ffmpeg

Author	SHA1	Message	Date
Michael Niedermayer	aa672f5e6a	avcodec/hevc: clear tab_slice_address of ctb on error. This allows us to detect which areas have failed to decode Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit a18f11158216c22f4a69e44f8cbb59b300a7f10c) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:53:23 +01:00
Michael Niedermayer	b959e6393e	avcodec/hevc: hls_decode_entry: check that the previous slice segment is available before decoding the next Fixes use of uninitialized memory Fixes out of array read Fixes assertion failure Fixes part of cb307d24befbd109c6f054008d6777b5/asan_static-oob_124a175_1445_cov_2355279992_DBLK_D_VIXS_1.bit Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 6ef57f4d9a0920c82237facb0d1f3856b17da9dc) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:51:46 +01:00
Michael Niedermayer	69f99f80d1	avcodec/hevc: clear tab_slice_address in hevc_frame_start() Fixes inconsistencies Fixes use of uninitilaized memory Fixes part of cb307d24befbd109c6f054008d6777b5/asan_static-oob_124a175_1445_cov_2355279992_DBLK_D_VIXS_1.bit Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 56985d26d7054079cbe8865532c4a2cff123f596) Conflicts: libavcodec/hevc.c	2014-02-23 14:51:22 +01:00
Michael Niedermayer	e7b7e69416	avcodec/h264: update current_sps & sps->new only after the whole slice header decoder and init code finished This avoids them being cleared before the full initialization finished Fixes out of array read Fixes: asan_heap-oob_f0c5e6_7071_cov_1605985132_mov_h264_aac__Demo_FlagOfOurFathers.mov Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 8a3b85f3a7952c54a2c36ba1797f7e0cde9f85aa) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:49:47 +01:00
Michael Niedermayer	9330bcff9b	avcodec/h264: Disallow pps_id changing between slices Such changes are forbidden in H.264 and lead to race conditions Fixes out of array read Fixes: signal_sigsegv_f9796a_1613_cov_3114610371_FM1_BT_B.h264 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit e708424b70bef8641e8a090ec4d9e8c4490db87e) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:49:37 +01:00
Michael Niedermayer	9fb364babd	avcodec/aacdec: Fix pulse position checks in decode_pulses() Fixes out of array read Fixes: asan_static-oob_1efed25_1887_cov_2013541199_HeyYa_RA10_AAC_192K_30s.rm Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 6e42ccb9dbc13836cd52cda594f819d17af9afa2) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:49:29 +01:00
Michael Niedermayer	d79419d0f9	avcodec/hevc: propagate error code from hls_coding_quadtree() Fixes use of uninitialized memory Fixes out of array read Fixes: asan_static-oob_123cee5_2630_cov_1869071233_PICSIZE_A_Bossen_1.bin Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 96c4ba2392b9cd55a5e84cb28db5c0c7e53cd390) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:48:30 +01:00
Michael Niedermayer	ebc490e744	avcodec/tiff: reset geotag_count in free_geotags() Fixes null pointer dereference Fixes: signal_sigsegv_19d922e_3688_cov_1577641655_aletrek_tiff.mov Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit a744064c4155bde063b9e8a47699542be3b8e5eb) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:48:07 +01:00
Michael Niedermayer	ab1c7113f9	avcodec/vc1: Check bfraction_lut_index Fixes: out of array read Fixes: asan_static-oob_1b40507_2849_SA10143.vc1 Fixes: asan_static-oob_1b40a15_2849_cov_1182297305_SA10143.vc1 Fixes: asan_static-oob_1b40f15_2849_cov_2159513432_SA10143.vc1 Fixes: asan_static-oob_1b40f15_2849_cov_3230311510_SA10143.vc1 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit dcf5bfbdb6137ffdca66e0b7c2929ced42732951) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:47:46 +01:00
Michael Niedermayer	10a30e4de5	avcodec/vc1: factor read_bfraction() out Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 388b4cf86ed5ec27d35eb5069769db12a4e31af0) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:47:41 +01:00
Michael Niedermayer	9368b91834	avcodec/vc1dec: field pictures with direct mode MBs, followed by frame pictures are not supported This case could occur when cuting and concatenating bitstreams Fixes out of array read Fixes: asan_heap-oob_1b33fdd_2849_cov_478905890_SA10143.vc1 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 85d51d8e327c666ac963acf25cf6a6763e6c6671) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:43:52 +01:00
Michael Niedermayer	f22e88c177	avcodec/mjpegdec: pass into ff_mjpeg_decode_sos() and check bitmask size Fixes: heap array overread Fixes: asan_heap-oob_149b2bc_6577_m1.mxg Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 2884688bd51a808ccda3c0e13367619cd79e0579) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:43:28 +01:00
Michael Niedermayer	e266fcf083	avformat/flac_picture: clear padding area aviod use of uninitialized memory Fixes: asan_heap-oob_1487fa4_4706_cov_364534849_cover_art.flac Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 13aa82bbbb71c04bdcecf1341be4a23aee271bec) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:43:18 +01:00
Michael Niedermayer	c9b961748f	avformat/flac_picture: allocate buffer padding for picture Fixes: heap array overread Fixes: asan_heap-oob_14876d9_4706_cov_815472558_cover_art.flac Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit fff2953163ff466d5391b2f862bd2216fbe728b2) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:43:07 +01:00
Michael Niedermayer	a94f367424	avcodec/snow: split block clipping checks Fixes out of array read Fixes: d4476f68ca1c1c57afbc45806f581963-asan_heap-oob_2266b27_8607_cov_4044577381_snow_chroma_bug.avi Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 61d59703c91869f4e5cdacd8d6be52f8b89d4ba4) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:28:10 +01:00
Michael Niedermayer	18eac12c6d	avcodec/ansi: fix integer overflow Fixes out of array read Fixes: 5f9698e86d92f19bb08d54ff0d57027f-signal_sigsegv_b30756_3795_cov_2693691257_ansi256.ans Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit d42ec8433c687fcbccefa51a7716d81920218e4f) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:28:10 +01:00
Michael Niedermayer	4cc18ee5da	avcodec/msrle: use av_image_get_linesize() to calculate the linesize Fixes out of array access Fixes: 14a74a0a2dc67ede543f0e35d834fbbe-asan_heap-oob_49572c_556_cov_215466444_44_001_engine_room.mov Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit c919e1ca2ecfc47d796382973ba0e48b8f6f92a2) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:28:10 +01:00
Michael Niedermayer	f8985cb9d9	avcodec/utils: set AVFrame format unconditional Fixes inconsistency and out of array accesses Fixes: 10cdd7e63e7f66e3e66273939e0863dd-asan_heap-oob_1a4ff32_7078_cov_4056274555_mov_h264_aac__mp4box_frag.mp4 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit e5c7229999182ad1cef13b9eca050dba7a5a08da) Conflicts: libavcodec/utils.c	2014-02-23 14:28:10 +01:00
Michael Niedermayer	656770e2aa	avcodec/hevc: make *ps_id unsigned Fixes integer overflow Fixes out of array accesses Fixes 2f65e7dbd02a12f426a423bd7bf880b4-signal_sigsegv_127c952_2793_cov_2517424539_RPLM_A_qualcomm_4.bit Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit d1e6602665d5ec1b7e211ab27b298c26139f82cc) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:28:10 +01:00
Michael Niedermayer	4a28a3ddc4	avformat/mpegtsenc: Check data array size in mpegts_write_pmt() Prevents out of array writes Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 842b6c14bcfc1c5da1a2d288fd65386eb8c158ad) Conflicts: libavformat/mpegtsenc.c	2014-02-23 14:28:10 +01:00
Michael Niedermayer	f91ef98c9d	avcodec/wmalosslessdec: fix mclms_coeffs* array size Fixes corruption of context Fixes: 8835659dde6a4f7dcdf341de6a45c6c8-signal_sigsegv_1dce67b_4564_cov_2504444599_classical_22_16_1_14000_v3c_0_extend_0_29.wma Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit ec9578d54d09b64bf112c2bf7a34b1ef3b93dbd3) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:28:10 +01:00
Justin Ruggles	a644272a4a	samplefmt: avoid integer overflow in av_samples_get_buffer_size() CC:libav-stable@libav.org (cherry picked from commit 0e830094ad0dc251613a0aa3234d9c5c397e02e6) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:28:10 +01:00
Michael Niedermayer	325feb8e0d	avcodec/vc1: reset fcm/field_mode in non advanced header parsing Fixes NULL pointer dereference Fixes: signal_sigsegv_1ab8bf4_2847_cov_4254117347_SA10091.vc1 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit b51e9354772de446e8196dabf9aad1567b22f74d) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:28:10 +01:00
Michael Niedermayer	8c6a976fee	avcodec/takdec: always check bits_per_raw_sample Fixes out of array access Fixes: asan_heap-oob_19c7a94_6470_cov_1453611734_luckynight-partial.tak Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit f58eab151214d2d35ff0973f2b3e51c5eb372da4) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-02-23 14:28:10 +01:00
Carl Eugen Hoyos	ac38860ec9	Add decoder dependency to the HEVC parser. Fixes compilation with --disable-everything --enable-parser=hevc (cherry picked from commit d4a6133ab8ca1538d1d01fc187284fc99c6f6c90)	2014-02-19 16:59:21 +01:00
Martin Storsjö	d0e0329e9d	rtpdec_asf: Copy the need_parsing field from the chained demuxer This fixes playback of mp3 streams in rtp/asf. This used to work until 950482bf, but mostly by coincidence. Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 2aec9e228cb317cca8cda9e03986c8482ea54404) Fixes ticket #3223	2014-01-27 15:45:10 +01:00
Alex Sukhanov	9ca79d2849	avformat/matroskadec: Fix start_time Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 251c96a70b0d8cc729ded8c09c7b8bfe03f1a138) Fixes ticket #3337.	2014-01-26 16:22:47 +01:00
Lukasz Marek	c5a2a65e1e	lavf/libssh: fix seek with whence==SEEK_CUR Signed-off-by: Lukasz Marek <lukasz.m.luki@gmail.com> (cherry picked from commit e0d124a9209f44a34e812fb26ba581552b55a731) Conflicts: libavformat/libssh.c	2014-01-22 01:36:31 +01:00
Michael Niedermayer	a8ed3685e1	avcodec/jpeg2000dec: fix error detection in pix_fmt_match() Fixes out of array accesses with CODEC_FLAG_EMU_EDGE Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 8001e9f7d17e90b4b0898ba64e3b8bbd716c513c) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-21 16:59:12 +01:00
Michael Niedermayer	32262ca7d7	avcodec/vmnc: Check that rectangles are within the picture Prevents out of array accesses with CODEC_FLAG_EMU_EDGE Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 6ba02602aa7fc7d38db582e75b8b093fb3c1608d) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-21 16:59:06 +01:00
Michael Niedermayer	5f56e495ae	avcodec/apedec: more checks for k Fixes assertion failure Fixes part of msan_uninit-mem_7fa0d8c8bd58_8417_sh3.ape Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit d5128fce38646d3f64c55feda42084888ba0e87e) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-21 16:42:32 +01:00
Michael Niedermayer	fedbba5ea0	avformat/rmdec: move packet allocation down Fixes memleak Fixes: msan_uninit-mem_7fc5d73327d4_6192_kuerti.ra Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 165f96cd2d687122748f862a0bc6e9908fe3d5d2) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-21 16:42:32 +01:00
Michael Niedermayer	d35916f6ea	avformat/mpegts: check sl.timestamp_len Fixes: msan_uninit-mem_7ff4404547ba_4883_dmbts.ts Fixes assertion failure Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit e630ca5111077fa8adc972fe8a3d7e2b3e8dc91f) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-21 16:42:32 +01:00
Michael Niedermayer	94e2673f4e	avformat/ape: free packet on avio_read() failure Fixes memleak Fixes: msan_uninit-mem_7fcc198b365b_8417_sh3.ape Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 459db51271807ba26162db7b67ac1ff444cc0fa9) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-21 16:42:32 +01:00
Michael Niedermayer	23ae7bfb4e	dnxhdenc: fix mb_rc size Fixes out of array access with RC_VARIANCE set to 0 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit f1caaa1c61310beba705957e6366f0392a0b005b) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-21 16:42:32 +01:00
Michael Niedermayer	9e8464e81b	Merge commit '9eef9eb3014b2ed9c3ff4aac510a9f04edb555cf' * commit '9eef9eb3014b2ed9c3ff4aac510a9f04edb555cf': h264: check that execute_decode_slices() is not called too many times Conflicts: libavcodec/h264.c The check is replaced by an assert() as the mb index should not ever go out of bounds. Merged-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 64591f8f86f2dfeac13ee6b4e971d069675ca814) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-21 16:42:32 +01:00
Michael Niedermayer	c9a8dfa5ae	Merge commit '6892d145a0c80249bd61ee7dd31ec851c5076bcd' * commit '6892d145a0c80249bd61ee7dd31ec851c5076bcd': segafilm: fix leaks if reading the header fails Conflicts: libavformat/segafilm.c See: ca5456db7fa62a81d8effa20fb7547c16dd1d796 Merged-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 2a58d5fc0e842ebc9a47523a8c3418580b40b4be) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-21 16:42:32 +01:00
Michael Niedermayer	e6299a4cf9	cmdutils: update year Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-21 16:42:32 +01:00
Carl Eugen Hoyos	ee3822af63	Allow decoding of slightly broken Nikon avi files. Fixes ticket #3330. (cherry picked from commit f9c2d4d17e3b18becb046d71811f9e8aa5946cf9)	2014-01-20 22:37:18 +01:00
Nicolas George	fc5261c219	lavfi/dualinput: fix shortest option. Fix trac ticket #3315. (cherry picked from commit 2dc5980d61493e05ccb04271a685fe804d87b155)	2014-01-20 22:28:01 +01:00
Michael Niedermayer	30a94f1159	avcodec/mjpegdec: Dont skip picture allocation if theres no picture allocated Fixes Ticket 3245 (cherry picked from commit ad8d063f230c05f8b5efbd05cc5a9f51a2549dcf)	2014-01-20 22:26:00 +01:00
Michael Niedermayer	9d83cff1f1	avcodec/aacdec: Dont fail if channels arent known yet Fixes Ticket3312 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 676a395ab903cac623c5d6ddd0928c789e08a59e)	2014-01-19 14:28:18 +01:00
Michael Niedermayer	756cd1a305	avcodec/mjpegdec: Dont treat the lack of a startcode differently from end of the bitstream Fixes Ticket3303 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 31e703e899bee74c50efd8eb62c3d012ef5ab26d)	2014-01-19 14:27:56 +01:00
Michael Niedermayer	83dc8f044d	avcodec/mjpegdec: only run EOI emulation code when there was a scan Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 361e27a3d8096baacc45d2551a1ebfcbfdaa6a67)	2014-01-19 14:27:48 +01:00
Michael Niedermayer	2c5c6affb1	avcodec/mjpegdec: update cur_scan also for non-LS jpeg This should make no difference but the variable will be used in a subsequent commit Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 8893f31e206358d933abe4a5227b5ae89f5f303d)	2014-01-19 14:27:40 +01:00
Carl Eugen Hoyos	f4e051680e	Fix libxvid crash on failing initialisation. Fixes ticket #3297. (cherry picked from commit ee3fc8aa864f6d95356a7d9d03536e2b12b891c5)	2014-01-19 14:26:15 +01:00
Carl Eugen Hoyos	2f4b781e4d	Do not read mkv audio bit_depth if bits_per_coded_sample is already set. This allows decoding broken mkv files containing G.726 audio. (cherry picked from commit 11329370770e5c982deece7d4eb4f2e95e725332)	2014-01-16 00:26:00 +01:00
Carl Eugen Hoyos	0d45e821dc	Do not set mkv bit_depth to av_get_bytes_per_sample() for G.726. The value is wrong and leads to broken files. (cherry picked from commit 565102dcac4959da60e6b1528dc31315d21194ca)	2014-01-16 00:25:34 +01:00
Michael Niedermayer	eda6effcab	Update for 2.1.3 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> n2.1.3	2014-01-15 18:29:16 +01:00
Michael Niedermayer	45900618ae	library.mak: only run asm strip if ASMSTRIP flags are set Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit e975c147e18010a9f96f56b21d0cd0f026eaae0e) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-14 01:14:43 +01:00

... 3 4 5 6 7 ...

57909 Commits