This merge is primary for metadata, theres little actually changed
except cosmetics
* qatar/release/0.7:
4xm: Add a check in decode_i_frame to prevent buffer overreads
wma: initialize prev_block_len_bits, next_block_len_bits, and block_len_bits.
Update RELEASE file for 0.7.3
swscale: #include "libavutil/mathematics.h"
vp3dec: Check coefficient index in vp3_dequant()
svq1dec: call avcodec_set_dimensions() after dimensions changed.
swscale: Readd #define _SVID_SOURCE
Conflicts:
RELEASE
libavcodec/4xm.c
libavcodec/vp3.c
libswscale/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
The initial values are not checked against the number of block sizes.
Initializing them to frame_len_bits will result in a block size index of 0
in these cases instead of something that might be out-of-range.
Fixes Bug 81.
(cherry picked from commit 05d1e45d1f42cc90d1f2f36c546d0096cea126a8)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
Based on a patch by Michael Niedermayer <michaelni@gmx.at>
Fixes NGS00145, CVE-2011-4352
Found-by: Phillip Langlois
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
(cherry picked from commit 8b94df0f2047e9728cb872adc9e64557b7a5152f)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
to synchronize the first/second field state independant of them being reference or not.
Fixes Ticket354
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 545ec935a4b4e0f032ebd975907b41f6fe4465c9)
Found with Address Sanitizer
Signed-off-by: Alex Converse <alex.converse@gmail.com>
(cherry picked from commit e0966eb140b3569b3d6b5b5008961944ef229c06)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
It prevents leaving the state only half initialized.
Signed-off-by: Janne Grunau <janne-libav@jannau.net>
(cherry picked from commit a72cad0a6c05aa74940101e937cb3dc602d7d67b)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit f913eeea43078b3b9052efd8d8d29e7b29b39208)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
Fixes NGS00144
This also adds a few lines of code from master that are needed for this fix.
Thanks to Phillip for suggestions to improve the patch.
Found-by: Phillip Langlois
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes Ticket312
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 833a195905405fc9646c7544ce9d0f3279608977)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes Ticket655
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 50d6f8195658d529c57bb42dfd8d7a71d60a9f1d)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/release/0.7:
Add a version bump and APIchanges entry for avcodec_open2 and avformat_find_stream_info.
lavf: fix multiplication overflow in avformat_find_stream_info()
lavf: fix invalid reads in avformat_find_stream_info()
lavf: add avformat_find_stream_info()
lavc: fix parentheses placement in avcodec_open2().
lavc: introduce avcodec_open2() as a replacement for avcodec_open().
Conflicts:
doc/APIchanges
libavcodec/utils.c
libavcodec/version.h
libavformat/avformat.h
libavformat/version.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 1d36fb13b088f55ece155153fb6ca8ea278fc837)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Adds support for decoder-private options and makes setting other options
simpler.
(cherry picked from commit 0b950fe240936fa48fd41204bcfd04f35bbf39c3)
Conflicts:
libavcodec/avcodec.h
Signed-off-by: Anton Khirnov <anton@khirnov.net>
This is neccessary but likely not sufficient to prevent out of array reads.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 14db3af4f26dad8e6ddf2147e96ccc710952ad4d)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit cea0c82d9b9771dfa2ac729c13c0d9e03ea352a7)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes Ticket240
Based on patch by ami_stuff
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 20431a9982b9bd2c475042d919890a941ad70c71)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
FFmpeg does not support gray16a.
Fixes the crash in ticket #644.
(cherry picked from commit 0c5fd6372e6c257912d7ae64cbfc4d8541f0452f)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 554caed2d397e137286f2cc71c6bac477b41fa96)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Found with Address Sanitizer
(cherry picked from commit bb4b0ad83b13c3af57675e80163f3f333adef96f)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Found with Address Sanitizer
Signed-off-by: Alex Converse <alex.converse@gmail.com>
(cherry picked from commit e0966eb140b3569b3d6b5b5008961944ef229c06)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
There were multiple issues, for example might we have to re-run
the decompression when the size of the buffer increased,
we should always use a decompression buffer large enough for
the header (so we do not get stuck when the size is too small).
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
Fixes Ticket592
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 4416931fc069332e267ab6df037a1227c051d7b1)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
ask for a sample if not mono
(cherry picked from commit 7b7f47e73356d113cace74b922eee0b6ff5ffe0b)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This stops decoding before overreads instead of after.
(cherry picked from commit 101ef19ef4dc9f5c3d536aee8fcc10fff2af4d9e)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Found-by: Jim Radford
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 3e7db0a9ee758bf0570a141be1fea64f8d9c03db)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
