OSDN Git Service
Michael Niedermayer [Thu, 1 Jun 2017 16:48:37 +0000 (18:48 +0200)]
avcodec/wavpack: Fix runtime error: shift exponent 32 is too large for 32-bit type 'int'
Fixes: 1967/clusterfuzz-testcase-minimized-
5757031199801344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 1 Jun 2017 16:32:52 +0000 (18:32 +0200)]
avcodec/cfhd: Fix runtime error: signed integer overflow: 65280 * 65288 cannot be represented in type 'int'
Fixes: 1925/clusterfuzz-testcase-minimized-
5564569688735744
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Paul B Mahol [Fri, 19 May 2017 18:12:04 +0000 (20:12 +0200)]
avfilter: add audio surround upmixer
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Vittorio Giovara [Wed, 31 May 2017 15:55:11 +0000 (11:55 -0400)]
ffprobe: Print AVContentLightMetadata side data contents
Vittorio Giovara [Tue, 30 May 2017 21:28:11 +0000 (17:28 -0400)]
ffprobe: Print AVMasteringDisplayMetadata side data contents
James Almer [Thu, 1 Jun 2017 16:12:20 +0000 (13:12 -0300)]
checkasm: add _fixed suffix to fixed_dsp tests
Should prevents future conflicts with the similarly named floatdsp tests
Timo Rothenpieler [Thu, 1 Jun 2017 10:29:35 +0000 (12:29 +0200)]
avcodec/cuvid: make capability check optional
Timo Rothenpieler [Thu, 1 Jun 2017 10:33:54 +0000 (12:33 +0200)]
compat/cuda: make cuvidGetDecoderCaps optional
Timo Rothenpieler [Thu, 1 Jun 2017 09:55:25 +0000 (11:55 +0200)]
avcodec/nvenc: print minimum driver version on error
Timo Rothenpieler [Thu, 1 Jun 2017 09:36:13 +0000 (11:36 +0200)]
configure: libnpp does not need to link libcuda
Srinath K R [Thu, 1 Jun 2017 07:58:07 +0000 (13:28 +0530)]
avcodec/nvenc: Add default value for AVCodecContext::refs
AVCodecContext::refs is used to control the DPB size to be used by the
encoder. The default value for AVCodecContext::refs as set in
libavcodec/options_table.h is 1.
This patch sets AVCodecContext::refs to 0 for h264_nvenc and hevc_nvenc in
order to let the driver take the decision of the correct DPB size to use in
all cases.
Signed-off-by: Srinath K R <skr@nvidia.com>
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
James Almer [Tue, 23 May 2017 22:05:37 +0000 (19:05 -0300)]
avutil/pixfmt: remove superfluous define
It's an AVColorSpace value since
82ad9cbd32c873bced9adf4a2bb67dcda7294c61.
Signed-off-by: James Almer <jamrial@gmail.com>
Michael Niedermayer [Wed, 31 May 2017 20:53:02 +0000 (22:53 +0200)]
avcodec/wavpack: Fix runtime error: signed integer overflow:
2013265955 - -
134217694 cannot be represented in type 'int'
Fixes: 1922/clusterfuzz-testcase-minimized-
5561194112876544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 31 May 2017 20:18:23 +0000 (22:18 +0200)]
avcodec/cinepak: Check input packet size before frame reallocation
Reduces time spend decoding 1917/clusterfuzz-testcase-minimized-
5023221273329664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 31 May 2017 20:02:07 +0000 (22:02 +0200)]
avcodec/hevc_ps: Fix runtime error: signed integer overflow:
2147483628 + 256 cannot be represented in type 'int'
Fixes: 1909/clusterfuzz-testcase-minimized-
6732072662073344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 31 May 2017 13:52:56 +0000 (15:52 +0200)]
avcodec/ra144: Fixes runtime error: signed integer overflow: 7160 * 327138 cannot be represented in type 'int'
Fixes: 1908/clusterfuzz-testcase-minimized-
5392712477966336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 31 May 2017 11:39:45 +0000 (13:39 +0200)]
avcodec/pnm: Use ff_set_dimensions()
Fixes: OOM
Fixes: 1906/clusterfuzz-testcase-minimized-
4599315114754048
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 31 May 2017 11:21:58 +0000 (13:21 +0200)]
avcodec/cavsdec: Fix runtime error: signed integer overflow: 59 +
2147483600 cannot be represented in type 'int'
Fixes: 1903/clusterfuzz-testcase-minimized-
5359318167715840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Stefano Sabatini [Tue, 23 May 2017 10:22:09 +0000 (12:22 +0200)]
examples/encode_video: slightly improve error reporting
Stefano Sabatini [Tue, 23 May 2017 09:50:40 +0000 (11:50 +0200)]
examples/encode_video: add log
This helps to visualize how the send/receive API works.
Martin Storsjö [Wed, 31 May 2017 09:53:32 +0000 (12:53 +0300)]
configure: Fix the msvcrt version check for mingw32
This was actually broken when committed in
46e3936fb04; the
test never succeeded, and thus, _aligned_malloc wasn't actually
used on legacy mingw.
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit
427f7a1f9ec1977bcb57cb4d6e6f7228dc1e858b)
wm4 [Wed, 31 May 2017 10:07:43 +0000 (12:07 +0200)]
avformat/tls_schannel: log unknown error codes
wm4 [Wed, 24 May 2017 13:46:39 +0000 (15:46 +0200)]
videotoolbox: log errors
With the new decode API, you can't handle errors directly in the API
user - you only know that the hwaccel did not initialize at all.
Add some approximate logging.
Michael Niedermayer [Tue, 30 May 2017 23:29:57 +0000 (01:29 +0200)]
tests/fate/libavcodec: Test with all idct and dct modes supported in the test
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 30 May 2017 19:29:20 +0000 (21:29 +0200)]
avformat/avidec: Limit formats in gab2 to srt and ass/ssa
This prevents part of one exploit leading to an information leak
Found-by: Emil Lerner and Pavel Cheremushkin
Reported-by: Thierry Foucu <tfoucu@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 30 May 2017 19:20:54 +0000 (21:20 +0200)]
avformat/avidec: Fix txts fmts parsing
Fixes: subtitle.avi from vlc/ticket/1162
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
James Darnley [Mon, 15 May 2017 11:58:18 +0000 (13:58 +0200)]
avcodec/x86/idctdsp_init: reindent
James Darnley [Thu, 11 May 2017 00:30:26 +0000 (02:30 +0200)]
avcodec/x86: move simple_idct to external assembly
Michael Niedermayer [Tue, 30 May 2017 02:03:09 +0000 (04:03 +0200)]
avcodec/acelp_pitch_delay: Fix runtime error: value 4.83233e+39 is outside the range of representable values of type 'float'
Fixes: 1902/clusterfuzz-testcase-minimized-
4762451407011840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 30 May 2017 01:13:21 +0000 (03:13 +0200)]
avcodec/wavpack: Check float_shift
Fixes: runtime error: shift exponent 40 is too large for 32-bit type 'unsigned int'
Fixes: 1898/clusterfuzz-testcase-minimized-
5970744880136192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 30 May 2017 01:09:11 +0000 (03:09 +0200)]
avcodec/wavpack: Fix runtime error: signed integer overflow: 24 * -
2147483648 cannot be represented in type 'int'
Fixes: 1894/clusterfuzz-testcase-minimized-
4716739789062144
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Rostislav Pehlivanov [Sun, 28 May 2017 21:01:40 +0000 (22:01 +0100)]
lavc: remove libschroedinger encoding and decoding wrappers
The library has stopped being developed and Debian has removed it
from its repositories citing security issues.
The native Dirac decoder supports everything the library has and basic
encoding support is still provided via the native vc2 (Dirac Pro, intra
only version of Dirac) encoder. Hence, there's no reason to still support
linking to the library and potentially leading users into security issues.
Rostislav Pehlivanov [Sun, 28 May 2017 19:25:56 +0000 (20:25 +0100)]
lavf: remove the libnut library wrapper
libnut is outdated and not developed anymore, all nut developments
happens in this repo, so users are getting mislead
Michael Niedermayer [Mon, 29 May 2017 12:07:33 +0000 (14:07 +0200)]
avcodec/ansi: Fix frame memleak
Fixes: 1892/clusterfuzz-testcase-minimized-
4519341733183488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Mon, 29 May 2017 11:51:08 +0000 (13:51 +0200)]
avcodec/dds: Fix runtime error: left shift of 145 by 24 places cannot be represented in type 'int'
Fixes: 1891/clusterfuzz-testcase-minimized-
6274417925554176
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Mon, 29 May 2017 11:45:29 +0000 (13:45 +0200)]
avcodec/jpeg2000dec: Use ff_set_dimensions()
Fixes: OOM
Fixes: 1890/clusterfuzz-testcase-minimized-
6329019509243904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Mon, 29 May 2017 01:37:43 +0000 (03:37 +0200)]
tools/target_dec_fuzzer: Move the hwaccel check outside the initialization if
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 19:19:23 +0000 (21:19 +0200)]
avcodec/aacsbr: Fix libavcodec/aacsbr.c:257:59: runtime error: division by zero
Fixes: 1882/clusterfuzz-testcase-minimized-
5539735650959360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Rostislav Pehlivanov <atomnuker@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Micah Galizia [Wed, 17 May 2017 01:37:31 +0000 (21:37 -0400)]
libavformat/hls: Observe Set-Cookie headers
Signed-off-by: Micah Galizia <micahgalizia@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 19:54:02 +0000 (21:54 +0200)]
avcodec/truemotion2: Fix passing null pointer to memset()
Fixes part of: 1888/clusterfuzz-testcase-minimized-
5237704826552320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 19:54:02 +0000 (21:54 +0200)]
avcodec/truemotion2: Fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes part of: 1888/clusterfuzz-testcase-minimized-
5237704826552320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 19:44:32 +0000 (21:44 +0200)]
avcodec/ra144: Fix runtime error: signed integer overflow: -2449 *
1398101 cannot be represented in type 'int'
Fixes: 1885/clusterfuzz-testcase-minimized-
5336328549957632
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 19:38:24 +0000 (21:38 +0200)]
avcodec/ra144: Fix runtime error: signed integer overflow:
11184810 * 404 cannot be represented in type 'int'
Fixes: 1884/clusterfuzz-testcase-minimized-
4637425835966464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 18:08:49 +0000 (20:08 +0200)]
avcodec/aac_defines: Add missing () to AAC_HALF_SUM() macro
Fixes: runtime error: shift exponent
1073741848 is too large for 32-bit type 'INTFLOAT' (aka 'int')
Fixes: 1880/clusterfuzz-testcase-minimized-
4900645322620928
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 10 May 2017 16:37:50 +0000 (18:37 +0200)]
avcodec/webp: Fixes null pointer dereference
Fixes: 1470/clusterfuzz-testcase-minimized-
5404421666111488
Fixes: 1472/clusterfuzz-testcase-minimized-
5677426430443520
Fixes: 1875/clusterfuzz-testcase-minimized-
5536474562822144
Approved-by: BBB
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 16:09:47 +0000 (18:09 +0200)]
avcodec/aacdec_fixed: Fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes: 1878/clusterfuzz-testcase-minimized-
6441918630199296
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 15:20:42 +0000 (17:20 +0200)]
avcodec/ylc: Check count in build_vlc()
Fixes: runtime error: signed integer overflow:
211633430 +
2147483647 cannot be represented in type 'int'
Fixes: 1874/clusterfuzz-testcase-minimized-
5037763613163520
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 15:12:35 +0000 (17:12 +0200)]
avcodec/snow: Fix runtime error: signed integer overflow:
1086573993 +
1086573994 cannot be represented in type 'int'
Fixes: 1871/clusterfuzz-testcase-minimized-
5719950331215872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 12:00:30 +0000 (14:00 +0200)]
avcodec/jpeg2000: Fix runtime error: signed integer overflow: 4185 +
2147483394 cannot be represented in type 'int'
Fixes: 1870/clusterfuzz-testcase-minimized-
4686788029317120
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 11:52:13 +0000 (13:52 +0200)]
avcodec/jpeg2000dec: Check tile offsets more completely
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 11:30:46 +0000 (13:30 +0200)]
avcodec/sheervideo: Check input buffer size before allocating and decoding
Fixes: Timeout
Fixes: 1858/clusterfuzz-testcase-minimized-
6450473802399744
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 10:56:25 +0000 (12:56 +0200)]
avcodec/wavpack: Fix runtime error: signed integer overflow: -
1386217472 * 4 cannot be represented in type 'int'
Fixes: 1853/clusterfuzz-testcase-minimized-
5471155626442752
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 01:34:09 +0000 (03:34 +0200)]
avcodec/aacdec_fixed: Fix multiple runtime error: shift exponent 127 is too large for 32-bit type 'int'
Fixes: 1851/clusterfuzz-testcase-minimized-
5692607495667712
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 01:18:02 +0000 (03:18 +0200)]
avcodec/wnv1: More strict buffer size check
This requires at least 25% of a picture to allocate and decode it
Fixes: Timeout
Fixes: 1845/clusterfuzz-testcase-minimized-
5075974343360512
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 25 May 2017 01:21:50 +0000 (03:21 +0200)]
avcodec/libfdk-aacdec: Correct buffer_size parameter
the timeDataSize argument to aacDecoder_DecodeFrame() seems undocumented and until
2016 04 (
203e3f28fbebec7011342017fafc2a0bda0ce530) unused.
after that commit libfdk-aacdec interprets it as size in sample units and memsets that on error.
FFmpeg as well as others (like GStreamer) did interpret it as size in bytes
Fixes: 1442/clusterfuzz-testcase-minimized-
4540199973421056 (This requires recent libfdk to reproduce)
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 23 May 2017 19:08:48 +0000 (21:08 +0200)]
avcodec/sbrdsp_template: Fix: runtime error: signed integer overflow:
849815297 +
1315389781 cannot be represented in type 'int'
Fixes: 1770/clusterfuzz-testcase-minimized-
5285511235108864
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 21 May 2017 18:46:16 +0000 (20:46 +0200)]
avcodec/aacps: Check border_position to be monotone
Fixes: runtime error: left shift of negative value -
67108864
Fixes: 1738/clusterfuzz-testcase-minimized-
6734814327603200
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
erankor [Wed, 17 May 2017 09:32:06 +0000 (12:32 +0300)]
movenc: encryption with time code track fix
instead of deciding whether to encrypt based on the encryption scheme,
decide according to whether cenc was initialized or not.
mov_create_timecode_track calls ff_mov_write_packet with a track that
doesn't have cenc initialized.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sun, 28 May 2017 01:03:46 +0000 (03:03 +0200)]
avcodec/ivi_dsp: Fix runtime error: left shift of negative value -2
Fixes: 1839/clusterfuzz-testcase-minimized-
6238490993885184
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Kevin Mark [Sat, 27 May 2017 14:10:46 +0000 (10:10 -0400)]
doc/filters: Clarify scale2ref example
Signed-off-by: Kevin Mark <kmark937@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
James Almer [Sat, 22 Apr 2017 03:34:37 +0000 (00:34 -0300)]
avformat/mov: add support for reading Content Light Level Box
As defined in "VP Codec ISO Media File Format Binding v1.0"
https://github.com/webmproject/vp9-dash/blob/master/VPCodecISOMediaFileFormatBinding.md
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
James Almer [Sat, 22 Apr 2017 03:03:21 +0000 (00:03 -0300)]
avformat/mov: add support for reading Mastering Display Metadata Box
As defined in "VP Codec ISO Media File Format Binding v1.0"
https://github.com/webmproject/vp9-dash/blob/master/VPCodecISOMediaFileFormatBinding.md
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
Michael Niedermayer [Sat, 27 May 2017 11:17:34 +0000 (13:17 +0200)]
avcodec/mlpdec: Do not leave invalid values in matrix_out_ch[] on error
Fixes: runtime error: index 12 out of bounds for type 'uint8_t [8]'
Fixes: 1832/clusterfuzz-testcase-minimized-
6574546079449088
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sat, 27 May 2017 11:07:00 +0000 (13:07 +0200)]
avcodec/ra144dec: Fix runtime error: left shift of negative value -17
Fixes: 1830/clusterfuzz-testcase-minimized-
5828293733384192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Sat, 27 May 2017 11:03:36 +0000 (13:03 +0200)]
avcodec/pixlet: Fix runtime error: signed integer overflow:
2147483647 + 32 cannot be represented in type 'int'
Fixes: 1829/clusterfuzz-testcase-minimized-
5527165321871360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Fri, 26 May 2017 16:01:31 +0000 (18:01 +0200)]
avformat/mux: Fix copy an paste typo
Found-by: Roger Scott <rscott@grammatech.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Vittorio Giovara [Thu, 25 May 2017 21:42:22 +0000 (17:42 -0400)]
zscale: Add range options aliases to match scale ones
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Vittorio Giovara [Thu, 25 May 2017 18:43:34 +0000 (14:43 -0400)]
zscale: Add pixdesc-API compatible color names to filter options
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
James Almer [Fri, 26 May 2017 14:22:23 +0000 (11:22 -0300)]
doc/libav-merge: remove lines about AVFrame crop fields
James Almer [Mon, 8 May 2017 18:46:25 +0000 (15:46 -0300)]
avcodec/theora: export cropping information instead of handling it internally
This merges commit
1202b712690c14f0efb06e4ad8b06c5b3df6822a from libav,
originally written by Anton Khirnov and skipped in
fc63d5ceb357c4b760cb02772de0b50d0557140f.
libavcodec/vp3.c | 26 +++++++++-----------------
1 file changed, 9 insertions(+), 17 deletions(-)
James Almer [Mon, 8 May 2017 18:46:24 +0000 (15:46 -0300)]
avcodec/h264dec: export cropping information instead of handling it internally
This merges commit
c3e84820d67cb1d8cfb4196f9b43971308a81571 from libav,
originally written by Anton Khirnov and skipped in
fc63d5ceb357c4b760cb02772de0b50d0557140f.
libavcodec/h264_picture.c | 3 ---
libavcodec/h264_ps.c | 9 ---------
libavcodec/h264_slice.c | 25 +++++++++++++++++++------
libavcodec/h264dec.c | 13 +------------
libavcodec/h264dec.h | 9 +++++----
5 files changed, 25 insertions(+), 34 deletions(-)
James Almer [Mon, 8 May 2017 18:46:23 +0000 (15:46 -0300)]
avcodec/h264dec: be more explicit in handling container cropping
This merges commit
4fded0480f20f4d7ca5e776a85574de34dfead14 from libav,
originally written by Anton Khirnov and skipped in
fc63d5ceb357c4b760cb02772de0b50d0557140f.
libavcodec/h264_slice.c | 20 +++++++++++++-------
libavcodec/h264dec.c | 3 +++
libavcodec/h264dec.h | 5 +++++
3 files changed, 21 insertions(+), 7 deletions(-)
James Almer [Mon, 8 May 2017 18:46:22 +0000 (15:46 -0300)]
avcodec/hevcdec: export cropping information instead of handling it internally
This merges commit
a02ae1c6837a54ed9e7735da2b1f789b2f4b6e13 from libav,
originally written by Anton Khirnov and skipped in
fc63d5ceb357c4b760cb02772de0b50d0557140f.
libavcodec/hevc_parser.c | 6 ++++--
libavcodec/hevc_ps.c | 31 ++++++++++++-------------------
libavcodec/hevc_ps.h | 2 --
libavcodec/hevc_refs.c | 18 +++++-------------
libavcodec/hevcdec.c | 7 ++++---
libavcodec/hevcdec.h | 2 --
6 files changed, 25 insertions(+), 41 deletions(-)
Signed-off-by: James Almer <jamrial@gmail.com>
Michael Niedermayer [Thu, 25 May 2017 23:37:14 +0000 (01:37 +0200)]
avcodec/clearvideo: Check buf_size before decoding frame
Fixes; Timeout
Fixes: 1826/clusterfuzz-testcase-minimized-
5728569256837120
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 25 May 2017 21:01:27 +0000 (23:01 +0200)]
avcodec/aacdec_fixed: Fix runtime error: signed integer overflow: -
2147483648 * -1 cannot be represented in type 'int'
Fixes: 1825/clusterfuzz-testcase-minimized-
6002833050566656
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 25 May 2017 18:07:49 +0000 (20:07 +0200)]
avcodec/smc: Check remaining input
Fixes: Timeout
Fixes: 1818/clusterfuzz-testcase-minimized-
5039166473633792
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 25 May 2017 14:35:40 +0000 (16:35 +0200)]
avcodec/diracdec: Fix off by 1 error in quant check
Fixes: out of array read
Fixes: 1781/clusterfuzz-testcase-minimized-
4617176877105152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 25 May 2017 14:22:49 +0000 (16:22 +0200)]
avcodec/diracdec: Factor quant matrix reads
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Ronald S. Bultje [Thu, 25 May 2017 12:20:21 +0000 (08:20 -0400)]
frame_thread_encoder: extend critical code covered by finished_task_mutex.
Should fix tsan errors in utvideoenc_rgb_left and related tests.
Ronald S. Bultje [Wed, 24 May 2017 15:46:07 +0000 (11:46 -0400)]
hevc: fix race condition in max_ra/seq_decode.
These variables are shared between frame threads, but they are updated
post-setup_finished() if a EOB/EOS slice type occurs. Moving the EOB/EOS
slices to the next frame thread instance (by parsing them leading into
the next picture instead of trailing behind the last picture) effectively
prevents this race condition.
This fixes tsan failures on hevc-conformance-NoOutPrior_A_Qualcomm_1.
Michael Niedermayer [Sun, 21 May 2017 13:34:21 +0000 (15:34 +0200)]
avcodec/tscc2: Skip duplicate frames
This turns CFR duplicated frames into skiped frames
Fixes: Timeout
Fixes: 1719/clusterfuzz-testcase-minimized-
6375090079924224
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 23 May 2017 22:21:21 +0000 (00:21 +0200)]
avcodec/wavpack: Fix runtime error: left shift of negative value -14778
Fixes: 1778/clusterfuzz-testcase-minimized-
5128953268273152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 23 May 2017 22:21:20 +0000 (00:21 +0200)]
avcodec/wavpack: Fix: runtime error: signed integer overflow: 3 * -
2147483648 cannot be represented in type 'int'
Fixes: 1776/clusterfuzz-testcase-minimized-
6191258231898112
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Thu, 25 May 2017 09:11:33 +0000 (11:11 +0200)]
avcodec/jpeg2000dec: Fix copy and paste error
Found-by: jamrial
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
James Almer [Thu, 25 May 2017 02:37:04 +0000 (23:37 -0300)]
avcodec/audiotoolboxdec: check packet side data for AAC extradata updates
Tested-by: rcombs
Signed-off-by: James Almer <jamrial@gmail.com>
James Almer [Thu, 25 May 2017 02:31:59 +0000 (23:31 -0300)]
avcodec/libopenh264dec: fix return error value when h264_mp4toannexb_bsf is not found
James Almer [Wed, 24 May 2017 22:46:30 +0000 (19:46 -0300)]
doc/libav-merge: remove line about aac_adtstoasc
Signed-off-by: James Almer <jamrial@gmail.com>
James Almer [Mon, 10 Apr 2017 01:37:54 +0000 (22:37 -0300)]
ffmpeg: remove bsf extradata propagation hack
The offending bitstream filter was fixed, so this is no longer needed.
Signed-off-by: James Almer <jamrial@gmail.com>
James Almer [Mon, 10 Apr 2017 01:37:49 +0000 (22:37 -0300)]
avformat/mux: remove autobsf extradata propagation hack
The offending bitstream filter was fixed, so this is no longer needed.
Signed-off-by: James Almer <jamrial@gmail.com>
James Almer [Mon, 10 Apr 2017 16:36:19 +0000 (13:36 -0300)]
avcodec/aac_adtstoasc: propagate new extradata using packet side data
This removes the current API violating behavior of overwritting the stream's
extradata during packet filtering, something that should not happen after the
av_bsf_init() call.
The bitstream filter generated extradata is no longer available during
write_header(), and as such not usable with non seekable output. The FATE
tests are updated to reflect this.
Signed-off-by: James Almer <jamrial@gmail.com>
James Almer [Wed, 24 May 2017 20:02:08 +0000 (17:02 -0300)]
avcodec/adtsenc: check packet side data for AAC extradata updates
This is in preparation for the following patch.
Signed-off-by: James Almer <jamrial@gmail.com>
James Almer [Thu, 13 Apr 2017 19:06:02 +0000 (16:06 -0300)]
avformat/latmenc: check packet side data for AAC extradata updates
This is in preparation for a following patch.
Signed-off-by: James Almer <jamrial@gmail.com>
James Almer [Thu, 13 Apr 2017 15:43:11 +0000 (12:43 -0300)]
avformat/matroskaenc: check packet side data for AAC extradata updates
This adapts and merges commit
f4bf236338f6001736a4784b9c23de863057a583
from libav, originally skipped in
13a211e6320d061d9e8c29354c81239324b2db03
as it was not necessary back then.
Is's applied now in preparation for the following patches, where the
aac_adtstoasc bitstream filter will start to correctly propagate the new
extradata through packet side data.
Signed-off-by: James Almer <jamrial@gmail.com>
James Almer [Mon, 10 Apr 2017 01:05:13 +0000 (22:05 -0300)]
avformat/movenc: always check for new extradata on a packet
Don't just look at zero sized packets, and also check for AAC extradata
updates, in preparation for the following patches.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
Michael Niedermayer [Wed, 24 May 2017 17:52:00 +0000 (19:52 +0200)]
avcodec/cllc: Check bitstream end before decoding pixels
Fixes timeout
Fixes: 1802/clusterfuzz-testcase-minimized-
5008293510512640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 24 May 2017 17:53:57 +0000 (19:53 +0200)]
avcodec/wavpack: Fix runtime error: left shift of negative value -1
Fixes: 1807/clusterfuzz-testcase-minimized-
6258676199325696
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Wed, 24 May 2017 17:40:42 +0000 (19:40 +0200)]
avcodec/jpeg2000dec: Check tile offsets
Fixes: runtime error: signed integer overflow: 4096 - -
2147483648 cannot be represented in type 'int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Max Justicz [Wed, 24 May 2017 13:25:50 +0000 (15:25 +0200)]
avcodec/sanm: Fix uninitialized reference frames
Fixes: poc.snm
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer [Tue, 23 May 2017 20:18:52 +0000 (22:18 +0200)]
avcodec/jpeglsdec: Check get_bits_left() before decoding a picture
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
James Almer [Tue, 23 May 2017 18:19:14 +0000 (15:19 -0300)]
fate: add aac-al_sbr_ps_06_ur test
Signed-off-by: James Almer <jamrial@gmail.com>