ffmpeg

Author	SHA1	Message	Date
Michael Niedermayer	2c66058737	avcodec/cdgraphics: check buffer size before use Fixes out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit ad002e1a13a8df934bd6cb2c84175a4780ab8942) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-05-14 01:30:16 +02:00
Michael Niedermayer	813b3d11e0	sanm: Check dimensions before use Fixes integer overflow and out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 9dd04f6d8cdd1c10c28b2cb4252c1a41df581915) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-05-14 01:30:11 +02:00
Michael Niedermayer	d814b9b51d	vmdav: Try to fix unpack_rle() This fixes out of array accesses The code prior to this commit could not have worked, thus obviously was untested. I was also not able to find a valid sample that uses this code. This fix is thus only based on the description of the format If someone has a sample that uses unpack_rle(), please mail me. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit c1f2c4c3b49277d65b71ccdd3b6b2878f1b593eb) Conflicts: libavcodec/vmdav.c Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 0baa0a5a02e16ef097ed9f72bc8a7d7b585c7652) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-05-14 01:29:16 +02:00
Michael Niedermayer	1d285db8a3	mmvideo/mm_decode_intra: check horizontal coordinate too Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit ae2132ac90f02330b0988e6e26ee0d53e41cd196) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-05-14 01:29:11 +02:00
Michael Niedermayer	cd24fdad47	mmvideo/mm_decode_inter: check horizontal coordinate too Fixes out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 8d3c99e825317b7efda5fd12e69896b47c700303) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-05-14 01:29:05 +02:00
Michael Niedermayer	ee57bfc47a	mjpegdec: fix overlapping memcpy with upscale_v Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit b39fd7d63648442c20671c3e4b357268ec5c49f2) Conflicts: libavcodec/mjpegdec.c Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-05-14 01:22:27 +02:00
Michael Niedermayer	4a442ac117	avcodec/mpegvideo: Fix edge emu with lowres Fixes a few green artifacts at the top Fixes rest of Ticket 2535 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit c67bca2b5a94efb8fb3c2ba2c7d9b1b413468838) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-05-14 01:21:02 +02:00
Michael Niedermayer	d8c4ee6fea	avcodec/mpegvideo: Fix block height for lowres 3 interlaced blocks Fixes green trash Fixes part of Ticket2535 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit bca50e5cd52240d885afeb3edb0fa2c74b352add) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-05-14 01:20:57 +02:00
Michael Niedermayer	e32acc455d	avcodec/lcldec: Check that dimensions are a multiple of the subsample factors Other dimensions would not work correctly currently, also ask for a sample for files that fail this check. This fixes an integer overflow leading to out of array accesses. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 1e00bbb10cbde3da03a1e744265ce6def9ae4c56) Conflicts: libavcodec/lcldec.c Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-05-14 01:05:59 +02:00
Michael Niedermayer	f072b69f39	xbmdec: fix off by one error in scanf() Fixes out of array access Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-05-14 00:50:54 +02:00
Carl Eugen Hoyos	6e2fb5cd73	Fix type of shared flac table ff_flac_blocksize_table[]. Fixes ticket #2533. (cherry picked from commit a07ac1f7888fd08e42da2bed0421e74f1cfac177)	2013-05-05 20:39:50 +02:00
Hendrik Leppkes	9b481654e1	h264: fix parsing of old lossless profile (profile_idc == 144) Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 572781b25f98f99f2255404810ac33168bf28482)	2013-03-21 23:57:25 +01:00
ArnoB	becde6ab1c	dpxenc: fix data offset Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 361319d0f49475bc14c744194870f9bab78a8a83) Conflicts: tests/ref/lavf/dpx	2013-03-20 23:11:26 +01:00
Michael Niedermayer	f84ddb0c0f	msrledec: fix output_end checks Fixes out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit e398990eb87785e20e065cd3f14d1dbb69df4392) Conflicts: libavcodec/msrledec.c	2013-03-20 19:54:53 +01:00
Michael Niedermayer	bbefdb3938	msrledec: merge switches More speedup and fixes 'may be used uninitialized in this function' warnings Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit d2e0a276d593ded94401e687f60bee266f3e725e) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-03-20 19:47:03 +01:00
Michael Niedermayer	cc0662daef	msrledec: move loop into switch speeds up code and allows more simplifications Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit dbaae33c2c71862b8eaea978ed6dccc5ec03db89) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-03-20 19:46:58 +01:00
Michael Niedermayer	10d59d29bc	msrledec: move output pointer test up Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit c2992b705381e082e33633e62e151887da67b285) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-03-20 19:46:52 +01:00
Alexander Kojevnikov	7fc39f51cd	mp3dec: Fix VBR bit rate parsing When parsing the Xing/Info tag, don't set the bit rate if it's an Info tag. When parsing the stream, don't override the bit rate if it's already set, otherwise calculate the mean bit rate from parsed frames. This way, the bit rate will be set correctly both for CBR and VBR streams. Signed-off-by: Alexander Kojevnikov <alexander@kojevnikov.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 29d8cd265a536063420afe78375b2176a9e1abc5) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-03-20 15:00:50 +01:00
Carl Eugen Hoyos	f49b2a9d08	Do not (re-)set libx264 parameter b_tff if interlaced encoding was not requested. Reconfiguring can break x264 lossless encoding. Fixes ticket #2165. (cherry picked from commit 75c7e4583f4fd727d236a12763a265502fe00988)	2013-03-18 02:15:34 +01:00
Michael Niedermayer	98dfe0d8bd	aacsbr: Check for envelope scalefactors overflowing This prevents various values from becoming stuck at NAN and output to become silent If someone knows a cleaner solution, thats welcome! Fixes Ticket2335 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 8978c743fb1d1f5a0d6dbdd83ff05817f8a41230)	2013-03-08 20:06:54 +01:00
Michael Niedermayer	08be125dde	psymodel: dont apply lowpass filters with a cutoff close to the nyquist The IIR filter numerically diverges in such cases, this could easily be fixed but would make the filter slower on some platforms Fixes Ticket2246 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit fee5da6b0a79bed9dc849f216b6da1e03132b668)	2013-03-07 20:01:37 +01:00
Michael Niedermayer	676df8c4c7	h264: check that luma and chroma depth match Fixes out of array access Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit bdeb61ccc67911cfc5e20c7cfb1312d0501ca90a) Conflicts: libavcodec/h264_ps.c	2013-03-03 03:03:52 +01:00
Michael Niedermayer	1ddb0b6fa0	avcodec_decode_audio4: check got_frame_ptr before handling initial skip Fixes out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 8a6449167a6da8cb747cfe3502ae86ffaac2ed48) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-03-03 03:02:34 +01:00
Michael Niedermayer	82213d67ba	shorten: dont leave invalid channel counts in the context. Fixes freeing invalid addresses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 4f1279154ee9baf2078241bf5619774970d18b25) Conflicts: libavcodec/shorten.c	2013-03-03 02:58:29 +01:00
Michael Niedermayer	d17b9469c9	tiff: Check buffer allocation and pointer increment more carefully in shorts2str() and double2str() Fixes out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit e1219cdaf9fb4bc8cea410e1caf802373c1bfe51) Conflicts: libavcodec/tiff.c	2013-03-03 02:45:08 +01:00
Michael Niedermayer	534c0df6e0	pngdec/filter: dont access out of array elements at the end Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 1ac0fa50eff30d413206cffa5f47f7fe6d4849b1) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-03-03 02:41:19 +01:00
Michael Niedermayer	f62537d9f1	sanm: Use the correct height variable in the decoded_size checks Fixes integer overflow and out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 5260edee7e5bd975837696c8c8c1a80eb2fbd7c1) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-03-03 02:41:12 +01:00
Michael Niedermayer	4f873341b4	sanm: add forgotten check for decoded_size in old_codec37() Fixes out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 365270aec5c2b9284230abc702b11168818f14cf) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-03-03 02:41:07 +01:00
James Almer	62e5503407	lavc/bink: Chech for malloc failure Based on commit 8ab2173ed141aa2c3336be7f9880340dfb8dcf5e	2013-02-25 05:51:25 -03:00
Michael Niedermayer	97a740acc5	aac: reconfigure output on pop Fixes Ticket1918 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 6f77122bf5712da1d860a0ad7174181fd0bcffd9) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-25 05:19:34 +01:00
Michael Niedermayer	fcd0e3235a	h264: Detect POC inconsistencies and try to handle them reasonably Improves the file from Ticket2050 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 985aa0be828da073d765a8c1dbb38efad43891ed) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-25 04:49:46 +01:00
Carl Eugen Hoyos	4c2b6ce26c	Fix bits_per_coded_sample when encoding png with frame-level multithreading. Fixes ticket #2290. (cherry picked from commit c4dc6c4c86a052b7ba53fa7ae0c1b0643ad70d0b) Conflicts: libavcodec/pngenc.c	2013-02-21 08:59:38 +01:00
Michael Niedermayer	169d849344	h264: Reset last_pocs in case of reference or frame number inconsistencies This prevents faulty increasing of has_b_frames Should fix Ticket 2062 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit c230af9bccc3cadb373f9007ba14fffb6c2acc75)	2013-02-14 09:23:41 +01:00
Michael Niedermayer	9c659b3a67	h264_refs: Print default in case we are missing a reference. Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit a39d36146a40cb52b3560fd02c73eccf72603b8f)	2013-02-14 09:23:35 +01:00
Michael Niedermayer	3f27158040	h264: Only apply error concealment if theres a frame Without any correctly decoded slices, there can be no frame. Fixes out of array reads Found-by: Rafaël Carré Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 60af6c3138dc501a647bc69b374d5d33d5d86ab5) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-07 01:00:02 +01:00
Michael Niedermayer	c459c7b23e	aacdec: check channel count Prevent out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 96f452ac647dae33c53c242ef3266b65a9beafb6) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-07 01:00:02 +01:00
Michael Niedermayer	08e2c7a45f	vqavideo: check chunk sizes before reading chunks Fixes out of array writes Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit ab6c9332bfa1e20127a16392a0b85a4aa4840889) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-07 01:00:02 +01:00
Michael Niedermayer	89e16e675d	sanm: Check decoded_size. This prevents a buffer overflow in rle_decode() Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 7357ca900efcf829de4cce4cec6ddc286526d417) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-07 01:00:02 +01:00
Michael Niedermayer	4cd1dad91a	avcodec_decode_audio: do not trust the channel layout, use the channel count. Fixes memory corruption Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit d270c3202539e8364c46410e15f7570800e33343) Conflicts: libavcodec/utils.c	2013-02-07 01:00:02 +01:00
Michael Niedermayer	3e196e4def	error_concealment: Check that the picture is not in a half setup state. Fixes state becoming inconsistent Fixes a null pointer dereference Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 23318a57358358e7a4dc551e830e4503f0638cfe) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-07 01:00:02 +01:00
Michael Niedermayer	2502914c5f	atrac3dec: Check coding mode against channels. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 13451f5520ce6b0afde861b2285dda659f8d4fb4) Conflicts: libavcodec/atrac3.c	2013-02-07 01:00:02 +01:00
Michael Niedermayer	6df0d3e291	alsdec: check block length Fix writing over the end Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 0ceca269b66ec12a23bf0907bd2c220513cdbf16) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-07 01:00:02 +01:00
Michael Niedermayer	85a14dbd5d	adpcm: fix off by 1 error and out of array access in DK4 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit f18c873ab5ee3c78d00fdcc2582b39c133faecb4) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-07 01:00:02 +01:00
Michael Niedermayer	db0f7f7394	huffyuvdec: Skip len==0 cases Fixes vlc decoding for hypothetical files that would contain such cases. Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 0dfc01c2bbf4b71bb56201bc4a393321e15d1b31) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-07 01:00:01 +01:00
Michael Niedermayer	b666debffe	huffyuvdec: Check init_vlc() return codes. Prevents out of array writes Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit f67a0d115254461649470452058fa3c28c0df294) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-07 01:00:01 +01:00
Michael Niedermayer	8eda888683	sanm: check image dimensions before using them Avoids integer overflows and out of array accesses. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 49b729d3af8464de431362e6c5b3027102bc2f88) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-02-07 01:00:01 +01:00
Michael Niedermayer	0c2a350762	movtextenc: fix pointer messup and out of array accesses Fixes Ticket2213 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit b0635e2fcf80717dd618ef75d3317d62ed85c300)	2013-02-06 00:16:04 +01:00
Michael Niedermayer	7ca4b91898	h264: fix use of uninitialized variable Fixed CID968588 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit fc86f88b32a288b252a088ee3c77b4f6219d54d5) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-01-21 23:19:49 +01:00
Michael Niedermayer	75aa373bec	h264: print mismatching opcode details in check_opcodes() Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit dcbe15813ed09cf491e75a21cce0e751f5bc2b34) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-01-21 23:16:14 +01:00
Michael Niedermayer	bec97981ba	h264/ff_generate_sliding_window_mmcos: fix use of uninitialized variable Fixes CID968587 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 3fba3e79a3e46d7611817f9051b33885eb1ff962) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-01-21 23:16:06 +01:00

1 2 3 4 5 ...

20703 Commits