ffmpeg

Author	SHA1	Message	Date
Michael Niedermayer	b06958917c	avformat/hevc: Check num_long_term_ref_pics_sps to avoid potentially long loops Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ee155c18a2c50b339ba5f6f223fbb6dc343fd471) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2015-08-24 14:47:04 +02:00
Arthur Grant	cc39b2be23	avformat/hevc: Fix parsing errors Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 781efd07415cdf6f676cca5b22147e5d6be0a4c4) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2015-08-24 14:46:54 +02:00
Michael Niedermayer	cbaa9ef0d6	avformat/mux: Update sidedata in ff_write_chained() Fixes Ticket4777 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit db91e0edb63afc682ae709f73e3732a4c832944d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2015-08-20 14:38:28 +02:00
wm4	43956940ea	rawdec: fix mjpeg probing buffer size check Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4c6beaed9210f01290e5a5a4e377f93f145172cc) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2015-08-20 14:38:28 +02:00
wm4	2d582d142c	rawdec: fix mjpeg probing There can be other headers than "Content-Type:" (in this case, a "Content-Length:" header was following), so checking for a trailing newline is wrong. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit bf51fcd304d5594a4d8eed2bedf0ef0f68fa65f8) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2015-08-20 14:38:28 +02:00
Michael Niedermayer	634605f79e	avformat/mov: Fix deallocation when MOVStreamContext failed to allocate Fixes: 260813283176b57b3c9974fe284eebc3_signal_sigsegv_7ffff713351a_991_xtrem_e2_m64q15_a32sxx.3gp with memlimit of 262144 Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 15629129dde771446a005282ee33c4ea1199e696) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2015-08-20 14:38:27 +02:00
Chris Watkins	3fb241210a	oggparsedirac: check return value of init_get_bits If init_get_bits fails the GetBitContext is invalid and must not be used. Check the return value in dirac_header and propogate the error. Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 4f5c2e651a95b950f6a3fb36f2342cbc32515f17) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-08-20 14:38:27 +02:00
Andreas Cadhalpun	b3745ce8c2	matroskadec: check audio sample rate And default to 8000 if it is invalid. An invalid sample rate can trigger av_assert2 in av_rescale_rnd. Reviewed-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 5b76c82fd7a5f4f36bb901b8c43d7f7319599599) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-08-20 14:38:26 +02:00
Andreas Cadhalpun	933ae708c5	matroskadec: validate audio channels and bitdepth In the TTA extradata re-construction the values are written with avio_wl16 and if they don't fit into uint16_t, this triggers an av_assert2 in avio_w8. Reviewed-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 92e79a2f7bf2f8bb0cb2d1a3e4d76737557071c4) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-08-20 14:38:25 +02:00
wm4	9d0aa058c9	avio: fix potential crashes when combining ffio_ensure_seekback + crc Calling ffio_ensure_seekback() if ffio_init_checksum() has been called on the same context can lead to out of bounds memory accesses and crashes. The reason is that ffio_ensure_seekback() does not update checksum_ptr after reallocating the buffer, resulting in a dangling pointer. This effectively fixes potential crashes when opening mp3 files. Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit dc87758775e2ce8be84e4fe598e12416e83d2845) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-08-20 14:38:25 +02:00
Andreas Cadhalpun	cd83ff5d4c	mov: abort on EOF in ff_mov_read_chan Otherwise the loop can take a lot of time if num_descr is very large. Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit a5718863da99b54b6c853d45c84871c4a96a57c0) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-08-20 14:29:12 +02:00
Deliang Fu	d54ca4167c	avformat: Fix bug in parse_rps for HEVC. Make the logic in libavformat/hevc.c parse_rps align with libavcodec/hevc_ps.c ff_hevc_decode_short_term_rps Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 6e1f8780c833ef55815111d4771b95ff78567cdb) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-08-20 14:29:12 +02:00
Michael Niedermayer	8fc8b3eebe	avformat/ffmdec: Check ffio_set_buf_size() return value Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit dc55477a64cefebf8dcc611f026be71382814ae2) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-08-20 14:29:11 +02:00
Michael Niedermayer	8498cf60b2	Revert "avformat/rtpenc: check av_packet_get_side_data() return, fix null ptr dereference" This was simply wrong Found-by: Martin Storsjö This reverts commit 5d8e4f6da03c0342157e6ac7fab1a8ac3a87a8b0. (cherry picked from commit 3e34b7498f14c04baadde1700a6f73a7e9e86fa6) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-08-20 14:29:11 +02:00
Michael Niedermayer	3943086656	avformat/mxfenc: Accept MXF D-10 with 49.999840 Mbit/sec This is the maximum rate possible based on the frame size limit of MXF D-10 Previous version reviewed by tim nicholson <nichot20@yahoo.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit d7a762553c6f6c422adb6632354bcc4ff577b701) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-08-20 14:29:11 +02:00
Michael Niedermayer	d9655621b3	avformat/swfdec: Do not error out on pixel format changes Instead print an error and continue Fixes Ticket4702 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 6a1204a1a46674084b1e6b92562f81aaab7aac69)	2015-07-08 12:46:58 +02:00
Michael Niedermayer	57d094e3e3	avformat/mov: Mark avio context of decompressed atoms as seekable Fixes Ticket4329 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 8ce564ea280b61d21eebf8a2fd741f792ce81638)	2015-06-19 11:25:06 +02:00
Michael Niedermayer	f9f1c50b41	avformat/matroskadec: Use tracks[k]->stream instead of s->streams[k] The later is not correct Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 5d309d309108684f742bbf5fc2393f1c519cda72) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:22 +02:00
Andreas Cadhalpun	84cc40cbe1	matroskadec: check s->streams[k] before using it This fixes a segmentation fault. Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit e54540655f229d06667dc7fa7005f2a20e101e80) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:22 +02:00
Andreas Cadhalpun	25b56dfa5c	matroskadec: use uint64_t instead of int for index_scale index_scale is set to matroska->time_scale of type uint64_t. When index_scale is int, the assignment can overflow and e.g. result in index_scale = 0. This causes a floating point exception due to the division by index_scale. Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit eb9fb508b0e09d85d234fe694333b2005e1d7a7e) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:21 +02:00
Andreas Cadhalpun	35a0d4801f	nutdec: fix illegal count check in decode_main_header The existing check has two problems: 1) i + count can overflow, so that the check '< 256' returns true. 2) In the (i == 'N') case occurs a j-- so that the loop runs once more. This can trigger the assertion 'nut->header_len[0] == 0' or cause segmentation faults or infinite hangs. Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 7c24ca1bda2d4df1dc9b2b982941be532d60da21) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:21 +02:00
Andreas Cadhalpun	e0ef1b8c0b	nutdec: check for negative frame rate in decode_info_header A negative frame rate triggers an av_assert2 in av_rescale_rnd. Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 6621105877ce0d65724a8ab60b3a50160adbe65d) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:21 +02:00
Michael Niedermayer	9ce3e804ff	avformat/mov: Fix parsing short loci Fixes Ticket4557 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 50393bce31a5618f5125aaaf97bb69886fc4261d) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:21 +02:00
Michael Niedermayer	f073ed6651	avformat/mov: Print reason of loci parsing failure Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 9e4f0cfc8ff4ab635ea12bdbd8d85d8bb1ba25f9) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:21 +02:00
Michael Niedermayer	f30ab69b38	avformat/hevc: Check num_negative_pics and num_positive_pics Fixes CID1238994 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit b62b3292d8e25d3240e462c1b1cd8ac69195c46b) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Michael Niedermayer	ce3bb01119	avformat/hevc: Check cpb_cnt_minus1 Fixes CID1239014 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 2cddc0b19a20dd061dbf199bf88005b37c540d2f) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Michael Niedermayer	3bd85e1f83	avformat/matroskadec: Cleanup error handling for bz2 & zlib Fixes CID703652 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 171af59d58fc67d82dce8ff7ed11fa671108baa5) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Michael Niedermayer	7c4e3ddda1	avformat/nutdec: Fix use of uinitialized value Fixes CID1041175 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 56abf35151c635caa3eb04bbb90454bae5463a09) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Michael Niedermayer	fbd9ab5967	avformat/rtpenc_jpeg: Check remaining buffer size for SOS Fixes CID1238818 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 81198a68370e88f7d02f16de58db36713c2a50b6) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Michael Niedermayer	18e83992f2	avformat/rtpdec_xiph: Check upper bound on len in xiph_handle_packet() Larger packets are not supported and would cause problems later Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit aa5169935e160551fb1c290d1397da2f04325817) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Michael Niedermayer	c0ca9773a7	avformat/matroskaenc: Check ff_vorbiscomment_length in put_flac_codecpriv() Its currently guaranteed to be smaller but its safer to check anyway Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 66f26b3e8ec075298e7ba329a55893d085bafe96) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Michael Niedermayer	9193fd9ddf	avformat/oggenc: Check ff_vorbiscomment_length in ogg_write_vorbiscomment() Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 0db5b2b9f8a96298eeba7988d43c4eb44220fab3) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Michael Niedermayer	02fe112c7c	avformat/flacenc: Check length in flac_write_block_comment() Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 40a7700b82aec0036622f8673ce64e070a520891) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Michael Niedermayer	81941153ab	avformat/subtitles: Use size_t for len string length could theoretically be larger than int Reviewed-by: Clément Bœsch <u@pkh.me> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit a633928d47057426a9c328da594407d1c7da8a5c) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Michael Niedermayer	2c50cc497d	avformat/url: Use size_t for len from strlen() Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 95efc651294b3cf3e5ec4b3ed36e79d7261545ff) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Michael Niedermayer	27a0dab914	avformat/vorbiscomment: Check entry length in ff_vorbiscomment_write() Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit eca38864a6ce5053e463b8d3fc22b22bc9a49578) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:20 +02:00
Rodger Combs	6d3f0fe24d	avformat/wavdec: Increase dts packet threshold to fix more misdetections Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 40a3e1e9c54997e4dfc7802b5a758b68ceb64982) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:19 +02:00
Michael Niedermayer	a39a2978d5	avformat/wavdec: Increase probe_packets limit Fixes DTS detection of b2429e5ba9.dts Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 9f5769437aaab30a359cde254f39d9a28b1ce657) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:19 +02:00
Andreas Cadhalpun	9f99f29f23	nutdec: abort if EOF is reached in decode_info_header/read_sm_data These loops can take a lot of time if count is very large. Reviewed-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit bb23a15df507440deb0dcf25099d321d0f73dc28) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:19 +02:00
Andreas Cadhalpun	b947ff8985	nutdec: stop skipping bytes at EOF This can unnecessarily waste a lot of time. Reviewed-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit fa7dec8cb00d2d0dd96ff9863ccda38428610a21) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:19 +02:00
Andreas Cadhalpun	936a5dd2c5	nutdec: fix infinite resync loops nut->last_syncpoint_pos doesn't necessarily change between resync attempts, so find_any_startcode can return the same startcode again. Thus remember where the last resync happened and don't try to resync before that. This can't be done locally in nut_read_packet, because this wouldn't prevent infinite resync loops, where after the resync a packet is returned and while reading a following packet the resync happens again. Reviewed-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 37e679881d364b6da817d829d35869d657218ab3) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:19 +02:00
Michael Niedermayer	236452f83e	avformat/nutdec: Check X in 2nd branch of index reading Prevents read of uninitialized variable Based on patch by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit ebb0ca3d70465ab6d369a66b2ef43bb059705db8) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:19 +02:00
Michael Niedermayer	b45f67b05a	avformat/nutdec: Fix recovery when immedeately after seeking a failure happens Found-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit b3496b4a33e806b7afdcbbf6f468b0332b676d7c) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:19 +02:00
Michael Niedermayer	179d850ded	avformat/nutdec: Return error on EOF from get_str() Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 6bbb2f8f4da67af374d62403742482cc5962aa21) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-06-01 23:25:19 +02:00
Michael Niedermayer	fb2d1b1b13	Merge commit '1f64b018cbec018fa66a4a20f79958d9707913de' into release/2.4 * commit '1f64b018cbec018fa66a4a20f79958d9707913de': nut: Make sure to clean up on read_header failure Conflicts: libavformat/nutdec.c See: 361702660d2c37a63b7d6381d39e1e1de8405260 Merged-by: Michael Niedermayer <michaelni@gmx.at>	2015-05-19 22:01:21 +02:00
Andreas Cadhalpun	91aa6d8a8b	nutdec: fix memleaks on error in nut_read_header Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 361702660d2c37a63b7d6381d39e1e1de8405260) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-05-19 21:54:19 +02:00
Michael Niedermayer	9005075f39	Merge commit 'a55a70644872027fdf76a75edf12a09c9008880f' into release/2.4 * commit 'a55a70644872027fdf76a75edf12a09c9008880f': avi: Validate sample_size Conflicts: libavformat/avidec.c See: ca234639ac49a0dc073ac1f10977979acdb94f97 See: c7369f3a4bd21ea64571c1b0c4fcbf39f8daf68c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2015-05-19 21:24:51 +02:00
Michael Niedermayer	9f4979b24c	avformat/avidec: print a warning for negative sample_size Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit c7369f3a4bd21ea64571c1b0c4fcbf39f8daf68c) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-05-19 21:24:27 +02:00
Andreas Cadhalpun	df0003030a	avidec: avoid infinite loop due to negative ast->sample_size If max in clean_index is set to a negative ast->sample_size, the following loop never ends: while (max < 1024) max += max; Thus set ast->sample_size to 0 if it would otherwise be negative. Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit ca234639ac49a0dc073ac1f10977979acdb94f97) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2015-05-19 21:24:22 +02:00
Michael Niedermayer	95b42188d6	Merge commit '21b21aed797b5e636adcf2df811f96a95f208930' into release/2.4 * commit '21b21aed797b5e636adcf2df811f96a95f208930': nut: Check chapter creation in decode_info_header Conflicts: libavformat/nutdec.c See: 3ff1af2b0db7132d5717be6395227a94c8abab07 Merged-by: Michael Niedermayer <michaelni@gmx.at>	2015-05-19 21:23:13 +02:00

1 2 3 4 5 ...

15975 Commits