Fixes CID1194388
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit b4329605289e25bb071ec1c1182bf25fc83b09aa)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'cf7bb6ceb1da7682aa54989f83d81c67a5e6790d':
Revert "pthread: flush all threads on flush, not just the first one"
Merged-by: Michael Niedermayer <michaelni@gmx.at>
In case start_frame() fails, this potentially invalid frame can still be
output to the caller.
Bug-Id: 672
Bug-Id: debian/741240
Bug-Id: ubuntu/1288206
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 1457f3fd90e17745791354fbb87899fc4803085a)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes part of Ticket3466
Found-by: Andrey_Karpov / PVS-Studio
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit b8598f6ce61ccda3f2ff0c730b009fb650e42986)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Found-by: Matt Oliver <protogonoi@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 46d5625f44185271862337d61cd246fd569c42a4)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes Ticket3540
The function dirac_get_arith_bit in libavcodec/dirac_arith.h can't be
built with PIC and check-stack because the asm code needs 6 registers
and PIC and check-stack options take 1 each and x86 is quite limited
in this area.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit d8ab7f31dd819f7b3e0d460a2fa4261aaae87b98)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit d167faafe9dfa0b82bebb267c3c4e5fa5286bd67)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes h264_mp4toannexb_bsf_failure.mkv
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 289b149cecb381522cc9ccdf382825330169c655)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f07cebcd910c97ff6012085c21493231752990e9)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* commit '2eb15cdeef29eb8a0a32658154decba94b4b89cb':
pthread: flush all threads on flush, not just the first one
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'b701e26a4e89e3816490bc74bc47f82e6b7f7002':
mpeg12: check scantable indices in all decode_block functions
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'd8e89a37267f276afd404bd062e5112a336d1a36':
h264: reset data partitioning at the beginning of each decode call
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit d6a33f5d20b6ef2eae2cbb959b001cb125a564b7)
Conflicts:
libavcodec/h264.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 2005fddcbb4e18e8f7c34326e40609e4a2d83c31)
Conflicts:
libavcodec/h264.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '7e513d85e80d730718695d09fcaf0295ae24699e':
h264: check that execute_decode_slices() is not called too many times
See: 64591f8f86f2dfeac13ee6b4e971d069675ca814
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '1147d39bca135df8673031d16989ba486a52172a':
h264: reset data_partitioning if decoding the slice header for NAL_DPA fails
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit '30e58e65e543d04d5e52bf188b31abf4dd41a104':
h264_refs: make sure not to write over the bounds of the default ref list
Conflicts:
libavcodec/h264_refs.c
See: 0a5ca63c24b8a07f94611637ba29e41b8b47ce24
Merged-by: Michael Niedermayer <michaelni@gmx.at>
This is basically an overread/overwrite-safe memcpy between a
GetByteContext and a PutByteContext.
CC:libav-stable@libav.org
(cherry picked from commit 5748faf291fec297ef25d81962b52b3438f54278)
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com>
CC:libav-stable@libav.org
(cherry picked from commit de9d2705f61ef569487ec5f8974a9c7ce34ec783)
avcodec_flush_buffers() must release all internally held references
according to its documentation, for which all the threads need to be
flushed.
CC:libav-stable@libav.org
Bug-Id: vlc/9665
Otherwise the generic code will unref them, which can then result in
last_picture_ptr == current_picture_ptr, which causes deadlocks at least
in rv40.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
Prevents using GetBitContexts with data from previous calls.
Fixes access to freed memory.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
Otherwise the ER code might try to use some already freed references.
Fixes possible access to freed memory.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
In this case we may not have a current frame, while first_field being
set implies we do.
Fixes invalid reads.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
There is no point in delaying the check and it avoids bugs with a
half-initialized context.
Fixes invalid reads.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
If it was set before then we can end up trying to decode a slice without
a valid slice header, which can lead to invalid memory access.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
(cherry picked from commit 58312b2472d3a44d7458865c459d59ef2e02bf1a)
Higher modes are not allowed for 16x16/chroma, which is what this
function is used for. Otherwise this function would return 0 (vertical
prediction) for invalid higher modes, which could result in invalid
reads.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable@libav.org
