ffmpeg

Author	SHA1	Message	Date
Michael Niedermayer	2c3ea34082	avcodec/shorten: Check verbatim length Fixes: Timeout Fixes: 9252/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5780720709533696 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7007dabec0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	c0a6febf32	avcodec/mpegaudio_parser: Initialize poutbuf* Possibly fixes: null pointer dereference Possibly fixes: 9352/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MP3ADUFLOAT_fuzzer-5146068961460224 Fixes: Heap-use-after-free Fixes: 9453/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MP3ADUFLOAT_fuzzer-5137954375729152 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0f4c3b0b8e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	cc0817af0d	avcodec/aacpsdsp_template: Fix integer overflow in ps_stereo_interpolate_c() Fixes: signed integer overflow: -1813244069 + -1407981383 cannot be represented in type 'int' Fixes: 8823/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5643295618236416 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `47db5763e2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	386975d7a4	avformat/flvenc: Check audio packet size Fixes: Assertion failure Fixes: assert_flvenc.c:941_1.swf Found-by: #CHEN HONGXU# <HCHEN017@e.ntu.edu.sg> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6b67d7f059`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Nikolas Bowe	8591d16ce5	lavc/svq3: Fix regression decoding some files. Fixes some SVQ3 encoded files which fail to decode correctly after `6d6faa2a2d`. These files exhibit lots of artifacts and logs show "Media key encryption is not implemented". However they decode without artifacts before `6d6faa2a2d`. The attatched patch allows these files to successfully decode, but also reject media key files. Tested on the files in #6094 and http://samples.mplayerhq.hu/V-codecs/SVQ3/Vertical400kbit.sorenson3.mov Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5aeb3b0080`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	07255282d0	avcodec/mlp_parser: Check if synccode is within buffer Fixes: undefined shift Fixes: 9216/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEHD_fuzzer-6281404575907840 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `51ac3f43b8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	f9235773d6	avcodec/qtrle: Check remaining bytestream in qtrle_decode_XYbpp() Fixes: Timeout Fixes: 9213/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QTRLE_fuzzer-5649753332252672 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7dd836a3f9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	4f51a21c30	avcodec/diracdec: Check bytes count in else branch in decode_lowdelay() too Fixes: signed integer overflow: 8 * 340018243 cannot be represented in type 'int' Fixes: 9441/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5194665207791616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `bed125b710`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	6cf72a56e7	avcodec/diracdec: Check slice numbers for overflows in relation to picture dimensions Fixes: signed integer overflow: 88 * 33685506 cannot be represented in type 'int' Fixes: 9433/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5725943535501312 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f457c0ad7f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	88093d2c1f	avcodec/diracdec: Change frame_number to 64bit as its a 32bit from the bitstream and we also have a -1 special case Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' Fixes: 9291/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6324345860259840 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `462d1be6de`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	8147da2bad	avcodec/dirac_dwt_template: Fix several integer overflows in horizontal_compose_daub97i() Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' Fixes: 8926/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6047609228623872 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `69cac9e130`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	f291acafbb	avcodec/diracdec: Prevent integer overflow in intermediate in global_mv() Fixes: signed integer overflow: -393471 * 5460 cannot be represented in type 'int' Fixes: 8890/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6299775379963904 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5129040646`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	cec6df48ba	swresample/swresample: Fix input channel count in resample_first computation Found-by: Marcin Gorzel <gorzel@google.com> Reviewed-by: Marcin Gorzel <gorzel@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `bce4da85e8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Michael Niedermayer	1a4a6d94cc	avutil/pixfmt: Document chroma plane size for odd resolutions Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `be0b77e6e8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-10-07 21:34:00 +02:00
Nicolas George	2be51cbeea	lavf/libsmbclient: return AVERROR_EOF for EOF. Fix trac ticket #7387.	2018-09-02 18:42:47 +02:00
Thilo Borgmann	49a90d5d31	lavc/videotoolboxenc: Fix compilation on osx 10.10.5 Yosemite Signed-off-by: Aman Gupta <aman@tmm1.net> (cherry picked from commit `72d9b8f4c5`)	2018-08-14 10:02:05 -07:00
Aman Gupta	fab3418cb9	avcodec/mediacodecdec: fix SEGV on modern nvidia decoders This code came originally from gstreamer, where it was added in [1] as a work-around for the Tegra 3. (The alignment was changed in [2] as a response to [3], from 32-bit to 16-bit). gstreamer only used this workaround in the case where the decoder didn't return a slice-height property, but when the code was copied into avcodec the conditional got lost. This commit restores the guard and prefers the slice-height from the decoder when it is available. This fixes segfaults decoding 1920x1080 h264 and mpeg2 videos on the NVidia SHIELD after upgrading to Android Oreo. [1] `a870e6a5c3` [2] `21ff3ae0b0` [3] https://bugzilla.gnome.org/show_bug.cgi?id=748867 Signed-off-by: Aman Gupta <aman@tmm1.net> (cherry picked from commit `476fd6ba3a`)	2018-08-03 11:07:31 -07:00
James Almer	9cc5337247	avcodec/bitstream_filters: check the input argument of av_bsf_get_by_name() for NULL Fixes crashes like "ffmpeg -h bsf" caused by passing NULL to strcmp() Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `3258cc6507`)	2018-07-28 22:43:09 -03:00
Timo Rothenpieler	d6d7853b4b	avformat/librtmp: fix returning EOF from Read/Write Ticket #7052	2018-07-28 01:11:30 +02:00
Thomas Guillem	db923b3fbd	avcodec/videotoolboxenc: fix undefined behavior with rc_max_rate=0 On macOS, a zero rc_max_rate cause an error from VTSessionSetProperty(kVTCompressionPropertyKey_DataRateLimits). on iOS (depending on device/version), a zero rc_max_rate cause invalid arguments from the vtenc_output_callback after few frames and then a crash within the VideoToolbox library. Signed-off-by: Aman Gupta <aman@tmm1.net> (cherry picked from commit `93e157f40f`)	2018-07-19 09:26:30 -07:00
Michael Niedermayer	0a155c57bd	Update for 4.0.2 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> n4.0.2	2018-07-18 14:04:51 +02:00
Michael Niedermayer	3ef38c414e	avcodec/dvdsub_parser: Allocate input padding Fixes: out of array read Fixes: 9350/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DVDSUB_fuzzer-5746777750765568 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `cd86b5cfe2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	40ed40902a	avcodec/dvdsub_parser: Init output buf/size No testcase Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9e6c843776`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	0561cde128	avcodec/dirac_dwt_template: Fix signedness regression in interleave() Found-by: <jdarnley> Tested-by: James Darnley <james.darnley@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `181435a4de`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	670b565ba2	avformat/mov: Simplify last element computation in mov_estimate_video_delay() Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Reviewed-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b0644f7f72`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	6b65f46673	avformat/mov: Break out of inner loop early in mov_estimate_video_delay() 0.266 <- 0.299 sec (this is time ffmpeg so containing alot other things) Sample for benchmark was: ffmpeg -f rawvideo -pix_fmt yuv420p -s 32x32 -i /dev/zero -t 24:00:00.00 out.mp4 Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Reviewed-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `aba13dc13e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	052edeec55	avformat/mov: Eliminate variable buf_size from mov_estimate_video_delay() Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Reviewed-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3ce4034308`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	48479937c3	avformat/mov: remove modulo operations from mov_estimate_video_delay() 0.324 <-0.491 sec Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Reviewed-by: Sasi Inguva <isasi@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c995e01b1e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	fd53179f4a	avformat/movenc: Write version 2 of audio atom if channels is not known The version 1 needs the channel count and would divide by 0 Fixes: division by 0 Fixes: fpe_movenc.c_1108_1.ogg Fixes: fpe_movenc.c_1108_2.ogg Fixes: fpe_movenc.c_1108_3.wav Found-by: #CHEN HONGXU# <HCHEN017@e.ntu.edu.sg> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `fa19fbcf71`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Rahul Chaudhry	5db47b3983	swresample/arm: rename labels to fix xcode build error Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e84212b78e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	0981dfee7d	avformat/movenc: Check input sample count Fixes: division by 0 Fixes: fpe_movenc.c_199_1.wav Fixes: fpe_movenc.c_199_2.wav Fixes: fpe_movenc.c_199_3.wav Fixes: fpe_movenc.c_199_4.wav Fixes: fpe_movenc.c_199_5.wav Fixes: fpe_movenc.c_199_6.wav Fixes: fpe_movenc.c_199_7.wav Found-by: #CHEN HONGXU# <HCHEN017@e.ntu.edu.sg> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3a2d21bc5f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	d8c4b2ae57	avcodec/mjpegdec: Check for odd progressive RGB Fixes: out of array access Fixes: 9225/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-5684770334834688 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ee1e3ca5eb`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	fc92ca5b8e	avcodec/vp8_parser: Do not leave data/size uninitialized This is identical to what the VP9 parser does Fixes: 9215/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBVPX_VP8_fuzzer-5768227253649408 Fixes: out of memory access This may also fix oss fuzz issue 9212 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `284dde24da`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	6d992a51c7	avformat/mms: Add missing chunksize check Fixes: out of array read Fixes: mms-crash-01b6c5d85f9d9f40f4e879896103e9f5b222816a Found-by: Paul Ch <paulcher@icloud.com> 1st hunk by Paul Ch <paulcher@icloud.com> Tested-by: Paul Ch <paulcher@icloud.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `cced03dd66`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	6f4b82cc3a	avformat/pva: Check for EOF before retrying in read_part_of_packet() Fixes: Infinite loop Fixes: pva-4b1835dbc2027bf3c567005dcc78e85199240d06 Found-by: Paul Ch <paulcher@icloud.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9807d3976b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	37f505cc85	avformat/rmdec: Do not pass mime type in rm_read_multi() to ff_rm_read_mdpr_codecdata() Fixes: use after free() Fixes: rmdec-crash-ffe85b4cab1597d1cfea6955705e53f1f5c8a362 Found-by: Paul Ch <paulcher@icloud.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a7e032a277`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	a21703ca5d	avformat/asfdec_o: Check size_bmp more fully Fixes: integer overflow and out of array access Fixes: asfo-crash-46080c4341572a7137a162331af77f6ded45cbd7 Found-by: Paul Ch <paulcher@icloud.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `2b46ebdbff`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	a28ab09e2a	avformat/mxfdec: Fix av_log context Fixes: out of array access Fixes: mxf-crash-1c2e59bf07a34675bfb3ada5e1ec22fa9f38f923 Found-by: Paul Ch <paulcher@icloud.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `bab0716c7f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	4439d6aa69	avcodec/mpeg4videodec: Check for bitstream end in read_quant_matrix_ext() Fixes: out of array read Fixes: asff-crash-0e53d0dc491dfdd507530b66562812fbd4c36678 Found-by: Paul Ch <paulcher@icloud.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5aba5b89d0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	3bf80c7b22	avcodec/indeo4: Check for end of bitstream in decode_mb_info() Fixes: Timeout Fixes: 8776/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-5361788798369792 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `267ba2aa96`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	1361e4abb8	avcodec/ac3dec: Check channel_map index Fixes: out of array read Fixes: 8924/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EAC3_fuzzer-5851861780267008 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `00f98d23b1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	5fd1dce39a	avcodec/mpeg4videodec: Remove use of FF_PROFILE_MPEG4_SIMPLE_STUDIO as indicator of studio profile The profile field is changed by code inside and outside the decoder, its not a reliable indicator of the internal codec state. Maintaining it consistency with studio_profile is messy. Its easier to just avoid it and use only studio_profile Fixes: assertion failure Fixes: ffmpeg_crash_9.avi Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `bd27a9364c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	de0a1d01ba	avcodec/shorten: Fix undefined addition in shorten_decode_frame() Fixes: signed integer overflow: 1139785606 + 1454196085 cannot be represented in type 'int' Fixes: 8937/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-6202943597445120 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3b10bb8772`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	c4b23793d4	avcodec/shorten: Fix undefined integer overflow Fixes: signed integer overflow: 8454144 * 256 cannot be represented in type 'int' Fixes: 8788/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5728205041303552 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `70832333bb`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	e21e5c95c1	avcodec/jpeg2000dec: Fixes invalid shifts in jpeg2000_decode_packets_po_iteration() Fixes: shift exponent 47 is too large for 32-bit type 'int' Fixes: 9163/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5661750182543360 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `652d7c6348`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	2b13c136c4	avcodec/jpeg2000dec: Check that there are enough bytes for all tiles Fixes: OOM Fixes: 8781/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5810709081358336 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0898a3d990`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	d3536ce839	avformat/movenc: Use mov->fc consistently for av_log() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `872ea3dfe5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	679d749eab	avcodec/mpeg4videodec: Check read profile before setting it Fixes: null pointer dereference Fixes: ffmpeg_crash_7.avi Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `2aa9047486`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	7610538224	avformat/movenc: Do not pass AVCodecParameters in avpriv_request_sample Fixes: out of array read Fixes: ffmpeg_crash_8.avi Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `95556e27e2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00
Michael Niedermayer	0003ace83b	avcodec/ac3_parser: Check init_get_bits8() for failure Fixes: null pointer dereference Fixes: ffmpeg_crash_6.avi Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `00e8181bd9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2018-07-16 19:02:12 +02:00

... 3 4 5 6 7 ...

91130 Commits