Luca Barbato
aa99cb15f6
atrac3: Error on impossible encoding/channel combinations
...
Joint stereo encoded mono is impossible.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 50cf5a7fb7
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-08-24 11:32:37 +02:00
Luca Barbato
67a8a1c202
atrac3: set the getbits context the right buffer_end
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 22e76ec635
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-08-24 11:32:26 +02:00
Luca Barbato
8f3fe7c696
atrac3: fix error handling
...
decode_tonal_components returns a proper AVERROR.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 874c8a17ac
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-08-24 11:32:15 +02:00
Luca Barbato
64bcb5d350
qdm2: check and reset dithering index per channel
...
Checking per subband would have the index exceed the
dithering noise table size.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 744a11c996
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-08-24 11:28:11 +02:00
Luca Barbato
998a0389d3
qdm2: formatting cosmetics
...
Apply the usual style plus drop few unnecessary return at the end
of void functions.
(cherry picked from commit 76efedeadb
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-08-24 11:28:11 +02:00
Luca Barbato
86eec54c94
qdm2: use init_static_data
...
(cherry picked from commit f054e309c5
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-08-24 11:28:11 +02:00
Luca Barbato
fb1823e178
vqavideo: check the version
...
Prevent out of buffer write.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit c4abc9098c
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-08-24 11:28:07 +02:00
Luca Barbato
258eea3f2e
kmvc: Clip pixel position to valid range
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 4e7f0b082d
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-07-06 15:06:31 +02:00
Luca Barbato
1c2bd6fe5f
kmvc: use fixed sized arrays in the context
...
Avoid some boilerplate code to dynamically allocate and then free the
buffers.
(cherry picked from commit 8f68977054
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
Conflicts:
libavcodec/kmvc.c
2013-07-06 15:06:31 +02:00
Luca Barbato
73d5d7acb0
indeo: reject negative array indexes
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 6a10142faa
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-07-06 15:06:31 +02:00
Luca Barbato
80d73b4ada
indeo: Cosmetic formatting
...
Trim some overly long lines.
(cherry picked from commit 6dfacd7ab1
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-07-06 15:06:31 +02:00
Luca Barbato
b9892e1813
indeo: Refactor ff_ivi_init_tiles and ivi_decode_blocks
...
Spin large and mostly self contained blocks into stand alone
functions.
(cherry picked from commit 62256010e9
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-07-06 15:06:31 +02:00
Luca Barbato
d76480e6ba
indeo: Refactor ff_ivi_dec_huff_desc
...
Spare an indentation level.
(cherry picked from commit f6f36ca8ca
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-07-06 15:06:31 +02:00
Luca Barbato
33388299fb
indeo: use a typedef for the mc function pointer
...
(cherry picked from commit e6d8acf6a8
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-07-06 15:06:31 +02:00
Luca Barbato
d8dab6c3b8
indeo: use proper error code
...
(cherry picked from commit dd3754a488
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-07-06 15:06:31 +02:00
Luca Barbato
5f7944a308
indeo: check for reference when inheriting mvs
...
The same is done already for qdelta.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit b36e1893ef
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-07-04 22:06:13 +02:00
Luca Barbato
f518fa6bee
indeo: use proper error code
...
(cherry picked from commit dd3754a488
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-07-04 22:05:48 +02:00
Luca Barbato
51a23b0e95
indeo: Properly forward the error codes
...
If the tile data size does not match the buffer size it did not
return an AVERROR_INVALIDDATA causing futher corruption later.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 7388c0c586
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-07-04 22:05:15 +02:00
Luca Barbato
2cdc976320
mjpeg: Check the unescaped size for overflows
...
And contextually check init_get_bits success and fix the reporting
message.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 6765ee7b9c
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
Conflicts:
libavcodec/mjpegdec.c
2013-06-30 16:03:27 +02:00
Luca Barbato
efcfd50c9f
wmapro: error out on impossible scale factor offsets
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 02ec656af7
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-06-30 16:03:27 +02:00
Luca Barbato
8bd0372937
wmapro: check the min_samples_per_subframe
...
Must be at least WMAPRO_BLOCK_MIN_SIZE.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit d4a217a408
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-06-30 16:03:27 +02:00
Luca Barbato
9761abffb6
wmapro: return early on unsupported condition
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 6652338f43
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
Conflicts:
libavcodec/wmaprodec.c
2013-06-30 16:03:27 +02:00
Luca Barbato
fbeae4a951
wmapro: check num_vec_coeffs against the actual available buffer
...
Prevent yet another buffer overwrite.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 3822936252
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-06-30 16:03:27 +02:00
Luca Barbato
88433979c2
wmapro: make sure there is room to store the current packet
...
Prevent horrid and hard to trace struct overwrite.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit e30b068ef7
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-06-30 16:03:27 +02:00
Luca Barbato
9d1b173aae
lavc: move put_bits_left in put_bits.h
...
(cherry picked from commit afe03092dd
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-06-30 16:03:27 +02:00
Luca Barbato
c7934c6c0b
4xm: do not overread the source buffer in decode_p_block
...
Check for out of picture macroblocks before calling mcdc.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 94aefb1932
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-06-30 16:03:27 +02:00
Luca Barbato
04c29196ad
4xm: check bitstream_size boundary before using it
...
Prevent buffer overread.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 59d7bb99b6
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-06-30 16:03:27 +02:00
Kostya Shishkov
5e6122ddad
smacker: check the return value of smacker_decode_tree
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
(cherry picked from commit a2f9937bb04b23a341b0ec0eb1d923bbeb420277)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-06-16 15:58:26 +02:00
Kostya Shishkov
1a0cdd18b0
smacker: fix an off by one in huff.length computation
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
(cherry picked from commit ee205588b250fe5cae0681be8eba51a5403c3272)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-06-16 15:58:22 +02:00
Luca Barbato
d33b0f7224
4xm: do not overread the prestream buffer
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit be373cb50d
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-06-16 15:54:23 +02:00
Luca Barbato
6ddc1eb037
4xm: validate the buffer size before parsing it
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit de2e5777e2
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-06-16 15:54:15 +02:00
Luca Barbato
ded74ab5d1
4xm: reject frames not compatible with the declared version
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 145023f572
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-06-16 15:54:06 +02:00
Luca Barbato
f82e9deec2
4xm: drop pointless assert
...
Make sure the value of wlog2 is always between 0 and 3.
(cherry picked from commit 1f0c607560
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-06-16 15:53:55 +02:00
Luca Barbato
d0cabcc789
4xm: forward errors from decode_p_block
...
Partially mitigate out of memory writes.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit b8b809908e
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-06-16 15:53:44 +02:00
Luca Barbato
dac0d4f354
4xm: fold last_picture lazy allocation in decode_p_frame
...
(cherry picked from commit 50ec1db62d
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
Conflicts:
libavcodec/4xm.c
2013-06-16 15:53:33 +02:00
Luca Barbato
04c506e912
4xm: use the correct logging context
...
(cherry picked from commit 08859d19b4
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-06-16 15:15:11 +02:00
Luca Barbato
8eb7c2566c
tiff: do not overread the source buffer
...
At least 2 bytes from the source are read every loop.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 9c22169769
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
Conflicts:
libavcodec/tiff.c
2013-06-08 16:31:54 +02:00
Luca Barbato
5fed47b94f
vmd: refactor the inner decode loop
...
Simplify a little, assume empty frames are acceptable and
do not pointlessly reinit the bytestream2 contexts using
possibly wrong size values.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 676da248ca
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
Conflicts:
libavcodec/vmdav.c
2013-06-01 15:28:19 +02:00
Luca Barbato
5a01ab0e62
vmd: use the PALETTE_COUNT constant uniformly
...
While at it drop useless parentheses.
(cherry picked from commit 91a6944e56
)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2013-06-01 05:38:38 +02:00
Luca Barbato
dbaf3f7b0b
vmd: drop incomplete chunks and spurious samples
...
Odd chunk size makes no sense for stereo and incomplete chunks are
not supported.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 701966730c
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-05-31 23:14:01 +02:00
Luca Barbato
5a8dcc993d
vmd: return meaningful errors
...
CC: libav-stable@libav.org
(cherry picked from commit c8f3cb9119
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
Conflicts:
libavcodec/vmdav.c
2013-05-31 23:00:31 +02:00
Alexandra Khirnova
4f6fbe47a9
vmdav: convert to bytestream2
...
Signed-off-by: Anton Khirnov <anton@khirnov.net >
(cherry picked from commit 0afcf97e1e
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
Conflicts:
libavcodec/vmdav.c
2013-05-31 23:00:31 +02:00
Luca Barbato
7251de3032
wavpack: use bytestream2 in wavpack_decode_block
...
Prevent most out of buffer reads.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 3f0b6d7a62
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
Conflicts:
libavcodec/wavpack.c
2013-05-31 23:00:31 +02:00
Luca Barbato
5ba83e9091
wavpack: return meaningful errors
...
And forward those that were already meaningful.
(cherry picked from commit 8c34558131
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
Conflicts:
libavcodec/wavpack.c
2013-05-31 23:00:31 +02:00
Luca Barbato
93fbf034c9
wavpack: check packet size early
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit fd06291239
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-05-31 23:00:31 +02:00
Luca Barbato
aed12df7fe
mjpegdec: validate parameters in mjpeg_decode_scan_progressive_ac
...
Prevent out of buffer write when decoding broken samples.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit cfbd98abe8
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-05-31 23:00:31 +02:00
Luca Barbato
7923a25fdd
mjpeg: Validate sampling factors
...
They must be non-zero.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 8aa3500905
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-05-31 23:00:31 +02:00
Luca Barbato
510a96a211
ljpeg: use the correct number of components in yuv
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit a030279a67
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
2013-05-31 23:00:31 +02:00
Luca Barbato
c340319559
wavpack: validate samples size parsed in wavpack_decode_block
...
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit ed50673066
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
Conflicts:
libavcodec/wavpack.c
2013-05-31 23:00:30 +02:00
Luca Barbato
0af5a774eb
jpegls: check the scan offset
...
Prevent an out of array bound write.
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit abad374909
)
Signed-off-by: Reinhard Tartler <siretart@tauware.de >
Conflicts:
libavcodec/jpeglsdec.c
2013-05-31 23:00:30 +02:00