On OS X, av_malloc(0) returns pointers that cause crashes when
freed.
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit e81e5e8ad2bb5746df0c343c396019aca165cf66)
There is no valid reason the user should ever send such packets in the
first place, but the documentation for CODEC_CAP_DELAY states that the
codec is guaranteed not to get a NULL packet unless that capability is
set. That isn't true without preventing this case.
(cherry picked from commit 6326afd5e90cfed9df08b652a1cd6f6a948c239a)
The data pointers s->decoded[*] already take into account s->nwrap.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f42b3195d3f2692a4dfc0a8668bb4ac35301f2ed)
Some buffers must be mod 4 in width and/or height.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 62234a4d3a30f3949694781ef8a941ef55b210fa)
Extradata should only be parsed from the avss, fiel, jp2h and alac atoms for
AVS, MJPEG, Motion JPEG 2000 and ALAC respectively.
This also fixes the mov demuxer coming up with bogus extradata for some
AVC-Intra samples due to the presence of fiel atoms.
(cherry picked from commit e571305a71494af195891e314b05936f040f89d3)
Writing zeros to the high entries in the array need only be
done once as the cutoff position is constant throughout the
loop.
Signed-off-by: Mans Rullgard <mans@mansr.com>
(cherry picked from commit bf00a73ace9b1aba790b75dcb26d43adfceb769f)
The previous default value 0x0 was not good, since it is not even
valid.
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 1ee20141900c98f9dc25eca121c66c3ff468c1e4)
In apply_unsharp(), when y is >= height, prevent out-of-buffer reading
from src, read from the last buffer line in src2 instead.
The check was implemented in the original unsharp libmpcodecs code and
lost in the port.
This also fixes output discrepancy between the two filters.
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 998e8519efbc772994c5ba19c0d39573998be9db)
Signed-off-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 194c2432eecd97c36914956f3bf7781ac4fc6f3d)
Signed-off-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit af84d9bb9e8a69a715fc7596d6cbaa00ad00dc29)
Signed-off-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 247a1dc84716cb033b538a5bd5ba8b33de0e8260)
Signed-off-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e47cfe9e5c10eee3c8d0b6aff81792c0f10e66e1)
Signed-off-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 71e23d39a396f45bbdf258735b02a4bd5e25fd49)
Signed-off-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 0cc44facf17153454727c26f2f40ee2f77b90df5)
Signed-off-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 769298a6869c3b16557280a63f6502409d1b5e49)
Signed-off-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 198ed6474d603f930430067b8b56955d443e821c)
av_realloc_f helps avoiding memory-leaks in typical uses of realloc.
Signed-off-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 5cd754bca290775ec2dbbf88597ab58e0482efca)
av_size_mult helps checking for overflow when computing the size of a memory
area.
Signed-off-by: Nicolas George <nicolas.george@normalesup.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit b2600509fef4d77645491f208b8113c372a32110)
wavpack_decode_block() supposes that it is called back with the exact
same buffer unless it has returned with an error. With multi-channels
files, wavpack_decode_frame() was breaking this assumption.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit c2a016ad4d9c29285813ba5806189e63e063e0fb)
Adds an additional check before reading the next block header and avoids a
potential integer overflow when checking the metadata size against the
remaining buffer size.
(cherry picked from commit 4c5e7b27d57dd2be777780e840eef9be63242158)
