ffmpeg

Author	SHA1	Message	Date
Christophe Gisquet	1ad1723c24	proresenc_kostya: report buffer overflow If the allocated size, despite best efforts, is too small, exit with the appropriate error. Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 52b81ff4635c077b2bc8b8d3637d933b6629d803) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-12 02:40:23 +02:00
Christophe Gisquet	7740b111dd	proresenc_kostya: remove unneeded parameters Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit bf10f09bccdcfdb41b9f5bbae01d55961bfd0693) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-12 02:40:19 +02:00
Michael Niedermayer	bb7f236c7f	avcodec/snow: fix null pointer dereference in cleanup after allocation failure Fixes: snowf.avi Found-by: Piotr Bandurski <ami_stuff@o2.pl> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 9a162146ca6cc12ef7ad4a15164349482885962c) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-11 19:07:11 +02:00
Michael Niedermayer	0397d43405	avcodec/iff: check pixfmt for rgb8 / rgbn Fixes out of array access Found-by: Piotr Bandurski <ami_stuff@o2.pl> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 3539d6c63a16e1b2874bb037a86f317449c58770) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-11 19:07:11 +02:00
Michael Niedermayer	0dc5868f14	Merge commit '67134ad31f1f3bc1515eae129e4368401f7c3342' into release/2.2 * commit '67134ad31f1f3bc1515eae129e4368401f7c3342': h264: fix interpretation of interleaved stereo modes Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-11 18:51:29 +02:00
Michael Niedermayer	723512ac71	avcodec/svq1dec: Fix multiple bugs from "svq1: do not modify the input packet" Add padding, clear size, use the correct pointer. Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 4213fc5b9eebec53c7d22b770c3f1ceecca1c113) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-11 18:50:29 +02:00
Michael Niedermayer	963514ea1a	Merge commit 'd513c6a0ee582d22b6e793286774abbde01f6680' into release/2.2 * commit 'd513c6a0ee582d22b6e793286774abbde01f6680': svq1: do not modify the input packet Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-11 18:50:11 +02:00
Michael Niedermayer	c11b3010c2	Merge commit '18f48e05a22a73a389fb3ab4b3eaf78903bab5ef' into release/2.2 * commit '18f48e05a22a73a389fb3ab4b3eaf78903bab5ef': cdgraphics: do not return 0 from the decode function Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-11 18:49:37 +02:00
Michael Niedermayer	3301b248b0	Merge commit '5bf5a35fb5d452ea4b30cd7b853d92df6705d250' into release/2.2 * commit '5bf5a35fb5d452ea4b30cd7b853d92df6705d250': cdgraphics: switch to bytestream2 Conflicts: libavcodec/cdgraphics.c See: ad002e1a13a8df934bd6cb2c84175a4780ab8942 Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-11 18:41:07 +02:00
Michael Niedermayer	45a529d805	Merge commit 'aa943bd31fada23db5cb9611215656ab9ebe5b94' into release/2.2 * commit 'aa943bd31fada23db5cb9611215656ab9ebe5b94': huffyuvdec: check width size for yuv422p Conflicts: libavcodec/huffyuvdec.c See: 6abb9a901fca27da14d4fffbb01948288b5da3ba Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-11 18:02:36 +02:00
Felix Abecassis	67134ad31f	h264: fix interpretation of interleaved stereo modes Column and row frame packing arrangements were inverted. Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>	2014-08-07 11:40:08 +01:00
Anton Khirnov	d513c6a0ee	svq1: do not modify the input packet The input data must remain constant, make a copy instead. This is in theory a performance hit, but since I failed to find any samples using this feature, this should not matter in practice. Also, check the size of the header, avoiding invalid reads on truncated data. CC:libav-stable@libav.org (cherry picked from commit 7b588bb691644e1b3c168b99accf74248a24e3cf) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2014-08-06 19:05:34 +00:00
Anton Khirnov	18f48e05a2	cdgraphics: do not return 0 from the decode function 0 means no data consumed, so it can trigger an infinite loop in the caller. CC:libav-stable@libav.org (cherry picked from commit c7d9b473e28238d4a4ef1b7e8b42c1cca256da36) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2014-08-06 18:41:44 +00:00
Anton Khirnov	5bf5a35fb5	cdgraphics: switch to bytestream2 Fixes possible invalid memory accesses on corrupted data. CC:libav-stable@libav.org Bug-ID: CVE-2013-3674 (cherry picked from commit a1599f3f7ea8478d1f6a95e59e3bc6bc86d5f812) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2014-08-06 18:41:42 +00:00
Vittorio Giovara	6598aaea1a	jpeg2000: enable 4 component pixel formats Bug-Id: 721 CC: libav-stable@libav.org Sample-Id: 31230.mov	2014-08-06 12:44:35 +01:00
Michael Niedermayer	aa943bd31f	huffyuvdec: check width size for yuv422p Avoid out of array accesses. CC: libav-stable@libav.org Bug-Id: CVE-2013-0848 Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com> Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit a7153444df9040bf6ae103e0bbf6104b66f974cb) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2014-08-05 20:06:53 +00:00
Michael Niedermayer	bea14966e2	mmvideo: check horizontal coordinate too Fixes out of array accesses. Bug-Id: CVE-2013-3672 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com> Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit 70cd3b8e659c3522eea5c16a65d14b8658894a94) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2014-08-05 19:21:40 +00:00
Michael Niedermayer	6be5a3c045	wmalosslessdec: fix mclms_coeffs* array size Fixes corruption of context Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC:libav-stable@libav.org Bug-Id: CVE-2014-2098 Signed-off-by: Anton Khirnov <anton@khirnov.net> (cherry picked from commit 849b9d34c7ef70b370c53e7af3940f51cbc07d0f) Signed-off-by: Anton Khirnov <anton@khirnov.net>	2014-08-05 14:59:29 +00:00
Michael Niedermayer	c13e38bac7	avcodec/wavpackenc: Fix log2sample() result value Found-by: CSA Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit e706fe764049b3f1ccf10ba9f686426a4c007906) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:45:56 +02:00
Michael Niedermayer	ad13a5c8fa	avcodec/dvdsub_parser: print message if packet is smaller than the packet size field Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit bcc898dd2643c883522ffa565be4b226ce798c78) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:14:02 +02:00
Michael Niedermayer	ce248bf7ee	avcodec/dvdsub_parser: Check buf_size before reading 32bit packet size Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 81c1657a593b1c0f8e46fca00ead1d30ee1cd418) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:14:02 +02:00
Michael Niedermayer	8eaefbe1be	avcodec/dvdsub_parser: never return 0 when the input isnt 0 Fixes a infinite loop Fixes Ticket3804 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit cfdb30d2f1241de9354a8efdbf8252d0f1a6f933) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:14:02 +02:00
Michael Niedermayer	81d8bad786	avcodec/mpeg12dec: fix support for interlaced mpeg2 with missing last slice Fixes Ticket3809 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit f95298c913899207344d668a6d5624cb2d2e480c) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:14:02 +02:00
Michael Niedermayer	cdaf9fb2a0	libavcodec/h264_parser: Increase parse_history, fix huge resolutions Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 0782fb6bcb32fe3ab956a99af4cc472ff81da0c2) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:14:02 +02:00
Benoit Fouet	cf41ff4889	h264_mp4toannexb_bsf: account for consecutive IDR pictures. If there are consecutive IDR pictures, then SPS/PPS should be prepended to all of them, not only the first one. Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit bf428bb3145c4f0eef32f8ef00de0ee222b3e414) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:14:02 +02:00
$Chris \"Koying\" Browet$ Chris \"Koying\" Browet	6120ad315b	avcodec/h264_mp4toannexb_bsf: fix issue when sps/pps are already in the bistream (cherry picked from commit ad91bf854b559f1afc42fc06f8a7dfbb75def5c8) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:14:02 +02:00
Michael Niedermayer	815d3225e3	avcodec/hevc: treat current_sps like sps_list This simplifies the management of current_sps Fixes Ticket3458 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 880dbe43ca71982ecdfe1c73446137d6b2fd24d5) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:13:38 +02:00
Michael Niedermayer	51dd23c448	avcodec/hevc_ps: prevent stale pointer in malloc failure case Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 0fc2045d5f4eab35d943a79c3d965a2f31361f48) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:13:38 +02:00
Michael Niedermayer	a4e1532ee7	avcodec/hevc_ps: do not loose all reference to pointers still in use Fixes leaving a pointer to unreferenced memory Fixes Ticket 3115 Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit ccd6911c189d2f974dcc4095c963dfad14d703d2) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:13:38 +02:00
Michael Niedermayer	9ed1aa0465	Merge commit '744b406ff3474e77543bcf86125a2f7bc7deaa18' into release/2.2 * commit '744b406ff3474e77543bcf86125a2f7bc7deaa18': huffyuv: Check and propagate function return values Conflicts: libavcodec/huffyuvdec.c See: f67a0d115254461649470452058fa3c28c0df294 Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 04:04:01 +02:00
Michael Niedermayer	7fc9c7c35b	Merge commit 'a1f7844a11010d8552c75424d1a831b37a0ae5d9' into release/2.2 * commit 'a1f7844a11010d8552c75424d1a831b37a0ae5d9': pgssubdec: Check RLE size before copying See: c0d68be555f5858703383040e04fcd6529777061 Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-08-05 03:54:50 +02:00
Diego Biurrun	744b406ff3	huffyuv: Check and propagate function return values Bug-Id: CVE-2013-0868 inspired by a patch from Michael Niedermayer <michaelni@gmx.at> Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Diego Biurrun <diego@biurrun.de> CC: libav-stable@libav.org (cherry picked from commit d0393d79bc3d61c9f2ff832c0e273b7774ff0269) Signed-off-by: Diego Biurrun <diego@biurrun.de> Conflicts: libavcodec/huffyuvdec.c	2014-08-03 15:53:38 -07:00
Vittorio Giovara	2273e5ed99	h264: prevent theoretical infinite loop in SEI parsing Properly address CVE-2011-3946 and parse bitstream as described in the spec. CC: libav-stable@libav.org Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind	2014-08-01 13:15:07 +01:00
Michael Niedermayer	a1f7844a11	pgssubdec: Check RLE size before copying Make sure the buffer size does not exceed the expected RLE size. Prevent an out of array bound write. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at> Bug-Id: CVE-2013-0852 Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit d98e6c5d5d80c1dfe0c30f2e73d41a3aea0b920d) Signed-off-by: Diego Biurrun <diego@biurrun.de>	2014-08-01 01:04:13 -07:00
Michael Niedermayer	3ef8b4322c	Merge commit 'd396987c303bdc4eea7d1a1ff6776475d9bbd9ea' into release/2.2 * commit 'd396987c303bdc4eea7d1a1ff6776475d9bbd9ea': fate: Add dependencies for dct/fft/mdct/rdft tests Conflicts: libavcodec/fft-test.c tests/fate/fft.mak Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-07-30 20:35:23 +02:00
Michael Niedermayer	92c4973752	Merge commit 'b8e57113ecba5494d4bf47c29634392ea5fdb17b' into release/2.2 * commit 'b8e57113ecba5494d4bf47c29634392ea5fdb17b': arm: Avoid using the 'setend' instruction on ARMv7 and newer Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-07-30 20:18:14 +02:00
Michael Niedermayer	3573256037	Merge commit 'f9204ec56a4cf73843d1e5b8563d3584c2c05b47' into release/2.2 * commit 'f9204ec56a4cf73843d1e5b8563d3584c2c05b47': eamad: use the bytestream2 API instead of AV_RL Conflicts: libavcodec/eamad.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-07-30 19:59:38 +02:00
Diego Biurrun	d396987c30	fate: Add dependencies for dct/fft/mdct/rdft tests (cherry picked from commit 24f45c16224d4c5d482e928676714766ffdda4fc) Signed-off-by: Diego Biurrun <diego@biurrun.de>	2014-07-30 10:12:17 -07:00
Martin Storsjö	b8e57113ec	arm: Avoid using the 'setend' instruction on ARMv7 and newer This instruction is deprecated on ARMv8, and it is serializing on some ARMv7 cores as well [1]. [1] http://article.gmane.org/gmane.linux.ports.arm.kernel/339293 CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 79fce1ec8abd017593c003917fc123f7119a78d6) Signed-off-by: Reinhard Tartler <siretart@tauware.de>	2014-07-27 10:14:33 -04:00
Anton Khirnov	f9204ec56a	eamad: use the bytestream2 API instead of AV_RL This is safer and possibly fixes invalid reads on truncated data. (cherry-picked from commit 541427ab4d5b4b6f5a90a687a06decdb78e7bc3c) CC:libav-stable@libav.org Conflicts: libavcodec/eamad.c	2014-07-27 09:59:01 -04:00
Alessandro Ghedini	4ddac7199b	vc1: Do not return an error when skipping b frames This caused mpv (and possibly others) to fallback to software decoding after seeking a VC1 stream. Bug-Id: 667 Signed-off-by: Luca Barbato <lu_zero@gentoo.org> (cherry picked from commit cdf6eb5a9710566be217a3f17d3d94ac4e4d2662) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-07-23 10:42:35 +02:00
Michael Niedermayer	3e78f86891	Merge commit '68fd80ee1ca22c39b6ef4e6641b5b2e0d4d89a14' into release/2.2 * commit '68fd80ee1ca22c39b6ef4e6641b5b2e0d4d89a14': g2meet: allow size changes within original sizes Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-07-23 10:42:11 +02:00
Vittorio Giovara	68fd80ee1c	g2meet: allow size changes within original sizes	2014-07-15 20:10:21 -04:00
Michael Niedermayer	e064cce972	avcodec/hevc: Use av_malloc(z)_array() Signed-off-by: Michael Niedermayer <michaelni@gmx.at> (cherry picked from commit 7faa7d3d42af12a60a4db7ecba165369ec5795d7) Signed-off-by: Michael Niedermayer <michaelni@gmx.at>	2014-07-14 23:04:44 +02:00
Michael Niedermayer	5f1f1868b5	Merge commit '4ec1acc6e4f4d0bd28617bbb30ebfb779ce7df92' into release/2.2 * commit '4ec1acc6e4f4d0bd28617bbb30ebfb779ce7df92': avpacket: fix copying side data in av_packet_copy_props() Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-07-14 22:39:25 +02:00
Michael Niedermayer	ebf381168a	Merge commit '74f6df745a05d3d8b3dcfc28992c69a70ae87957' into release/2.2 * commit '74f6df745a05d3d8b3dcfc28992c69a70ae87957': jpeg2000: fix dereferencing invalid pointers during cleanup Conflicts: libavcodec/jpeg2000.c See: 09927f3eaa93e31dd90ab8ee66dc1ad867b3365f See: 912ce9dd2080c5837285a471d750fa311e09b555 See: 9e477a37703318cb86d8ed1d426929235aa02b67 Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-07-14 22:38:22 +02:00
Michael Niedermayer	0d90143972	Merge commit '46c477c2a14b04a63ab11d31003b48fab6146a96' into release/2.2 * commit '46c477c2a14b04a63ab11d31003b48fab6146a96': Check mp3 header before calling avpriv_mpegaudio_decode_header(). Conflicts: libavformat/mp3enc.c Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-07-14 22:26:06 +02:00
Michael Niedermayer	00049f193d	Merge commit 'fcbcc561e0fdc95a7dd48b92db53846726aec27e' into release/2.2 * commit 'fcbcc561e0fdc95a7dd48b92db53846726aec27e': Check if an mp3 header is using a reserved sample rate. Merged-by: Michael Niedermayer <michaelni@gmx.at>	2014-07-14 22:25:23 +02:00
Martin Storsjö	564c023eba	adpcm: Write the proper predictor in trellis mode in IMA QT The actual predictor value, set by the trellis code, never was written back into the variable that was written into the block header. This was accidentally removed in b304244b. This significantly improves the audio quality of the trellis case, which was plain broken since b304244b. Encoding IMA QT with trellis still actually gives a slightly worse quality than without trellis, since the trellis encoder doesn't use the exact same way of rounding as in adpcm_ima_qt_compress_sample and adpcm_ima_qt_expand_nibble. CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 0776e0ef6ba4160281ef3fabea43e670f3792b4a) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2014-06-26 12:59:00 +02:00
Martin Storsjö	771564945a	adpcm: Avoid reading out of bounds in the IMA QT trellis encoder This was broken in 095be4fb - samples+ch (for the previous non-planar case) equals &samples_p[ch][0]. The confusion probably stemmed from the IMA WAV case where it originally was &samples[avctx->channels + ch], which was correctly changed into &samples_p[ch][1]. CC: libav-stable@libav.org Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit 3d79d0c93e5b37a35b1b22d6c18699c233aad1ba) Signed-off-by: Luca Barbato <lu_zero@gentoo.org>	2014-06-26 12:58:46 +02:00

1 2 3 4 5 ...

27736 Commits