Michael Niedermayer
e37d3cfe1d
avcodec/dirac_dwt: Fix integer overflow in COMPOSE_FIDELITYi*
...
Fixes: runtime error: signed integer overflow: -2143827186 - 7404944 cannot be represented in type 'int'
Fixes: 4354/clusterfuzz-testcase-minimized-4671122764201984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2b6964f764michael@niedermayer.cc >
2017-12-01 23:17:49 +01:00
Michael Niedermayer
554dda998c
avcodec/mpeg4videodec: Check also for negative versions in the validity check
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 0e7865ce41michael@niedermayer.cc >
2017-11-21 21:24:47 +01:00
Dale Curtis
8e50cf4866
Close ogg stream upon error when using AV_EF_EXPLODE.
...
Without this there can be multiple memory leaks for unrecognized
ogg streams.
Signed-off-by: Dale Curtis <dalecurtis@chromium.org >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit bce8fc0754michael@niedermayer.cc >
2017-11-21 03:33:53 +01:00
Dale Curtis
490b7a052e
Fix undefined shift on assumed 8-bit input.
...
decode_user_data() attempts to create an integer |build|
value with 8 bits of spacing for 3 components. However
each component is an int32_t, so shifting each component
is undefined for values outside of the 8 bit range.
This patch simply clamps input to 8-bits per component
and prints out a warning that the values were clamped.
Signed-off-by: Dale Curtis <dalecurtis@chromium.org >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 7010dd98b5michael@niedermayer.cc >
2017-11-21 03:33:15 +01:00
Michael Niedermayer
8b8016e007
avcodec/hevcdsp_template: Fix invalid shift in put_hevc_epel_bi_w_v()
...
Fixes: runtime error: left shift of negative value -255
Fixes: 4037/clusterfuzz-testcase-minimized-5290998163832832
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 7d88586e47michael@niedermayer.cc >
2017-11-21 03:27:45 +01:00
Michael Niedermayer
5fae049904
avcodec/mlpdsp: Fix undefined shift ff_mlp_pack_output()
...
Fixes: runtime error: left shift of negative value -7862264
Fixes: 4074/clusterfuzz-testcase-minimized-4516104123711488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4f7f70738emichael@niedermayer.cc >
2017-11-21 03:26:43 +01:00
Michael Niedermayer
a756841102
avcodec/zmbv: Check that the buffer is large enough for mvec
...
Fixes: Timeout
Fixes: 4143/clusterfuzz-testcase-4736864637419520
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2ab9568a2cmichael@niedermayer.cc >
2017-11-21 03:26:20 +01:00
Michael Niedermayer
216a9a1236
avcodec/dirac_dwt: Fix integer overflow in COMPOSE_DD137iL0()
...
Fixes: 4035/clusterfuzz-testcase-minimized-6479308925173760
Fixes: runtime error: signed integer overflow: 9 * 402653183 cannot be represented in type 'int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 73964680d7michael@niedermayer.cc >
2017-11-21 03:25:44 +01:00
Michael Niedermayer
56b1146dbb
avcodec/wmv2dec: Check end of bitstream in parse_mb_skip() and ff_wmv2_decode_mb()
...
Fixes: Timeout
Fixes: 3200/clusterfuzz-testcase-5750022136135680
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 65e0a7c473michael@niedermayer.cc >
2017-11-21 03:25:26 +01:00
Michael Niedermayer
500925587b
avcodec/snowdec: Check for remaining bitstream in decode_blocks()
...
Fixes: Timeout
Fixes: 3142/clusterfuzz-testcase-5007853163118592
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4527ec2216michael@niedermayer.cc >
2017-11-17 20:39:52 +01:00
Michael Niedermayer
a6b1298a42
avcodec/snowdec: Check intra block dc differences.
...
Fixes: Timeout
Fixes: 3142/clusterfuzz-testcase-5007853163118592
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c3b9bbcc6emichael@niedermayer.cc >
2017-11-17 20:39:37 +01:00
Michael Niedermayer
d2f929357d
avcodec/h264dec: Fix potential array overread
...
add padding before scantable arrays
See: 522d850e68michael@niedermayer.cc >
(cherry picked from commit 380b48fb9fmichael@niedermayer.cc >
2017-11-16 02:39:05 +01:00
Michael Niedermayer
27f8d38682
avcodec/x86/mpegvideodsp: Fix signedness bug in need_emu
...
Fixes: out of array read
Fixes: 3516/attachment-311488.dat
Found-by: Insu Yun, Georgia Tech.
Tested-by: wuninsu@gmail.com
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 58cf31cee7michael@niedermayer.cc >
2017-11-16 02:31:20 +01:00
Michael Niedermayer
8b46a951f9
avcodec/mdct_*: Fix integer overflow in addition in RESCALE()
...
Fixes: runtime error: signed integer overflow: 1219998458 - -1469874012 cannot be represented in type 'int'
Fixes: 3443/clusterfuzz-testcase-minimized-5369987105554432
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 770c934fa1michael@niedermayer.cc >
2017-11-13 20:05:25 +01:00
Michael Niedermayer
ccc81f846e
avcodec/snowdec: Fix integer overflow in header parsing
...
Fixes: 3984/clusterfuzz-testcase-minimized-5265759929368576
Fixes: runtime error: signed integer overflow: -1085585801 + -1094995529 cannot be represented in type 'int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c897a92858michael@niedermayer.cc >
2017-11-13 20:05:03 +01:00
Michael Niedermayer
c02dece893
avcodec/cngdec: Fix integer clipping
...
Fixes: runtime error: value -36211.7 is outside the range of representable values of type 'short'
Fixes: 2992/clusterfuzz-testcase-6649611793989632
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 51090133b3michael@niedermayer.cc >
2017-11-09 19:59:15 +01:00
Michael Niedermayer
50c4028ee5
avcodec/h264idct_template: Fix integer overflows in ff_h264_idct8_add()
...
Fixes: runtime error: signed integer overflow: -503316480 + -2013265038 cannot be represented in type 'int'
Fixes: 3805/clusterfuzz-testcase-minimized-6578427831255040
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit e131b8cedbmichael@niedermayer.cc >
2017-11-09 02:45:49 +01:00
Michael Niedermayer
f5fd06f126
avcodec/xan: Check for bitstream end in xan_huffman_decode()
...
Fixes: Timeout
Fixes: 3707/clusterfuzz-testcase-6465922706440192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4b51437dccmichael@niedermayer.cc >
2017-11-09 02:45:23 +01:00
Luca Barbato
805923f230
avformat: Free the internal codec context at the end
...
Avoid a use after free in avformat_find_stream_info.
(cherry picked from commit 9e4a5eb51bmichael@niedermayer.cc >
2017-11-09 02:11:29 +01:00
Michael Niedermayer
80b6f5d1dc
avcodec/xan: Improve overlapping check
...
Fixes: memcpy-param-overlap
Fixes: 3612/clusterfuzz-testcase-minimized-6393461273001984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit e8fafef1dbmichael@niedermayer.cc >
2017-11-01 22:18:20 +01:00
Michael Niedermayer
c1cd31b182
avcodec/jpeglsdec: Check for end of bitstream in ls_decode_line()
...
Fixes: 1773/clusterfuzz-testcase-minimized-4832523987189760
Fixes: Timeout
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit f80224ed19michael@niedermayer.cc >
2017-11-01 22:16:01 +01:00
Michael Niedermayer
84b83ecbfd
avcodec/jpeglsdec: Check ilv for being a supported value
...
Fixes: 1773/clusterfuzz-testcase-minimized-4832523987189760
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit fe533628b9michael@niedermayer.cc >
2017-11-01 22:15:31 +01:00
Michael Niedermayer
209bd75519
avcodec/snowdec: Check mv_scale
...
Fixes: runtime error: signed integer overflow: 2 * -1094995530 cannot be represented in type 'int'
Fixes: 3512/clusterfuzz-testcase-minimized-4812747210489856
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 393d6fc739michael@niedermayer.cc >
2017-10-15 00:45:28 +02:00
Michael Niedermayer
453da70119
avcodec/pafvideo: Check for bitstream end in decode_0()
...
Fixes: Timeout
Fixes: 3529/clusterfuzz-testcase-5057068371279872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 9c85329cd0michael@niedermayer.cc >
2017-10-15 00:45:14 +02:00
Michael Niedermayer
d893253fcd
avcodec/ffv1dec: Fix out of array read in slice counting
...
Fixes: test-201710.mp4
Found-by: 连一汉 <lianyihan@360.cn > and Zhibin Hu
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c20f4fcb74michael@niedermayer.cc >
2017-10-13 13:02:27 +02:00
Michael Niedermayer
bf10b862fa
avcodec/dirac_dwt: Fix integer overflow in COMPOSE_53iL0()
...
Fixes: runtime error: signed integer overflow: 2147483646 + 2 cannot be represented in type 'int'
Fixes: 3485/clusterfuzz-testcase-minimized-4940429332054016
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit bdee75a4e7michael@niedermayer.cc >
2017-10-13 13:02:02 +02:00
Michael Niedermayer
f19ac557a5
avcodec/mpeg4videodec: Use 64 bit intermediates for sprite delta
...
Fixes: runtime error: signed integer overflow: -104713 * 65536 cannot be represented in type 'int'
Fixes: 3453/clusterfuzz-testcase-minimized-5555554657239040
Fixes: 3528/clusterfuzz-testcase-minimized-6283628420005888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit e38f280fecmichael@niedermayer.cc >
2017-10-13 12:59:03 +02:00
Michael Niedermayer
d006160115
avcodec/truemotion2: Fix integer overflows in tm2_high_chroma()
...
Fixes: runtime error: signed integer overflow: -1408475220 + -1408475220 cannot be represented in type 'int'
Fixes: 3336/clusterfuzz-testcase-minimized-5656839179993088
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 44874b4f5emichael@niedermayer.cc >
2017-10-05 01:30:06 +02:00
Michael Niedermayer
599ca5438a
avcodec/proresdec2: SKIP_BITS() does not work with len=32
...
Fixes: invalid shift
Fixes: 3482/clusterfuzz-testcase-minimized-5446915875405824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c37138e01amichael@niedermayer.cc >
2017-10-05 01:28:26 +02:00
Michael Niedermayer
636fa97e88
avcodec/hevcdsp_template: Fix undefined shift
...
Fixes: runtime error: left shift of negative value -255
Fixes: 3373/clusterfuzz-testcase-minimized-5604083912146944
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit fbdab6eca7michael@niedermayer.cc >
2017-10-05 01:28:03 +02:00
Michael Niedermayer
4b4c7935da
avcodec/jpeg2000: Check that codsty->log2_prec_widths/heights has been initialized
...
Fixes: OOM
Fixes: 2225/clusterfuzz-testcase-minimized-5505632079708160
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 64e034da95michael@niedermayer.cc >
2017-10-05 01:27:02 +02:00
Michael Niedermayer
f1a272b7b4
avcodec/takdec: Fix integer overflow in decode_lpc()
...
Fixes: runtime error: signed integer overflow: 16748560 + 2143729712 cannot be represented in type 'int'
Fixes: 3202/clusterfuzz-testcase-minimized-4988291642294272
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 5d31f03a02michael@niedermayer.cc >
2017-09-25 11:10:33 +02:00
Michael Niedermayer
48e14c4de0
avcodec/proresdec2: Check bits in DECODE_CODEWORD(), fixes invalid shift
...
Fixes: runtime error: shift exponent 42 is too large for 32-bit type 'unsigned int'
Fixes: 3410/clusterfuzz-testcase-minimized-5313377960198144
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4f5eaf0b59michael@niedermayer.cc >
2017-09-25 11:10:18 +02:00
Michael Niedermayer
cf05ade8f1
avcodec/takdec: Fix integer overflows in decode_subframe()
...
Fixes: runtime error: signed integer overflow: -1562477869 + -691460395 cannot be represented in type 'int'
Fixes: 3196/clusterfuzz-testcase-minimized-4528307146063872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 3dabb9c69dmichael@niedermayer.cc >
2017-09-25 11:09:10 +02:00
Michael Niedermayer
ff55cf8d54
avcodec/dirac_dwt: Fix integer overflow in COMPOSE_FIDELITYi*()
...
Fixes: runtime error: signed integer overflow: 161 * 13872281 cannot be represented in type 'int'
Fixes: 3295/clusterfuzz-testcase-minimized-4738998142500864
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 67da2685e0michael@niedermayer.cc >
2017-09-24 02:43:56 +02:00
Michael Niedermayer
2ccc30217a
avcodec/ffv1dec: Fix integer overflow in read_quant_table()
...
Fixes: runtime error: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 3361/clusterfuzz-testcase-minimized-5065842955911168
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit d00fc952b6michael@niedermayer.cc >
2017-09-24 02:41:22 +02:00
Michael Niedermayer
eb505747a7
avcodec/svq3: Fix overflow in svq3_add_idct_c()
...
Fixes: runtime error: signed integer overflow: 2147392585 + 524288 cannot be represented in type 'int'
Fixes: 3348/clusterfuzz-testcase-minimized-4809500517203968
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 2c933c5168michael@niedermayer.cc >
2017-09-24 02:41:03 +02:00
Michael Niedermayer
ace2a2a7e4
avcodec/pngdec: Clean up on av_frame_ref() failure
...
Fixes: memleak
Fixes: 3203/clusterfuzz-testcase-minimized-4514553595428864
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: James Almer <jamrial@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 5480e82d77michael@niedermayer.cc >
2017-09-20 03:09:18 +02:00
Michael Niedermayer
53ff525c50
avcodec/hevc_ps: Fix c?_qp_offset_list size
...
Fixes: runtime error: index 5 out of bounds for type 'int8_t const[5]'
Fixes:3175/clusterfuzz-testcase-minimized-4736774054084608
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit abf3f9fa23michael@niedermayer.cc >
2017-09-12 02:30:39 +02:00
Michael Niedermayer
792aeda9b4
avcodec/hevcdsp_template: Fix undefined shift in put_hevc_pel_bi_w_pixels
...
Fixes: runtime error: left shift of negative value -95
Fixes: 3077/clusterfuzz-testcase-minimized-4684917524922368
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c225da68cfmichael@niedermayer.cc >
2017-09-11 13:29:23 +02:00
Michael Niedermayer
f5def99f52
avcodec/diracdec: Fix overflow in DC computation
...
Fixes: runtime error: signed integer overflow: 11896 + 2147483646 cannot be represented in type 'int'
Fixes: 3053/clusterfuzz-testcase-minimized-6355082062856192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit b5995856a4michael@niedermayer.cc >
2017-09-11 13:28:46 +02:00
Michael Niedermayer
f8c52dfa15
avformat/asfdec: Fix DoS in asf_build_simple_index()
...
Fixes: Missing EOF check in loop
No testcase
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit afc9c683edmichael@niedermayer.cc >
2017-09-08 18:37:43 +02:00
Michael Niedermayer
a17e1abf6e
avcodec/dirac_dwt: Fix multiple overflows in 9/7 lifting
...
Fixes: runtime error: signed integer overflow: 1073901567 + 1073901567 cannot be represented in type 'int'
Fixes: 3124/clusterfuzz-testcase-minimized-454643435752652
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit f71cd44147michael@niedermayer.cc >
2017-09-02 23:54:47 +02:00
孙浩(晓黑)
a4e85b2e1c
avformat/mxfdec: Fix Sign error in mxf_read_primer_pack()
...
Fixes: 20170829B.mxf
Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com >
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 9d00fb9d70michael@niedermayer.cc >
2017-09-01 03:20:57 +02:00
孙浩(晓黑)
f173cdfe66
avformat/mxfdec: Fix DoS issues in mxf_read_index_entry_array()
...
Fixes: 20170829A.mxf
Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com >
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 900f39692cmichael@niedermayer.cc >
2017-09-01 03:04:28 +02:00
孙浩(晓黑)
4fedc4ceab
avformat/nsvdec: Fix DoS due to lack of eof check in nsvs_file_offset loop.
...
Fixes: 20170829.nsv
Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com >
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c24bcb5536michael@niedermayer.cc >
2017-09-01 03:03:47 +02:00
Michael Niedermayer
09a1d15de7
avcodec/snowdec: Fix integer overflow in decode_subband_slice_buffered()
...
Fixes: runtime error: signed integer overflow: 267 * 8388608 cannot be represented in type 'int'
Fixes: 2743/clusterfuzz-testcase-minimized-5820652076400640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 732f976456michael@niedermayer.cc >
2017-08-29 21:21:08 +02:00
Michael Niedermayer
0ca5c57d9d
avformat/mvdec: Fix DoS due to lack of eof check
...
Fixes: loop.mv
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 4f05e2e2dcmichael@niedermayer.cc >
2017-08-28 01:43:31 +02:00
孙浩 and 张洪亮(望初)
2ac9bc3497
avformat/rl2: Fix DoS due to lack of eof check
...
Fixes: loop.rl2
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 96f24d1beemichael@niedermayer.cc >
2017-08-28 01:43:06 +02:00
孙浩 and 张洪亮(望初)
983f90ef18
avformat/cinedec: Fix DoS due to lack of eof check
...
Fixes: loop.cine
Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 7e80b63ecdmichael@niedermayer.cc >
2017-08-28 01:42:26 +02:00
