Fixes out of array access
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6d1c5ea04af3e345232aa70c944de961061dab2d)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 3556e7ce737edade8c5e628a19e2b5da0809928d)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 1856162caa912a4a845b7caff51c9e2dff3d39d9)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 106790a4e92f40fedbe20631c693c95c7c8f3039)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit ac6659aff77b08a894967a2880eef13218baacb9)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 2c34367b4a17856584b3e8b64cefa1900342ebcd)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
The value used in allocation is based on a estimate of the
maximum size of the spectral coefficients multiplied with 2
and rounded up. The exact or a tighter limit should be
found and used instead. But this issue shouldnt be left
open until someone works on that.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit d56834201bf7511ed497e956fb7ff78d49454b10)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixed Ticket1780
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f077e1fb4c912a66ab5d766fd256803821d92c67)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 062cd9acc129b46256e73900e8e49701e4bb00fd)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes Ticket1634
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 44a7a6300d104dd453bcd5c601e9c6944fb34679)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f049729e613ed3fb0abf767eb14423f545385c6e)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
fixes fate without --enable-gpl
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 4fefe91a33956007f17cfd6e0c5ee1cb3a3f36d8)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
We now only return in the middle of the refill in case of read error, so
inflate can be re-called if zlib needs an empty (z.avail_in=0) inflate
call for flushing.
This fixes the ffprobe tests under mingw/wine
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit a96e3a3e77bdcc9ac8692f1547d867ec58a57e49)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes Ticket1606
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit b4c753487cf819213740d39c49b7bdc45338305d)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
I was sadly unable to find a non fuzzed mp3 that uses the
feature that contained the bug (and i searched hard ...), thus
while this fixes the security issue. It may or may not fix
mixed blocks in 8khz mp3s, i cant say due to lack of samples to test.
Security issue exists since: b37d945dd4213cb8e92146571b0374cd45d52286
Reported-by: Dale Curtis <dalecurtis@google.com>
(Probably) Found-by: inferno@chromium.org
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes some DNXHD files generated by AVID TM, where codec UL was set to A-law
meanwhile the real audio codec was PCM S16. According to SMPTE RP 224, A-law is
the default value for sound essence parameters therefore we should handle it
specially.
Signed-off-by: Marton Balint <cus@passwd.hu>
Reviewed-by: Tomas Härdin <tomas.hardin@codemill.se>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Implement av_buffersink_read() and av_buffersink_read_samples()
for ffmpeg's version of buffersink.
With this change, avconv linked against ffmpeg's libraries passes
the same number of tests whether it uses ffbuffersink or
buffersink_old.
* qatar/master:
nutdec: const correctness for get_v_trace/get_s_trace function arguments
truemotion2: Request samples for old TM2 headers
rtpdec: Remove a useless ff_ prefix from a static symbol
rtpdec: Support depacketizing speex
rtpenc: Add support for packetizing speex
Conflicts:
libavformat/rtpdec.c
libavformat/sdp.c
libavformat/version.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Also factorize the common options for the different mov-based tests.
Since the header is now on top in the last generated file, the data
offset in the seek test needed some updates as well.
At the moment, the moov header is written at the end of the file, so we
can use the current offset (which focus on the end of the mdat already
written) to guess if 64-bits offset will be required or not.
Though, the next commits will make possible the writing of this table at
the beginning, so this heuristic can't work. As a consequence, we check
all the values within the potential offset table for any value >
32-bits.
Normally we discard things prior to the intended start
for stream copy this is not always possible, and its not done by default
this option allows discarding to be enabled
this is primarely usefull when transcoding a video and stream copying an
audio stream.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
fixes a bug introduced with 4ed5ac50d3e4f921003ecf60985f78337400f354
Signed-off-by: Jean First <jeanfirst@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Previously we had ignored the past dts and just filled in from the
point where we have had sufficient information.
This should fix Ticket1734
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
