ffmpeg

Author	SHA1	Message	Date
Michael Niedermayer	ffd5ccee5d	avcodec/g2meet: check tile dimensions to avoid integer overflow Fixes out of array access Fixes: asan_heap-oob_12a55d3_30_029.wmv Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 32e666c354e4a3160d8cf1d303cb51990b095c87) Conflicts: libavcodec/g2meet.c	2014-11-28 18:53:11 +01:00
Michael Niedermayer	3c8a12be2f	avcodec/g2meet: fix error returns Fixes out of array accesses This should not affect any release Fixes: 8ab69af9e5a7a7e20fe04cdd25c0d6e7-asan_heap-oob_e72b82_5505_cov_2278389485_g2m4.wmv Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 6b53c1aa822e9c92be52a462dd0aef1c2010ce73) Conflicts: libavcodec/g2meet.c	2014-03-18 18:26:01 +01:00
Michael Niedermayer	413065aff4	avcodec/g2meet: check available space before copying palette Fixes out of array read Fixes: asan_heap-uaf_ae6067_5415_g2m4.wmv Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 6d9dad6a7cb5d544d540abf941fedbd34c14d2bd) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-08 00:23:35 +01:00
Michael Niedermayer	1ecd1b4aee	avcodec/g2meet: fix stride calculation, use correct format field Fixes out of array accesses Fixes: asan_heap-oob_ae5f63_5415_g2m4.wmv Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 83f7bd6dcf00875725c5f3b7e1bedac5a6b3c77d) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-01-07 03:05:30 +01:00
Michael Niedermayer	c88ac1e023	avcodec/g2meet: fix regression with rgb cursors Fixes Ticket2972 Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-09-25 00:25:23 +02:00
Michael Niedermayer	e07ac727c1	avcodec/g2meet: Fix framebuf size Currently the code can in some cases draw tiles that hang outside the allocated buffer. This patch increases the buffer size to avoid out of array accesses. An alternative would be to fail if such tiles are encountered. I do not know if any valid files use such hanging tiles. Fixes Ticket2971 Found-by: ami_stuff Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-09-22 00:04:39 +02:00
Michael Niedermayer	821a5938d1	avcodec/g2meet: Fix order of align and pixel size multiplication. Fixes out of array accesses Fixes Ticket2922 Found-by: ami_stuff Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-09-15 16:33:27 +02:00
Paul B Mahol	23bd0335af	avcodec/g2meet: remove redundant log message Signed-off-by: Paul B Mahol <onemda@gmail.com>	2013-09-13 20:41:12 +00:00
Michael Niedermayer	fa9e8bafc8	Merge commit 'b1e469885362febce3d9a4678624e44a92f77da9' * commit 'b1e469885362febce3d9a4678624e44a92f77da9': g2meet: Allocate cursor buffers large enough to fit the aligned width See: 3c4c5ca1c194464f51de87534d15602f99bf9759 Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-09-12 14:48:55 +02:00
Martin Storsjö	b1e4698853	g2meet: Allocate cursor buffers large enough to fit the aligned width Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st>	2013-09-12 10:55:20 +03:00
Michael Niedermayer	2960576378	avcodec/g2meet: fix src pointer checks in kempf_decode_tile() Fixes Ticket2842 Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-08-07 16:28:28 +02:00
Michael Niedermayer	000f8bcd03	Merge remote-tracking branch 'qatar/master' * qatar/master: Replace remaining obsolete PIX_FMT names with AV_PIX_FMT equivalents Conflicts: libavcodec/g2meet.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-07-30 12:03:12 +02:00
Diego Biurrun	78b4bfdb84	Replace remaining obsolete PIX_FMT names with AV_PIX_FMT equivalents	2013-07-29 23:46:51 +02:00
Paul B Mahol	d64f3b72e0	replace some deprecated defines Signed-off-by: Paul B Mahol <onemda@gmail.com>	2013-07-06 05:43:24 +00:00
Michael Niedermayer	3c4c5ca1c1	avcodec/g2meet: Check monochrome cursor width Fixes out of array write Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-06-14 21:14:31 +02:00
Michael Niedermayer	7ad5708691	g2meet: Fix a typo in the height comparison Signed-off-by: Martin Storsjö <martin@martin.st>	2013-06-12 13:45:53 +02:00
Michael Niedermayer	d3c4ea8b35	Merge remote-tracking branch 'qatar/master' * qatar/master: g2meet: do not leak buffers g2meet: more graceful cursor loading g2meet: reset dimensions on header parsing errors Conflicts: libavcodec/g2meet.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-06-12 11:53:27 +02:00
Kostya Shishkov	7dfc3381dd	g2meet: do not leak buffers	2013-06-12 09:54:45 +02:00
Kostya Shishkov	4d960d7f60	g2meet: more graceful cursor loading	2013-06-12 09:54:45 +02:00
Kostya Shishkov	767ae86cee	g2meet: reset dimensions on header parsing errors	2013-06-12 09:54:45 +02:00
Michael Niedermayer	2d8f880a9b	g2meet: fix typo in height comparission Fixes CID1030349 Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-06-09 16:55:10 +02:00
Michael Niedermayer	ada497e616	g2meet: Check cursor parameters before writing them in the context Fixes out of array access Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-06-09 12:00:57 +02:00
Michael Niedermayer	6d3bcbb211	avcodec/g2meet: check framebuf has been allocated before use Fixes null pointer dereference Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2013-06-09 03:09:26 +02:00
Michael Niedermayer	e5cdf9c03b	Merge commit '2d66a58ccde05e764594bd7e5f0f9244634d0b2c' * commit '2d66a58ccde05e764594bd7e5f0f9244634d0b2c': Go2Webinar decoder Conflicts: Changelog configure libavcodec/avcodec.h libavcodec/codec_desc.c libavcodec/version.h libavformat/riff.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2013-06-03 12:47:26 +02:00
Kostya Shishkov	2d66a58ccd	Go2Webinar decoder	2013-06-03 09:24:55 +02:00

25 Commits