Commit Graph

39875 Commits

Author SHA1 Message Date
Michael Niedermayer
c963189bc2 g729dec: initialize pitch_delay_int_prev to the minimum valid value.
This prevents an out of array read

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 18:36:34 +02:00
Michael Niedermayer
31a45014f4 loco: fix 10l typo (missing case)
Found-by: Clément Bœsch <ubitux@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 16:46:53 +02:00
Michael Niedermayer
47f0beadba dsicinav: Check for overread in RLE decode.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 16:44:12 +02:00
Michael Niedermayer
71d3c25a7e smacker: Check get_vlc() return values.
Fixes out of array reads

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 16:39:02 +02:00
Michael Niedermayer
8e77c3846e dcadec: fix global array overread.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 16:27:34 +02:00
Carl Eugen Hoyos
bdeb54e176 Support decoding LOCO_CRGBA.
Fixes a part of ticket #1222.
2012-04-16 16:19:41 +02:00
Michael Niedermayer
884efd4e09 indeo4: avoid storing invalid values in quant_mat.
Fixes a global array overread

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 15:27:39 +02:00
Michael Niedermayer
474e31c904 4xmdemux: Check chunk size
Fixes over reading the header array

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 15:27:39 +02:00
Michael Niedermayer
e74fa25cb9 omadec: check GEOB sizes against buffer size
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 13:51:40 +02:00
Michael Niedermayer
a10f71c1d6 vc1dec: add missing terminating element to mpeg4_video_profiles
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 13:41:17 +02:00
Michael Niedermayer
e985cfd18b vc1dec: check end_mb_y / start_mb_y validity
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 13:36:11 +02:00
Michael Niedermayer
c4ce870967 flvdec: allocate large enough buffer so get_bits() doesnt overread
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 12:01:55 +02:00
Michael Niedermayer
fa1b2c8e18 ffv1: attempt to workaround intel CC fate issue.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 12:01:46 +02:00
Michael Niedermayer
8dfb13ea59 adxdec: Check available space before decoding block.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 02:18:10 +02:00
Michael Niedermayer
6d24fe2c3c segafilm: make the loop condition in film_read_packet() match the contents.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-16 02:18:09 +02:00
Robert Nagy
ed66bbfcb9 lavfi/aresample: properly propagate pts == AV_NOPTS_VALUE;
Signed-off-by: Stefano Sabatini <stefasab@gmail.com>
2012-04-16 01:08:00 +02:00
Robert Nagy
4d84c7ded6 yadif: fixed missing error handling for poll_frame.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 23:44:38 +02:00
Michael Niedermayer
3be0c86b97 sws: remove cliping in yuv2rgb code.
This code should not be needed and it slows things down.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 23:38:42 +02:00
Michael Niedermayer
689e59b7ff mov: reset dref_count on realloc to keep values consistent.
This fixes a potential crash.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 23:37:09 +02:00
Michael Niedermayer
35e0496a7b Merge remote-tracking branch 'qatar/master'
* qatar/master:
  doc: Improve suggested Emacs settings for our coding style.
  utvideo: Remove unused variable 'src_size'
  mov: free memory on header parsing failure
  mov: fix leaking memory with multiple drefs.
  swscale: clip before assigning tables in RGB output functions.
  swscale: fix off-by-one in second coefficient in bilinear filters.

Conflicts:
	libavformat/mov.c
	libswscale/output.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 23:31:51 +02:00
Michael Niedermayer
88a97d660d indeo5: check for unsupported luma block type
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 21:02:01 +02:00
Michael Niedermayer
fefc65675e tiffdec: check overread for packbits
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 20:20:43 +02:00
Thilo Borgmann
2837d8dc27 alsdec: fix number of decoded samples in first sub-block in BGMC mode.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 20:20:37 +02:00
Michael Niedermayer
44c4170c52 lzw: check for overread
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 18:21:53 +02:00
Michael Niedermayer
a63c813797 pngdec: check bits_per_pixel for palette mode.
This fixes a out of array read

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 18:21:53 +02:00
Michael Niedermayer
c7dc19d68f png: make sure the previous frames dimensions match before using it as reference
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 18:21:53 +02:00
Nicolas George
a9e7e98021 error: ensure error codes are signed negative ints.
Based on a patch by Robert Nagy <ronag89@gmail.com>.

It makes a difference when the error code is immediately cast
into a larger integer, such as an int64_t.
2012-04-15 17:58:33 +02:00
Michael Niedermayer
3118e3b137 ff_lag_rac_init: fix signedness error leading to out of array read.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 17:01:38 +02:00
Michael Niedermayer
20335598f2 qdm2_fft_decode_tones: fix infinite loop
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 17:01:38 +02:00
Michael Niedermayer
1a974679d0 qdm2: Check vlc_stage3_values index.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 16:54:55 +02:00
Carl Eugen Hoyos
cb8f5194b3 Set bits_per_coded_sample when encoding Microsoft Video-1.
Fixes ticket #1193.
2012-04-15 16:35:03 +02:00
Carl Eugen Hoyos
8cb9f99e9f Support decoding unaligned rgb24 lagarith.
Fixes ticket #1214.
2012-04-15 16:34:33 +02:00
Diego Biurrun
3892e784f2 doc: Improve suggested Emacs settings for our coding style.
Switch from changing global values to defining a separate C style
and add appropriate settings for indenting assignments that span
more than one line.
2012-04-15 16:18:03 +02:00
Michael Niedermayer
b1096b6ee7 xan: check for vector_segment overread
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 16:06:52 +02:00
Michael Niedermayer
b962932cba eatgv: check vector_bits
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 16:06:51 +02:00
Nicolas George
34123ab979 tiny_psnr: reindent after last commit. 2012-04-15 15:46:46 +02:00
Nicolas George
e6f7e22d18 tiny_psnr: support unseekable raw files.
If either one of the files if not seekable,
do not try to read headers.

It allows to use it with pipes on whole rawvideo data.
2012-04-15 15:28:52 +02:00
Michael Niedermayer
93927eb334 ff_ivi_decode_blocks: fix negative scan_pos case.
Fixes out of global array read.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 14:59:21 +02:00
Michael Niedermayer
f0bf9e9c2a indeo: Check allocated tile size in ff_ivi_process_empty_tile()
This prevents writing into a too small array if some parameters changed
without the tile being reallocated.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 14:59:20 +02:00
Michael Niedermayer
5ad7335eba indeo5: check tile size in decode_mb_info().
This prevents writing into a too small array if some parameters changed
without the tile being reallocated.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 14:59:20 +02:00
Nicolas George
b7027685b8 configure: add dependencies for colormatrix test. 2012-04-15 14:21:14 +02:00
Michael Niedermayer
af38823709 indeo5: set transform_size like indeo4 does to prevent useage of too large transforms.
I dont know if this is needed, its a precautionary change.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 13:33:18 +02:00
Michael Niedermayer
0846719dd1 indeo4: check transform size.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 13:26:19 +02:00
Derek Buitenhuis
5a59d2c40b utvideo: Remove unused variable 'src_size'
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
2012-04-15 00:24:19 -04:00
Derek Buitenhuis
5096399df2 utvideo: Remove unused variable 'src_size'
Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
2012-04-15 00:18:28 -04:00
Dale Curtis
c788782c7d mov: free memory on header parsing failure
Call mov_read_close when mov_read_header fails.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2012-04-14 19:41:52 -07:00
Dale Curtis
4ebd422c04 mov: fix leaking memory with multiple drefs.
Instead of allocating over the original, free first. MOVStreamContext
is zero initialized so no double free will occur. Same style as other
fixes for the same problem in this file.

Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2012-04-14 19:41:52 -07:00
Ronald S. Bultje
7f77e9041a swscale: clip before assigning tables in RGB output functions. 2012-04-14 16:29:24 -07:00
Ronald S. Bultje
4860625236 swscale: fix off-by-one in second coefficient in bilinear filters.
If coefficient A is 12-bits xixed-point number "X", then the other
coefficient is (1 << 12) - X, not (1 << 12) - X - 1.
2012-04-14 16:29:10 -07:00
Michael Niedermayer
c354576457 mpegvideo_enc: fix dts
Fixes Ticket1200

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-04-15 01:08:13 +02:00