ffmpeg

Author	SHA1	Message	Date
Martin Storsjö	75f811babc	matroskadec: Verify realaudio codec parameters Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 569d18aa9dc989c37bb4d4b968026fe5afa6fff9) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit 9f7a8b8f8f6ad024410232d926b774261ef2ef36)	2014-01-07 09:43:56 +01:00
Martin Storsjö	48f27c854f	mace: Make sure that the channel count is set to a valid value Also return a proper error code. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit e1f3847f860a1094a46be4c5f10db8df616c3135) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/mace.c	2014-01-07 09:43:56 +01:00
Martin Storsjö	802deb2d13	svq3: Check for any negative return value from ff_h264_check_intra_pred_mode Also pass on any returned error code. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 1115689d54ea95a084421f5a182b8dc56cbff978) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/svq3.c	2014-01-07 09:43:56 +01:00
Martin Storsjö	290783b848	vp3: Check the framerate for validity Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 6fc8226e29055858f28973bb3d27b63b3b65e616) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit b4c479a82adbb1301e3e549cd80cdd65208ddd05)	2014-01-07 09:43:56 +01:00
Martin Storsjö	7f80928c0e	cavsdec: Make sure a sequence header has been decoded before decoding pictures Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit e90a6846c2c006fbebd00e1f2789f4a86fafacef) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/cavsdec.c	2014-01-07 09:43:56 +01:00
Martin Storsjö	b9e90b36cd	sierravmd: Do sanity checking of frame sizes Limit the size to INT_MAX/2 (for simplicity) to be sure that size + BYTES_PER_FRAME_RECORD won't overflow. Also factorize other existing error return paths. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 0ef1660a6365ce60ead8858936b6f3f8ea862826) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit 153deed18bed43d16b272e8681b2a9b988d2682a)	2014-01-07 09:43:56 +01:00
Martin Storsjö	7981b5c20e	omadec: Properly check lengths before incrementing the position Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 342c43d154e586bc022c86b168fe8d36f69da9d3) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit 9eba02d5dd7036294ea350cb772822deec95b867)	2014-01-07 09:43:56 +01:00
Martin Storsjö	9291012d52	mpc8: Make sure the first stream exists before parsing the seek table Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 17d57848fc14e82f76a65ffb25c90f2f011dc4a0) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit 557df77eab7d3726c34221aeb999afe9e7818d52)	2014-01-07 09:43:56 +01:00
Martin Storsjö	486c457675	mpc8: Check the seek table size parsed from the bitstream Limit the size to INT_MAX/2 (for simplicity) to be sure that size + FF_INPUT_BUFFER_PADDING_SIZE won't overflow. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 459f2b393a3f89ed08d10fbceb4738d1429f268e) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit f8a72f041c049e812dfa1f32156327e9778f5710)	2014-01-07 09:43:56 +01:00
Michael Niedermayer	b81d804f2a	zmbvdec: Check the buffer size for uncompressed data Also don't pointlessly set the buffer size to 1 after copying one packet. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 0d61f260010707f3028b818e8b24598e1a83d696) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2014-01-07 09:43:56 +01:00
Martin Storsjö	f241d5aa1f	ape: Don't allow the seektable to be omitted The seektable is required for filling in ape->frames[i].pos further down. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 183b9d843a9533774fabd3984a52f3987001acbc) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2014-01-07 09:43:56 +01:00
Martin Storsjö	7d8a4bb8d2	shorten: Break out of loop looking for fmt chunk if none is found Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit b26742cc308552f242ee2bf93b07a3ff509f4edc) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2014-01-07 09:43:56 +01:00
Martin Storsjö	712945d21e	shorten: Use a checked bytestream reader for the wave header Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 49568851bf1700e3d9ea9cda29208d0df3c2c38b) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2014-01-07 09:43:56 +01:00
Martin Storsjö	d5c104c1ae	smacker: Make sure we don't fill in huffman codes out of range Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 0679cec6e8802643bbe6d5f68ca1110a7d3171da) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2014-01-07 09:43:56 +01:00
Martin Storsjö	68a1df13c4	smacker: Avoid integer overflow when allocating packets Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 710b0e27025948b7511821c2f888ff2d74a59e14) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2014-01-07 09:43:56 +01:00
Martin Storsjö	61032c577d	smacker: Don't return packets in unallocated streams Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 8d928023f953a28692ba27071a448259134b103b) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2014-01-07 09:43:56 +01:00
Martin Storsjö	e01d623e01	dsicin: Add some basic sanity checks for fields read from the file Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 48d6556dd46d4f4fac10d0f4a819e314887cd50e) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2014-01-07 09:43:56 +01:00
Martin Storsjö	b6fc0127ce	arm: Don't clobber callee saved registers in scalarproduct q4-q7/d8-d15 are supposed to not be clobbered by the callee. CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit d307e408d4a9ada22df443cc38be77cc5e492694) Signed-off-by: Martin Storsjö <martin@martin.st>	2013-12-20 22:09:24 +02:00
Reinhard Tartler	b997a6a86d	Prepare for 0.8.10 Release	2013-12-14 14:34:28 -05:00
Michael Niedermayer	6f6cd7dbe5	roqvideodec: check dimensions validity Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 3ae610451170cd5a28b33950006ff0bd23036845) Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit fee26d352a52eb9f7fcd8d9167fb4a5ba015b612) CC: libav-stable@libav.org Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 488f87be873506abb01d67708a67c10a4dd29283) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 52b18c1fde65efac7f6e6104b76d39bf8d0a34ee) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-12-14 14:31:29 -05:00
Michael Niedermayer	b5736759ee	qdm2: check array index before use, fix out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit a7ee6281f7ef1c29284e3a4cadfe0f227ffde1ed) CC: libav-stable@libav.org Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 39bec05ed42e505d17877b0c23f16322f9b5883b) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 0b2b8ab979624b0cce673d5e99255482d7c553ad) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-12-14 14:31:03 -05:00
Reinhard Tartler	d4a24e43ed	alsdec: check block length Fix writing over the end Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Addresses: CVE-2013-0845 (cherry picked from commit 2a0fb7286d67c47e44aa76c237ede117b22af616) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 3f7d89034bfe50893927cc92ddcb95a2e9b4178d) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-12-14 14:30:24 -05:00
Reinhard Tartler	ae9652605a	Changelog for 0.8.9	2013-11-02 10:31:35 -04:00
Reinhard Tartler	d2f4846591	Prepare for 0.8.7 Release	2013-11-02 10:17:43 -04:00
Diego Biurrun	62c8bf00bb	x86: fft: Remove 3DNow! optimizations, they break FATE	2013-10-30 19:19:44 +01:00
Diego Biurrun	a1b82c6b1c	x86: ac3dsp: Drop mmx variant of ac3_max_msb_abs_int16 The function accidentally uses mmxext instructions, so it causes sigill on mmx-only CPUs and provides no benefit on CPUs with mmxext available. Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-10-29 17:03:25 +01:00
Luca Barbato	2ed8a550da	aac: Check init_get_bits return value Some code paths can call it with invalid length. CC: libav-stable@libav.org (cherry picked from commit 71953ebcf94fe4ef316cdad1f276089205dd1d65) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-10-28 14:16:37 +01:00
Luca Barbato	ef67d8107e	aac: return meaningful errors (cherry picked from commit 07c52e2c7c60b087fd023cd9771778973def0b33) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/aacdec.c	2013-10-28 14:16:37 +01:00
Luca Barbato	8119336df4	dsicinav: K&R formatting cosmetics (cherry picked from commit fcae3ff124ee97c9265e3b93f3d41238b2aee9bd) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/dsicinav.c	2013-10-28 14:16:37 +01:00
Martin Storsjö	86d0bf0e96	mov: Seek back if overreading an individual atom Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Cc: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 5b4eb243bce10a3e8345401a353749e0414c54ca) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavformat/mov.c	2013-10-28 14:16:37 +01:00
Anton Khirnov	be8b796f55	vcr1: add sanity checks Fixes invalid reads with corrupted files. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 8aba7968dd604aae91ee42cbce0be3dad7dceb30) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/vcr1.c	2013-10-28 14:16:37 +01:00
Anton Khirnov	8297853917	pictordec: pass correct context to avpriv_request_sample Fixes invalid reads. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry-picked from commit fe9bb61f9a16be19ad91875632c39e44b7a99a8a) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/pictordec.c	2013-10-28 14:16:37 +01:00
Luca Barbato	b8ba48c725	dsicinav: Clip the source size to the expected maximum A packet larger than cin->bitmap_size does not make sense. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit fd8189932147a524fe43532b46baa35e8be92a1b) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/dsicinav.c	2013-10-28 14:16:37 +01:00
Luca Barbato	1682c9fb59	alsdec: Clean up error paths Fix at least a memory leak. CC: libav-stable@libav.org (cherry picked from commit ca488ad480360dfafcb5766f7bfbb567a0638979) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/alsdec.c	2013-10-28 14:16:37 +01:00
Reimar Döffinger	5971631d84	ogg: Fix potential infinite discard loop Seeking in certain broken files would cause ogg_read_timestamp to fail because ogg_packet would go into a state where all packets of stream 1 would be discarded until the end of the stream. Bug-Id: 553 CC: libav-stable@libav.org Signed-off-by: Jan Gerber <j@v2v.cc> Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit 9a27acae9e6b7d0bf74c5b878af9c42495a546f3) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavformat/oggdec.c	2013-10-28 14:16:37 +01:00
Luca Barbato	4a11d773f9	nuv: check rtjpeg_decode_frame_yuv420 return value CC: libav-stable@libav.org (cherry picked from commit 85ac12587bfef970d0e0e4abc292df346daf8478) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/nuv.c	2013-10-16 23:05:51 +02:00
Luca Barbato	abb41f19cc	nuv: Reset the frame on resize Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/nuv.c	2013-10-16 23:05:51 +02:00
Luca Barbato	c1ebdef01b	nuv: Use av_fast_realloc The decompressed buffer can be used after codec_reinit, so it must be preserved. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 2df0776c2293efb0ac12c003843ce19332342e01) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/nuv.c	2013-10-16 23:05:51 +02:00
Anton Khirnov	d2eddcfc83	nuv: return meaningful error codes. (cherry picked from commit 3344f5cb747bb1f54cc34878b66dc0536f194720) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/nuv.c	2013-10-16 23:05:51 +02:00
Luca Barbato	36fc320747	nuv: Pad the lzo outbuf And properly update the buf_size with the correct size. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 075dbc185521f193c98b896cd63be3ec2613df5d) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/nuv.c	2013-10-16 23:05:51 +02:00
Luca Barbato	cda26ab21e	nuv: Do not ignore lzo decompression failures Update the fate reference since the last broken frame is not decoded anymore. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit aae159a7cc4df7d0521901022b778c9da251c24e) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/nuv.c	2013-10-16 23:05:51 +02:00
Luca Barbato	3cc05e0d9d	oma: correctly mark and decrypt partial packets Incomplete crypted files would lead to a read after buffer boundary otherwise. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 2219e27b5b17d146e4ab71a3ed86dfc013fb7a93) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavformat/omadec.c	2013-10-16 23:05:51 +02:00
Luca Barbato	b98a824c3e	oma: check geob tag boundary Prevent read after buffer boundary on corrupted tag. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 9d0b45ade864f3d2ccd8610149fe1fff53c4e937) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavformat/omadec.c	2013-10-16 23:05:51 +02:00
Luca Barbato	e930b112d1	oma: refactor seek function Properly propagate seek errors from avio and the generic pcm seek. (cherry picked from commit 4f03a77e52596cbe9ec179666ddb3e0345a8133a) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavformat/omadec.c	2013-10-16 23:05:50 +02:00
Luca Barbato	5312fb8287	8bps: Bound-check the input buffer Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit bd7b4da0f4627bb6c4a7c2575da83fe6b261a21c) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/8bps.c	2013-10-16 23:05:50 +02:00
Luca Barbato	a9ebc17b2d	rtmp: Do not misuse memcmp CC: libav-stable@libav.org (cherry picked from commit 5718e3487ba3b26aba341070be0b6b0b4de45ea3) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavformat/rtmppkt.h libavformat/rtmpproto.c	2013-10-16 23:05:50 +02:00
Luca Barbato	067713f159	rtmp: rename data_size to size (cherry picked from commit ba5393a609c723ec8ab7f9727c10fef734c09278) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavformat/rtmppkt.c libavformat/rtmpproto.c	2013-10-16 23:05:50 +02:00
Luca Barbato	2da49df19e	lavc: set the default rc_initial_buffer_occupancy rc_buffer_size is not set before. Solve the initial the rate control underflow issue reported in bug 222. CC: libav-stable@libav.org Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit bff3607547fdbb6e32b3830a351e6a33280c1e0d) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-10-16 22:54:30 +02:00
Luca Barbato	c25bbb6fdb	4xm: Reject not a multiple of 16 dimension Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 2f034f255c49050e894ab9b88087c09ebe249f3f) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-09-29 22:37:12 +02:00
Luca Barbato	12dc01bb1f	4xm: do not overread the prestream buffer Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit be373cb50d3c411366fec7eef2eb3681abe48f96) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-09-29 22:37:06 +02:00

1 2 3 4 5 ...

32383 Commits