Reported as https://trac.mplayerhq.hu/ticket/2264 but have
not been able to reproduce with FFmpeg-only.
I have no idea what coded_height is used for here exactly,
so this might not be the best fix.
Fixes the following chain of events:
ff_mss12_decode_init sets coded_height while not setting height.
ff_mpv_decode_init then copies coded_height into MpegEncContext height.
This is then used by init_context_frame to allocate the data structures.
However the wmv9rects are validated/initialized based on avctx->height, not
avctx->coded_height.
Thus the decode_wmv9 function will try to decode a larger video that we
allocated data structures for, causing out-of-bounds writes.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
* qatar/master:
configure: add support for bdver1 and bdver2 CPU types.
avio: make avio_close NULL the freed buffer
pixdesc: cosmetics
proresenc: Don't free a buffer not owned by the codec
proresenc: Write the full value in one put_bits call
adpcmenc: Calculate the IMA_QT predictor without overflow
x86: Add convenience macros to check for CPU extensions and flags
x86: h264dsp: drop some unnecessary ifdefs around prototype declarations
mss12: merge decode_pixel() and decode_top_left_pixel()
mss12: reduce SliceContext size from 1067 to 164 KB
mss12: move SliceContexts out of the common context into the codec contexts
Conflicts:
libavformat/aviobuf.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
MSS1 and MSS2: set final pixel format after common stuff has been initialised
MSS2 decoder
configure: handle --disable-asm before check_deps
x86: Split inline and external assembly #ifdefs
configure: x86: Separate inline from standalone assembler capabilities
pktdumper: Use a custom define instead of PATH_MAX for buffers
pktdumper: Use av_strlcpy instead of strncpy
pktdumper: Use sizeof(variable) instead of the direct buffer length
Conflicts:
Changelog
configure
libavcodec/allcodecs.c
libavcodec/avcodec.h
libavcodec/codec_desc.c
libavcodec/dct-test.c
libavcodec/imgconvert.c
libavcodec/mss12.c
libavcodec/version.h
libavfilter/x86/gradfun.c
libswscale/x86/yuv2rgb.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This way it won't interfere with WMV9 initialisation inside MSS2 decoder and
avplay will play it fine.
Signed-off-by: Kostya Shishkov <kostya.shishkov@gmail.com>
* qatar/master:
vc1: export some functions
configure: use HOSTCC_C/O in check_host_cc
configure: use AS_O setting in check_as
configure: use LD_O setting in check_ld()
Revert "dsputil: make {add/put/put_signed}_pixels_clamped() non-static."
build: Restore dependency of acelp_filters.o on celp_math.o
celp_math: Replace duplicate ff_dot_productf() by ff_scalarproduct_c()
celp_math: Move ff_cos() to the only place it is used
build: Use portable abstraction for linker/hostcc output file syntax
configure: Fix shared library creation for OpenBSD
vp56: Don't use DECLARE_ALIGN on a typedef name
mss1: move code that will be reused by MSS2 decoder into separate file
mss1: merge decode_intra() and decode_inter()
avprobe: Get rid of ugly casts in the options table
vf_hqdn3d: Remove a duplicate inline declaration
Conflicts:
Makefile
configure
ffprobe.c
libavcodec/Makefile
libavcodec/amrnbdec.c
libavcodec/amrwbdec.c
libavcodec/celp_math.c
libavcodec/celp_math.h
libavcodec/dsputil.c
libavcodec/lsp.c
libavcodec/mss1.c
libavcodec/ra288.c
libavcodec/vc1dec.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>