ffmpeg

Author	SHA1	Message	Date
Anton Khirnov	0076639965	avconv: skip attached files when selecting streams to read from. Fixes Bug 473 / invalid reads when using -attach.	2013-03-15 08:58:11 +01:00
Mans Rullgard	d8fbae3c3c	lavf: fix arithmetic overflows in avformat_seek_file() The values compared here can be more than INT64_MAX apart. Since the difference is always positive, converting to uint64_t before subtracting gives the correct result without overflows. Signed-off-by: Mans Rullgard <mans@mansr.com> (cherry picked from commit 91ac403b1316d59b4f43c4ea0f237e24cec2819a) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-03-13 14:14:54 +01:00
Michael Niedermayer	f82e127dd9	parser: fix large overreads Signed-off-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com> (cherry picked from commit 096abfa15052977eed93f0b5e01afd2d47c53c1f) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-03-13 13:58:10 +01:00
Mans Rullgard	871c8f0abb	dsputil: fix invalid array indexing Indexing outside an array is invalid and causes errors with gcc 4.8. Signed-off-by: Mans Rullgard <mans@mansr.com> (cherry picked from commit 0a07f2b346433a9a2677c69c6b29a1a827e39109) Signed-off-by: Diego Biurrun <diego@biurrun.de>	2013-03-12 23:30:08 +01:00
Luca Barbato	f42d03746a	shorten: use the unsigned type where needed get_uint returns an unsigned value, use an unsigned to store blocksize to make sure the comparison logic is correct and report correctly the error for the channel count not supported. CC: libav-stable@libav.org (cherry picked from commit 5cf7c72757779a740e897a97710aac044fe5258c) (cherry picked from commit 88089eecfd7e604d40d078b4f4206c647cb2e2b4) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/shorten.c	2013-03-12 20:05:39 +01:00
Luca Barbato	5df064df62	shorten: report meaningful errors (cherry picked from commit 4c364eb2b856fc33cf7b42f7c7b979e69fde5f3a) (cherry picked from commit 0daf1428e82926dc5a8c72a0ff4c93aaa8a84ed9) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-03-12 20:05:39 +01:00
Luca Barbato	ff5a06f7f0	shorten: K&R formatting cosmetics (cherry picked from commit a2ad554def214d2d03b7c16f68dc081a8622f9ca) (cherry picked from commit 97cc2f286f9e3eed1a00034367ebca58cc05ee39) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/shorten.c	2013-03-12 20:05:39 +01:00
Michael Niedermayer	a4a97e5f3c	shorten: set invalid channels count to 0 Prevent the loop shorten_decode_close from writing and freeing out of the array boundary. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Luca Barbato <lu_zero@gentoo.org> CC: libav-stable@libav.org (cherry picked from commit c10da30d8426a1f681d99a780b6e311f7fb4e5c5) (cherry picked from commit 21d568be179c54a1596d1377b4da7fbe755bfe7f) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-03-12 20:05:39 +01:00
Luca Barbato	9314af3b2e	matroskadec: request a read buffer for the wav header Solve an infiniloop. CC: libav-stable@libav.org (cherry picked from commit 37cb3b180a1dc3d6f123f68e0806585ebc2578b6) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-03-12 20:05:39 +01:00
Luca Barbato	9e48d77158	h264: check for luma and chroma bit depth being equal The decoder assumes a single bit depth for all the planes while the specification allows different bit depths for luma and chroma. Avoid the possible problems described in CVE-2013-2277	2013-03-12 20:05:39 +01:00
Diego Biurrun	b9ec4414b5	vc1: Move init code shared between decoder and parser to common code file. This fixes standalone compilation of the VC-1 parser. (cherry picked from commit 3c715383ea7012ac69507e6b9189c98675c77461) Conflicts: libavcodec/vc1data.h Signed-off-by: Diego Biurrun <diego@biurrun.de>	2013-03-10 13:45:43 +01:00
Anton Khirnov	9b79a05289	wmaprodec: return an error, not 0, when the input is too small. Returning 0 may result in an infinite loop in valid calling programs. A decoder should never return 0 without producing any output. CC:libav-stable@libav.org (cherry picked from commit 4c0080b7e7d501e2720d2a61f5186a18377f9d63) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 60dd8b5733f9ec4919fbc732ace1be8184dde880) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-03-09 18:54:28 +01:00
Justin Ruggles	5dbb3298b9	libmp3lame: use the correct remaining buffer size when flushing CC:libav-stable@libav.org (cherry picked from commit e984f47873258b600fd88423f40e3cdaad179190) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit b77d9cbbd5050eda75030c8926241af3dbe1a8df) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-03-09 18:54:28 +01:00
Anton Khirnov	98406bd26e	vmdaudio: fix invalid reads when packet size is not a multiple of chunk size CC:libav-stable@libav.org (cherry picked from commit f86d66bcfa48998b0727aa0d1089a30cbeae0933) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 77cf052e395b1fac8dd181d4f76b0101d1acd625) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-03-09 18:54:28 +01:00
Anton Khirnov	e10af023b2	xxan: fix invalid memory access in xan_decode_frame_type0() The loop a few lines below the xan_unpack() call accesses up to dec_size * 2 bytes into y_buffer, so dec_size must be limited to buffer_size / 2. CC:libav-stable@libav.org (cherry picked from commit 8a49d2bcbe7573bb4b765728b2578fac0d19763f) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 62a657de168cf501acb23d48cc1aa00793dc83f3) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-03-09 18:54:28 +01:00
Michael Niedermayer	e050af9a80	vorbisdec: Error on bark_map_size equal to 0. The value is used to calculate output LSP curve and a division by zero and out of array accesses would occur. CVE-2013-0894 CC: libav-stable@libav.org Reported-by: Dale Curtis <dalecurtis@chromium.org> Found-by: inferno@chromium.org Signed-off-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit 11dcecfcca0eca1a571792c4fa3c21fb2cfddddc) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 494ddd377ada76ed555f7a3f49391455daa099c9) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-03-09 18:54:28 +01:00
Anton Khirnov	b527dd30e9	wmadec: require block_align to be set. Avoids an infinite loop in the calling programs with decoder not consuming any input and not returning output. CC:libav-stable@libav.org (cherry picked from commit ea1136baafb1fe271cb56c3f4d7bff0267e3c70f) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit c1f479e8df24284237c80ad959619fc85e29a26d) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-03-09 18:54:28 +01:00
Mans Rullgard	29a2fdb184	configure: clean up Altivec detection There used to be one test for Altivec intrinsics support and a separate test to determine which of two possible syntaxes to use for vector literals. Since 2008, we only support the more common of these so the split test no longer makes sense. This combines the tests into one and also changes the hard error on failure to a warning. The test can reasonably fail if no --cpu flag is provided (or is provided with an unknown CPU) and the compiler default target does not support Altivec. Aborting in this case is probably over-reacting. Fixes: #464, http://bugs.debian.org/701710 Signed-off-by: Mans Rullgard <mans@mansr.com> (cherry picked from commit 20bcce507aa6b9c866e34eee75d80305109767a8) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-03-09 18:54:28 +01:00
Reinhard Tartler	30bfa9e79f	Update RELEASE file for 0.8.6	2013-03-09 18:54:28 +01:00
Reinhard Tartler	cb93705900	update year to 2013 Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-03-09 18:54:27 +01:00
Luca Barbato	8829c79039	oggdec: make sure the private parse data is cleaned up (cherry picked from commit d894f74762bc95310ba23f804b7ba8dffc8f6646) Related to CVE-2012-2882 Conflicts: libavformat/oggdec.h libavformat/oggparsevorbis.c	2013-03-09 18:54:27 +01:00
Carl Eugen Hoyos	85e082d081	Require at least three frames to autodetect loas. (cherry picked from commit a60530e3ee1d9532c026a52b03661f88e163d647)	2013-03-02 02:05:14 +01:00
Nicolas George	eeacc5a7d0	lavf/avio: check for : in filenames for protocols. If the first "special" character in a filename is a comma, it can introduce protocol options, but only if there is a colon at the end. Otherwise, it is just a filename with a comma. Fix trac ticket #2303. (cherry picked from commit d9fad53f4b447db1e436dcf3fc4a57e604616e6c)	2013-03-01 08:59:38 +01:00
Diego Biurrun	6a9f050c22	build: Fix CAF demuxer dependencies (cherry picked from commit a519463366238a7ec05d2bb76c4a67f42cf60ece) Conflicts: libavcodec/Makefile	2013-02-25 20:34:26 +01:00
Vicente Jimenez Aguilar	60a1ee6e41	doc: Fix some obsolete references to av* tools as ff* tools Signed-off-by: Diego Biurrun <diego@biurrun.de> CC: libav-stable@libav.org (cherry picked from commit 202b5f6deb65e405b07b9b5c20f97c8cb925cf49) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-02-24 19:32:52 +01:00
Diego Biurrun	c3829f7085	doc: developer: Allow tabs in the vim configuration for Automake files While we do not use Automake in libav, this allows our config to be used more globally without introducing unwanted breakage. (cherry picked from commit 040c565e51985477a8fa5e42d2ddfb26ebde6608) Conflicts: doc/developer.texi	2013-02-24 19:32:52 +01:00
Vicente Jimenez Aguilar	f20764102b	doc: filters: Correct BNF FILTER description Signed-off-by: Diego Biurrun <diego@biurrun.de> (cherry picked from commit b5ad422bf4e671a8b30ce73ad236cd6b49940af9)	2013-02-24 19:32:52 +01:00
Carl Eugen Hoyos	8344601712	Write the fiel atom to mov files independently of the used video coded. The QuickTime specification does not contain any hint that the atom must not be written in some cases and both the QuickTime and the AVID decoders do not fail if the atom is present. This change allows to signal (visually) interlaced streams with a codec different from uncompressed video. As a side-effect, this fixes ticket #2202 (cherry picked from commit 7d0e3b197c817b307d599a23704a44763ed0bbdd) Conflicts: libavformat/movenc.c tests/ref/lavf/mov tests/ref/seek/lavf_mov tests/ref/vsynth/vsynth1-avui tests/ref/vsynth/vsynth1-dnxhd-1080i tests/ref/vsynth/vsynth1-mpeg4 tests/ref/vsynth/vsynth2-avui tests/ref/vsynth/vsynth2-dnxhd-1080i tests/ref/vsynth/vsynth2-mpeg4	2013-02-14 15:47:23 +01:00
Michael Niedermayer	5b7f7f3809	Merge remote-tracking branch 'qatar/release/0.8' into release/0.10 * qatar/release/0.8: pthread: set the frame properties from the thread context, not user. mp3: exit on parsing error in mp_decode_frame indeo3: initialise pixel planes on allocation Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-14 15:18:56 +01:00
Michael Niedermayer	b07c791252	huffyuvdec: Skip len==0 cases Fixes vlc decoding for hypothetical files that would contain such cases. Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 0dfc01c2bbf4b71bb56201bc4a393321e15d1b31) Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 5ff41ffeb4cb9ea6df49757dc859619dc3d3ab4f) Conflicts: libavcodec/huffyuv.c (cherry picked from commit 9bc70fe1ae50fd2faa0b9429d47cfbda01a92ebc) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-14 15:18:23 +01:00
Michael Niedermayer	ba4b57e802	huffyuvdec: Check init_vlc() return codes. Prevents out of array writes Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit f67a0d115254461649470452058fa3c28c0df294) Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 95ab8d33e1a680f30a5a9605175112008ab81afc) Conflicts: libavcodec/huffyuv.c (cherry picked from commit 277def59fce10d91e3113e5c0f63e22bc4abfa88) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-14 15:18:23 +01:00
Xi Wang	ef953f760e	rtmp: fix buffer overflows in ff_amf_tag_contents() A negative `size' will bypass FFMIN(). In the subsequent memcpy() call, `size' will be considered as a large positive value, leading to a buffer overflow. Change the type of `size' to unsigned int to avoid buffer overflow, and simplify overflow checks accordingly. Signed-off-by: Xi Wang <xi.wang@gmail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 4e692374f7962ea358c329de38c380103f8991b6) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-14 15:18:23 +01:00
Xi Wang	69b3fedc09	rtmp: fix multiple broken overflow checks Sanity checks like `data + size >= data_end \|\| data + size < data' are broken, because `data + size < data' assumes pointer overflow, which is undefined behavior in C. Many compilers such as gcc/clang optimize such checks away. Use `size < 0 \|\| size >= data_end - data' instead. Signed-off-by: Xi Wang <xi.wang@gmail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 902cfe2f74d777a7dc20ac68f2393b9f84b790c1) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-14 15:18:23 +01:00
Xi Wang	165f783235	rtpenc: fix overflow checking in avc_mp4_find_startcode() The check `start + res < start' is broken since pointer overflow is undefined behavior in C. Many compilers such as gcc/clang optimize away this check. Use `res > end - start' instead. Also change `res' to unsigned int to avoid signed left-shift overflow. Signed-off-by: Xi Wang <xi.wang@gmail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 2f014567cfd63e58156f60666f1a61ba147276ab) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-14 15:18:23 +01:00
Carl Eugen Hoyos	7a21b089c2	sws: dont write out of array on bigendian Fixes Ticket2229 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 4e2c63685e031e28d2296cff76473b963ee62ba1)	2013-02-14 14:42:41 +01:00
Michael Niedermayer	4d9bde86d0	ffmpeg: dont allow -flags to override -pass Fixes Ticket2154 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit ccf9dd00da055e94117b56cead4af80ff331b00e) Conflicts: ffmpeg_opt.c	2013-02-06 10:23:45 +01:00
Anton Khirnov	a4c9260e69	pthread: set the frame properties from the thread context, not user. Right now, the frame properties are set from the user-facing AVCodecContext before it is updated from the thread context, which is wrong since they may be invalid or obsolete.	2013-01-24 11:45:27 +01:00
Carl Eugen Hoyos	4e869e7a5f	matroskaenc: add codec_tag lists back. This reverts 312645e : "Do not set codec_tag property for matroska muxers." Also adds dummy codec_tag lists with codecs supported in mkv but not in wav / avi. Fixes ticket #2169. (cherry picked from commit df39c3ce385c02cbd8046298578ea7454c0a0f81) Conflicts: libavformat/matroskaenc.c	2013-01-24 02:42:38 +01:00
Luca Barbato	1076ea8115	mp3: exit on parsing error in mp_decode_frame Properly forward mp_decode_layer3 errors, mp_decode_layer1 and mp_decode_layer2 do not return errors. Based on a patch by Michael Niedermayer. (cherry picked from commit 0c03cc68386443f1e96ab6fb358220faf67cd5ff) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2013-01-20 20:36:57 +01:00
Kostya Shishkov	a94f789c33	indeo3: initialise pixel planes on allocation This prevents decoder from reading garbage from it in case of errors later. (cherry picked from commit 81064a8045028838fd32d18490034c207c8ecc06) Fixes an invalid read on sample from CVE-2012-2804 Signed-off-by: Anton Khirnov <anton@khirnov.net>	2013-01-20 20:36:57 +01:00
Carl Eugen Hoyos	74b04e6a35	Fix detection of struct v4l2_frmsize_discrete. It was always detected successfully. (cherry picked from commit 91e016865cccc192f86d40ea93eb06cf0e7ba4a0)	2013-01-17 02:45:20 +01:00
Michael Niedermayer	492eb0aa14	Merge remote-tracking branch 'qatar/release/0.8' into release/0.10 * qatar/release/0.8: Update Changelog h264: check ref_count validity for num_ref_idx_active_override_flag h264: check context state before decoding slice data partitions oggdec: free the ogg streams on read_header failure oggdec: check memory allocation Fix uninitialized reads on malformed ogg files. rtsp: Recheck the reordering queue if getting a new packet opt: avoid segfault in av_opt_next() if the class does not have an option list alacdec: do not be too strict about the extradata size Conflicts: Changelog Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-01-17 02:33:07 +01:00
Michael Niedermayer	c961ce969a	Merge commit 'a335ffd7f4cdaaa6a8fe4187f6f06b0418eea19a' into release/0.10 * commit 'a335ffd7f4cdaaa6a8fe4187f6f06b0418eea19a': h264: fix sps parsing for SVC and CAVLC 4:4:4 Intra profiles h264: check sps.log2_max_frame_num for validity h264: slice-mt: get last_pic_dropable from master context ppc: always use pic for shared libraries h264: error out on unset current_picture_ptr for h->current_slice > 0 flashsv: make sure data for zlib priming is available h264: enable low delay only if no delayed frames were seen flashsv: check for keyframe before using differential coding lavf: avoid integer overflow in ff_compute_frame_duration() aacdec: Fix an off-by-one overwrite when switching to LTP profile from MAIN. APIchanges: Fill in missing commit hashes Conflicts: doc/APIchanges Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-01-17 02:20:20 +01:00
Michael Niedermayer	52cea9ce92	Merge commit '01a4e7f623a2e6dc95862f9a56c777f058d7bfaf' into release/0.10 * commit '01a4e7f623a2e6dc95862f9a56c777f058d7bfaf': lavf: Bump minor version to distinguish branch and master version numbers vp6: properly fail on unsupported feature mp3: properly forward mp_decode_frame errors mpeg12: do not decode extradata more than once. indeo3: when freeing buffers, set pointers referencing them to NULL as well indeo3: ensure that decoded cell data is in 7-bit range as presumed by decoder avconv: fix copying per-stream metadata. id3v2: fix reading unsynchronized frames. h264: Fix parameters to ff_er_add_slice() call build: fix 'clean' target Conflicts: avconv.c libavcodec/mpeg12.h libavformat/id3v2.c libavformat/version.h Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-01-17 01:58:54 +01:00
Carl Eugen Hoyos	4fc22e85c0	Revert "x86: Require an assembler able to cope with AVX instructions" This reverts commit e287201c77dc7a7a9759d56d8f48ae719b7e69a9.	2013-01-17 01:51:28 +01:00
Michael Niedermayer	ea3b68c99d	Merge commit 'dcf8f259d107838ff3778343dcb762398130a1a3' into release/0.10 * commit 'dcf8f259d107838ff3778343dcb762398130a1a3': build: Add 'check' target to run all compile and test targets. Ignore generated aviocat tool. avconv: only apply presets when we have an encoder. flacenc: ensure the order is within the min/max range in LPC order search yuv4mpeg: reject unsupported codecs vp8: reset loopfilter delta values at keyframes. vp56: release frames on error vp56: make parse_header return standard error codes ivi_common: check that scan pattern is set before using it. Prepare for 0.8.5 Release x86: Require an assembler able to cope with AVX instructions Conflicts: RELEASE avconv.c doc/developer.texi libavformat/yuv4mpeg.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-01-17 01:29:26 +01:00
Reinhard Tartler	cf2cab5b2a	Update Changelog	2013-01-12 17:59:41 +01:00
Janne Grunau	adef01c370	h264: check ref_count validity for num_ref_idx_active_override_flag Fixes segfault in the fuzzed sample bipbop234.ts_s226407. CC: libav-stable@libav.org (cherry-picked from commit 6e5cdf26281945ddea3aaf5eca4d127791f23ca8) Signed-off-by: Janne Grunau <janne-libav@jannau.net>	2013-01-12 17:59:41 +01:00
Janne Grunau	06312bbb10	h264: check context state before decoding slice data partitions Fixes mov_h264_aac__Demo_FlagOfOurFathers.mov.SIGSEGV.4e9.656. Found-by: Mateusz "j00ru" Jurczyk CC: libav-stable@libav.org (cherry-picked from commit c1fcf563b13051f280db169ba41c6a1b21b25e08) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2013-01-12 17:59:41 +01:00
Luca Barbato	03fec31cd7	oggdec: free the ogg streams on read_header failure Plug an annoying memory leak on broken files. (cherry picked from commit 89b51b570daa80e6e3790fcd449fe61fc5574e07) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit 42bd6d9cf681306d14c92af97a40116fe4eb2522) Conflicts: libavformat/oggdec.c	2013-01-12 17:59:41 +01:00

... 3 4 5 6 7 ...

37889 Commits