generic-library/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
55,084 Commits 24 Branches 241 Tags
Commit Graph

15 Commits

Author SHA1 Message Date
Michael Niedermayer
e2865d9316 avcodec/g2meet: check tile dimensions to avoid integer overflow 
Fixes out of array access
Fixes: asan_heap-oob_12a55d3_30_029.wmv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 32e666c354e4a3160d8cf1d303cb51990b095c87)

Conflicts:

	libavcodec/g2meet.c

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2014-11-02 02:20:10 +01:00
Michael Niedermayer
2b06f5f8f1 avcodec/g2meet: Fix framebuf size 
Currently the code can in some cases draw tiles that hang outside the
allocated buffer. This patch increases the buffer size to avoid out
of array accesses. An alternative would be to fail if such tiles are
encountered.
I do not know if any valid files use such hanging tiles.

Fixes Ticket2971
Found-by: ami_stuff
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e07ac727c1cc9eed39e7f9117c97006f719864bd)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-09-23 21:46:15 +02:00
Michael Niedermayer
0a64b25c77 avcodec/g2meet: Fix order of align and pixel size multiplication. 
Fixes out of array accesses
Fixes Ticket2922

Found-by: ami_stuff
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 821a5938d100458f4d09d634041b05c860554ce0)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-09-23 21:46:15 +02:00
Michael Niedermayer
acf511de34 avcodec/g2meet: fix src pointer checks in kempf_decode_tile() 
Fixes Ticket2842

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 2960576378d17d71cc8dccc926352ce568b5eec1)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-08-11 00:14:17 +02:00
Paul B Mahol
d64f3b72e0 replace some deprecated defines 
Signed-off-by: Paul B Mahol <onemda@gmail.com>
 2013-07-06 05:43:24 +00:00
Michael Niedermayer
3c4c5ca1c1 avcodec/g2meet: Check monochrome cursor width 
Fixes out of array write

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-14 21:14:31 +02:00
Michael Niedermayer
d3c4ea8b35 Merge remote-tracking branch 'qatar/master' 
* qatar/master:
  g2meet: do not leak buffers
  g2meet: more graceful cursor loading
  g2meet: reset dimensions on header parsing errors

Conflicts:
	libavcodec/g2meet.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-12 11:53:27 +02:00
Kostya Shishkov
7dfc3381dd g2meet: do not leak buffers 2013-06-12 09:54:45 +02:00
Kostya Shishkov
4d960d7f60 g2meet: more graceful cursor loading 2013-06-12 09:54:45 +02:00
Kostya Shishkov
767ae86cee g2meet: reset dimensions on header parsing errors 2013-06-12 09:54:45 +02:00
Michael Niedermayer
2d8f880a9b g2meet: fix typo in height comparission 
Fixes CID1030349
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-09 16:55:10 +02:00
Michael Niedermayer
ada497e616 g2meet: Check cursor parameters before writing them in the context 
Fixes out of array access

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-09 12:00:57 +02:00
Michael Niedermayer
6d3bcbb211 avcodec/g2meet: check framebuf has been allocated before use 
Fixes null pointer dereference

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-09 03:09:26 +02:00
Michael Niedermayer
e5cdf9c03b Merge commit '2d66a58ccde05e764594bd7e5f0f9244634d0b2c' 
* commit '2d66a58ccde05e764594bd7e5f0f9244634d0b2c':
  Go2Webinar decoder

Conflicts:
	Changelog
	configure
	libavcodec/avcodec.h
	libavcodec/codec_desc.c
	libavcodec/version.h
	libavformat/riff.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-03 12:47:26 +02:00
Kostya Shishkov
2d66a58ccd Go2Webinar decoder 2013-06-03 09:24:55 +02:00