Commit Graph

39198 Commits

Author SHA1 Message Date
Michael Niedermayer
d85b3c4fff vp56dec: avoid freeing the returned frame before returning it.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-24 05:21:39 +01:00
Michael Niedermayer
25715064c2 cavsdec: check for changing w/h.
Our decoder does not support changing w/h.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-24 03:26:52 +01:00
Michael Niedermayer
ba775a54bc indeo3: fix out of picture write.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-24 03:26:51 +01:00
Michael Niedermayer
59a4b73531 pthread/mpegvideo: detect and block attempts to init frames after setup.
This fixes race conditions that ultimately lead to memory corruption.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-24 00:32:18 +01:00
Michael Niedermayer
71c2a70cbf error_concealment: Prevent FPEs in case of corrupted input.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 22:03:32 +01:00
Michael Niedermayer
e2d110d8d2 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  rv34: Handle only complete frames in frame-mt.
  MPV: set reference frame pointers to NULL when allocation of dummy pictures fails
  configure: die if x11grab dependencies are unavailable
  zerocodec: factorize loop
  avconv: fix the resampling safety factors for output audio buffer allocation
  avconv: move audio output buffer allocation to a separate function
  avconv: make the async buffer global and free it in exit_program()

Conflicts:
	ffmpeg.c
	libavcodec/mpegvideo.c
	libavcodec/rv34.c
	libavcodec/zerocodec.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 21:20:06 +01:00
Reimar Döffinger
adb98a3d22 VC1: restore optimizations broken in 9a1ced32.
They were moved into code under HAVE_YASM and most of them
even into completely disabled code with no reason given
for that in the commit message.

Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
2012-03-23 19:39:02 +01:00
Paul B Mahol
e730036fdc interplayvideo: give avctx to av_dlog()
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 19:12:34 +01:00
Paul B Mahol
0c57f8197c interplayvideo: remove superfluous strings from av_log()
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 19:11:08 +01:00
Paul B Mahol
a0b07b8fc5 vmdvideo: remove superfluous strings from av_log messages
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 19:05:12 +01:00
Paul B Mahol
89cd95b19c sonic: fix warning about incompatible pointer types
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 19:03:45 +01:00
Janne Grunau
73ad4471a4 rv34: Handle only complete frames in frame-mt.
Correct handling of errors to prevent hags or crashes is very complex
otherwise.

The frame initializing is also moved from decode_slice() to
decode_frame() for clarity.
2012-03-23 17:50:46 +01:00
Janne Grunau
5ab506a5c8 MPV: set reference frame pointers to NULL when allocation of dummy pictures fails 2012-03-23 17:50:46 +01:00
Josh Allmann
4a584edad7 configure: die if x11grab dependencies are unavailable
Signed-off-by: Diego Biurrun <diego@biurrun.de>
2012-03-23 12:10:41 +01:00
Michael Niedermayer
afa6129016 zerocodec: factorize loop
Signed-off-by: Diego Biurrun <diego@biurrun.de>
2012-03-23 12:10:41 +01:00
Michael Niedermayer
ae03b2141e swr: check that there is enough information to do rematrixing when needed.
Fixes assertion failure.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 12:10:08 +01:00
Michael Niedermayer
2e909b3c77 bitstream: build_table, check table_nb_bits.
Fixes null ptr deref.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 11:38:53 +01:00
Michael Niedermayer
aae44fb4cd indeo4: check ref_mb
Fix NULL deref

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 11:03:53 +01:00
Michael Niedermayer
1664edb998 ffmpeg: check samplerate from decoder.
Fixes FPE

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 10:59:03 +01:00
Michael Niedermayer
a22e64fd02 rawdec: Check w/h.
Fixes FPE

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 10:48:18 +01:00
Michael Niedermayer
5934d57ba9 xmv: check channel number
Fixes FPE

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 10:31:45 +01:00
Michael Niedermayer
08c37a10e9 mjpegdec: check h/v_count.
Fixes FPE

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 10:24:22 +01:00
Michael Niedermayer
46c7842994 ituh263dec: Implement enough of Annex O (scalability) to fix a FPE.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 10:14:30 +01:00
Justin Ruggles
4094fc9971 avconv: fix the resampling safety factors for output audio buffer allocation
This matches the output size required for audio_resample()
2012-03-23 01:19:43 -04:00
Justin Ruggles
9869e963a6 avconv: move audio output buffer allocation to a separate function
Allows for removing a goto and makes the code easier to follow.
2012-03-23 01:19:43 -04:00
Justin Ruggles
f3ab3e1aee avconv: make the async buffer global and free it in exit_program() 2012-03-23 01:19:42 -04:00
Michael Niedermayer
cc415956a4 error_conceal: fix FPE in guess_dc() with huge sizes.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 05:21:52 +01:00
Michael Niedermayer
ac2cb27916 mov: Fix FPE on 0 time_scale
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 04:32:16 +01:00
Michael Niedermayer
c0a99eae29 indeo4: check band->scan
Fixes null ptr exception

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 04:29:41 +01:00
Michael Niedermayer
f927c5b753 vorbisdemux: Check private context in theoras gtopts.
This prevents a null ptr dereference.
It could be checked differently but this way it should
be possible to return some data.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 04:29:33 +01:00
Paul B Mahol
ae2c33b0c2 cosmetics: remove superfluous curly brackets
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 03:09:07 +01:00
Paul B Mahol
0e465c1a81 huffyuv: remove long time disabled code
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 03:09:07 +01:00
Paul B Mahol
3a085c6a37 huffyuv: do not decode/encode yuv colorspace with odd width
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 03:09:07 +01:00
Michael Niedermayer
ba02069a8e aacdec: prevent channels from exceeding MAX_CHANNELS.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 03:08:58 +01:00
Michael Niedermayer
01fd1aa0ad matroskadec: fix strcmp(NULL)
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 01:27:49 +01:00
Michael Niedermayer
437f5daf0b mov: fix global unicode convertion array overflow.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 01:09:04 +01:00
Michael Niedermayer
0c97fd336e mmdemux: dont set pkt->size to an invalid value.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 00:50:49 +01:00
Michael Niedermayer
7c0748c2db eatqi: replace break by goto.
This fixes some heap overread.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-23 00:50:43 +01:00
Michael Niedermayer
5a4af049b1 aacdec: reset max_sfb on invalid data.
Fixes global out of array read.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 23:57:45 +01:00
Michael Niedermayer
3583c8706d vqavideodev: Check image dimensions
Fixes out of heap array read

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 23:43:37 +01:00
Michael Niedermayer
464cef4c14 Merge remote-tracking branch 'qatar/master'
* qatar/master:
  xwma: Validate channels and bits_per_coded_sample.
  mov: Do not read past the end of the ctts_data table.
  mov: Add missing terminator to mov_ch_layout_map_1ch.
  asf: reset side data elements on packet copy.
  wmavoice: fix stack overread.
  wmalossless: error out if a subframe is not used by any channel.
  vqa: check palette chunk size before reading data.
  wmalossless: reset sample pointer for each subframe.
  wmalossless: error out on invalid values for order.

Conflicts:
	libavcodec/vqavideo.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 23:16:49 +01:00
Michael Niedermayer
9759d2b886 indeo4: check motion vetors.
Fixes out of heap array read.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 23:13:00 +01:00
Michael Niedermayer
afc0cc22e1 pngenc: make max_packet_size 64bit check check it.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 23:13:00 +01:00
Clément Bœsch
50a3867bab png: make ff_png_pass_mask local to pngdec. 2012-03-22 22:53:51 +01:00
Carl Eugen Hoyos
abdcb4918c Fix libgsm.c compilation after typo in 67b8c8. 2012-03-22 22:01:35 +01:00
Alex Converse
5023b89bba xwma: Validate channels and bits_per_coded_sample.
This prevents a SIGFPE later on.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-22 13:57:12 -07:00
Alex Converse
86f2ae06b9 mov: Do not read past the end of the ctts_data table.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
2012-03-22 13:57:12 -07:00
Alex Converse
3e6e89b3d6 mov: Add missing terminator to mov_ch_layout_map_1ch.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: Libav-stable@libav.org
2012-03-22 13:56:44 -07:00
Michael Niedermayer
6716e6892b Merge remote-tracking branch 'qatar/master'
* qatar/master:
  FATE: Add ZeroCodec test
  oggparseogm: fix order of arguments of avpriv_set_pts_info().
  pngenc: better upper bound for encoded frame size.
  aiffdec: set block_duration to 1 for PCM codecs that are supported in AIFF-C
  aiffdec: factor out handling of integer PCM for AIFF-C and plain AIFF
  aiffdec: use av_get_audio_frame_duration() to set block_duration for AIFF-C
  aiffdec: do not set bit rate if block duration is unknown
  wmall: output packet only if we have decoded some samples

Conflicts:
	libavcodec/pngenc.c
	tests/fate/lossless-video.mak

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 20:59:58 +01:00
Paul B Mahol
b1a0d694ea dcaenc: switch to encode2()
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-03-22 20:44:24 +01:00