 cannot be represented in type 'int'
Fixes: 38899/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5358815017566208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ad517ee6e4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 19:21:14 +02:00
Michael Niedermayer
cb92d65a5b oavformat/avidec: Check offset in odml 
Fixes: signed integer overflow: 9223372036854775807 + 8 cannot be represented in type 'long'
Fixes: 38787/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-4859845799444480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 255a7b423e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 19:21:14 +02:00
Michael Niedermayer
4ae804b6fb avformat/mpegts: use actually read packet size in mpegts_resync special case 
Fixes: infinite loop
Fixes: 37986/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGTSRAW_fuzzer-5292311517462528 -

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Marton Balint <cus@passwd.hu>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 83b2e4c8f1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-21 19:21:14 +02:00
Andreas Rheinhardt
4b583e5425 fftools/ffmpeg: Fix crash when flushing non-fully setup output stream 
The output stream's packet may not have been allocated
at that point. This happens when quitting in the following command line:
$ ./ffmpeg -lavfi abuffer=sample_fmt=u8:sample_rate=48000:channel_layout=stereo -f null -

Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
(cherry picked from commit fb215798c7)
 2021-10-08 11:31:37 -03:00
Timo Rothenpieler
c989427c16 avfilter/scale_npp: fix non-aligned output frame dimensions 2021-10-07 18:18:04 +02:00
Steven Liu
9738990542 Revert "avformat/hlsenc: compute video_keyframe_size after write keyframe" 
This reverts commit b5ca8f2c66.

This commit will make new problem about tickets: 9193,9205
It flush data into file with init file context together,
and it can get keyframe size, maybe need more method to get keyframe
size.

Signed-off-by: Steven Liu <liuqi05@kuaishou.com>
(cherry picked from commit 59032494e8)
 2021-10-07 22:08:08 +08:00
Michael Niedermayer
a2bb836e55 Changelog: update 2021-10-05 23:22:23 +02:00
Michael Niedermayer
667d62c603 swscale/alphablend: Fix slice handling 
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 06d6726588)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:40 +02:00
Michael Niedermayer
6825af5c07 avcodec/apedec: Fix integer overflow in filter_fast_3320() 
Fixes: signed integer overflow: 2145649668 + 3956526 cannot be represented in type 'int'
Fixes: 38351/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-4647077926273024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0e45886e6e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:40 +02:00
Michael Niedermayer
71d776740c avformat/mov: Fix last mfra check 
Fixes: signed integer overflow: 9223372036854775360 + 536870912 cannot be represented in type 'long'
Fixes: 37940/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6095637855207424

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 451ceb5131)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:40 +02:00
Michael Niedermayer
58fdd476f9 avcodec/mxpegdec: Check for AVDISCARD_ALL 
Fixes: Fixes NULL pointer dereference
Fixes: 36610/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-6052641783283712
Fixes: 37907/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-4725170850365440
Fixes: 37904/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-6367889262247936
Fixes: 38085/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-5175270823297024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 20afd3a63a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:40 +02:00
Michael Niedermayer
97f3abe294 avcodec/flicvideo: Check remaining bytes in FLI*COPY 
Fixes: Timeout
Fixes: 37795/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLIC_fuzzer-4846536543043584

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5f835efbca)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
7d313a14a1 avcodec/utils: ARGO writes 4x4 blocks without regard to the image dimensions 
Fixes: out of array access
Fixes: 37197/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ARGO_fuzzer-5877046382297088

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 018b611b4b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
b90ce02f81 avcodec/cbs_h265_syntax_template: Limit sps_num_palette_predictor_initializer_minus1 to 127 
Fixes: index 128 out of bounds for type 'uint16_t [128]'
Fixes: 38651/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-6296416058736640

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 85413a5ae6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
a0e38aceba avcodec/snowdec: Maintain avmv buffer 
This avoids reallocating per frame

Fixes: Assertion failure
Fixes: 36359/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-6733238591684608
Fixes: 38623/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-6098656512573440

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0faf04e807)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
02fd9353f2 avcodec/mpeg12dec: Do not put mpeg_f_code into an invalid state on error return 
Fixes: invalid shift
Fixes: 37018/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG2VIDEO_fuzzer-5290280902328320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5a95abcce4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
c524a8b4be avcodec/mpegvideo_enc: Limit bitrate tolerance to the representable 
Fixes: error: 1.66789e+11 is outside the range of representable values of type 'int'
Fixes: Ticket8201

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 245017ec8a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
bea287bdad avcodec/apedec: Fix integer overflow in intermediate 
Fixes: signed integer overflow: 559334865 * 4 cannot be represented in type 'int'
Fixes: 37929/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6751932295806976

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 90da43557f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
2a7b3e62e0 avformat/mvdec: Do not set invalid sample rate 
Fixes: signed integer overflow: -682581959642593728 * 16 cannot be represented in type 'long'
Fixes: 37883/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5311691517198336

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 737e6bf216)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
1d2a398827 avformat/sbgdec: Check for t0 overflow in expand_tseq() 
Fixes: signed integer overflow: 4611686025627387904 + 4611686025627387904 cannot be represented in type 'long'
Fixes: 35489/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-4862678601433088

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george@nsup.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f624c92d4c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
598d3614fd avformat/rmdec: Use 64bit for intermediate for DEINT_ID_INT4 
Fixes: runtime error: signed integer overflow: 65312 * 65535 cannot be represented in type 'int'
Fixes: 32832/clusterfuzz-testcase-minimized-ffmpeg_dem_RM_fuzzer-4817710040088576

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e2c2872393)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
09e0a12202 avformat/sbgdec: Check opt_duration and start for overflow 
Fixes: signed integer overflow: 2788626175500000000 + 7118941284000000000 cannot be represented in type 'long'
Fixes: 35215/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6123272247836672

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2768928624)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
be267aa08b avcodec/exr: Fix undefined integer multiplication 
Fixes: signed integer overflow: 7020950083487072256 * 2 cannot be represented in type 'long long'
Fixes: 37523/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5133634955771904

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e67deaf86c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
65d6de52f1 avformat/mov: Check for duplicate clli 
Fixes: memleak
Fixes: 35261/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-4869656287510528

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9a222f140e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
e075bc192d avformat/utils: Ignore negative duration in codec_info_duration computation 
Fixes: signed integer overflow: -5994697211974418462 + -3255307777713450286 cannot be represented in type 'long'
Fixes: 35332/clusterfuzz-testcase-minimized-ffmpeg_dem_MATROSKA_fuzzer-5868035117285376

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4d81550df9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
d482bf35eb avformat/jacosubdec: Check for min in t overflow in get_shift() 
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 34651/clusterfuzz-testcase-minimized-ffmpeg_dem_JACOSUB_fuzzer-5157941012463616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 989febfbd0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Michael Niedermayer
26083824d7 avformat/mxfdec: check channel number in mxf_get_d10_aes3_packet() 
Fixes: Out of array access
Fixes: 37030/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5387719147651072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3dd5a8a135)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-05 23:19:39 +02:00
Stéphane Cerveau
79c114e1b2 avcodec/wmadec: handle run_level_decode error 
Consider data as invalid if ff_wma_run_level_decode
gets out with an error.

It avoids an unpleasant sound distorsion.

See http://trac.ffmpeg.org/ticket/9358

(cherry picked from commit f9fbe2f9a9)
 2021-09-21 23:20:37 -03:00
Olivier Crête
6f24f503ef avcodec/wma: Return specific error code 
This way, the calling function can just forward it instead of
making it up.

Signed-off-by: Olivier Crête <olivier.crete@collabora.com>
(cherry picked from commit 521388edb7)
 2021-09-21 23:20:29 -03:00
Tong Wu
df288deb9b avcodec/dxva2_av1: fix superres_denom parameter 
Defined in spec 5.9.8. When superres is enabled, SuperresDenom equals
"coded_denom + SUPERRES_DENOM_MIN" instead of coded_denom.

Signed-off-by: Tong Wu <tong1.wu@intel.com>
Signed-off-by: Hendrik Leppkes <h.leppkes@gmail.com>
(cherry picked from commit f31033c6ca)
 2021-09-14 23:51:42 +02:00
James Almer
5e61fce832 avcodec/libdav1d: fix compilation after recent libdav1d API changes 
They were done in preparation for an upcoming 1.0 release.
Keep supporting previous releases for the time being.

Reviewed-by: BBB
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit e204846ec1)
 2021-09-09 09:31:53 -03:00
Michael Niedermayer
b5cdf08cae Changelog: update 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-09-08 23:14:28 +02:00
James Almer
07dec5b0c3 avcodec/utils: don't return negative values in av_get_audio_frame_duration() 
In some extrme cases, like with adpcm_ms samples with an extremely high channel
count, get_audio_frame_duration() may return a negative frame duration value.
Don't propagate it, and instead return 0, signaling that a duration could not
be determined.

Fixes ticket #9312

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit e01d306c64)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-09-08 23:12:50 +02:00
Michael Niedermayer
620fa723b8 Update for 4.4.1 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-09-08 22:45:01 +02:00
Michael Niedermayer
b3e21be8e1 avcodec/jpeg2000dec: Check that atom header is within bytsetream 
Fixes: Infinite loop
Fixes: 36666/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5912760671141888

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3c659f8618)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-09-08 21:31:50 +02:00
Michael Niedermayer
7d58def70a avcodec/apedec: Fix 2 integer overflows in filter_3800() 
Fixes: signed integer overflow: 1683879955 - -466265224 cannot be represented in type 'int'
Fixes: 37419/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6074294407921664

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 33feb527ff)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-09-08 21:31:50 +02:00
Michael Niedermayer
baefa5385e avcodec/xpmdec: Move allocations down after more error checks 
Fixes: Timeout
Fixes: 37035/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XPM_fuzzer-5142718576721920

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e58692837c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-09-08 21:31:50 +02:00
Michael Niedermayer
34aad02457 avcodec/argo: Move U, fix shift 
Fixes: left shift of 255 by 24 places cannot be represented in type 'int'
Fixes: 37249/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ARGO_fuzzer-5754862984888320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 26659fe53e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-09-08 21:31:50 +02:00
Michael Niedermayer
3d5f361290 avformat/mov: Check dts for overflow in mov_read_trun() 
Fixes: signed integer overflow: 9223372034248226491 + 3275247799 cannot be represented in type 'long'
Fixes: clusterfuzz-testcase-minimized-audio_decoder_fuzzer-4538729166077952

Reported-by: Matt Wolenetz <wolenetz@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4de4bc06fd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-09-08 21:31:50 +02:00