Commit Graph

31910 Commits

Author SHA1 Message Date
Chris Evans
afb2aa5379 vorbis: An additional defense in the Vorbis codec.
Fixes Bug: #190
Chromium Bug: #100543
Related to CVE-2011-3893

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
2012-01-08 09:09:26 +01:00
Reinhard Tartler
e6d527ff72 vorbisdec: Fix decoding bug with channel handling
Fixes Bug: #191
Chromium Bug: #101458
CVE-2011-3895

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
2012-01-07 23:16:52 +01:00
Diego Biurrun
badb195d13 cabac: Move code only used within the CABAC test program into the test program. 2012-01-07 22:13:14 +01:00
Diego Biurrun
1be4b8ccba vp56: Drop unnecessary cabac.h #include. 2012-01-07 22:13:12 +01:00
Diego Biurrun
a7e3cb9d32 h264-test: Initialize AVCodecContext.av_class.
This fixes a segfault on startup.

Also remove a commented-out and completely unused variable.
2012-01-07 22:13:10 +01:00
Diego Biurrun
52877251cf build: Skip compiling network.h and rtsp.h if networking is not enabled.
rtsp.h relies on network.h and the latter conditionally defines fallback OS
structures that rely on configure tests, which are only run if networking
is enabled.
2012-01-07 22:13:08 +01:00
Diego Biurrun
3dc99a18d4 cosmetics: drop some pointless parentheses 2012-01-07 22:13:07 +01:00
Andrey Utkin
079688b6cb Disable annoying warning without changing behavior
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-07 12:46:57 -08:00
Diego Biurrun
8b1a26864c faq: Solutions for common problems with sample paths when running FATE. 2012-01-07 20:53:07 +01:00
Justin Ruggles
3f6aa85ed4 avcodec: attempt to clarify the CODEC_CAP_DELAY documentation 2012-01-07 14:33:16 -05:00
Justin Ruggles
07837e4158 avcodec: fix avcodec_encode_audio() documentation.
the previous documentation indicated how many bytes are read from the input,
not how many samples are read.
2012-01-07 14:33:15 -05:00
Mike Melanson
15f073ee6d FATE: xmv-demux test; exercise the XMV demuxer without decoding the perceptual codecs inside.
Code coverage:
libavformat/xmv.c: 3% -> 91%

Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-07 11:21:27 -08:00
Paul B Mahol
49a2aebc00 vqf: recognize more metadata chunks
Do not create tags for non-char chunks.
Create readable tag for DSIZ chunk.

Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-07 11:14:57 -08:00
Mike Melanson
2907f88aee FATE test: BMV demuxer and associated video and audio decoders.
Code coverage:
libavcodec/bmv.c: 0% -> 75%
libavformat/bmv.c: 0% -> 85%

Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-07 11:10:58 -08:00
Mike Melanson
9689a1af6d FATE: indeo4 video decoder test.
Code coverage:
libavcodec/indeo4.c: 0% -> 78%

Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-07 11:09:04 -08:00
Mike Melanson
f93843e9a0 FATE: update xxan-wc4 test to a sample with more code coverage.
The previous sample used for this test only contained type 0 frames.
Replace it with a sample that also features type 1 frames.
Code coverage:
libavcodec/xxan.c: 72% -> 89%

Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-07 11:06:53 -08:00
Mike Melanson
c262404d98 Change the recent h264_mp4toannexb bitstream filter test to output to an elementary stream rather than a program stream.
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-07 11:04:46 -08:00
Justin Ruggles
cf1a259ad6 g722enc: validate AVCodecContext.trellis 2012-01-07 13:38:23 -05:00
Justin Ruggles
77c5b66cbe g722enc: set frame_size, and also handle an odd number of input samples
The fate reference is updated because the previous test skipped a sample in
each encode() call due each input frame having an odd number of samples.
2012-01-07 13:38:23 -05:00
Justin Ruggles
34093ba081 g722enc: split encoding into separate functions for trellis vs. no trellis 2012-01-07 13:38:23 -05:00
Vitor Sessak
96219141e2 mpegaudiodec: Use clearer pointer math
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-07 08:23:27 -08:00
Michael Niedermayer
4b4acc544f tta: Fix returned error code at EOF
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com>
2012-01-07 09:59:15 -05:00
Michael Niedermayer
d8b33a9989 tta: fix off be 1 error in the end detection.
Fixes use of uninitialized values.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com>
2012-01-07 09:59:09 -05:00
Justin Ruggles
52e9854a83 tta: fix 24-bit decoding.
Decode to the correct output buffer.
2012-01-07 09:44:13 -05:00
Paul B Mahol
75146b8828 ipmovie: Add param change side data if the video dimensions have changed
Signed-off-by: Martin Storsjö <martin@martin.st>
2012-01-07 15:25:41 +02:00
Paul B Mahol
17aa02b9a1 interplayvideo: Handle changed video dimensions on the fly
Signed-off-by: Martin Storsjö <martin@martin.st>
2012-01-07 15:25:38 +02:00
Martin Storsjö
c5d907b6b0 libavcodec: Handle param change side data in avcodec_decode_video2, too
Also call avcodec_set_dimensions on dimension param change packets.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-01-07 15:25:35 +02:00
Martin Storsjö
867f923df4 libavcodec: Move apply_param_change up above avcodec_decode_video2
This is in preparation to calling it from avcodec_decode_video2.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-01-07 15:25:30 +02:00
Janne Grunau
be540e0cb3 indeo3: check motion vectors for validity
Fixes null pointer dereferences in fuzzed files found by Oana Stratulat.

Signed-off-by: Janne Grunau <janne-libav@jannau.net>
2012-01-07 09:41:11 +01:00
Michael Niedermayer
b18a0cc781 indeo5: Fix null pointer dereference.
Bug found by: Oana Stratulat

Signed-off-by: Janne Grunau <janne-libav@jannau.net>
2012-01-07 00:18:42 +01:00
Janne Grunau
73b16198b6 electronicarts: check bytes per sample for validity
Prevents division by zero.
2012-01-07 00:18:42 +01:00
Laurentiu Ion
b348c852aa flicvideo: fix invalid reads
Prevent invalid reads using bytestream2 functions.
Fixes bug #126.

Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com>
2012-01-06 16:48:27 -05:00
Chris Evans
57cd6d7095 vorbis: Avoid some out-of-bounds reads
Fixes Bug: #190
Chromium Bug: #100543
Related to CVE-2011-3893

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
2012-01-06 19:58:22 +01:00
Paul B Mahol
f86209b43d vqf: add more known extensions
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-06 09:24:40 -08:00
Diego Biurrun
3aa3fc45fe cabac: remove unused function renorm_cabac_decoder 2012-01-06 13:37:55 +01:00
Diego Biurrun
301fb92131 h264: Only use symbols from the SVQ3 decoder under proper conditionals.
Fixes --disable-everything --enable-decoder=h264 --disable-optimizations.
2012-01-06 13:37:53 +01:00
Justin Ruggles
6e8bf6db48 add bytestream2_tell() and bytestream2_seek() functions 2012-01-05 23:36:36 -05:00
Janne Grunau
f907615f08 parsers: initialize MpegEncContext.slice_context_count to 1
The mpeg4 video, H264 and VC-1 parser hold (directly or indirectly)
a MpegEncContext in their private context. Since they do not call the
common mpegvideo init function slice_context_count has explicitly set
to 1.
Prevents a null pointer dereference in the h264 parser and fixes
bug 193.
2012-01-06 01:47:45 +01:00
Anssi Hannula
580bb77936 spdifenc: use special alignment for DTS-HD length_code
Align IEC 61937 length_code for DTS-HD so that
(length_code & 0xf) == 0x8. This is reportedly needed with some
receivers.

Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-05 16:27:07 -08:00
Janne Grunau
f5be84cfbc ipmovie: do not read audio packets before the codec is known
Prevents a division by zero.
2012-01-05 23:19:14 +01:00
Janne Grunau
696ace50ea truemotion2: check size before GetBitContext initialisation
Prevents null ptr derefence for negative sizes.
2012-01-05 23:19:13 +01:00
Martin Storsjö
acb074301c avio: Only do implicit network initialization for network protocols
The implicit network initialization is set to be removed in the
future, but is kept for compatibility. By not doing the implicit
initialization for non-network protocols, we avoid the warning
about avformat_network_init() not being called for these, where
it really doesn't make much sense.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-01-05 23:56:56 +02:00
Martin Storsjö
32b83aeec1 avio: Add an URLProtocol flag for indicating that a protocol uses network
This definition is in two files, since the definitions will move
to the private header at the next bump.

Signed-off-by: Martin Storsjö <martin@martin.st>
2012-01-05 23:56:52 +02:00
Janne Grunau
bb5b3940b0 adpcm: ADPCM Electronic Arts has always two channels 2012-01-05 22:29:18 +01:00
Chris Evans
faaec4676c matroskadec: Fix a bug where a pointer was cached to an array that might later move due to a realloc()
Fixes bug #190
Chromium bug #100492
related to CVE-2011-3893

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
2012-01-05 21:21:57 +01:00
Alex Converse
ce23b2af18 fate: Add missing reference file from 9b4767e4. 2012-01-05 11:14:23 -08:00
Alex Converse
4274e481c0 mov: Support MOV_CH_LAYOUT_USE_DESCRIPTIONS for labeled descriptions. 2012-01-05 10:34:06 -08:00
Aneesh Dogra
9b55b4bb3a 4xm: Prevent buffer overreads.
4xm decoder while decoding i2 frames can overread the buffer if proper checks
are not made.

Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
2012-01-05 09:37:16 -08:00
Janne Grunau
e268a352af mjpegdec: parse RSTn to prevent skipping other data in mjpeg_decode_scan
Check explicitly if enough bits are left to prevent an infinite loop
when the bitstream buffer is not followed by zero-padding.

Based on patches by Michael Niedermayer <michaelni@gmx.at>.
2012-01-05 18:20:35 +01:00
Janne Grunau
5e5cde2745 vp3: add fate test for non-zero last coefficient 2012-01-05 18:18:08 +01:00