ffmpeg

Author	SHA1	Message	Date
Anton Khirnov	6548cb2578	libx264: add 'stats' private option for setting 2pass stats filename. x264 always opens the file itself with fopen, so we cannot use the standard lavc stats mechanism. CC: libav-stable@libav.org (cherry picked from commit d533e395e14d403948ca2424efbcee92429ef8e1) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 21:00:12 +01:00
Anton Khirnov	f6257cf4b7	libx264: fix help text for slice-max-size option. CC: libav-stable@libav.org (cherry picked from commit 9d5c131ecec75fcfb1b4b56f74f2b2756bf0027a) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 21:00:02 +01:00
Anton Khirnov	a15adb18fa	avconv: reindent CC: libav-stable@libav.org (cherry picked from commit 64334ddbbc7fce490c895c54106291d0b128e830) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 20:59:00 +01:00
Anton Khirnov	666bd5848a	avconv: link '-passlogfile' option to libx264 'stats' AVOption. Fixes bug 204. CC: libav-stable@libav.org (cherry picked from commit 6e8be949f12734f38d360aad0f5c503a0f9606fa) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 20:57:11 +01:00
Janne Grunau	d94256d36c	Revert "h264: clear trailing bits in partially parsed NAL units" This reverts commit 729ebb2f185244b0ff06d48edbbbbb02ceb4ed4e. There was an off-by-one error in the bit mask calculation clearing actually the last valid bit and causing http://bugzilla.libav.org/show_bug.cgi?id=227 The broken sample (Mr_MrsSmith-h264_aac.mp4) the commit was fixing does not work after correcting the off-by-one error. CC: libav-stable@libav.org (cherry picked from commit 8a6037c3900875ccab8d553d2cc659bdef2c9d0e) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 20:56:55 +01:00
Ronald S. Bultje	7bb97a61df	mpc: pad mpc_CC/SCF[] tables to allow for negative indices. MPC8 allows indices of mpc_CC up to -1, and mpc_SCF up to -6, thus pad the tables by that much on the left end. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit d7eabd50425a61b31e90c763a0c3e4316a725404) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 20:48:29 +01:00
Ronald S. Bultje	c65eadee5d	xxan: protect against chroma LUT overreads. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit f77bfa837636a99a4034d31916a76f7d1688cf5a) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 20:47:19 +01:00
Ronald S. Bultje	a43f4bd601	xxan: convert to bytestream2 API. Protects against overreads. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 55188278169c3a1838334d7aa47a1f7a40741690) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 20:47:19 +01:00
Ronald S. Bultje	8f881885c2	xxan: don't read before start of buffer in av_memcpy_backptr(). Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit f1279e286b00e99f343adb51e251f036a3df6f32) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 20:47:19 +01:00
Ronald S. Bultje	26521d87ba	dsicinvideo: validate buffer offset before copying pixels. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit c95fefa0420be9cc0f09a95041acf11114aaacd0) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 20:47:19 +01:00
Ronald S. Bultje	e1a4143793	cook: error out on quant_index values outside [-63, 63] range. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 97e48b2f541396ef6e8816a555bac1bb993d7a6a) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 20:47:19 +01:00
Ronald S. Bultje	b9482a6efd	cook: extend channel uncoupling tables so the full bit range is covered. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 37cc8600d0313838cab5b886b9d373e5819aa24f) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-14 20:47:19 +01:00
Ronald S. Bultje	88c3cc019c	cook: expand dither_tab[], and make sure indexes into it don't overflow. Fixes overflows in accessing dither_tab[]. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 442c3a8cb1785d74f8e2d7ab35b1862b7088436b) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-13 23:40:29 +01:00
Ronald S. Bultje	9980e4df3b	huffyuv: add padding to classic (v1) huffman tables. We slightly overread the input buffer, so we require padding at the end of the buffer, as is documented in the get_bits API. Without padding, we'll read uninitialized data or beyond the end of the .rodata, which may crash. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 4ffe5e2aa5241f8da9afd2c8fbc854dcc916c5f9) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-13 23:36:39 +01:00
Ronald S. Bultje	d4f2786cda	avs: fix infinite loop on end-of-stream. The codec would keep returning the last decoded frame if the stream contains B-frames, since it wouldn't clear that frame from the list of frames to be returned to the user. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 83f15a1228895434a982c840b09edccd1c64e800) Conflicts: libavcodec/cavsdec.c Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-13 23:36:02 +01:00
Alex Converse	2744fdbd9e	tiffdec: Prevent illegal memory access caused by recycled pointers. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit fd0be63049ed46660993d0550a4f0847a0b942ea) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-13 23:30:55 +01:00
Ronald S. Bultje	1fcc2c6091	wma: fix off-by-one in array bounds check. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit b4bccf3e4e58f6fe58043791ca09db01a4343fac) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-13 23:30:39 +01:00
Ronald S. Bultje	74871ac70a	dv: check buffer size before reading profile. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit e97efecec82ca8458a9bbd75a91ebf556abde362) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-13 23:30:21 +01:00
Ronald S. Bultje	9cb7f6e54a	raw: move buffer size check up. This way, it protects against overreads for 4bpp/2bpp content also. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit cc5dd632cecc5114717d0b90f8c2be162b1c6ee8) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-13 23:23:58 +01:00
Ronald S. Bultje	ed6aaf579d	dca: prevent accessing static arrays with invalid indexes. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit e6ffd997cbc06426e75d3fa291b991866c84a79b) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-13 23:22:32 +01:00
Ronald S. Bultje	e1b4614ab4	lpcm: fix sample size calculation for 20bit LCPM. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit f1320dc3bed281bb2f3c5531c52b6a6246e2394a) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-13 23:12:00 +01:00
Ronald S. Bultje	c3bf08d04c	smacker: error out if palette copy-with-offset overruns palette size. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit a93b572ae4f517ce0c35cf085167c318e9215908) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-13 23:12:00 +01:00
Ronald S. Bultje	12247a13e0	Don't use ff_cropTbl[] for IDCT. Results of IDCT can by far outreach the range of ff_cropTbl[], leading to overreads and potentially crashes. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit c23acbaed40101c677dfcfbbfe0d2c230a8e8f44) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-08 22:07:55 +01:00
Ronald S. Bultje	7503861b42	swscale: make filterPos 32bit. Fixes overflows for large image sizes. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 2254b559cbcfc0418135f09add37c0a5866b1981) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-08 22:07:55 +01:00
Ronald S. Bultje	9def2f200e	error_resilience: initialize s->block_index[]. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 6193ff68549ecbaf1a4d63a0e06964ec580ac620) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-08 22:07:55 +01:00
Ronald S. Bultje	7b676935ee	svq3: protect against negative quantizers. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 11b940a1a8e7e5d5b212935a3ce78aeda577f5f2) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-08 22:07:55 +01:00
Reinhard Tartler	9550c63196	Prepare for 0.8.1 Release	2012-03-08 22:07:54 +01:00
Justin Ruggles	4a15240a27	mov: set channel layout for AC-3 streams based on the 'dac3' atom info fixes Bug 225 (cherry picked from commit 3798205a77ce275613098ecb48645e6029811f14) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-08 22:07:54 +01:00
Janne Grunau	a47b96bdd3	rv34: handle size changes during frame multithreading Factors all context dynamic memory handling to its own functions. Fixes bug 220. (cherry picked from commit 2bd730010da24d035639586bb13862abe36cc1b8) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-03-08 22:07:54 +01:00
Alex Converse	fb049da952	mov: Add more HDV and XDCAM FourCCs. Reference: VLC (cherry picked from commit b142496c5630b9bc88fb9eaccae7f6bd62fb23e7)	2012-03-06 15:31:49 -08:00
Alex Converse	4a325ddeae	mov: Add support for MPEG2 HDV 720p24 (hdv4) (cherry picked from commit 0ad522afb3a3b3d22402ecb82dd4609f7655031b)	2012-03-06 15:31:41 -08:00
Alex Converse	48ac765efe	rv10/20: Fix slice overflow with checked bitstream reader. (cherry picked from commit 9243ec4a508c81a621e941bb7e012e2d45d93659)	2012-03-06 15:31:23 -08:00
Michael Niedermayer	522645e38f	h263dec: Disallow width/height changing with frame threads. Fixes CVE-2011-3937 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 71db86d53b5c6872cea31bf714a1a38ec78feaba) Conflicts: libavcodec/h263dec.c Signed-off-by: Alex Converse <alex.converse@gmail.com>	2012-03-06 15:28:01 -08:00
Alex Converse	e891ee4bf6	adpcm: Clip step_index values read from the bitstream at the beginning of each frame. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind (cherry picked from commit bbeb29133b55b7256d18f5aaab8b5c8e919a173a)	2012-03-06 15:28:01 -08:00
Alex Converse	ef673211e7	tiff: Make the TIFF_LONG and TIFF_SHORT types unsigned. TIFF v6.0 (unimplemented) adds signed equivalents. (cherry picked from commit e32548d1331ce05a054f1028fcdda8823a4f215a)	2012-03-06 15:28:01 -08:00
Alex Converse	eaeaeb265f	dpcm: ignore extra unpaired bytes in stereo streams. Fixes: CVE-2011-3951 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind (cherry picked from commit ce7aee9b733134649a6ce2fa743e51733f33e67e)	2012-03-06 15:28:01 -08:00
Alex Converse	db315c796d	svq3: Prevent illegal reads while parsing extradata. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind (cherry picked from commit 9e1db721c4329f4ac166a0bcc002c8d75f831aba)	2012-03-06 15:28:01 -08:00
Alex Converse	035dd77cbb	dv: Fix small overread in audio frequency table. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind (cherry picked from commit 0ab3687924457cb4fd81897bd39ab3cc5b699588)	2012-03-06 15:28:01 -08:00
Michael Niedermayer	e3743869e9	ac3dec: Move center and surround mix level tables to the parser. That way all mix levels as exported by avpriv_ac3_parse_header() will have the same meaning. Previously the 3-bit center mix level for E-AC-3 was used to index in a 4-entry table, leading to out-of-array reads. Signed-off-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com> Signed-off-by: Alex Converse <alex.converse@gmail.com> (cherry picked from commit e6d9fa66f12cf5a3024c9bc7c4c608f7fc59207e)	2012-03-06 15:28:01 -08:00
Alex Converse	ce14f00dea	movdec: Avoid av_malloc(0) in stss Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind (cherry picked from commit 29a20ac4a19df5acc0eef306ca5a737778a31358)	2012-03-06 15:28:01 -08:00
Mans Rullgard	627f4621f5	ac3: Do not read past the end of ff_ac3_band_start_tab. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Alex Converse <alex.converse@gmail.com> (cherry picked from commit 034b03e7a0e8e4f8f66c82b736f2c0aa7c063ec0)	2012-03-06 15:28:01 -08:00
Alex Converse	3e8434bcea	dv: Fix small stack overread related to CVE-2011-3929 and CVE-2011-3936. Found with asan. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Alex Converse <alex.converse@gmail.com> (cherry picked from commit 2d1c0dea5f6b91bec7f5fa53ec050913d851e366)	2012-03-06 15:28:01 -08:00
Michael Niedermayer	efd30c4d95	dv: Fix null pointer dereference due to ach=0 dv: Fix null pointer dereference due to ach=0 Fixes part2 of CVE-2011-3929 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Reviewed-by: Roman Shaposhnik <roman@shaposhnik.org> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Alex Converse <alex.converse@gmail.com> (cherry picked from commit 5a396bb3a66a61a68b80f2369d0249729bf85e04)	2012-03-06 15:28:00 -08:00
Michael Niedermayer	d7fddc97d4	dv: check stype dv: check stype Fixes part1 of CVE-2011-3929 Possibly fixes part of CVE-2011-3936 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Reviewed-by: Roman Shaposhnik <roman@shaposhnik.org> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Alex Converse <alex.converse@gmail.com> (cherry picked from commit 635bcfccd439480003b74a665b5aa7c872c1ad6b)	2012-03-06 15:28:00 -08:00
Dale Curtis	feed0c6b6a	mpegaudiodec: Prevent premature clipping of mp3 input buffer. Instead of clipping extrasize based on EXTRABYTES, clip based on the amount of buffer actually left. Without this fix, there are warbles and other distortions in the test case below. http://kevincennis.com/mix/assets/sounds/1901_voxfx.mp3 (cherry picked from commit b7165426917f91ebcad84bdff366824f03b32bfe) Signed-off-by: Alex Converse <alex.converse@gmail.com>	2012-03-06 15:28:00 -08:00
Alex Converse	d0e53ecff7	mp3dec: Fix a heap-buffer-overflow In some cases, what is left to read from ptr is smaller than EXTRABYTES. Based on a patch by Thierry Foucu <tfoucu@gmail.com>. Signed-off-by: Alex Converse <alex.converse@gmail.com> (cherry picked from commit f372ce119bd2458fa0b4ddfb2af3a36621df99f7)	2012-03-06 15:28:00 -08:00
Alex Converse	1ca84aa162	mpeg12: Pad framerate tab to 16 entries. There are many places where we read an unchecked 4-bit index into it. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind (cherry picked from commit dfa37fe8a3d9243dd339d94befa065e2c90b29e6)	2012-03-06 15:28:00 -08:00
Michael Niedermayer	d5f2382d03	kgv1dec: Increase offsets array size so it is large enough. Fixes CVE-2011-3945 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 807a045ab7f51993a2c1b3116016cbbd4f3d20d6) Signed-off-by: Alex Converse <alex.converse@gmail.com> (cherry picked from commit a02e8df973f5478ec82f4c507f5b5b191a5ecb6b)	2012-03-06 15:28:00 -08:00
Alex Converse	416849f2e0	kmvc: Check palsize. Fixes: CVE-2011-3952 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Based on fix by Michael Niedermayer (cherry picked from commit 386741f887714d3e46c9e8fe577e326a7964037b)	2012-03-06 15:28:00 -08:00
Alex Converse	dd37038ac7	nsvdec: Propagate errors Related to CVE-2011-3940. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind (cherry picked from commit c898431ca5ef2a997fe9388b650f658fb60783e5) Conflicts: libavformat/nsvdec.c	2012-03-06 15:28:00 -08:00

1 2 3 4 5 ...

32043 Commits