Fixes out of array read
Fixes: asan_heap-oob_4d2250_814_cov_2745172097_JACOsub_capability_tester.jss
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 3d5d95db3f5d8e2093e9e19d0c46e86f54ed2a5d)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes: out of array accesses
Fixes: asan_heap-oob_112c6b3_13_012.avi
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit df74811cd53e45fcbbd3b77a1c42416816687c5c)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array accesses
Fixes: asan_heap-oob_12304aa_8_asan_heap-oob_4da4f3_300_intro.jv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 105654e376a736d243aef4a1d121abebce912e6b)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes Ticket3869
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 3fe9e7be4c70c8fccdcd56fd19276e668cfb7de8)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This code changes the input packet, which is read only and can in
rare circumstances lead to decoder errors. (i run into one of these in
the audio decoder, which corrupted the packet during av_find_stream_info()
so that actual decoding that single packet failed later)
Until a better fix is implemented, this commit limits the problem.
A better fix might be to make the subtitle decoders not depend on
data[size] = 0 or to copy their input when this is not the case.
(cherry picked from commit 01923bab98506b1e98b4cbf08419364ce6ffea6d)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This fixes potential overreads with crafted files.
Found-by: wm4
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 838f461b0716393a1b5c70efd03de1e8bc197380)
Conflicts:
libavcodec/utils.c
Text subtitles packets are not 0-terminated (and if they are,
it is handled by the recoding process since 0 is a valid
Unicode code point). The terminating 0 would overwrite the
last payload octet.
OTOH, packets must be 0-padded.
Fix a problem reported in trac ticket #2431.
* commit '70762508ec5919474edb92a5b1f266fd06640f9c':
lavc: Prettify printing of codec tags containing non alphanumeric characters
h264: Rename the jpeg_420 pixfmt list to match the common naming structure
Conflicts:
libavcodec/h264.c
libavcodec/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Make av_get_codec_tag_string() show codec tag string characters in a more
intelligible ways. For example the ascii char "@" is used as a number, so
should be displayed like "[64]" rather than as a printable character.
Apart alphanumeric chars, only the characters ' ' and '.' are used
literally in codec tags, all the other characters represent numbers.
This also avoids relying on locale-dependent character class functions.
Signed-off-by: Martin Storsjö <martin@martin.st>
As far as I can tell the code should not change behaviour
depending on locale in any of these places.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
* commit 'd2a25c4032ce6ceabb0f51b5c1e6ca865395a793':
get_buffer(): do not initialize the data.
Conflicts:
libavcodec/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* qatar/master:
doc/platform: Fix 10l typo
dsputil: Move STRIDE_ALIGN macro to the only place it is used
Conflicts:
libavcodec/dsputil.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
* commit 'bff3607547fdbb6e32b3830a351e6a33280c1e0d':
lavc: set the default rc_initial_buffer_occupancy
Conflicts:
libavcodec/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
rc_buffer_size is not set before.
Solve the initial the rate control underflow issue reported in
bug 222.
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
This commit also makes sure the extradata and subtitle_header are NUL
terminated, without taking into account the trailing '\0' in account in
the size.
At the same time, it should fix 'warning: dereferencing type-punned
pointer will break strict-aliasing rules' warning for compilers who
don't consider uint8_t** and char** compatibles.
* commit 'bd255f9feb4deea4c990e582f0ba3b90d7b64b4c':
lavc: set frame parameters after decoding only if necessary
Conflicts:
libavcodec/utils.c
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Direct rendering capable decoders call get_buffer() which will set the
frame parameters.
Prevents frames with wrong parameters when a decoder outputs delayed
frames after a resolution or pixel format change.
* commit '57231e4d5b467833fb289439cd35a92513bb55c1':
tak: demuxer, parser, and decoder
Not merged as requested by Author and Maintainer of tak in FFmpeg.
I just merged a few typo fixes and minor cosmetic improvments.
Conflicts:
Changelog
libavcodec/Makefile
libavcodec/allcodecs.c
libavcodec/avcodec.h
libavcodec/tak.c
libavcodec/tak.h
libavcodec/tak_parser.c
libavcodec/takdec.c
libavcodec/version.h
libavformat/takdec.c
libavformat/version.h
Merged-by: Michael Niedermayer <michaelni@gmx.at>
Will be used in future patches, together with the
variable that allows checking whether the lock is held.
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
