This prevents decoding happening on a half initialized context.
Fixes CVE-2012-2779
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Our decoder does not support changing w/h.
Fixes CVE-2012-2777 and CVE-2012-2784.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Anton Khirnov <anton@khirnov.net>
The value should be always 3, as it follows from the specification.
Fix a stack buffer overflow in exponents_from_scale_factors as reported
by asan. Thanks to Dale Curtis for the sample vector.
* qatar/master:
libopus: Remap channels using libopus' internal remapping.
Opus decoder using libopus
avcodec: document the use of AVCodecContext.delay for audio decoding
vc1dec: add flush function for WMV9 and VC-1 decoders
http: Increase buffer sizes to cope with longer URIs
nutenc: const correctness for ff_put_v_trace/put_s_trace function arguments
h264_refs: Fix debug tprintf argument types
golomb: const correctness for get_ue()/get_se() function arguments
get_bits: const correctness for get_bits_trace()/get_xbits_trace() arguments
Conflicts:
Changelog
libavcodec/Makefile
libavcodec/version.h
libavformat/http.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This way we can directly remap channels from Opus' channel order to
libav's internal channel order, instead of mapping channels from
Opus' order to Vorbis' order then to libav's order.
Signed-off-by: Diego Biurrun <diego@biurrun.de>
* qatar/master:
dwt: Drop unused functions spatial_compose{53|97}i()
nutdec: Remove unused and broken debug function stub
avcodec: Drop long-deprecated imgconvert.h header
Add Opus support to the Ogg muxer.
Add Opus codec id and codec description.
avformat: Identify anonymous AVIO typedef structs.
Conflicts:
libavcodec/avcodec.h
libavcodec/codec_desc.c
libavcodec/imgconvert.h
libavcodec/version.h
libavformat/oggenc.c
libavformat/version.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
I was sadly unable to find a non fuzzed mp3 that uses the
feature that contained the bug (and i searched hard ...), thus
while this fixes the security issue. It may or may not fix
mixed blocks in 8khz mp3s, i cant say due to lack of samples to test.
Security issue exists since: b37d945dd4213cb8e92146571b0374cd45d52286
Reported-by: Dale Curtis <dalecurtis@google.com>
(Probably) Found-by: inferno@chromium.org
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
nutdec: const correctness for get_v_trace/get_s_trace function arguments
truemotion2: Request samples for old TM2 headers
rtpdec: Remove a useless ff_ prefix from a static symbol
rtpdec: Support depacketizing speex
rtpenc: Add support for packetizing speex
Conflicts:
libavformat/rtpdec.c
libavformat/sdp.c
libavformat/version.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This reverts commit d25f87f5174df5923be7ce0bb89fad08999286ed.
This breaks decoding of some h264 files
I have tested the original patch with fate but by mistake have
forgotten to specify the fate samples so testing was limited to
the internal regression tests.
* qatar/master:
xsub: feed init_get_bits the whole buffer
libfdk-aac: Allow setting VBR modes via a private option
libfdk-aac: Warn the user that the VBR modes are unsupported
Revert "cbrt_tablegen: Include libm.h"
Conflicts:
libavcodec/xsubdec.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Do not use rlelen field for buffer size in init_get_bits, it is
only the size of the data for the first field.
Since it is not reliable, just use the size of the whole buffer.
Additional comments add removal of unused rlelen variable by
Reimar Döffinger.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
This avoids using the global_quality field and QSCALE flag for
passing the VBR modes, since the value range of the global_quality
field doesn't really map cleanly to this codec's VBR modes.
Signed-off-by: Martin Storsjö <martin@martin.st>
These modes were not originally exposed by the library at all.
In practice, only a few of them work for each sample rate/profile
combination, and they don't work at all for the more uncommon
sample rates.
Signed-off-by: Martin Storsjö <martin@martin.st>
* qatar/master:
pthread: make sure AVFrame.extended_data is set properly.
libfdk-aac: reindent after last commit
libfdk-aac: Limit to supported sample rates.
cbrt_tablegen: Include libm.h
oggparsetheora: make it more robust
ogg: prevent NULL pointer deference in theora gptopts
Conflicts:
libavformat/oggparsetheora.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '7751e4693dd10ec98c20fbd9887233b575034272':
ogg: check that the expected number of headers had been parsed
libx264: change default to closed gop to match x264cli
Use avcodec_free_frame() to free AVFrames.
lavf: use a malloced AVFrame in try_decode_frame().
lavc: add avcodec_free_frame().
lavc: ensure extended_data is set properly on decoding
lavc: initialize AVFrame.extended_data in avcodec_get_frame_defaults()
lavc: use av_mallocz to allocate AVFrames.
lavc: rename the argument of avcodec_alloc_frame/get_frame_defaults
Conflicts:
doc/APIchanges
doc/examples/decoding_encoding.c
libavcodec/utils.c
libavcodec/version.h
libavfilter/src_movie.c
libavformat/oggdec.c
libavformat/oggdec.h
libavformat/oggparsetheora.c
libavformat/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
