Fixes out of array read
Fixes: d4476f68ca1c1c57afbc45806f581963-asan_heap-oob_2266b27_8607_cov_4044577381_snow_chroma_bug.avi
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 61d59703c91869f4e5cdacd8d6be52f8b89d4ba4)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array read
Fixes: 5f9698e86d92f19bb08d54ff0d57027f-signal_sigsegv_b30756_3795_cov_2693691257_ansi256.ans
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit d42ec8433c687fcbccefa51a7716d81920218e4f)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array access
Fixes: 14a74a0a2dc67ede543f0e35d834fbbe-asan_heap-oob_49572c_556_cov_215466444_44_001_engine_room.mov
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit c919e1ca2ecfc47d796382973ba0e48b8f6f92a2)
Conflicts:
libavcodec/msrle.c
(cherry picked from commit bc1c8ec5e65098fd2ccd8456f667151dfc9cda42)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Prevents out of array writes
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad)
Conflicts:
libavformat/mpegtsenc.c
(cherry picked from commit e87de3f50b765134588d0b048c32ed4b8acc16fb)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array access
Fixes: asan_heap-oob_19c7a94_6470_cov_1453611734_luckynight-partial.tak
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f58eab151214d2d35ff0973f2b3e51c5eb372da4)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Prevents out of array accesses with CODEC_FLAG_EMU_EDGE
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6ba02602aa7fc7d38db582e75b8b093fb3c1608d)
Conflicts:
libavcodec/vmnc.c
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 7c17207ab9acfaa934e8feb8fba90765c9d0b989)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array access with RC_VARIANCE set to 0
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f1caaa1c61310beba705957e6366f0392a0b005b)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
avcodec_flush_buffers() must release all internally held references
according to its documentation, for which all the threads need to be
flushed.
Bug-Id: vlc/9665
(cherry picked from commit d1f9563d502037239185c11578cc614bdf0c5870)
Conflicts:
libavcodec/pthread_frame.c
This fixes playback of mp3 streams in rtp/asf. This used to work
until 950482bf, but mostly by coincidence.
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 2aec9e228cb317cca8cda9e03986c8482ea54404)
Fixes ticket #3223
With the current code it fails due to running out
of registers.
So code the store offsets manually into the assembler
instead.
Passes "make fate-dts".
Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
(cherry picked from commit 8067f55edf3719182aed6e5b57b7863889f80218)
Fixes ticket #2756.
This should make no difference but the variable will be used in a subsequent commit
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 8893f31e206358d933abe4a5227b5ae89f5f303d)
Conflicts:
libavcodec/mjpegdec.c
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit c7a7605656633e52ade8a5d32a7c2497b37faef8)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes inconsistency that leads to out of array accesses with threads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 5a9e3760495e8678ae87314670e3d9d5a1792c8d)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
When decoding succeeded the array is copied into the permanent one.
This prevents inconsistencies
Fixes assertion failure
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit c40f51e15b91898e5c69fca7c8c67e3da6624dd4)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array read
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 11c3381ce3c353a4dadf9def6232e7604b0c5d2b)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes inconsistency ultimately leading to an out of array read
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 746016598d1885afd1fee976b6d315ed7eeefa68)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 10ece44d0948b44b062d09319052d09d14f7bfdb)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes use of uninitialized memory
Fixes: msan_uninit-mem_7f861d16355f_1664_File1_fixed.aac
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6433b393ba2b1b410ff18e386f84781a760549f5)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This fixes out of array reads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 66e9716a36105f69b9f076b0fec3ec2551c7e3b7)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6021615bbe393381f23b34a7cd0dcfd1a42687ba)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This prevents out of array accesses
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e91fd754c63de7fd3cb7fdea8974166db362e387)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Other dimensions would not work correctly currently,
also ask for a sample for files that fail this check.
This fixes an integer overflow leading to out of array
accesses.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 1e00bbb10cbde3da03a1e744265ce6def9ae4c56)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes division by zero
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit a527e692592b7eef69430cc866bb96231526316c)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array reads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit ead590c2561980f2afda38a662364659577dca38)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array reads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f96e0eb2387f8da7b8177f8f22969853dc648ca6)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
The specification wants round(abs(x))) * sign(x) which is
equivakent to round(x)
Fixes out of array access
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f18d2dff1194b34b79dc7641aafe54d1df349e40)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array reads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e756635964ed3aa1ee997465f9b46143bcb5d894)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
No valid samples i found use such copies
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit bdfe60c769f4d4e71a360fe02f06cdb9c039cf35)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6998af4a40e67b5f0bfb769b7749f38a92eb2819)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Fixes out of array reads
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit fb3e3808aed843b21dd70a70bdbc4b9f7de6a00b)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
If a reference is unavailable use a field from the current
picture
Fixes null pointer dereference
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 23daee0dcc57b647b9d62d4c905e94acf0c6b8e0)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 4c8ce750abaa783109630d41ca7dde5de34f6197)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
This occurs also with valid files.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 5ae484e350e4f1b20b31802dac59ca3519627c0a)
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
