Michael Niedermayer
ef075e363d
avutil/mathematics: Document av_rescale_rnd() behavior on non int64 results
...
Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit e154353fdbmichael@niedermayer.cc >
2022-04-13 23:39:49 +02:00
Andreas Rheinhardt
9e213f5086
configure: Add missing libshine->mpegaudioheader dependency
...
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com >
(cherry picked from commit e228d7b0db
2022-01-06 08:53:14 +01:00
Lynne
1eca11f81a
configure: update copyright year
...
(cherry picked from commit 63505fc60amichael@niedermayer.cc >
2021-10-11 23:08:44 +02:00
Michael Niedermayer
e7bed708a8
Changelog: update
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2021-10-09 18:35:56 +02:00
Michael Niedermayer
7a1c59e455
avformat/wavdec: Check smv_block_size
...
Fixes: Timeout
Fixes: 39554/clusterfuzz-testcase-minimized-ffmpeg_dem_WAV_fuzzer-4915221701984256
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 849138f476michael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
a85739087d
avformat/rmdec: Check for multiple audio_stream_info
...
Fixes: memleak
Fixes: 39166/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5153276690038784
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 8fe3566b8fmichael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
c3971ff707
avcodec/apedec: Use 64bit to avoid overflow
...
Fixes: runtime error: signed integer overflow: 727298502 * 3 cannot be represented in type 'int'
Fixes: 39172/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-638602483033702
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit f059b56195michael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
ca5f10e0c3
avcodec/apedec: Fix undefined integer overflow in long_filter_ehigh_3830()
...
Fixes: signed integer overflow: -2145648640 - 3357696 cannot be represented in type 'int'
Fixes: 38899/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5358815017566208
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit ad517ee6e4michael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
afe2a1a8c5
oavformat/avidec: Check offset in odml
...
Fixes: signed integer overflow: 9223372036854775807 + 8 cannot be represented in type 'long'
Fixes: 38787/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-4859845799444480
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 255a7b423emichael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
67b9b10b70
avformat/mpegts: use actually read packet size in mpegts_resync special case
...
Fixes: infinite loop
Fixes: 37986/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGTSRAW_fuzzer-5292311517462528 -
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Marton Balint <cus@passwd.hu >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 83b2e4c8f1michael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
582098acf7
swscale/alphablend: Fix slice handling
...
Reviewed-by: Paul B Mahol <onemda@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 06d6726588michael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
d091597467
avcodec/mxpegdec: Check for AVDISCARD_ALL
...
Fixes: Fixes NULL pointer dereference
Fixes: 36610/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-6052641783283712
Fixes: 37907/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-4725170850365440
Fixes: 37904/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-6367889262247936
Fixes: 38085/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-5175270823297024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 20afd3a63amichael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
7f8a534e56
avcodec/flicvideo: Check remaining bytes in FLI*COPY
...
Fixes: Timeout
Fixes: 37795/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLIC_fuzzer-4846536543043584
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 5f835efbcamichael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
22181868e3
avcodec/mpeg12dec: Do not put mpeg_f_code into an invalid state on error return
...
Fixes: invalid shift
Fixes: 37018/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG2VIDEO_fuzzer-5290280902328320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 5a95abcce4michael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
fdb61f366c
avcodec/mpegvideo_enc: Limit bitrate tolerance to the representable
...
Fixes: error: 1.66789e+11 is outside the range of representable values of type 'int'
Fixes: Ticket8201
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 245017ec8amichael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
b9761037d0
avcodec/apedec: Fix integer overflow in intermediate
...
Fixes: signed integer overflow: 559334865 * 4 cannot be represented in type 'int'
Fixes: 37929/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6751932295806976
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 90da43557fmichael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
fa742cda4e
avformat/mvdec: Do not set invalid sample rate
...
Fixes: signed integer overflow: -682581959642593728 * 16 cannot be represented in type 'long'
Fixes: 37883/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5311691517198336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 737e6bf216michael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
6715ea85c0
avformat/rmdec: Use 64bit for intermediate for DEINT_ID_INT4
...
Fixes: runtime error: signed integer overflow: 65312 * 65535 cannot be represented in type 'int'
Fixes: 32832/clusterfuzz-testcase-minimized-ffmpeg_dem_RM_fuzzer-4817710040088576
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit e2c2872393michael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
cbe954f578
avformat/jacosubdec: Check for min in t overflow in get_shift()
...
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 34651/clusterfuzz-testcase-minimized-ffmpeg_dem_JACOSUB_fuzzer-5157941012463616
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 989febfbd0michael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Michael Niedermayer
90d2f32f62
avformat/mxfdec: check channel number in mxf_get_d10_aes3_packet()
...
Fixes: Out of array access
Fixes: 37030/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5387719147651072
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 3dd5a8a135michael@niedermayer.cc >
2021-10-09 18:34:49 +02:00
Timo Rothenpieler
11388838ff
avfilter/scale_npp: fix non-aligned output frame dimensions
2021-10-07 18:39:44 +02:00
Michael Niedermayer
1b44a20a19
Update for 3.4.9
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2021-09-12 21:40:20 +02:00
James Almer
a4a3fd814a
avcodec/utils: don't return negative values in av_get_audio_frame_duration()
...
In some extrme cases, like with adpcm_ms samples with an extremely high channel
count, get_audio_frame_duration() may return a negative frame duration value.
Don't propagate it, and instead return 0, signaling that a duration could not
be determined.
Fixes ticket #9312
Signed-off-by: James Almer <jamrial@gmail.com >
(cherry picked from commit e01d306c64michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
0fe497d795
avcodec/jpeg2000dec: Check that atom header is within bytsetream
...
Fixes: Infinite loop
Fixes: 36666/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5912760671141888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 3c659f8618michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
d11d5f7da4
avcodec/apedec: Fix 2 integer overflows in filter_3800()
...
Fixes: signed integer overflow: 1683879955 - -466265224 cannot be represented in type 'int'
Fixes: 37419/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6074294407921664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 33feb527ffmichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
980224770a
avcodec/xpmdec: Move allocations down after more error checks
...
Fixes: Timeout
Fixes: 37035/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XPM_fuzzer-5142718576721920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit e58692837cmichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Martin Storsjö
fc76c6037a
network: Define ENOTCONN as WSAENOTCONN if not defined
...
This fixes compilation with old mingw.org toolchains, which has got
much fewer errno.h entries.
Signed-off-by: Martin Storsjö <martin@martin.st >
(cherry picked from commit 6569e9505cmichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
36f962f3c2
avformat/avidec: Use 64bit for frame number in odml index parsing
...
Fixes: signed integer overflow: 1179337772 + 1392508928 cannot be represented in type 'int'
Fixes: 34088/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-5846945303232512
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit a4c98c507emichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
43a4d78e3b
avcodec/mjpegdec: Check for bits left in mjpeg_decode_scan_progressive_ac()
...
Fixes: Timeout
Fixes: 36262/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-4969052454912000
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 909faca929michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
maryam ebrahimzadeh
bc9e0b6cd2
avformat/adtsenc: return value check for init_get_bits in adts_decode_extradata
...
As the second argument for init_get_bits (buf) can be crafted, a return value check for this function call is necessary.
'buf' is part of 'AVPacket pkt'.
replace init_get_bits with init_get_bits8.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 9ffa49496dmichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
1e198bd926
avcodec/webp: Check available space in loop in decode_entropy_coded_image()
...
Fixes: Timeout
Fixes: 35401/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WEBP_fuzzer-5714401821851648
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 5e00eab611michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
f4700142dc
avcodec/vc1dec: ff_print_debug_info() does not support WMV3 field_mode
...
Fixes: out of array read
Fixes: 36331/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV3_fuzzer-5140494328922112.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c59b5e3d1emichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
071ecaddb9
avcodec/frame_thread_encoder: Free AVCodecContext structure on error during init
...
Fixes: MemLeak
Fixes: 8281
Fixes: PoC_option158.jpg
Fixes: CVE-2020-22037
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 7bba0dd638michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
f71c7a358e
avcodec/faxcompr: Check for end of input in cmode == 1 in decode_group3_2d_line()
...
Fixes: Infinite loop
Fixes: 35591/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-4503764022198272
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit f803635c4fmichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
2b4e4af6dc
avcodec/vc1dec: Disable error concealment for *IMAGE
...
The existing error concealment makes no sense for the image formats, they
use transformed source images which is different from keyframe + MC+difference
for which the error concealment is designed.
Of course feel free to re-enable this if you have a case where it works and
improves vissual results
Fixes: Timeout
Fixes: 36234/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-6300306743885824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 643b2d49bfmichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
0b98a1d5e5
avcodec/sbrdsp_fixed: Fix negation overflow in sbr_neg_odd_64_c()
...
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 35593/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5182217725804544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 8f2856a1damichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
d64fddb9a8
avformat/wtvdec: Check for EOF before seeking back in parse_media_type()
...
Fixes: Infinite loop
Fixes: 36311/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-4889181296918528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 89505d38demichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
a415c253b4
avformat/wavdec: Use 64bit in new_pos computation
...
Fixes: signed integer overflow: 129 * 16711680 cannot be represented in type 'int'
Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_WAV_fuzzer-6742285317439488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 9b57d2f0a9michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
5ebce16fde
avformat/sbgdec: Check for overflow in timestamp preparation
...
Fixes: signed integer overflow: 9223372036854775807 + 86400000000 cannot be represented in type 'long'
Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_SBG_fuzzer-6731040263634944
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 9dbed90840michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
a4b9ac104e
avformat/dsicin: Check packet size for overflow
...
Fixes: signed integer overflow: 24672 + 2147483424 cannot be represented in type 'int'
Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_DSICIN_fuzzer-6731325979623424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 9d1c47ec03michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
0b5c564580
avformat/bfi: check nframes
...
Fixes: signed integer overflow: -2147483648 - 1 cannot be represented in type 'int'
Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_BFI_fuzzer-6737028768202752
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit b4e77dfca1michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
89fd36adfe
avformat/avidec: fix position overflow in avi_load_index()
...
Fixes: signed integer overflow: 9223372033098784808 + 4294967072 cannot be represented in type 'long'
Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-6732488912273408
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 527821a2ddmichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
d15d67e6cc
avformat/asfdec_f: Check sizeX against padding
...
Fixes: signed integer overflow: 2147483607 + 64 cannot be represented in type 'int'
Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_fuzzer-6753897878257664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit f034c2e36amichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
f95a80bbd7
avformat/aiffdec: Check for size overflow in header parsing
...
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 29102/clusterfuzz-testcase-minimized-ffmpeg_dem_AIFF_fuzzer-6723467048255488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit bae2e19777michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
c593517453
avcodec/aaccoder: Add minimal bias in search_for_ms()
...
Fixes: floating point division by 0
Fixes: Ticket8218
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 75a099fc73michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
7590dbf9be
avfilter/vf_mestimate: Check b_count
...
Fixes: left shift of negative value -1
Fixes: Ticket8270
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 06af6e101bmichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
bbec731fca
avformat/mov: do not ignore errors in mov_metadata_hmmt()
...
Fixes: Timeout
Fixes: 35637/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6311060272447488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit c52c99a18fmichael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
00ecb22167
avformat/mxfdec: Check size for shrinking
...
av_shrink_packet() takes int size, so size must fit in int
Fixes: out of array access
Fixes: 35607/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4875541323841536
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 65b862ab59michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
maryam ebr
e61b25e255
avcodec/dnxhddec: check and propagate function return value
...
Similar to CVE-2013-0868, here return value check for 'init_vlc' is needed.
crafted DNxHD data can cause unspecified impact.
Reviewed-by: Paul B Mahol <onemda@gmail.com >
Signed-off-by: James Almer <jamrial@gmail.com >
(cherry picked from commit 7150f95756michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
Michael Niedermayer
e4f7328d51
swscale/slice: Fix wrong return on error
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 7874d40f10michael@niedermayer.cc >
2021-09-12 11:22:04 +02:00
