Fixes qp fields becoming out of range
Fixes: asan_static-oob_e393a3_6998_WPP_A_ericsson_MAIN10_2.bit
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This matches how its done for SPS/PPS.
An alternative to this is to check it when its used.
Fixes null pointer dereference
Fixes: signal_sigsegv_e30a43_1437_CIP_A_Panasonic_3.bit
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* commit '7840c40445c9f52aeccba96de3d27613398bfbf2':
(e)ac3dec: set AV_FRAME_DATA_MATRIXENCODING side data.
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '13345fc1f86fc3615789e196d5a339c1c27c9068':
(e)ac3: parse and store the Dolby Surround, Surround EX and Headphone mode flags.
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'e92123093dfdca0ef6608998240e2f9345d63bff':
mlpdec: set AV_FRAME_DATA_MATRIXENCODING side data.
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '4b7f1a7ced0e98f2cc698d896f7ebab8d30eaa09':
mlp: Parse TrueHD decoder channel modifiers and set the AVMatrixEncoding for each substream.
Conflicts:
libavcodec/mlp_parser.h
libavcodec/mlpdec.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '30d70e79a6b4ac7f4eb66446a9da275161ef6ea7':
dcadec: set AV_FRAME_DATA_MATRIXENCODING side data.
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '6bfdb2de881372048be7fbda643417e1fd3ce93c':
dcadec: set the output channel mode more accurately.
Conflicts:
libavcodec/dcadec.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '5b4797a21db900b7d509660b7a4d49829089b004':
avframe: add AV_FRAME_DATA_MATRIXENCODING side data type.
Conflicts:
libavutil/version.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
When downmixing 2.1 to 2-channel, if the 2.0 portion is Lt/Rt, sum-difference or dual mono, the actual output will be the same (with the LFE either mixed-in or discarded).
Also, when downmixing an arbitrary layout to 2-channel, if the bitstream contains custom downmix coefficients targeting Lt/Rt, then the output will be Lt/Rt rather than regular Stereo.
* commit 'b2212dec0f011893ec68eecaa990170fa24050d7':
aac: Fix TNS decoding for the 512 sample window family.
also temporarily disable fate-aac-er_ad6000np_44_ep0 as this commit
causes a mismatch with the reference pcm file
The test will be reenabled after all fixes and with a new pcm reference
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Its usefull to know immediatly if extradata is wrong and not just when later
the decoder tries to use it.
This check was removed by: a6a2282c25
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'aec25b1c4650944d32706bfd40eb02bbd5587303':
mpegvideo: split the encoding-only parts of frame_start() into a separate function
Conflicts:
libavcodec/mpegvideo.c
libavcodec/mpegvideo_enc.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '58312b2472d3a44d7458865c459d59ef2e02bf1a':
h264: reset data_partitioning if decoding the slice header for NAL_DPA fails
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '5569146d48f06564e8fa393424782cceed510916':
adx: check that the offset is not negative
See: 30bce34b67
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'feded990e3ef9af4a0b827d5b6d8fe86f0b94942':
mpegvideo: set reference/pict_type on generated reference frames
Conflicts:
libavcodec/mpegvideo.c
The picture type is left at P type as it was explicitly set before
Merged-by: Michael Niedermayer <michaelni@gmx.at>
With interlaced vc1 it was possible that accesses could happen outside these
tables before this.
Regression since 017e234c20
Reproduced with a sample from Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Fixes (again) : 480i30__codec_WVC1__mode_2__framerate_29.970__type_2__preproc_17.SIGFPE.bfa.390.wmv
No releases are affected by this
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
If it was set before then we can end up trying to decode a slice without
a valid slice header, which can lead to invalid memory access.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
It has been checking the number of bits in the offset instead of the
actual offset.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
Otherwise the generic code will unref them, which can then result in
last_picture_ptr == current_picture_ptr, which causes deadlocks at least
in rv40.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
