OSDN Git Service
Paul B Mahol [Mon, 27 Feb 2017 10:39:36 +0000 (11:39 +0100)]
avcodec/qdrw: fix decoding odd size images for 2bpp and 4bpp
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Paul B Mahol [Mon, 27 Feb 2017 10:24:43 +0000 (11:24 +0100)]
avcodec/qdrw: fix decoding odd size images for 16bit case
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Carl Eugen Hoyos [Mon, 27 Feb 2017 09:28:00 +0000 (10:28 +0100)]
ffmpeg: Add a linebreak to an error message.
Marton Balint [Sat, 18 Feb 2017 17:18:18 +0000 (18:18 +0100)]
avdevice/decklink_dec: remove AVFMT_RAWPICTURE
It has no effect for input devices.
Signed-off-by: Marton Balint <cus@passwd.hu>
Marton Balint [Sat, 18 Feb 2017 02:13:56 +0000 (03:13 +0100)]
avdevice/decklink_enc: convert AVFMT_RAWPICTURE to AV_CODEC_ID_WRAPPED_AVFRAME
Signed-off-by: Marton Balint <cus@passwd.hu>
Marton Balint [Sat, 18 Feb 2017 01:33:05 +0000 (02:33 +0100)]
avdevice/decklink_enc: add support to specify field order
Signed-off-by: Marton Balint <cus@passwd.hu>
Marton Balint [Fri, 17 Feb 2017 20:53:00 +0000 (21:53 +0100)]
avdevice/decklink_enc: convert to codecpar
Signed-off-by: Marton Balint <cus@passwd.hu>
Paul B Mahol [Sun, 26 Feb 2017 21:05:13 +0000 (22:05 +0100)]
avcodec/scpr: add support for older version
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Michael Niedermayer [Sat, 25 Feb 2017 20:07:26 +0000 (21:07 +0100)]
avcodec/flacdsp: Fix: runtime error: signed integer overflow: -
1027555328 + -
1226681270 cannot be represented in type 'int'
Fixes: 673/clusterfuzz-testcase-
5948736536576000
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sat, 25 Feb 2017 20:07:25 +0000 (21:07 +0100)]
avcodec/
eac3dec: Fix runtime error: left shift of negative value -3
Fixes: 672/clusterfuzz-testcase-
5595018867769344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sat, 25 Feb 2017 20:07:24 +0000 (21:07 +0100)]
avcodec/mpeg12dec: Fix runtime error: left shift of negative value -2
671/clusterfuzz-testcase-
4990381827555328
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sat, 25 Feb 2017 20:07:23 +0000 (21:07 +0100)]
avcodec/ituh263dec: Check for the bitstream end in ff_h263_decode_mb()
Fixes invalid shift
Fixes: 670/clusterfuzz-testcase-
4852021066727424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Micah Galizia [Wed, 22 Feb 2017 01:37:25 +0000 (20:37 -0500)]
add locale month names to av_small_strptime
Signed-off-by: Micah Galizia <micahgalizia@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Paul B Mahol [Sun, 26 Feb 2017 16:05:43 +0000 (17:05 +0100)]
fate: update ffprobe stuff after
dbc7f02a727286f3
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Michael Niedermayer [Thu, 23 Feb 2017 14:19:32 +0000 (15:19 +0100)]
avutil/frame: Disallow zero sized frame side data
There should be no case that needs this and its a potential for
creating corner cases
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 23 Feb 2017 14:19:31 +0000 (15:19 +0100)]
avutil/frame: Reimplement av_frame_new_side_data() without size=0 special case
The size 0 special case causes side data to be created which is
different and a special case if for any reasons size = 0 is passed
Fixes: multiple runtime error: null pointer passed as argument 1, which is declared to never be null
Fixes: 653/clusterfuzz-testcase-
5773837415219200
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 23 Feb 2017 14:19:30 +0000 (15:19 +0100)]
avcodec/wavpack: Fix 280:22: runtime error: left shift of negative value -1
Fixes: 653/clusterfuzz-testcase-
5773837415219200
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 23 Feb 2017 14:19:29 +0000 (15:19 +0100)]
avcodec/wavpack: Check post_shift
Fixes: runtime error: shift exponent 34 is too large for 32-bit type 'int'
Fixes: 653/clusterfuzz-testcase-
5773837415219200
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Paul B Mahol [Fri, 24 Feb 2017 17:50:09 +0000 (18:50 +0100)]
avfilter/aeval: trim last frame's number of samples to match requested duration
Fixes #6181.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Carl Eugen Hoyos [Fri, 24 Feb 2017 10:16:26 +0000 (11:16 +0100)]
lswr/rematrix: Remove an aggressive loop optimization.
Fixes undefined behaviour and a gcc warning:
libswresample/rematrix.c:376:47: warning: iteration 64 invokes undefined behavior
Michael Niedermayer [Sat, 25 Feb 2017 11:37:32 +0000 (12:37 +0100)]
avcodec/vp56: Implement very basic error concealment
This should fix the fate failure due to a truncated last frame.
Alternatively the frame could be dropped.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Hendrik Leppkes [Sat, 25 Feb 2017 03:23:50 +0000 (11:23 +0800)]
avformat/hlsenc: don't use %s for strftime on msvc
MSVC doesn't support the %s time format, and instead of returning an
error the invalid parameter handler is invoked which (by default)
terminates the process.
Reviewed-by:Steven Liu <lq@chinaffmpeg.org>
Signed-off-by: Hendrik Leppkes <h.leppkes@gmail.com>
Steven Liu [Sat, 25 Feb 2017 02:59:05 +0000 (10:59 +0800)]
avformat/hlsenc: fix hls_flags temp_file bug
refer to ticket id: #6170
rename file from temp to origin name after complete current segment
Reviewed-by: Aman Gupta <ffmpeg@tmm1.net>
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
Michael Niedermayer [Sat, 25 Feb 2017 01:19:43 +0000 (02:19 +0100)]
avcodec/amrwbdec: Fix 2 runtime errors: left shift of negative value -1
Fixes: 669/clusterfuzz-testcase-
4847965409640448
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sat, 25 Feb 2017 00:43:16 +0000 (01:43 +0100)]
avcodec/pngdec: Fix runtime error: left shift of 152 by 24 places cannot be represented in type 'int'
Fixes: 666/clusterfuzz-testcase-
6581447227867136
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Fri, 24 Feb 2017 20:05:33 +0000 (21:05 +0100)]
avcodec/vp56: Fix sign typo
Fixes: 664/clusterfuzz-testcase-
4917047475568640
The change to fate is due to a truncated last frames which is now detected as damaged.
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Fri, 24 Feb 2017 18:04:12 +0000 (19:04 +0100)]
avcodec/mpegaudiodec_template: Correct return code on id3 tag discarding
Fixes: 665/clusterfuzz-testcase-
4863789881098240
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Rostislav Pehlivanov [Fri, 24 Feb 2017 19:13:44 +0000 (19:13 +0000)]
opus_pvq: prevent division by 0
res was 0 and divided K which made it infinity which caused K to
overflow.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Paul B Mahol [Fri, 24 Feb 2017 18:49:39 +0000 (19:49 +0100)]
avcodec/scpr: remove 4 dead store
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Paul B Mahol [Fri, 24 Feb 2017 14:50:16 +0000 (15:50 +0100)]
avcodec/fmvc: initialize opcode to 0
It shouldn't really matter but it doesn't hurt.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Paul B Mahol [Fri, 24 Feb 2017 14:27:19 +0000 (15:27 +0100)]
avcodec/scpr: improve motion vectors checking for out of buffer write
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Michael Niedermayer [Fri, 24 Feb 2017 12:23:37 +0000 (13:23 +0100)]
tools/target_dec_fuzzer: Fix misaligned read
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Fri, 24 Feb 2017 12:11:43 +0000 (13:11 +0100)]
avcodec/vp3dsp: Fix multiple signed integer overflow: 46341 * 47523 cannot be represented in type 'int'
Fixes: 664/clusterfuzz-testcase-
4917047475568640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Fri, 24 Feb 2017 11:46:28 +0000 (12:46 +0100)]
avcodec/rv34: Simplify and factor get_slice_offset() code
This also fixes several integer overflows by checking each value before
use.
Fixes: 662/clusterfuzz-testcase-
4898131432964096
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Paul B Mahol [Fri, 24 Feb 2017 11:01:30 +0000 (12:01 +0100)]
avcodec/scpr: make sure that component value is <= 0x1F for 16 bpc
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Paul B Mahol [Fri, 24 Feb 2017 10:29:42 +0000 (11:29 +0100)]
avcodec/aic: unbreak decoding of files with slice_width != 16
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Carl Eugen Hoyos [Fri, 24 Feb 2017 01:18:23 +0000 (02:18 +0100)]
lavc/utils: Make second parameter to apply_param_change() const.
Fixes a compilation warning:
passing argument 2 of ‘apply_param_change’ discards ‘const’ qualifier from pointer target type
Rostislav Pehlivanov [Fri, 24 Feb 2017 07:06:59 +0000 (07:06 +0000)]
opus_pvq: remove unneeded assert
Since the PVQ search has been well fuzzed and is guaranteed to never
break SUM(abs(y[])) == K, the assert is no longer needed.
Also the assert only prevented coding the wrong vector index but didn't
prevent crashes during searching for it, which made the assert rather
informational than practical.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Rostislav Pehlivanov [Fri, 24 Feb 2017 07:03:12 +0000 (07:03 +0000)]
opus_pvq: improve PVQ search for low Ks
Since the probelm mentioned only happened when the phase was negative
(e.g. the sum had to be decreased), only discarding dimensions with a
zero pulse in that case restored the search's previously low distortion
at low Ks when the phase is never negative.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Michael Niedermayer [Thu, 23 Feb 2017 22:46:30 +0000 (23:46 +0100)]
avcodec/ituh263dec: Fix runtime error: left shift of
1342177279 by 1 places cannot be represented in type 'int'
Fixes: 659/clusterfuzz-testcase-
5866673603084288
Huge DMV could be created by an encoder ignoring the spec
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 23 Feb 2017 22:13:24 +0000 (23:13 +0100)]
avcodec/jpeglsdec: check shift for values that cause overflow later
Fixes: 657/clusterfuzz-testcase-
6674741433729024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 23 Feb 2017 21:33:16 +0000 (22:33 +0100)]
avcodec/mpeg4videodec: Check the other 3 sprite points for intermediate overflows
This is not necessarily specific to fuzzed files
Fixes: Multiple integer overflows
Fixes: 656/clusterfuzz-testcase-
6463814516080640
Fixes: 658/clusterfuzz-testcase-
6691260146384896
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Mark Thompson [Sun, 19 Feb 2017 17:23:07 +0000 (17:23 +0000)]
lavfi: Add VAAPI deinterlacer
(cherry picked from commit
ade370a4d7eab1866b6023c91c135d27c77ca465)
(cherry picked from commit
2d518aec4c781316092be65893b47922c8f71b67)
Paul B Mahol [Thu, 23 Feb 2017 21:58:53 +0000 (22:58 +0100)]
avcodec/shorten: support decoding AIFF-C variant
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Lou Logan [Thu, 23 Feb 2017 19:44:11 +0000 (10:44 -0900)]
doc/filters: mention 'ffmpeg -filters' in timeline section
So users can see which filters support the 'enable' option.
Signed-off-by: Lou Logan <lou@lrcd.com>
Paul B Mahol [Thu, 23 Feb 2017 18:45:12 +0000 (19:45 +0100)]
avcodec/scpr: improve check for out of range motion vectors
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Paul B Mahol [Thu, 23 Feb 2017 17:46:24 +0000 (18:46 +0100)]
avcodec/scpr: check that current row is in valid range
Stops writing out of dst array.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Paul B Mahol [Thu, 23 Feb 2017 16:22:01 +0000 (17:22 +0100)]
avcodec/scpr: do not allow out of array access for 16bit case
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Paul B Mahol [Thu, 23 Feb 2017 14:20:24 +0000 (15:20 +0100)]
avcodec/qdrw: do better w/h parsing for direct bit packing
Apparently using 0x0001 opcode solely is not correct.
Try this instead.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Rick Kern [Thu, 23 Feb 2017 05:05:01 +0000 (00:05 -0500)]
lavc/videotoolboxenc: check for dictionary key symbols
Fixes #6081. Some dictionary keys are not present on OS X 10.8.
This loads the symbols and uses a default value if not present.
Signed-off-by: Rick Kern <kernrj@gmail.com>
Michael Niedermayer [Wed, 22 Feb 2017 12:36:52 +0000 (13:36 +0100)]
avcodec/h264_ps: Check chroma_qp_index_offset
Fixes: 647/clusterfuzz-testcase-
5195745823031296
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Reviewed-by: BBB
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Jacek Manko [Wed, 22 Feb 2017 14:48:35 +0000 (15:48 +0100)]
avcodec/mips/Makefile: corrected conditional build of version 1 of vc1dsp optimizations for loongson mmi
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Carl Eugen Hoyos [Wed, 22 Feb 2017 23:11:43 +0000 (00:11 +0100)]
lavd/opengl_enc: Fix a typo.
Marton Balint [Tue, 21 Feb 2017 22:50:56 +0000 (23:50 +0100)]
avcodec/wrapped_avframe: allocate a buffer with padding
This ensures that the wrapped avframe will not get reallocated later, which
would invalidate internal references such as extended data.
Reviewed-by: wm4 <nfxjfg@googlemail.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
Paul B Mahol [Thu, 16 Feb 2017 14:21:29 +0000 (15:21 +0100)]
avcodec: add ScreenPressor decoder
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Michael Niedermayer [Wed, 22 Feb 2017 21:07:35 +0000 (22:07 +0100)]
avcodec/h264idct_template: Fix several runtime error: signed integer overflow
Fixes: 652/clusterfuzz-testcase-
6174944410992640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 22 Feb 2017 20:57:49 +0000 (21:57 +0100)]
avcodec/mpeg4videodec: Check sprite_offset in addition to shifts
Fixes: 651/clusterfuzz-testcase-
5710668915277824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 22 Feb 2017 20:28:08 +0000 (21:28 +0100)]
avcodec/mpegaudiodec_template: Fix multiple runtime error: signed integer overflow
Fixes: 648/clusterfuzz-testcase-
5337961317007360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Paul B Mahol [Wed, 22 Feb 2017 14:32:26 +0000 (15:32 +0100)]
avcodec/qdrw: add support for 0x0001 code
Fixes decoding of files which sets frame width/height this way.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Paul B Mahol [Wed, 22 Feb 2017 13:47:43 +0000 (14:47 +0100)]
avcodec/dnxhddec: fix decoding of DNxHR HQX 10-bit
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Mulvya [Sun, 19 Feb 2017 16:22:15 +0000 (21:52 +0530)]
doc: drawtext options update
Remove nonexistant "draw" option.
Add undocumented "tc24hmax" timecode wrap option.
Signed-off-by: Mulvya <mulvya@gmail.com>
Signed-off-by: Lou Logan <lou@lrcd.com>
James Almer [Wed, 22 Feb 2017 17:36:26 +0000 (14:36 -0300)]
avcodec/cbrt_data: add missing header include
Fixes make checkheaders
James Almer [Wed, 22 Feb 2017 17:36:11 +0000 (14:36 -0300)]
avcodec/mjpegenc_huffman: add missing header include
Fixes make checkheaders
Paul B Mahol [Wed, 22 Feb 2017 14:45:06 +0000 (15:45 +0100)]
avcodec/flicvideo: update comment, 24bit support is implemented
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Michael Niedermayer [Fri, 10 Feb 2017 19:55:26 +0000 (20:55 +0100)]
MAINTAINERS: Add ffmpeg-security alias members
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 22 Feb 2017 00:42:59 +0000 (01:42 +0100)]
avcodec/rv34: Forward error from rv34_decode_mv()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 22 Feb 2017 00:22:24 +0000 (01:22 +0100)]
avcodec/mpeg4video: Fix runtime error: left shift of negative value
Fixes: 644/clusterfuzz-testcase-
4726434209726464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 22 Feb 2017 00:11:11 +0000 (01:11 +0100)]
avcodec/dcadsp: Fix runtime error: signed integer overflow:
394625024 * 8 cannot be represented in type 'int'
Fixes: 643/clusterfuzz-testcase-
5209078743695360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 21 Feb 2017 23:42:23 +0000 (00:42 +0100)]
avcodec/rv34: Fix runtime error: signed integer overflow: -2 + -
2147483648 cannot be represented in type 'int'
Fixes: 642/clusterfuzz-testcase-
558358808074649
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
James Almer [Wed, 22 Feb 2017 00:14:17 +0000 (21:14 -0300)]
avformat/matroskaenc: don't write DisplayUnit with value Unknown on WebM files
Value 4 (Unknown) is for the time being part of the Matroska spec but not
supported by WebM
Addresses ticket #6176
James Almer [Tue, 21 Feb 2017 23:21:52 +0000 (20:21 -0300)]
avcodec/qdrw: don't overwrite bpp when checking its value
Finishes fixing ticket #6171
Alex Converse [Thu, 16 Feb 2017 21:08:31 +0000 (13:08 -0800)]
aacdec: When ignoring a PCE restore the previous config
This is related to, but doesn't solve ticker 6152.
Carl Eugen Hoyos [Tue, 21 Feb 2017 01:06:06 +0000 (02:06 +0100)]
lavd/opengl_enc: Support BGR48.
Paul B Mahol [Tue, 21 Feb 2017 18:45:44 +0000 (19:45 +0100)]
avcodec/qdrw: add support for 2bpp and 4bpp packed pallette format
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Paul B Mahol [Tue, 21 Feb 2017 18:16:35 +0000 (19:16 +0100)]
avcodec/qdrw: fix writing past end of row
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Michael Niedermayer [Tue, 21 Feb 2017 16:32:56 +0000 (17:32 +0100)]
avcodec/ituh263dec: Fix runtime error: left shift of negative value -22
Fixes: 639/clusterfuzz-testcase-
5143866241974272
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 21 Feb 2017 15:38:00 +0000 (16:38 +0100)]
avcodec/gsmdec_template: Fix runtime error: signed integer overflow: -22527 * 99113 cannot be represented in type 'int'
Fixes: 636/clusterfuzz-testcase-
6520876646268928
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 21 Feb 2017 15:22:47 +0000 (16:22 +0100)]
avcodec/bmp: Fix runtime error: negation of -
2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
There is code checking height and width later, leaving an invalid value invalid
is thus fine.
Fixes: 635/clusterfuzz-testcase-
6225161437052928
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Nicolas Roy-Renaud [Sat, 18 Feb 2017 03:50:11 +0000 (22:50 -0500)]
avformat/sierravmd: Support for Shivers 2 stereo tracks
Signed-off-by: Nicolas Roy-Renaud <nicolas.roy-renaud.1@ens.etsmtl.ca>
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Rostislav Pehlivanov [Tue, 21 Feb 2017 06:51:46 +0000 (06:51 +0000)]
lavfi/buffersrc: fix directly setting channel layout
When setting the channel layout directly using AVBufferSrcParameters
the channel layout was correctly set however the init function still
expected the old string format to set the number of channels (when it
hadn't already been specified).
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Steven Liu [Tue, 21 Feb 2017 15:38:39 +0000 (23:38 +0800)]
avformat/hlsenc: fix cid
1401346 Dereferencing pointer error
check if proto is null before av_strcasecmp
CID:
1401346
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>
Michael Niedermayer [Tue, 21 Feb 2017 02:51:17 +0000 (03:51 +0100)]
avcodec/h264_ps: Check delta scale for validity
Fixes: signed integer overflow: 5 +
2147483646 cannot be represented in type 'int'
Fixes: 634/clusterfuzz-testcase-
5285420445204480
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 21 Feb 2017 02:14:49 +0000 (03:14 +0100)]
avcodec/simple_idct: Fix runtime error: left shift of negative value -6395
Fixes: 633/clusterfuzz-testcase-
4553133554401280
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 21 Feb 2017 02:05:32 +0000 (03:05 +0100)]
avcodec/rv40: Fix runtime error: left shift of negative value
Fixes: 630/clusterfuzz-testcase-
6608718928019456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Paul B Mahol [Tue, 21 Feb 2017 11:17:21 +0000 (12:17 +0100)]
avcodec/qdrw: add support for decoding rgb555
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Paul B Mahol [Sat, 11 Feb 2017 10:47:22 +0000 (11:47 +0100)]
avformat/mpl2dec: skip BOM when probing
Fixes #5442.
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Carl Eugen Hoyos [Sun, 19 Feb 2017 15:15:34 +0000 (16:15 +0100)]
lavf/mpeg: Initialize a stack variable used by memcmp().
Silence a valgrind warning.
Fixes ticket #6160.
Michael Niedermayer [Mon, 20 Feb 2017 23:11:19 +0000 (00:11 +0100)]
avcodec/dca_xll: Fix runtime error: signed integer overflow: -
1073741824 * 32768 cannot be represented in type 'int'
Fixes: 629/clusterfuzz-testcase-
6697457381539840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Mon, 20 Feb 2017 22:59:26 +0000 (23:59 +0100)]
avcodec/flacdec: reduce limit for golomb so that the max value does not overflow
Fixes: runtime error: left shift of 32 by 26 places cannot be represented in type 'int'
Fixes: 628/clusterfuzz-testcase-
6187747641393152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Mon, 20 Feb 2017 19:22:26 +0000 (20:22 +0100)]
avcodec/dca_xll: signed integer overflow: 255251 * 32768 cannot be represented in type 'int'
Fixes: 627/clusterfuzz-testcase-
5020897033322496
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Mon, 20 Feb 2017 18:34:54 +0000 (19:34 +0100)]
Factorize CHECK/SUINT code
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Steinar H. Gunderson [Sat, 18 Feb 2017 18:41:02 +0000 (19:41 +0100)]
speedhq: fix decoding artifacts
The quantization table is stored in the natural order, but when we
access it, we use an index that's in zigzag order, causing us to read
the wrong value. This causes artifacts, especially in areas with
horizontal or vertical edges. The artifacts look a lot like the
DCT ringing artifacts you'd expect to see from a low-bitrate file,
but when comparing to NewTek's own decoder, it's obvious they're not
supposed to be there.
Fix by simply storing the scaled quantization table in zigzag order.
Performance is unchanged.
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Fri, 17 Feb 2017 00:59:08 +0000 (01:59 +0100)]
fate/source: Check for cases that could use av_clip_uintp2() and av_clip_intp2()
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Timo Rothenpieler [Mon, 20 Feb 2017 21:38:39 +0000 (22:38 +0100)]
avcodec/nvenc: allow forcing keyframes by default
Sasi Inguva [Wed, 15 Feb 2017 20:07:55 +0000 (12:07 -0800)]
lavf/mov.c: Correct keyframe search in edit list to return the very first keyframe/frame with matching timestamp. Fixes ticket#5904
Signed-off-by: Sasi Inguva <isasi@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Mon, 20 Feb 2017 12:42:33 +0000 (13:42 +0100)]
avcodec/mpegaudiodec: Eliminate many undefined operations
Fixes: 625/clusterfuzz-testcase-
4574924406521856
Fixes: 626/clusterfuzz-testcase-
4738718621499392
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Mon, 20 Feb 2017 11:31:43 +0000 (12:31 +0100)]
avcodec/pictordec: Do not read more than nb_planes
Fixes undefined behavior
Fixes: 622/clusterfuzz-testcase-
5745722022428672
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Pavel Koshevoy [Mon, 20 Feb 2017 02:51:28 +0000 (10:51 +0800)]
avfilter/af_atempo: fix drift calculation, ticket #6157
ticket #6157
Reported-by: Steven Liu <lq@chinaffmpeg.org>
Signed-off-by: Pavel Koshevoy <pkoshevoy@gmail.com>
Michael Niedermayer [Sun, 19 Feb 2017 23:49:03 +0000 (00:49 +0100)]
avcodec/ituh263dec: Check cbpy in ff_h263_decode_mb()
Fixes: 618/clusterfuzz-testcase-
6594990333493248
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 19 Feb 2017 22:37:53 +0000 (23:37 +0100)]
avcodec/srtdec: Fix signed integer overflow:
1811992524 * 384 cannot be represented in type 'int'
Fixes: 617/clusterfuzz-testcase-
6413875723370496
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>