Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit b399cbfba5d901608c18e1a2d48a24c30541a634)
(cherry picked from commit 55a96a984ec65736475a8577a158abc5c48fd50a)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 4a7876c6e4e62e94d51e364ba99aae4da7671238)
(cherry picked from commit b08df314dca6946ed644caacb9d3a533a054c0f6)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 5d44c061cf511d97be5fac8d76be2f3915c6e798)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 1cce7def0a8eff2e7db294b7d195a0fb1a5043b0)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
The data pointers s->decoded[*] already take into account s->nwrap.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f42b3195d3f2692a4dfc0a8668bb4ac35301f2ed)
(cherry picked from commit 107ea3057eb8de8a38c45c2f7181c42ea694b187)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 3035c4034b6af3ad47f921e3385196e1b9d44ddf)
(cherry picked from commit 6e774cf67e6f30feb9b3dec11713d6b6dc0b521c)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e7aed1280ea14b60fceae04d71dfd03e1daf2d04)
(cherry picked from commit 1ed90c84f6ab75af91b08436cefb8ea464f8495b)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit dba20b84784a7931b7eac50ced1d43e86801bde9)
(cherry picked from commit c9c6e5f4e8680b7b7801dd6943590ae9cd6bfd89)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 741ec30bd2385f794efa9fafa84d39a917f2574e)
(cherry picked from commit 533dbaa55b7d45d5ca76f9ed46f5690282f86ea9)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 979bea13003ef489d95d2538ac2fb1c26c6f103b)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 35f38b3ab9d755aede5bce8abbe1cb9c07027f8a)
(cherry picked from commit ed9e561490d70e317659f9e406c7920242e509eb)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 4907f813581acd6cf68f1be9eb163464503e8208)
(cherry picked from commit 24e0a9e451e1aae427307a919d78f6790f4e413c)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/release/0.5:
update version
Release notes and changelog for 0.5.5
Fix ff_imdct_calc_sse() on gcc-4.6
Make DECLARE_ALIGNED macros work with external array specifiers
Fix MMX rgb24 to yuv conversion with gcc 4.6
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Gcc 4.6 only preserves the first value when using an array with an "m"
constraint.
Signed-off-by: Mans Rullgard <mans@mansr.com>
(cherry picked from commit 770c410fbb8e1b87ce8ad7f3d7eddaa55e2b8295)
Conflicts:
libavcodec/x86/fft_sse.c
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
The macro implementation might need the name of the variable being
declared for compiler-specific syntax. Moving array specifiers outside
the macro invocation allows this to work.
Originally committed as revision 21363 to svn://svn.ffmpeg.org/ffmpeg/trunk
(cherry picked from commit 8a24e98d506f0f44ec58e06291fa0fce703fb6a8)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
When built with gcc 4.6, the MMX rgb24 to yuv conversion gives
wrong output. The compiler produces this warning:
libswscale/swscale_template.c:1885:5: warning: use of memory input without lvalue in asm operand 4 is deprecated
Changing the memory operand to a register makes it work.
Signed-off-by: Mans Rullgard <mans@mansr.com>
(cherry picked from commit f344903ca5ce28a833fdd656bc1ed5b16d97e7e9)
Conflicts:
libswscale/swscale_template.c
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
This prevents some crashes when corrupted bitstream reports e.g. P-type
slice in I-frame. Official RealVideo decoder demands all slices to be
of the same type too.
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 23a1f0c59241465ba30103388029a7afc0ead909)
Ignore resolution change if resolution not defined in extradata.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
(cherry picked from commit 09c5f990bc7629dfbee8c760fd485936c60a7b40)
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 4cc7732386eb36661ed22d1200339b38a5fa60bc)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
rv34_decode_slice() can return without allocating any pictures.
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit d0f6ab0298f2309c6104626787ed73416298b019)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
This prevents crashes with some corrupted bitstreams.
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 4a29b471869353c3077fb4b25b6518eb1047afb7)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Between ogg_save() and ogg_restore() calls, the number of streams
could have been reduced.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit 0e7efb9d23c3641d50caa288818e8c27647ce74d)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 6489455495fc5bfbebcfe3f57e5d4fdd6a781091)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 9676ffba8346791f494451e68d2a3b37a2918a9b)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit a92d0fa5d234582583d41b67dddecffc2c819573)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 273aab99bf7be2bcda95dd64101c2317ee0fcb99)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit e055932f5636a82275837968eea9c8fcb5bca474)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
* qatar/release/0.5:
Fix memory (re)allocation in matroskadec.c, related to MSVR-11-0080.
cavs: fix some crashes with invalid bitstreams
mjpeg: Detect overreads in mjpeg_decode_scan() and error out.
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Whitespace of the patch cleaned up by Aurel
Some of the issues have been reported by Steve Manzuik / Microsoft Vulnerability Research (MSVR)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 956c901c68eff78288f40e3c8f41ee2fa081d4a8)
Further suggestions from Kostya <kostya.shishkov@gmail.com> have been
implemented by Reinhard Tartler <siretart@tauware.de>
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
(cherry picked from commit 77d2ef13a8fa630e5081f14bde3fd20f84c90aec)
NB: MSVR-11-0080 doesn't seem to exist. This issue seems to be known
as MSVR11-011 instead.
Fixes: CVE-2011-3504
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
This removes all valgrind-reported invalid writes with one
specific test file.
Fixes http://www.ocert.org/advisories/ocert-2011-002.html
Signed-off-by: Mans Rullgard <mans@mansr.com>
(cherry picked from commit 4a71da0f3ab7f5542decd11c81994f849d5b2c78)
Fixes CVE-2011-3362, CVE-2011-3973, CVE-2011-3974
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Ronald S. Bultje <rbultje@google.com>
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
