Fixes out of array read
Fixes: signal_sigsegv_1b0a4da_1865_cov_2167818389_computer_anger.avi
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Should improve cache usage and reduces stack usage.
Also reduces number of copies in case many levels
have the same number of bits.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
Fixes use of freed memory
Fixes: asan_heap-uaf_3660f67_757_cov_1257014655_Hi422FR1_SONY_A.jsv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array accesses
Fixes: asan_heap-oob_25bcd7e_3783_cov_3553517262_utvideo_rgba_median.avi
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array access
Fixes: asan_stack-oob_32c12e5_2536_cov_2442316831_lena.xface
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array access
Fixes: asan_heap-oob_4d23ba_91_cov_3853393937_128.vmd
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
If allocation fails earlier on, and the next frame is processed,
the slice buffer could be left in a state where line and data_stack
have already been freed, or are otherwise null pointers.
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
* commit '10d4c5e55e5b23e165aa4c7723073ebe2c2e7da0':
tiff: set the correct return value when check_size() fails
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '3c27275c1309190f2d6ed69140b67d014215b6c9':
tiff: Check the check_size() return value and forward it
Conflicts:
libavcodec/tiffenc.c
See: d50aa006fb
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Also use the same type for add_entry and check_size.
Bug-Id: CID 700699
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Signed-off-by: Vittorio Giovara <vittorio.giovarao@gmail.com>
* commit 'bcbdeb318e0828cf00b458885ffa1e1596c85d06':
asvenc: Forward the error instead of asserting on it
Conflicts:
libavcodec/asvenc.c
Not merged, conditions which are impossible should be checked by assert*()
adding impossible to be true error checks has the potential to confuse
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Also a slight change to the ssse3 code, which prevents a theoretical
overflow in the sharp filter.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fix linking when only a subset of vaapi decoders is enabled.
Bug-Id: 760
CC: libav-stable@libav.org
Signed-off-by: Rémi Denis-Courmont <remi@remlab.net>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
The input packets are always assumed to be padded and
the av_fast_ family of function takes a pointer to a pointer.
Thanks to Nicolas Dufresne <nicolas.dufresne@collabora.com> for
a similar patch.
Introduced in 7b588bb691.
Bug-Id: 766
CC: libav-stable@libav.org
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Old VDPAU drivers do not support this newly defined profile, so falling
back to Main profile is necessary for backward binary compatibility.
Signed-off-by: Anton Khirnov <anton@khirnov.net>
These fix failures of --enable-xmm-clobber-test
It would be better to change the code to use fewer registers, but until
someone does the used register count must not be too small
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This avoids potential out of bounds writes, with potential future
versions of the library.
Bug-Id: CID 1254945
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
* commit '581c7f0e12b1fa39f73d683e54d6ecda0772c5a9':
arm: make ff_mlp_filter_channel_arm and ff_mlp_rematrix_channel_arm position independent
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '780cd20b00a69e26bbfffbb8eec16fbe999ea793':
aarch64: Use .data.rel.ro for const data with relocations
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'f963f80399deb1a2b44c1bac3af7123e8a0c9e46':
arm: Use .data.rel.ro for const data with relocations
Conflicts:
configure
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This test doesn't cover every possible issue with this function.
It covers options management only.
Signed-off-by: Lukasz Marek <lukasz.m.luki2@gmail.com>
* commit '6fd91fa11909f27902498648680dbb3d13f1f175':
h264: increase MAX_SLICES to 32
The available sample decodes correctly before, but the reporter of the bug
claims that this change reduces artifacts. This is thus merged
If someone has samples that decode differently depending in the MAX_SLICES
value, please open a ticket on trac.
Also this change should be reverted if it turns out that the artifacts
that where seen had a different cause
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This fixes artifacts in the last pixel of rows with some widths and pixel formats
Found-by: Dominique Leroux <Dominique.Leroux@autodesk.com>
Tested-by: Dominique Leroux <Dominique.Leroux@autodesk.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
According to the DPX file format description found at
http://www.fileformat.info/format/dpx/egff.htm the ImageElement part of
the GenericImageHeader also contains an an offset to the real image data
beside the same member that can be found in the GenericFileHeader.
Libav keeps this member empty (=0) while some applications expects it to
be filled properly. FATE test updated accordingly.
Bug-Id: 742
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
* commit 'b280c6202b28b371a8d96850194fd69d7ad5dcc0':
arm: fft_vfp: Unify the behaviour in ff_fft_calc_vfp between arm/thumb
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'ae81576414f2d2083d3118fb4abe1ebc5a7a4c54':
arm: fft_vfp: Add a missing "endconst" when building in thumb mode
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Don't include the function pointer table in the code segment
in arm mode.
This shouldn't have any significant performance effect. It does
end up as a few more instructions than before, for ARM, but
only at the entry to this function, not within the fft functions
themselves.
Signed-off-by: Martin Storsjö <martin@martin.st>
We dont fail hard if its not set as the old API allowed this and our examples
did in the distant past not set it, these examples still work with the
current code and some encoders.
Based on suggestion by: funman
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This code only segfaults and fixing the segfault, the resulting
files are unplayable, so disable to avoid the segfault.
Better solution is welcome
See: [FFmpeg-devel] [PATCH] avcodec/libxavs: remove global header code
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'b72727a5248f1ef02db99b378dce1eb48a46357a':
lavc: mention that the parser callback never returns an error
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '3a56bcee7cb7549b2813e39ce3bee3b7c522aecb':
mpeg12dec: Use more specific error codes
Conflicts:
libavcodec/mpeg12dec.c
See: 1852b2a0f4
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'e0bb74a1403ed77ef369b9d62866f8a4afaf3f1d':
exr: Add a gamma flag to exr loader to avoid banding
Conflicts:
libavcodec/exr.c
See: cd3daad77e
Merged-by: Michael Niedermayer <michaelni@gmx.at>
libxvidcore calculate number of threads basing on video height.
If height is small enough it allocates 0 bytes long memory and
writes to it.
Setting thread_count to 0 uses 1 thread and skips bugged code.
Signed-off-by: Lukasz Marek <lukasz.m.luki2@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
The "faulty" samples actually sound fine when ignoring this issue.
For ticket #3886, more samples are decoded.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Rely on the way memcpy is optimized for one's system instead of looping
on a byte buffer for buffer copies to handle P frames.
Tested-by: Christophe Gisquet <christophe.gisquet@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
For test images manually generated to contain only up prediction,
timing results:
8380x3032 255x185
before: 138635 1992
after: 139232 1996
Actually jumping to the proper version depending on the alignment:
8380x3032: 138767
A 0.5% speed improvement for gigantic images is not worth the code
duplication.
Fixes ticket #4148
Signed-off-by: Christophe Gisquet <christophe.gisquet@gmail.com>
Tested-by: Benoit Fouet <benoit.fouet@free.fr>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This is needed to avoid banding artifacts when gammaing the picture.
Currently, if done with a video filter, the process is done on uints
instead of full float.
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Use 'if (CONFIG_APNG_DECODER)' where needed, so that the compiler can
optimize out some portion of code.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
There is no need to memset the zlib output buffer, as there is no
blending happening there. Instead, do not blend when the dispose
operation is set to 'background' (tranparent black).
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>