generic-library/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
57,661 Commits 24 Branches 241 Tags
Commit Graph

23 Commits

Author SHA1 Message Date
Michael Niedermayer
413065aff4 avcodec/g2meet: check available space before copying palette 
Fixes out of array read
Fixes: asan_heap-uaf_ae6067_5415_g2m4.wmv

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6d9dad6a7cb5d544d540abf941fedbd34c14d2bd)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2014-01-08 00:23:35 +01:00
Michael Niedermayer
1ecd1b4aee avcodec/g2meet: fix stride calculation, use correct format field 
Fixes out of array accesses
Fixes: asan_heap-oob_ae5f63_5415_g2m4.wmv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 83f7bd6dcf00875725c5f3b7e1bedac5a6b3c77d)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2014-01-07 03:05:30 +01:00
Michael Niedermayer
c88ac1e023 avcodec/g2meet: fix regression with rgb cursors 
Fixes Ticket2972

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-09-25 00:25:23 +02:00
Michael Niedermayer
e07ac727c1 avcodec/g2meet: Fix framebuf size 
Currently the code can in some cases draw tiles that hang outside the
allocated buffer. This patch increases the buffer size to avoid out
of array accesses. An alternative would be to fail if such tiles are
encountered.
I do not know if any valid files use such hanging tiles.

Fixes Ticket2971
Found-by: ami_stuff
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-09-22 00:04:39 +02:00
Michael Niedermayer
821a5938d1 avcodec/g2meet: Fix order of align and pixel size multiplication. 
Fixes out of array accesses
Fixes Ticket2922

Found-by: ami_stuff
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-09-15 16:33:27 +02:00
Paul B Mahol
23bd0335af avcodec/g2meet: remove redundant log message 
Signed-off-by: Paul B Mahol <onemda@gmail.com>
 2013-09-13 20:41:12 +00:00
Michael Niedermayer
fa9e8bafc8 Merge commit 'b1e469885362febce3d9a4678624e44a92f77da9' 
* commit 'b1e469885362febce3d9a4678624e44a92f77da9':
  g2meet: Allocate cursor buffers large enough to fit the aligned width

See: 3c4c5ca1c194464f51de87534d15602f99bf9759
Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2013-09-12 14:48:55 +02:00
Martin Storsjö
b1e4698853 g2meet: Allocate cursor buffers large enough to fit the aligned width 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
 2013-09-12 10:55:20 +03:00
Michael Niedermayer
2960576378 avcodec/g2meet: fix src pointer checks in kempf_decode_tile() 
Fixes Ticket2842

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-08-07 16:28:28 +02:00
Michael Niedermayer
000f8bcd03 Merge remote-tracking branch 'qatar/master' 
* qatar/master:
  Replace remaining obsolete PIX_FMT names with AV_PIX_FMT equivalents

Conflicts:
	libavcodec/g2meet.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2013-07-30 12:03:12 +02:00
Diego Biurrun
78b4bfdb84 Replace remaining obsolete PIX_FMT names with AV_PIX_FMT equivalents 2013-07-29 23:46:51 +02:00
Paul B Mahol
d64f3b72e0 replace some deprecated defines 
Signed-off-by: Paul B Mahol <onemda@gmail.com>
 2013-07-06 05:43:24 +00:00
Michael Niedermayer
3c4c5ca1c1 avcodec/g2meet: Check monochrome cursor width 
Fixes out of array write

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-14 21:14:31 +02:00
Michael Niedermayer
7ad5708691 g2meet: Fix a typo in the height comparison 
Signed-off-by: Martin Storsjö <martin@martin.st>
 2013-06-12 13:45:53 +02:00
Michael Niedermayer
d3c4ea8b35 Merge remote-tracking branch 'qatar/master' 
* qatar/master:
  g2meet: do not leak buffers
  g2meet: more graceful cursor loading
  g2meet: reset dimensions on header parsing errors

Conflicts:
	libavcodec/g2meet.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-12 11:53:27 +02:00
Kostya Shishkov
7dfc3381dd g2meet: do not leak buffers 2013-06-12 09:54:45 +02:00
Kostya Shishkov
4d960d7f60 g2meet: more graceful cursor loading 2013-06-12 09:54:45 +02:00
Kostya Shishkov
767ae86cee g2meet: reset dimensions on header parsing errors 2013-06-12 09:54:45 +02:00
Michael Niedermayer
2d8f880a9b g2meet: fix typo in height comparission 
Fixes CID1030349
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-09 16:55:10 +02:00
Michael Niedermayer
ada497e616 g2meet: Check cursor parameters before writing them in the context 
Fixes out of array access

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-09 12:00:57 +02:00
Michael Niedermayer
6d3bcbb211 avcodec/g2meet: check framebuf has been allocated before use 
Fixes null pointer dereference

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-09 03:09:26 +02:00
Michael Niedermayer
e5cdf9c03b Merge commit '2d66a58ccde05e764594bd7e5f0f9244634d0b2c' 
* commit '2d66a58ccde05e764594bd7e5f0f9244634d0b2c':
  Go2Webinar decoder

Conflicts:
	Changelog
	configure
	libavcodec/avcodec.h
	libavcodec/codec_desc.c
	libavcodec/version.h
	libavformat/riff.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2013-06-03 12:47:26 +02:00
Kostya Shishkov
2d66a58ccd Go2Webinar decoder 2013-06-03 09:24:55 +02:00