ffmpeg

Author	SHA1	Message	Date
Michael Niedermayer	0a849fe1f2	MAINTAINERS: Remove myself as leader Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit f2c58931e629343f7d68258cc2b2d62c5f501ba5) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2015-07-31 18:35:42 +02:00
Michael Niedermayer	101e1b36cc	avcodec/jpeglsdec: check err value for ls_get_code_runterm() Fixes infinite loop Fixes Ticket3086 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit cc0e47b55096361723b364afa43b79a3f5619cdc) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-16 20:54:14 +01:00
Michael Niedermayer	9a073b1f0f	avcodec/parser: reset indexes on realloc failure Fixes Ticket2982 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit f31011e9abfb2ae75bb32bc44e2c34194c8dc40a) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-16 20:54:14 +01:00
Michael Niedermayer	792ee2f775	Merge remote-tracking branch 'qatar/release/0.6' into release/0.6 * qatar/release/0.6: arm: Don't clobber callee saved registers in scalarproduct See: a94d12b69027955f1b01aedffc8dd8c7e96a15cc Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-16 20:53:57 +01:00
Martin Storsjö	a94d12b690	arm: Don't clobber callee saved registers in scalarproduct q4-q7/d8-d15 are supposed to not be clobbered by the callee. CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit d307e408d4a9ada22df443cc38be77cc5e492694)	2013-12-21 10:00:40 +01:00
Martin Storsjö	0cbef38cb8	arm: Don't clobber callee saved registers in scalarproduct q4-q7/d8-d15 are supposed to not be clobbered by the callee. CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit d307e408d4a9ada22df443cc38be77cc5e492694) Signed-off-by: Martin Storsjö <martin@martin.st>	2013-12-20 22:11:04 +02:00
Michael Niedermayer	243396f06d	update for 0.6.7 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> n0.6.7	2013-09-23 01:23:35 +02:00
Michael Niedermayer	c7ab9de727	avcodec/ffv1enc: update buffer check for 16bps Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 3728603f1854b5c79d1a64dd3b41b80640ef1e7f) Conflicts: libavcodec/ffv1enc.c (cherry picked from commit c900c6e5c26cd86cf34f9c8d4347cedbd01f3935)	2013-09-09 20:51:01 +02:00
Michael Niedermayer	b51c4df35b	avcodec/dsputil: fix signedness in sizeof() comparissions Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 454a11a1c9c686c78aa97954306fb63453299760) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-30 23:49:16 +02:00
Michael Niedermayer	f9225c2884	matroska_read_seek: Fix used streams for subtitle index compensation Might fix Ticket1907 (I have no testcase so i cant test) Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 4758e32a6c48044f77102a49110c79b4f338f648) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-29 03:00:40 +02:00
Michael Niedermayer	6ad4a116a2	avcodec/rpza: Perform pointer advance and checks before using the pointers Fixes out of array accesses Fixes Ticket2850 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 3819db745da2ac7fb3faacb116788c32f4753f34) Conflicts: libavcodec/rpza.c (cherry picked from commit edba432b8b01d68c22e70a508f47553359f59fb5) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-22 01:44:29 +02:00
Diego Biurrun	3f785a538b	configure: Make warnings from -Wreturn-type fatal errors These warnings have no false positives and point to serious bugs. (cherry picked from commit 99853cb8d4237b810b2fffb4a34f66fd0064ef72) Conflicts: configure Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-19 00:56:54 +01:00
Michael Niedermayer	a77cf47d88	huffyuvdec: Skip len==0 cases Fixes vlc decoding for hypothetical files that would contain such cases. Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 0dfc01c2bbf4b71bb56201bc4a393321e15d1b31) Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 5ff41ffeb4cb9ea6df49757dc859619dc3d3ab4f) Conflicts: libavcodec/huffyuv.c (cherry picked from commit 9bc70fe1ae50fd2faa0b9429d47cfbda01a92ebc) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-01-29 19:29:05 +01:00
Michael Niedermayer	a7faa1d070	huffyuvdec: Check init_vlc() return codes. Prevents out of array writes Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit f67a0d115254461649470452058fa3c28c0df294) Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 95ab8d33e1a680f30a5a9605175112008ab81afc) Conflicts: libavcodec/huffyuv.c (cherry picked from commit 277def59fce10d91e3113e5c0f63e22bc4abfa88) Conflicts: libavcodec/huffyuv.c (cherry picked from commit adf022f458d75e2c8041262e1906a249366ad518) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-01-29 18:37:08 +01:00
Xi Wang	9aa60889f3	rtmp: fix buffer overflows in ff_amf_tag_contents() A negative `size' will bypass FFMIN(). In the subsequent memcpy() call, `size' will be considered as a large positive value, leading to a buffer overflow. Change the type of `size' to unsigned int to avoid buffer overflow, and simplify overflow checks accordingly. Signed-off-by: Xi Wang <xi.wang@gmail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 4e692374f7962ea358c329de38c380103f8991b6) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-01-23 05:55:32 +01:00
Xi Wang	636c42de19	rtmp: fix multiple broken overflow checks Sanity checks like `data + size >= data_end \|\| data + size < data' are broken, because `data + size < data' assumes pointer overflow, which is undefined behavior in C. Many compilers such as gcc/clang optimize such checks away. Use `size < 0 \|\| size >= data_end - data' instead. Signed-off-by: Xi Wang <xi.wang@gmail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 902cfe2f74d777a7dc20ac68f2393b9f84b790c1) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-01-23 05:55:30 +01:00
Michael Niedermayer	f48d1fb167	Merge remote-tracking branch 'qatar/release/0.6' into release/0.6 * qatar/release/0.6: vorbis: Validate that the floor 1 X values contain no duplicates. lavfi: avfilter_merge_formats: handle case where inputs are same mpegvideo: Don't use ff_mspel_motion() for vc1 imgconvert: avoid undefined left shift in avcodec_find_best_pix_fmt nuv: check RTjpeg header for validity vc1dec: add flush function for WMV9 and VC-1 decoders mov: set AVCodecContext.width/height for h264 h264: allow cropping to AVCodecContext.width/height Merged-by: Michael Niedermayer <michaelni@gmx.at>	2012-10-16 18:00:02 +02:00
Alex Converse	0e2f415adf	vorbis: Validate that the floor 1 X values contain no duplicates. Duplicate values in this vector are explicitly banned by the Vorbis I spec and cause divide-by-zero crashes later on. (cherry picked from commit ecf79c4d3e8baaf2f303278ef81db6f8407656bc) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 9aaaeba45c41cf2b3fa4100abbdee7437428f93c) Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit d6e250abfc36b239ef0c1fc9d45d588b853bfcb9) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2012-10-06 09:47:41 +02:00
Mina Nagy Zaki	a4e277312c	lavfi: avfilter_merge_formats: handle case where inputs are same This fixes a double-free crash if lists are the same due to the two merge_ref() calls at the end of the (useless) merging that happens. Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit 11b6a82412bcd372adf694a26d83b07d337e1325) Conflicts: libavfilter/formats.c Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit e5f4e249422834f727bcd432b73af971277f1371) Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit b6c5848a1f8fc2755ea70d325acaddae9fac45ab) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2012-10-06 09:47:21 +02:00
Michael Niedermayer	c82ae85a8a	mpegvideo: Don't use ff_mspel_motion() for vc1 Using ff_mspel_motion assumes that s (a MpegEncContext poiinter) really is a Wmv2Context. This fixes crashes in error resilience on vc1/wmv3 videos. CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 18f2d5cb9c48d06895960f37467576725c9dc2d1) Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit da0c457663479bc1828918e1bb3e4a5e4de0d557) Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit 899d95efe12f1e250b361837c1c8c06df9ac9b86) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2012-10-06 09:46:14 +02:00
Janne Grunau	fd7426ed89	imgconvert: avoid undefined left shift in avcodec_find_best_pix_fmt CC: libav-stable@libav.org (cherry picked from commit 39bb27bf79bc4c2d8beaed637a14176264cb1916) Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit 7a7229b52d1900279041991fadbd29b27e8dfe95) Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit 8812b5f164109553f009ce385e17a1af16b6ea53) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2012-10-06 09:46:08 +02:00
Janne Grunau	459feb7cce	nuv: check RTjpeg header for validity CC: libav-stable@libav.org (cherry picked from commit 859a579e9bbf47fae2e09494c43bcf813dcb2fad) Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit 6704522ca9dd32c858ee474492be568c386910f9) Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit f31170d4e7f9671e019315391160d454b18d7296) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2012-10-06 09:46:03 +02:00
Kostya Shishkov	aa41212767	vc1dec: add flush function for WMV9 and VC-1 decoders CC: libav-stable@libav.org (cherry picked from commit 4dc8c8386eef942dba35c4f2fb3210e22b511a5b) Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit 02b72394627933dc8ce26445231a69f00dba491b) Conflicts: libavcodec/vc1dec.c Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit 0173a7966b331105158a88f96b9afcc431d2fef8) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2012-10-06 09:45:49 +02:00
Carl Eugen Hoyos	7923490712	Fix muxing mjpeg in swf.	2012-09-13 09:26:55 +02:00
Ronald S. Bultje	371e221d63	dxva2: include dxva.h if found Apparently, some build environments require dxva.h even for dxva2, while others lack this header entirely. Including it conditionally allows building in both cases. Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit fa84506177f0246b30d4ea6a99ee5d419f3e4550) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2012-09-13 04:41:59 +02:00
Mans Rullgard	44e6cf3f75	mov: set AVCodecContext.width/height for h264 This is required for correct cropping of files from Canon cameras. Signed-off-by: Mans Rullgard <mans@mansr.com> (cherry picked from commit 8aa93e900449c88c3169ff5636fed03f41779cac) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 2fb4be9a99a2c2a9435339830e3d940171cc0d9b) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 0054d70f23edd1f61a10a1c2c687b3a04831feb9) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-06-10 11:24:14 +02:00
Mans Rullgard	4eea330a2a	h264: allow cropping to AVCodecContext.width/height Override the frame size from the SPS with AVCodecContext values if the latter specify a size smaller by less than one macroblock. This is required for correct cropping of MOV files from Canon cameras. Signed-off-by: Mans Rullgard <mans@mansr.com> (cherry picked from commit 30f515091c323da59c0f1b533703dedca2f4b95d) Conflicts: libavcodec/h264.c (cherry picked from commit e1608014c50eeb9f4744a53de0794eb6bb1269a2) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit b102d5d97daedb717c023ec7bfa43047d97de284) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-06-10 09:54:47 +02:00
Michael Niedermayer	62133b38ed	h263: disable loop filter with lowres Fixes ticket1212 Found-by: Piotr Bandurski <ami_stuff@o2.pl> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit cc229d4e83889d1298f1a0863b55feec6c5c339a) Signed-off-by: Michael Niedermayer <michaelni@gmx.at> n0.6.6	2012-06-09 21:36:19 +02:00
Michael Niedermayer	6b14563c0e	wmv1: check that the input buffer is large enough Fixes null ptr deref Fixes Ticket1367 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit f23a2418fb0ccc56fdae4dbf83a5994cc917c475) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2012-06-09 21:36:15 +02:00
Michael Niedermayer	3074e8f78c	yopdec: check frame oddness to be within supported limits Fixes Ticket1365 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit febc013dc5d6db1535a4f91cf02fa8089038937c) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2012-06-09 21:36:10 +02:00
Michael Niedermayer	e37599001c	yopdec: check that palette fits in the packet Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit b6fdf8dea7aaf3cb9a979dce91f752c2ce3086a3) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2012-06-09 21:36:05 +02:00
Michael Niedermayer	32ac7c0cf6	truemotion1: Check index, fix out of array read Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit fd4c1c0b70b5a06dd572d7e27799a2f4c3d9b984) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2012-06-09 21:35:40 +02:00
Michael Niedermayer	9291fc8813	motionpixels: check extradata size Fixes null ptr derefernce Fixes Ticket1363 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 50122084a6b3be06781a2b3d8ec036f2d67c32e3) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2012-06-09 21:35:03 +02:00
Michael Niedermayer	62cbdd71eb	yop: check for missing extradata Fixes null ptr deref Fixes Ticket1361 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 77a4c8b959fa9bc6bcaa42b40a0b046cdf3fec38) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2012-06-09 21:34:50 +02:00
Michael Niedermayer	42bdeaecd4	cdgraphics: Fix out of array write Fixes Ticket1359 Found-by: Piotr Bandurski <ami_stuff@o2.pl> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 1e5c7376c4ed733910845c9a09e272ac7696b1f4) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2012-06-09 21:34:34 +02:00
Michael Niedermayer	438cfa9090	Merge remote-tracking branch 'qatar/release/0.6' into release/0.6 * qatar/release/0.6: Release notes for 0.6.6 Update changelog for 0.6.6 release Merged-by: Michael Niedermayer <michaelni@gmx.at>	2012-06-09 19:09:56 +02:00
Reinhard Tartler	64eb6892ec	Release notes for 0.6.6	2012-06-09 12:05:53 +02:00
Derek Buitenhuis	888cee659e	Update changelog for 0.6.6 release Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>	2012-06-08 15:20:14 -04:00
Michael Niedermayer	598eb973a7	Merge remote-tracking branch 'qatar/release/0.6' into release/0.6 * qatar/release/0.6: (32 commits) Bump version number for 0.6.6 release. tqi: Pass errors from the MB decoder ea: check chunk_size for validity. png: check bit depth for PAL8/Y400A pixel formats. dxva2: define required feature selection macros mingw32: merge checks for mingw-w64 and mingw32-runtime >= 3.15 into one mingw32: properly check if vfw capture is supported by the system headers configure: properly check for mingw-w64 through installed headers. mingw-w64 can also target 32-bit code. qdm2: clip array indices returned by qdm2_get_vlc(). kmvc: Check palsize. shorten: Use separate pointers for the allocated memory for decoded samples. shorten: check for realloc failure shorten: Fix out of bound writes in fix_bitshift() shorten: Prevent block size from increasing shorten: remove VLA and check for buffer overflow adpcm: ADPCM Electronic Arts has always two channels h264: Add check for invalid chroma_format_idc aacsbr: prevent out of bounds memcpy(). dpcm: ignore extra unpaired bytes in stereo streams. vqavideo: return error if image size is not a multiple of block size ... Conflicts: libavcodec/atrac3.c libavcodec/h264_ps.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2012-06-04 12:38:11 +02:00
Reinhard Tartler	4451f9ae16	Bump version number for 0.6.6 release.	2012-06-03 22:42:54 +02:00
Michael Niedermayer	83fa442b71	tqi: Pass errors from the MB decoder This silences some valgrind warnings. CC: libav-stable@libav.org Fixes second half of http://ffmpeg.org/trac/ffmpeg/ticket/794 Bug found by: Oana Stratulat Signed-off-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit f85334f58e1286287d0547a49fa9c93b40cbf48f) (cherry picked from commit 90290a5150e84fb138ccde57657dc03830f08c1c) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 5872580e65aab026b77754eb184f97ba7cc6ea35) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 2f2fd8c6d1c51a6b817e6c0bc4eff308b8f9cd18) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-06-03 21:35:17 +02:00
Ronald S. Bultje	679de9b5aa	ea: check chunk_size for validity. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 273e6af47b38391f2bcc157cca0423fe7fcbf55c) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 6a86b705e1d4b72f0dddfbe23ad3eed9947001d5) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit e74bc64dd376c4691a610ba62a66ed30affc97ec) Conflicts: libavformat/electronicarts.c	2012-06-03 21:35:17 +02:00
Ronald S. Bultje	e17b1536a1	png: check bit depth for PAL8/Y400A pixel formats. Wrong bit depth can lead to invalid rowsize values, which crashes the decoder further down. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit d2205d6543881f2e6fa18c8a354bbcf91a1235f7) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit b8d6ba9d50e80fdce2ed74cdaffd4960df8a21c5) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 33f93005f1a86c108302b4c5978aa1a3d8e092cc) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-06-03 21:35:16 +02:00
Kyle	97ed486fff	dxva2: define required feature selection macros Signed-off-by: Mans Rullgard <mans@mansr.com> (cherry picked from commit 04973f8082c5a822112d2e42d535b7f3f59dccc0) Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>	2012-06-02 19:25:12 -04:00
Ramiro Polla	77630b68e5	mingw32: merge checks for mingw-w64 and mingw32-runtime >= 3.15 into one Originally committed as revision 24204 to svn://svn.ffmpeg.org/ffmpeg/trunk (cherry picked from commit e26011d0f495de1148b8014995cbe923611b6b76) Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>	2012-06-02 19:25:12 -04:00
Ramiro Polla	732dbc0f03	mingw32: properly check if vfw capture is supported by the system headers Remove check for an specific w32api version, checking instead if vfw.h supports vfw capture. The defines in w32api 3.12 were wrong, so this must be accounted for in the check. Originally committed as revision 24203 to svn://svn.ffmpeg.org/ffmpeg/trunk (cherry picked from commit ec1ee802a2e1cb3317bd44851cc28f95b5916051) Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Conflicts: configure	2012-06-02 19:25:12 -04:00
Ramiro Polla	68d2c6e872	configure: properly check for mingw-w64 through installed headers. mingw-w64 can also target 32-bit code. Originally committed as revision 24156 to svn://svn.ffmpeg.org/ffmpeg/trunk (cherry picked from commit 0a4307d6307516d333ce2cde2a2ffa0f50bc176c) Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>	2012-06-02 19:25:12 -04:00
Ronald S. Bultje	4bccd5a36b	qdm2: clip array indices returned by qdm2_get_vlc(). Prevents subsequent overreads when these numbers are used as indices in arrays. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com> (cherry picked from commit 64953f67f98da2e787aeb45cc7f504390fa32a69) Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Conflicts: libavcodec/qdm2.c	2012-06-02 19:25:12 -04:00
Alex Converse	07bff95176	kmvc: Check palsize. Fixes: CVE-2011-3952 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Based on fix by Michael Niedermayer (cherry picked from commit 386741f887714d3e46c9e8fe577e326a7964037b) (cherry picked from commit 416849f2e06227b1b4a451c392f100db1d709a0c) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-05-28 21:21:53 +02:00
Michael Niedermayer	cfad9930ff	shorten: Use separate pointers for the allocated memory for decoded samples. Fixes invalid free() if any of the buffers are not allocated due to either not decoding a header or an error prior to allocating all buffers. Fixes CVE-2012-0858 CC: libav-stable@libav.org Signed-off-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com> (cherry picked from commit 204cb29b3c84a74cbcd059d353c70c8bdc567d98) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 6fc3287b9ccece290c5881b92948772bbf72e68c) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 96ed18cab1048f03ff1c825f46b25d49218f1da4) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-05-28 21:21:53 +02:00

1 2 3 4 5 ...

24248 Commits