ffmpeg

Author	SHA1	Message	Date
Ronald S. Bultje	8ba939fcda	ea: check chunk_size for validity. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 273e6af47b38391f2bcc157cca0423fe7fcbf55c) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 6a86b705e1d4b72f0dddfbe23ad3eed9947001d5) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit e74bc64dd376c4691a610ba62a66ed30affc97ec) Conflicts: libavformat/electronicarts.c (cherry picked from commit 38c45adfca299e3d96c07a700032695ec7ff2aeb) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-06-03 19:35:13 +02:00
kemuri	79674d27d9	vfwcap: Include windows.h before vfw.h since the latter requires defines from the former. Patch by kemuri <kemuri9 at gmail dot com> Originally committed as revision 21411 to svn://svn.ffmpeg.org/ffmpeg/trunk (cherry picked from commit 420755dd282a913c2163d5589706d6a99a18d10f) Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>	2012-06-02 19:25:58 -04:00
Ramiro Polla	b061ee9a5d	mingw32: merge checks for mingw-w64 and mingw32-runtime >= 3.15 into one Originally committed as revision 24204 to svn://svn.ffmpeg.org/ffmpeg/trunk (cherry picked from commit e26011d0f495de1148b8014995cbe923611b6b76) Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>	2012-06-02 19:25:58 -04:00
Ramiro Polla	baba561c0b	mingw32: properly check if vfw capture is supported by the system headers Remove check for an specific w32api version, checking instead if vfw.h supports vfw capture. The defines in w32api 3.12 were wrong, so this must be accounted for in the check. Originally committed as revision 24203 to svn://svn.ffmpeg.org/ffmpeg/trunk (cherry picked from commit ec1ee802a2e1cb3317bd44851cc28f95b5916051) Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Conflicts: configure	2012-06-02 19:25:58 -04:00
kemuri	f6147effd2	Replace every usage of -lvfw32 with what is particularly necessary for that case: Avisynth -> -lavifil32 VFW Cap -> -lavicap32 Patch by kemuri <kemuri9 at gmail dot com> Originally committed as revision 21410 to svn://svn.ffmpeg.org/ffmpeg/trunk (cherry picked from commit a1b3c5a377976d21b9daa878265c6eada24c2543) Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Conflicts: configure	2012-06-02 19:25:57 -04:00
Ramiro Polla	b990187f99	configure: properly check for mingw-w64 through installed headers. mingw-w64 can also target 32-bit code. Originally committed as revision 24156 to svn://svn.ffmpeg.org/ffmpeg/trunk (cherry picked from commit 0a4307d6307516d333ce2cde2a2ffa0f50bc176c) Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>	2012-06-02 19:25:57 -04:00
Ronald S. Bultje	ae6c57859c	qdm2: clip array indices returned by qdm2_get_vlc(). Prevents subsequent overreads when these numbers are used as indices in arrays. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com> (cherry picked from commit 64953f67f98da2e787aeb45cc7f504390fa32a69) Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com> Conflicts: libavcodec/qdm2.c	2012-06-02 19:25:57 -04:00
Alex Converse	5629c39101	kmvc: Check palsize. Fixes: CVE-2011-3952 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Based on fix by Michael Niedermayer (cherry picked from commit 386741f887714d3e46c9e8fe577e326a7964037b) (cherry picked from commit 416849f2e06227b1b4a451c392f100db1d709a0c) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit e7392dc349291eb94379d8cfb7ef73d32a768858) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-05-28 23:46:08 +02:00
Janne Grunau	7867cbaf6c	adpcm: ADPCM Electronic Arts has always two channels Fixes half of http://ffmpeg.org/trac/ffmpeg/ticket/794 Adresses CVE-2012-0852 (cherry picked from commit bb5b3940b08d8dad5b7e948e8f3b02cd2eb70716) Conflicts: libavcodec/adpcm.c Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit b581580bd1cc8506befa65b0a5c9ae429240f21f) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit a0f58c3a605b8123039628d1598cb36f1da0e815) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-05-28 23:46:08 +02:00
Alexander Strange	0bf8e22cdb	h264: Add check for invalid chroma_format_idc Fixes a crash when FF_DEBUG_PICT_INFO is used. Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com> (cherry picked from commit 6ef4063957aa5025c8d2cd757b6a537e4b6874df) Fixes: CVE-2012-0851 Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 47132345184dc3d0ff962a57a1225564fe979548) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit c5f7c755cfccd7aa01010a2d566104c2b0fa6d86) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 00d2c432581cf61326973a1a48f2e63690b65515)	2012-05-28 23:46:08 +02:00
Alex Converse	7944a87ba8	dpcm: ignore extra unpaired bytes in stereo streams. Fixes: CVE-2011-3951 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind (cherry picked from commit ce7aee9b733134649a6ce2fa743e51733f33e67e) (cherry picked from commit eaeaeb265fe46e1d81452960de918227541873b4) Conflicts: libavcodec/dpcm.c Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 1ce9c93198fc997e8f23934a78e2937af670e4e9) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 41f1f146c9e29dde63e293078819474c9b8111a1) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-05-28 23:46:08 +02:00
Michael Niedermayer	a55db1fc49	dsp: fix diff_bytes_mmx() with small width Fixes Ticket1068 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 73089eccd3e48539555349b36d8aabbf1cea416e) n0.5.9	2012-05-11 22:39:50 +02:00
Michael Niedermayer	123e925956	mmdemux: dont set pkt->size to an invalid value. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 0c97fd336e17535239ab44d755a0d957dc2688f3)	2012-05-11 22:39:37 +02:00
Michael Niedermayer	96c6b3a11c	h261: check mtype. Fixes out of array read Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit ec3cd74f2dab8e3e8234ccb994132b23d3098585)	2012-05-11 22:39:31 +02:00
Michael Niedermayer	5e3cd42b6d	4xmdemux: Check chunk size Fixes over reading the header array Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 474e31c904f766b6989fe614c3fb093e697c847f) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2012-05-11 22:38:28 +02:00
Michael Niedermayer	f73106256d	fix release number Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2012-05-11 22:37:20 +02:00
Michael Niedermayer	782c3ab777	Merge remote-tracking branch 'qatar/release/0.5' into release/0.5 * qatar/release/0.5: Bump version number for 0.5.8 release. Release notes and changelog for 0.5.7 vqavideo: return error if image size is not a multiple of block size motionpixels: Clip YUV values after applying a gradient. mjpegbdec: Fix overflow in SOS. atrac3: Fix crash in tonal component decoding. dv: Fix small stack overread related to CVE-2011-3929 and CVE-2011-3936. dv: Fix null pointer dereference due to ach=0 dv: check stype nsvdec: Propagate errors nsvdec: Be more careful with av_malloc(). nsvdec: Fix use of uninitialized streams. Conflicts: libavcodec/atrac3.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2012-05-11 22:02:11 +02:00
Reinhard Tartler	4b2e02a4c4	Bump version number for 0.5.8 release.	2012-05-10 20:40:38 +02:00
Reinhard Tartler	79fbcd9f03	Release notes and changelog for 0.5.7	2012-05-10 20:15:51 +02:00
Mans Rullgard	468cc41d6d	vqavideo: return error if image size is not a multiple of block size The decoder assumes in various places that the image size is a multiple of the block size, and there is no obvious way to support odd sizes. Bailing out early if the header specifies a bad size avoids various errors later on. Fixes CVE-2012-0947. Signed-off-by: Mans Rullgard <mans@mansr.com> (cherry picked from commit 58b2e0f0f2fc96c1158e04f8aba95cbe6157a1a3) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit d5207e2af81580dd5e6277b354c8b459c3624f26) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit c71c77e56fcc6d469d45e1c8ce04aa053124d3f8) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit c90da45d5a7a4045dbf22fba52c63ef55d207269) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-05-09 22:34:07 +02:00
Alex Converse	6c9b404dba	motionpixels: Clip YUV values after applying a gradient. Prevents illegal reads on truncated and malformed input. CC: libav-stable@libav.org (cherry picked from commit b5da848facd41169283d7bfe568b83bdfa7fc42e) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit aaa6a666774eb02c351c84e80622a5c69e9b642e) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 50073e2395522b6e2b8698ff0dd06ffaf8cbf8ce) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 2134e7f6e88959513ba1713ad6fd7a7c8d5a0f41) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-05-09 22:33:49 +02:00
Alex Converse	b2ac7e585e	mjpegbdec: Fix overflow in SOS. Based in part by a fix from Michael Niedermayer <michaelni@gmx.at> Fixes CVE-2011-3947 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind (cherry picked from commit b57d262412204e54a7ef8fa1b23ff4dcede622e5) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 083a8a00373b12dc06b8ae4c49eec61fb5e55f4b) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 6ae95a0b93e8df15fe5f364535a7214be0817736) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 6ca010f20965ef71d97a53e871edae2eb9c05a5f) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-04-21 15:42:28 +02:00
Michael Niedermayer	8bb3ba5541	atrac3: Fix crash in tonal component decoding. Add a check to avoid writing past the end of the channel_unit.components[] array. Bug Found by: cosminamironesei Fixes CVE-2012-0853 CC: libav-stable@libav.org Signed-off-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com> (cherry picked from commit c509f4f74713b035a06f79cb4d00e708f5226bc5) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit f43b6e2b1ed47a1254a5d44c700a7fad5e9784be) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit f728ad26f0ec87650d2986a892785c0e2b97d161) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 224025d852dcc42f752c0922fef7121808d1e42f) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-04-21 15:42:10 +02:00
Alex Converse	5a92aa378d	dv: Fix small stack overread related to CVE-2011-3929 and CVE-2011-3936. Found with asan. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Alex Converse <alex.converse@gmail.com> (cherry picked from commit 2d1c0dea5f6b91bec7f5fa53ec050913d851e366) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 00fa6ffe1a0b252d6a81815e51f125225cd0b97a) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit a8f4db0acd9b588ba33e3b8c0c21feea5916cfd1) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-04-21 15:41:57 +02:00
Michael Niedermayer	c4e8c99507	dv: Fix null pointer dereference due to ach=0 dv: Fix null pointer dereference due to ach=0 Fixes part2 of CVE-2011-3929 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Reviewed-by: Roman Shaposhnik <roman@shaposhnik.org> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Alex Converse <alex.converse@gmail.com> (cherry picked from commit 5a396bb3a66a61a68b80f2369d0249729bf85e04) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 44e182d41e3a73548f3f5e8445ec428d3846e6d6) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit b46141b0d1d7efb74dad172b7c1b52413441592f) Conflicts: libavformat/dv.c	2012-04-21 15:41:30 +02:00
Michael Niedermayer	479869c499	dv: check stype dv: check stype Fixes part1 of CVE-2011-3929 Possibly fixes part of CVE-2011-3936 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Reviewed-by: Roman Shaposhnik <roman@shaposhnik.org> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> Signed-off-by: Alex Converse <alex.converse@gmail.com> (cherry picked from commit 635bcfccd439480003b74a665b5aa7c872c1ad6b) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit bb737d381f6d6413899a0697f426fb082eac66fc) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 38421f27b3899a930552750fe1e0dffd45b71b8e) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-04-21 15:39:00 +02:00
Alex Converse	ec4979e16e	nsvdec: Propagate errors Related to CVE-2011-3940. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind (cherry picked from commit c898431ca5ef2a997fe9388b650f658fb60783e5) Conflicts: libavformat/nsvdec.c Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 0100c4b1b0736e0f5b3c98f9b0ab8acbef574888) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 3253dd2b420583a7f10afa87e47b9cb73e950e2a) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-04-21 15:38:44 +02:00
Alex Converse	056c909d9d	nsvdec: Be more careful with av_malloc(). Check results for av_malloc() and fix an overflow in one call. Related to CVE-2011-3940. Based in part on work from Michael Niedermayer. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind (cherry picked from commit 8fd8a48263ff1437f9d02d7e78dc63efb9b5ed3a) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit be524c186b50337db64d34a5726dfe3e8ea94f09) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 87007519c81c37d8a3de424de3db14078ae84333) Conflicts: libavformat/nsvdec.c	2012-04-21 15:38:10 +02:00
Michael Niedermayer	bde4b66063	nsvdec: Fix use of uninitialized streams. Fixes CVE-2011-3940 (Out of bounds read resulting in out of bounds write) Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 5c011706bc752d34bc6ada31d7df2ca0c9af7c6b) Signed-off-by: Alex Converse <alex.converse@gmail.com> (cherry picked from commit 6a89b41d9780325ba6d89a37f2aeb925aa68e6a3) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 65beb8c1173906b0541442713cb29e8ba44c47ef) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 1edf848a81464afd514afbbbcb97b471d334e14a) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-04-21 15:36:40 +02:00
Michael Niedermayer	0fda37cff9	Merge remote-tracking branch 'qatar/release/0.5' into release/0.5 * qatar/release/0.5: id3v2: fix skipping extended header in id3v2.4 Merged-by: Michael Niedermayer <michaelni@gmx.at>	2012-04-02 02:25:49 +02:00
Anton Khirnov	2e693be7e9	id3v2: fix skipping extended header in id3v2.4 In v2.4, the length includes the length field itself. (cherry picked from commit ddb4431208745ea270dce8fce4cba999f0ed4303) Conflicts: libavformat/id3v2.c Signed-off-by: Anton Khirnov <anton@khirnov.net>	2012-04-01 19:49:37 +02:00
Michael Niedermayer	8e101086eb	update for 0.5.8 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> n0.5.8	2012-01-12 22:19:09 +01:00
Michael Niedermayer	f13de3c653	atrac3: Fix crash in tonal component decoding. Fixes Ticket780 Bug Found by: cosminamironesei Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 9af6abdc17deb95c9b1f1d9242ba49b8b5e0b016) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2012-01-12 22:15:00 +01:00
Michael Niedermayer	1eb7872238	Merge remote-tracking branch 'qatar/release/0.5' into release/0.5 * qatar/release/0.5: Release notes and changelog for 0.5.7 Bump version number for 0.5.7 release. vorbis: An additional defense in the Vorbis codec. vorbisdec: Fix decoding bug with channel handling Merged-by: Michael Niedermayer <michaelni@gmx.at>	2012-01-12 22:14:10 +01:00
Reinhard Tartler	15df4428d2	Release notes and changelog for 0.5.7	2012-01-10 22:22:05 +01:00
Reinhard Tartler	ec0124203c	Bump version number for 0.5.7 release.	2012-01-10 21:23:27 +01:00
Chris Evans	6b01bcebb9	vorbis: An additional defense in the Vorbis codec. Fixes Bug: #190 Chromium Bug: #100543 Related to CVE-2011-3893 Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit afb2aa537954db537d54358997b68f46561fd5a7) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit b0283ccb9e8945ce9e56f7c6ba0c676e7179d7a3) Conflicts: libavcodec/vorbis_dec.c (cherry picked from commit a5e0afe3c936220a793db0cdae04bb228f1904e0) Conflicts: libavcodec/vorbis_dec.c	2012-01-08 09:49:19 +01:00
Reinhard Tartler	efd453d82d	vorbisdec: Fix decoding bug with channel handling Fixes Bug: #191 Chromium Bug: #101458 CVE-2011-3895 Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit e6d527ff729e42d80e4756cab779ff4ad693631b) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 97f23c72a3815739ab28e297ce60f943349f6939) Conflicts: libavcodec/vorbis_dec.c (cherry picked from commit 42f0a6696889ba275aa2087b57fa99f7a97033a0) Conflicts: libavcodec/vorbis_dec.c	2012-01-08 09:40:38 +01:00
Michael Niedermayer	7209c2b13f	Merge remote-tracking branch 'qatar/release/0.5' into release/0.5 * qatar/release/0.5: matroskadec: Fix a bug where a pointer was cached to an array that might later move due to a realloc() vorbis: Avoid some out-of-bounds reads vp3: fix oob read for negative tokens and memleaks on error. Merged-by: Michael Niedermayer <michaelni@gmx.at>	2012-01-08 05:03:39 +01:00
Chris Evans	7ee536e87a	matroskadec: Fix a bug where a pointer was cached to an array that might later move due to a realloc() Fixes bug #190 Chromium bug #100492 related to CVE-2011-3893 Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry-picked from commit faaec4676cb4c7a2303d50df66c6290bc96a7657) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 1f625431e2bb9564760fba3ab8077ae07ce7c7a1) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 90a4a467477be8c292daa08a9516ee78ca0d517b) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-01-07 22:16:29 +01:00
Chris Evans	665421f3b1	vorbis: Avoid some out-of-bounds reads Fixes Bug: #190 Chromium Bug: #100543 Related to CVE-2011-3893 Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 57cd6d709565e84e84385f8f2a9641ca3fa718be) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 4a94678f1be4b7d47f862e9523ca3358255da5d4) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 6d6254ba9fbb22260939c06db1faed5bbd295ad4) Conflicts: libavcodec/vorbis.c	2012-01-07 22:15:53 +01:00
Ronald S. Bultje	3eb6983dbc	vp3: fix oob read for negative tokens and memleaks on error. (cherry picked from commit 8370e426e42f2e4b9d14a1fb8107ecfe5163ce7f) Fixes: #189 Chromium-Bug: 101172,100465 CVE-2011-3892 Removed the parts that are related to multi-threading, which is not included before 0.7. Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit c624935554332f8921a15265b8720f0c7b3c8cc2) Conflicts: libavcodec/vp3.c (cherry picked from commit c9c7db0af2a0fc14764a07f0e61cebf11238e3c2) Conflicts: libavcodec/vp3.c Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2012-01-07 21:39:50 +01:00
Michael Niedermayer	e75056bc54	Update for 0.5.7 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> n0.5.7	2011-12-25 21:43:56 +01:00
Michael Niedermayer	8755a7890e	Merge remote-tracking branch 'qatar/release/0.5' into release/0.5 * qatar/release/0.5: Release notes and changelog for 0.5.6 Conflicts: RELEASE Merged-by: Michael Niedermayer <michaelni@gmx.at>	2011-12-25 20:19:13 +01:00
Reinhard Tartler	d0688fdd31	Release notes and changelog for 0.5.6	2011-12-25 10:18:18 +01:00
Michael Niedermayer	0e05292a6c	Merge remote-tracking branch 'qatar/release/0.5' into release/0.5 * qatar/release/0.5: Bump version number for 0.5.6 release. svq1dec: call avcodec_set_dimensions() after dimensions changed. vmd: fix segfaults on corruped streams vp6: partially propagate huffman tree building errors during coeff model parsing and fix misspelling Plug some memory leaks in the VP6 decoder vp6: Reset the internal state when aborting key frames header parsing vp6: Fix illegal read. vp6: Fix illegal read. Fix out of bound reads in the QDM2 decoder. Check for out of bound writes in the QDM2 decoder. qdm2: check output buffer size before decoding Fix qdm2 decoder packet handling to match the api Conflicts: libavcodec/qdm2.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2011-12-25 00:53:49 +01:00
Reinhard Tartler	23f228a0d0	Bump version number for 0.5.6 release.	2011-12-24 16:32:06 +01:00
Michael Niedermayer	110aff4b24	svq1dec: call avcodec_set_dimensions() after dimensions changed. Fixes NGS00148, CVE-2011-4579 Found-by: Phillip Langlois Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 6e24b9488e67849a28e64a8056e05f83cf439229) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 0eca0da06e40b73af495cc05fbcfaa030fcf78ea) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 8ddc0b491d3c9c11c1e3d638fda51b4b604d32f4) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2011-12-24 16:28:20 +01:00
Laurent Aimar	4a1c3df592	vmd: fix segfaults on corruped streams Signed-off-by: Janne Grunau <janne-libav@jannau.net> Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 494cfacdb9ba3f0549e37f76b3a2f86a7aeeac3c) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit b99366faef3a1ed4a34c9b37107f2c8c24702813) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2011-12-24 16:28:20 +01:00
Dustin Brody	185abfb218	vp6: partially propagate huffman tree building errors during coeff model parsing and fix misspelling Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com> (cherry picked from commit f913eeea43078b3b9052efd8d8d29e7b29b39208) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 7367cbec1b8cf0cbb49707fb0fdfded8ec397b0d) Signed-off-by: Reinhard Tartler <siretart@tauware.de> (cherry picked from commit 201fcfb89482c6f73d6b679a294aac8da9612bbd) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2011-12-24 16:28:20 +01:00

1 2 3 4 5 ...

18748 Commits