ffmpeg

Author	SHA1	Message	Date
Michael Niedermayer	558d0b9483	avcodec/dsputil: fix signedness in sizeof() comparissions Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 454a11a1c9c686c78aa97954306fb63453299760) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-31 04:31:04 +02:00
Michael Niedermayer	f78a3868fd	ffv1dec: Check bits_per_raw_sample and colorspace for equality in ver 0/1 headers Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit b05cd1ea7e45a836f7f6071a716c38bb30326e0f) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-31 04:31:04 +02:00
Michael Niedermayer	df2fc63543	ffv1dec: check that global parameters dont change in version 0/1 Such changes are not allowed nor supported Fixes Ticket2906 Found-by: ami_stuff Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 547d690d676064069d44703a1917e0dab7e33445) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-31 04:31:04 +02:00
Michael Niedermayer	890c36d7ff	avcodec/ffv1dec: check global header version Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 20b965a1a43ae88b7ae95635d5a3570e7dc2bbd4) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-31 04:31:04 +02:00
Michael Niedermayer	a2e7fd406c	avcodec/pngdsp: fix (un)signed type in end comparission Fixes out of array accesses Fixes Ticket2919 Found_by: ami_stuff Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 86736f59d6a527d8bc807d09b93f971c0fe0bb07)	2013-08-30 23:39:02 +02:00
Michael Niedermayer	359bfa4c27	jpeg2000: check log2_cblk dimensions Fixes out of array access Fixes Ticket2895 Found-by: Piotr Bandurski <ami_stuff@o2.pl> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 9a271a9368eaabf99e6c2046103acb33957e63b7) Conflicts: libavcodec/jpeg2000dec.c Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-28 13:39:26 +02:00
Michael Niedermayer	bb263cc33a	avcodec/rpza: Perform pointer advance and checks before using the pointers Fixes out of array accesses Fixes Ticket2850 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 3819db745da2ac7fb3faacb116788c32f4753f34) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-28 13:39:26 +02:00
Michael Niedermayer	f508bf7ff1	avcodec/flashsv: check diff_start/height Fixes out of array accesses Fixes Ticket2844 Found-by: ami_stuff Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 880c73cd76109697447fbfbaa8e5ee5683309446) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-28 13:39:26 +02:00
Michael Niedermayer	7fe88bc66c	Merge remote-tracking branch 'qatar/release/9' into release/1.1 * qatar/release/9: ac3: Return proper error codes ac3: Clean up the error paths ac3: Do not clash with normal AVERROR Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-28 13:29:29 +02:00
Michael Niedermayer	333e708520	Merge remote-tracking branch 'qatar/release/9' into release/1.1 * qatar/release/9: (21 commits) ogg: Fix potential infinite discard loop dxa: Make sure the reference frame exists h261: check the mtype index segafilm: Error out on impossible packet size ogg: Always alloc the private context in vorbis_header rtjpeg: Use init_get_bits8 nuv: Reset the frame on resize nuv: Use av_fast_realloc nuv: return meaningful error codes. nuv: Pad the lzo outbuf nuv: Do not ignore lzo decompression failures rtmp: Do not misuse memcmp rtmp: rename data_size to size vc1: check mb_height validity. vc1: check the source buffer in vc1_mc functions bink: Bound check the quantization matrix. aac: Check init_get_bits return value aac: return meaningful errors aac: K&R formatting cosmetics oma: correctly mark and decrypt partial packets ... Conflicts: libavcodec/aacdec.c libavcodec/h261dec.c libavcodec/nuv.c libavcodec/vc1dec.c libavformat/oggparsevorbis.c libavformat/omadec.c libavformat/rtmpproto.c tests/ref/fate/nuv-rtjpeg Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-27 19:13:15 +02:00
Michael Niedermayer	0930a562e7	Merge commit '0b6adcf76bda8994902f5b6d8e694b0b916ea210' into release/1.1 * commit '0b6adcf76bda8994902f5b6d8e694b0b916ea210': oma: refactor seek function xl: Make sure the width is valid 8bps: Bound-check the input buffer 4xm: Reject not a multiple of 16 dimension alsdec: Clean up error paths alsdec: Fix the clipping range dsicinav: Clip the source size to the expected maximum dsicinav: Bound-check the source buffer when needed dsicinav: K&R formatting cosmetics lavf: Make sure avg_frame_rate can be calculated without integer overflow mov: Do not allow updating the time scale after it has been set mov: Seek back if overreading an individual atom ac3dec: Don't consume more data than the actual input packet size indeo: Reject impossible FRAMETYPE_NULL indeo: Do not reference mismatched tiles Conflicts: libavcodec/4xm.c libavcodec/8bps.c libavcodec/alsdec.c libavcodec/dsicinav.c libavcodec/ivi_common.c libavcodec/xl.c libavformat/mov.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-27 18:29:55 +02:00
Michael Niedermayer	fd85d03162	Merge commit 'fbbe487b1c1f21339cff9ca86c3dfc495ad1c2c6' into release/1.1 * commit 'fbbe487b1c1f21339cff9ca86c3dfc495ad1c2c6': indeo: Sanitize ff_ivi_init_planes fail paths indeo5: return proper error codes indeo: Bound-check before applying motion compensation indeo: Bound-check before applying transform indeo4: Validate scantable dimension indeo4: Check the quantization matrix index indeo4: Do not access missing reference MV ac3dec: Increment channel pointers only once per channel dca: Respect the current limits in the downmixing capabilities dca: Error out on missing DSYNC pcm: always use codec->id instead of codec_id mlpdec: Do not set invalid context in read_restart_header pcx: Do not overread source buffer in pcx_rle_decode wmavoice: conceal clearly corrupted blocks iff: Do not read over the source buffer qdm2: Conceal broken samples qdm2: refactor joined stereo support Conflicts: libavcodec/ac3dec.c libavcodec/dcadec.c libavcodec/iff.c libavcodec/indeo4.c libavcodec/indeo5.c libavcodec/ivi_common.c libavcodec/mlpdec.c libavcodec/pcx.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-27 17:54:01 +02:00
Luca Barbato	26605efed7	ac3: Return proper error codes (cherry picked from commit b1f9cdc37ff5d5b391d2cd9af737ab4e5a0fc1c0) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-27 17:28:33 +02:00
Luca Barbato	a32bbe54e4	ac3: Clean up the error paths (cherry picked from commit 818d1f1a3e89d35213af0bd5dc4a772713951882) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-27 17:28:29 +02:00
Luca Barbato	07bfb254c6	ac3: Do not clash with normal AVERROR The parsing function return AVERROR and AAC_AC3_PARSE_ERROR values, make sure they are not misunderstood. (cherry picked from commit 6258d362b82934a2c27557e0984aed372d98091a) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-27 17:28:23 +02:00
Michael Niedermayer	9b89041a86	Merge commit 'c02d4c1a98aef485be25228b33adb4ce357173e4' into release/1.1 * commit 'c02d4c1a98aef485be25228b33adb4ce357173e4': adpcm: Write the correct number of samples for ima-dk4 imc: Catch a division by zero atrac3: Error on impossible encoding/channel combinations atrac3: set the getbits context the right buffer_end atrac3: fix error handling qdm2: check and reset dithering index per channel qdm2: formatting cosmetics qdm2: use init_static_data westwood_vqa: do not free extradata on error in read_header vqavideo: check the version rmdec: Use the AVIOContext given as parameter in rm_read_metadata() avio: Handle AVERROR_EOF in the same way as the return value 0 Conflicts: libavcodec/adpcm.c libavcodec/qdm2.c libavcodec/vqavideo.c libavformat/rmdec.c libavformat/westwood_vqa.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-27 16:43:09 +02:00
Michael Niedermayer	09fcc2f865	Merge commit 'fa6eef4210c2fd7f7324d558b09311c75987a31e' into release/1.1 * commit 'fa6eef4210c2fd7f7324d558b09311c75987a31e': wtv: Mark attachment with a negative stream id avconv: do not use lavfi direct rendering with -deinterlace avidec: Let the inner dv demuxer take care of discarding Update Changelog kmvc: Clip pixel position to valid range kmvc: use fixed sized arrays in the context indeo: reject negative array indexes indeo: Cosmetic formatting indeo: Refactor ff_ivi_init_tiles and ivi_decode_blocks indeo: Refactor ff_ivi_dec_huff_desc indeo: use a typedef for the mc function pointer indeo: use proper error code Conflicts: Changelog ffmpeg.c libavcodec/ivi_common.c libavformat/wtv.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-27 16:30:57 +02:00
Michael Niedermayer	847d3225a8	Merge commit 'c8fb5d0f383fcbb0da9bdef609c3a826df0064f7' into release/1.1 * commit 'c8fb5d0f383fcbb0da9bdef609c3a826df0064f7': Update Changelog indeo: check for reference when inheriting mvs indeo: use proper error code indeo: Properly forward the error codes mjpeg: Check the unescaped size for overflows wmapro: error out on impossible scale factor offsets wmapro: check the min_samples_per_subframe wmapro: return early on unsupported condition wmapro: check num_vec_coeffs against the actual available buffer wmapro: make sure there is room to store the current packet lavc: move put_bits_left in put_bits.h 4xm: do not overread the source buffer in decode_p_block 4xm: check bitstream_size boundary before using it Conflicts: Changelog libavcodec/4xm.c libavcodec/mjpegdec.c libavcodec/wmaprodec.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-27 16:11:44 +02:00
Michael Niedermayer	465742bbbe	Merge commit '5c54fc6195e52c329b88cf5a56d18628f0ee0029' into release/1.1 * commit '5c54fc6195e52c329b88cf5a56d18628f0ee0029': Prepare for 9.8 RELEASE update Changelog smacker: check frame size validity smacker: pad the extradata allocation smacker: check the return value of smacker_decode_tree smacker: fix an off by one in huff.length computation 4xm: do not overread the prestream buffer 4xm: validate the buffer size before parsing it 4xm: reject frames not compatible with the declared version 4xm: drop pointless assert 4xm: forward errors from decode_p_block 4xm: fold last_picture lazy allocation in decode_p_frame 4xm: do not overread while parsing header 4xm: refactor fourxm_read_header 4xm: K&R formatting cosmetics 4xm: use the correct logging context Conflicts: Changelog RELEASE libavcodec/4xm.c libavcodec/smacker.c libavformat/4xm.c libavformat/smacker.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-27 15:42:14 +02:00
Luca Barbato	93fbabb60f	dxa: Make sure the reference frame exists Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 5ef7c84a9374681c64722a96d91741f3b990af2b) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/dxa.c	2013-08-24 16:57:57 +02:00
Luca Barbato	a14ff5b256	h261: check the mtype index Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit c59967fa7cc5bc2fa06b36c17d2c207240c06b3e) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/h261dec.c	2013-08-24 16:50:12 +02:00
Luca Barbato	cea1769fb6	rtjpeg: Use init_get_bits8 CC:libav-stable@libav.org (cherry picked from commit f13fe6020e6a3871f9b0c96b240e58e6ed4fb5d7) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:47:34 +02:00
Luca Barbato	082e3fd469	nuv: Reset the frame on resize Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:46:50 +02:00
Luca Barbato	747c320a19	nuv: Use av_fast_realloc The decompressed buffer can be used after codec_reinit, so it must be preserved. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 2df0776c2293efb0ac12c003843ce19332342e01) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:41:16 +02:00
Anton Khirnov	cf6a34b2a5	nuv: return meaningful error codes. (cherry picked from commit 3344f5cb747bb1f54cc34878b66dc0536f194720) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:41:16 +02:00
Luca Barbato	6537f57782	nuv: Pad the lzo outbuf And properly update the buf_size with the correct size. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 075dbc185521f193c98b896cd63be3ec2613df5d) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:37:10 +02:00
Luca Barbato	c92e37c207	nuv: Do not ignore lzo decompression failures Update the fate reference since the last broken frame is not decoded anymore. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit aae159a7cc4df7d0521901022b778c9da251c24e) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:37:01 +02:00
Luca Barbato	b26c9f4e52	vc1: check mb_height validity. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 43bacd5b7d3d265a77cd29d8abb131057796aecc) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:18:19 +02:00
Luca Barbato	937cedd7c0	vc1: check the source buffer in vc1_mc functions Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 090cd0631140ac1a3a795d2adfac5dbf5e381aa2) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/vc1dec.c	2013-08-24 16:17:41 +02:00
Luca Barbato	c5ba226c1b	bink: Bound check the quantization matrix. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 9991298f2c4d9022ad56057f15d037e18d454157) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:14:22 +02:00
Luca Barbato	cb31b6ca72	aac: Check init_get_bits return value Some code paths can call it with invalid length. CC: libav-stable@libav.org (cherry picked from commit 71953ebcf94fe4ef316cdad1f276089205dd1d65) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:13:56 +02:00
Luca Barbato	b53db58ab7	aac: return meaningful errors (cherry picked from commit 07c52e2c7c60b087fd023cd9771778973def0b33) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:13:44 +02:00
Luca Barbato	d0323b6234	aac: K&R formatting cosmetics (cherry picked from commit 6d8629aac13692447b54eac795bf74007ebf8987) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:13:19 +02:00
Luca Barbato	116aa30db4	xl: Make sure the width is valid CC: libav-stable@libav.org Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 16:01:02 +02:00
Luca Barbato	e6cf47ee9e	8bps: Bound-check the input buffer Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit bd7b4da0f4627bb6c4a7c2575da83fe6b261a21c) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/8bps.c	2013-08-24 15:43:13 +02:00
Luca Barbato	f8602ef717	4xm: Reject not a multiple of 16 dimension Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 2f034f255c49050e894ab9b88087c09ebe249f3f) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 15:13:01 +02:00
Luca Barbato	a5bdec1c75	alsdec: Clean up error paths Fix at least a memory leak. CC: libav-stable@libav.org (cherry picked from commit ca488ad480360dfafcb5766f7bfbb567a0638979) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:18:17 +02:00
Luca Barbato	dcbfba3bb6	alsdec: Fix the clipping range mcc_weightings is only 32 elements. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 70ecc175c7b513a153ac87d1c5d219556ca55070) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:18:08 +02:00
Luca Barbato	068bc633f2	dsicinav: Clip the source size to the expected maximum A packet larger than cin->bitmap_size does not make sense. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit fd8189932147a524fe43532b46baa35e8be92a1b) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:17:39 +02:00
Luca Barbato	95275723ae	dsicinav: Bound-check the source buffer when needed Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit dd0bfc3a6a310e3e3674ce7742672d689a9a0e93) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:17:28 +02:00
Luca Barbato	47cb05d783	dsicinav: K&R formatting cosmetics (cherry picked from commit fcae3ff124ee97c9265e3b93f3d41238b2aee9bd) Signed-off-by: Luca Barbato <lu_zero@gentoo.org> Conflicts: libavcodec/dsicinav.c	2013-08-24 12:17:24 +02:00
Luca Barbato	fbbe487b1c	indeo: Sanitize ff_ivi_init_planes fail paths Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 28dda8a691f1c723a4a9365ab85f9625f1330096) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:11:57 +02:00
Martin Storsjö	9680f84a31	ac3dec: Don't consume more data than the actual input packet size This was handled properly in the normal return case at the end of the function, but not in this special case. Returning a value larger than the input packet size can cause problems for certain library users. Returning the actual input buffer size unconditionally, since it is not guaranteed that frame_size is set to a sensible value at this point. Cc: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 8f24c12be7a3b3ea105e67bba9a867fe210a2333) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:11:57 +02:00
Luca Barbato	505415b985	indeo: Reject impossible FRAMETYPE_NULL A frame marked FRAMETYPE_NULL cannot be scalable and requires a previous frame successfully decoded. Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 5b2a29552ca09edd4646b6aa1828b32912b7ab36) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:11:57 +02:00
Luca Barbato	d55f7a174d	indeo: Do not reference mismatched tiles Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit f9e5261cab067be7278f73d515bc9b601eb56202) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:11:57 +02:00
Luca Barbato	cf738340d0	indeo5: return proper error codes (cherry picked from commit b0eeb9d442e4b7e82f6797d74245434ea33110a5) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:11:52 +02:00
Luca Barbato	861526bbd1	indeo: Bound-check before applying motion compensation Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 25a6666f6c07c6ac8449a63d7fbce0dfd29c54cd) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:09:02 +02:00
Luca Barbato	7514868cb0	indeo: Bound-check before applying transform Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit dc79685195a45c9b8b17d7b93d118e0aefa45462) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:09:02 +02:00
Luca Barbato	4ec5c35850	indeo4: Validate scantable dimension Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit cd78e934c246d1b2510f8fba0abfe40bb75795f6) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:09:02 +02:00
Luca Barbato	be71990da6	indeo4: Check the quantization matrix index Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org (cherry picked from commit 6255ccf7d51c82ab79bf0cd47a921f572dda4489) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2013-08-24 12:08:59 +02:00

1 2 3 4 5 ...

22388 Commits