URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d2f5691e96d7a2075cf4b4da4b1bbcd872186ccb
Author: Dale Curtis <dalecur...@chromium.org>
Date: Thu May 14 15:31:55 2020 -0700
avformat/mov: Don't allow negative sample sizes.
Signed-off-by: Dale Curtis <dalecur...@chromium.org>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 2d8d554f15a7a27cfeca81467cc9341a86f784e2)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=558daf07e50a73228894bb2352753d706c376943
Author: Vitaly Buka <vitalybuka-at-google....@ffmpeg.org>
Date: Tue Apr 21 21:34:19 2020 -0700
mpeg4videoenc: Don't crash with -fsanitize=bounds
Also the patch makes this code consistent with mpeg4videodec.c
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit f163d30de2090a7275f1fb8ad69258576f12c1a2)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b0b8ce0002402b4f4c0a785b6d9380e1f786a5e0
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu May 7 12:38:26 2020 +0200
avformat/mpegts: Shuffle avio_seek
This avoids accessing an old, no longer valid buffer.
Fixes: out of array access
Fixes: crash_audio-2020
Found-by: le wu <shoulew...@gmail.com>
Reviewed-by: Marton Balint <c...@passwd.hu>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit cd74af14162c803f18e90bb12b52135e893d990c)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=36786f54e788cdfd24e11a45d8bd5690ec37e82a
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Apr 19 17:05:53 2020 +0200
avcodec/binkaudio: Fix 2Ghz sample_rate
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in
type 'int'
Fixes:
19950/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BINKAUDIO_DCT_fuzzer-5765514337189888
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Suggested-by: Paul
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit f603d10b1e6bb2fbf4dcccc43d3ea2fb911b36ba)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2f747b2d827612e1d4c071e6c7a1f7a748c8ef1d
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Wed Feb 12 21:30:08 2020 +0100
avcodec/adpcm: Fix integer overflow in ADPCM THP
The reference (thp.txt) uses floats so wrap around would seem incorrect.
Fixes: signed integer overflow: 1073741824 + 1073741824 cannot be
represented in type 'int'
Fixes:
20658/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_THP_fuzzer-5646302555930624
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit b12b05374f7025167e2c43449ceb8ba3f0a6083f)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8d08b70cbcc97f2ac88a81b3c562bbaf8b463836
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Mon May 11 22:17:43 2020 +0200
avcodec/ralf: Check num_blocks before use
Fixes: out of array access
Fixes:
20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5739471895265280
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit f0c0471075fe52ed31c46e038df4280aef5b67a1)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0ce43ac4cda410b6f212c955175aeb2fd544f471
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Mon May 11 21:18:58 2020 +0200
avcodec/iff: Test video_size being non zero
Fixes: Out of array access
Fixes:
20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5658548592967680
Fixes:
20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5723561177382912
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit a035fd88ae7341a05c01f3b393921933e4ea9665)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1cd90e80fe8b37a5918a34d7918a32b156a264ec
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun May 10 21:16:59 2020 +0200
avcodec/utvideodec: Fix integer overflow in decode_plane()
Fixes: signed integer overflow: 2147483594 + 142 cannot be represented in
type 'int'
Fixes:
20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_UTVIDEO_fuzzer-5658568101724160
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 876cfa67f37e944b0f42cb67b2de4e2e06f52e82)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=77753c67c44e188d51b0e707e289b9b9d27c0a74
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun May 10 21:12:22 2020 +0200
avcodec/ttadsp: Fix several integer overflows in tta_filter_process_c()
Fixes: signed integer overflow: 1931744255 + 252497024 cannot be
represented in type 'int'
Fixes:
20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TTA_fuzzer-5763348114440192
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 8627885172cc54db95f86529d134308d4d095054)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a6553d7db2083b2588c547124bcd32bbfb8e83e4
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun May 10 20:15:11 2020 +0200
avcodec/ralf: Fix integer overflow in decode_block()
Fixes: signed integer overflow: 289082077 - -2003141111 cannot be
represented in type 'int'
Fixes:
20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5196077752123392
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 0c4330847c104fcf3ef929c1acee33b5b34c20db)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=afbb6324c09acff3a691f951716d1456685686ab
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun May 10 19:09:47 2020 +0200
avcodec/nuv: widen buf_size type
Fixes: signed integer overflow: 65312 * 65312 cannot be represented in type
'int'
Fixes:
20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NUV_fuzzer-5740176118906880
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 1ac106bf5625de6aec31a34319298032e988f349)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ed96d963037359651a02617adf1b0b690b60008c
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun May 10 12:04:05 2020 +0200
avcodec/iff: Fix several integer overflows
Fixes: negation of -2147483648 cannot be represented in type 'int32_t' (aka
'int'); cast to an unsigned type to negate this value to itself
Fixes: signed integer overflow: -2147483648 - 1 cannot be represented in
type 'int32_t' (aka 'int')
Fixes:
20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5764066459254784
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 7a92147f87129851c1cc2c15f4ba714b8cf23f71)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=07388eee457e3a91c1944966ec6556de7bc296a3
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun May 10 11:34:53 2020 +0200
avcodec/g729postfilter: Clip gain before scaling with AGC_FAC1
The fixed point integer reference specifies the multiplication used
to have 16bit input and clips so we need to clip the input
The floating point implementation does not seem to do that.
Fixes: signed integer overflow: 6317568 * 410 cannot be represented in type
'int'
Fixes:
20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G729_fuzzer-5700189272932352
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 82d4c7b95ed98d38aa834ef5a8fb1d2ef3901698)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=95f0a6a171022d3ef594a0c3869e77d3091e3c5f
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun May 10 11:08:28 2020 +0200
avcodec/alac: Fix integer overflow with 24/20bps samples
Fixes: signed integer overflow: 1020048 * 4096 cannot be represented in
type 'int'
Fixes:
20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5753877751660544
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 22e51e95ac97864b3d7b21124eaf8fcce147f61e)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8f15c0e7675590fa92343a562d8f3907ab82383e
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu Feb 13 20:56:56 2020 +0100
avcodec/dstdec: Check sample rate
Fixes: out of array access
Fixes:
20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DST_fuzzer-5735812071424000
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 5727b1f13f36c4db30d5d0de51640f740edf01e8)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2cfb8f35cdb877c958398d65536eafaf39c23303
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Wed Apr 15 20:27:27 2020 +0200
avformat/thp: Require a video stream
The demuxer code assumes the existence of a video stream
Fixes: assertion failure
Fixes:
21512/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5699660783288320
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 97c78caf3e8f7ec4df3d3123b5e8d0e7541319e6)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=68eeca280325bbf047040ac70e449115e9ff20ef
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Apr 14 00:03:30 2020 +0200
avformat/mpeg: Decrease score by 1 for files with very little valid data
Fixes: 8233/PPY6574574605_cut.mp3
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 20f7b4dfc9640c910655bd153c6996e9edd42ff0)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7ab1351794263093bf05704796513cc9e731a433
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Apr 7 19:29:44 2020 +0200
avcodec/pngdec: Check length in fdAT
Fixes:
21089/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-5135981419429888
Fixes: out of array read
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 79e5c2ee2bbdf462cabd2113c723dfb613d735c2)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=65ae8c5a310b2717c7497675761151de87c9836e
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Apr 5 22:58:29 2020 +0200
avcodec/g2meet: Check tile_width in epic_jb_decode_tile()
Fixes: out of array access
Fixes:
21469/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5199357982015488
Alternatively the arrays can be made bigger or the index can be clipped.
In case a real file with such huge tiles exist we ask the user to upload it.
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 5501bb28ddfa6441dcbf8ea0a964a13aa33f66fe)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c8a767229944408b4b824f80b2e845d974fafd2a
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Mar 28 20:36:00 2020 +0100
avcodec/hapdec: Check tex_size more strictly and before using it
Fixes: OOM
Fixes:
20774/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5678608951803904
Fixes:
20956/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5713643025203200
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 81fe316ad9852a3dfe46b4dc919ed1709b217671)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=83f883cea734524ba0a2715bbeac27b86d8d27cd
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Feb 11 22:58:08 2020 +0100
avcodec/vp9dsp_template: Fix integer overflows in idct32_1d()
Fixes: signed integer overflow: -193177 * 11585 cannot be represented in
type 'int'
Fixes:
20557/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP9_fuzzer-5704852816789504
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit e16e3e63f0a96b4e0ec32972c975bc0e339a49d1)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c0cec459eb9a8c7061c874dd66e56435ad159439
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Apr 26 19:29:39 2020 +0200
avcodec/alacdsp: Fix invalid shift in append_extra_bits()
Fixes: left shift of negative value -1
Fixes:
21390/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-6242539519868928
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 49ae034b42234486712a02f9b00253a0975cea02)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e9e585fc2910b68d1736992488d0e2baaa702ae4
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Feb 9 18:09:24 2020 +0100
libavcodec/wmalosslessdec: prevent sum of positive numbers from becoming
negative
Fixes: left shift of negative value -8321365
Fixes:
20506/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-4798062906310656
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 62e4003780cad60ac1371fef892da08c27069964)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=595565aeba0781a051b9812c3f5fec368f28aa8f
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Feb 9 00:23:14 2020 +0100
avcodec/dstdec: Fix integer overflow in read_table()
Fixes: signed integer overflow: -16 * 134217879 cannot be represented in
type 'int'
Fixes:
20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DST_fuzzer-5639509530378240
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 2d465a401dd790e2ca126ecb9cbda43f898a492f)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5191ef4402b32db549e532a58ce70a4411f414a2
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Feb 18 23:14:16 2020 +0100
avcodec/txd: Check for input size against the header size.
Fixes: Timeout (21sec -> 80ms)
Fixes:
20673/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TXD_fuzzer-5177453863763968
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit aeb4e435847e0c970bcb1a835fe5eda17a4e1ce3)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=602caf11c2dc1f57ea699f01286e2914b89e3f0a
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Feb 18 23:28:33 2020 +0100
avcodec/svq1dec: Check that there is data left after the header
Fixes: Timeout (21sec -> 255ms)
Fixes:
20709/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SVQ1_fuzzer-5085075089915904
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 55e344ee5aa6f6e04e50bbac457e0ca53433ab75)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=726904b6d0a3353e726c06c8480351c83121bf9d
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Apr 5 00:11:15 2020 +0200
avcodec/cbs_h265_syntax_template: Check num_negative/positive_pics when
inter_ref_pic_set_prediction_flag is set
Fixes: out of array access
Fixes:
20446/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-5707770718584832
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 588114cea4ee434c9c61353ed91ffc817d2965f5)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=751e7f7882714809758143494097949142a93697
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu Feb 6 00:33:40 2020 +0100
avcodec/intrax8: Check for end of bitstream in ff_intrax8_decode_picture()
Fixes: Timeout (105sec -> 1sec)
Fixes:
20479/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-5769846937878528
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 0a9ccc2514da82812584b0e49a30625151d225e9)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1bc94e816bbeccd127b92e1f3c5a789d4a11c8cb
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Apr 19 18:24:55 2020 +0200
avcodec/hevc_mp4toannexb_bsf: Check nalu_size
Fixes: Timeout (29sec -> 5ms)
Fixes:
20237/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_MP4TOANNEXB_fuzzer-5165615044362240
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit ae2537f53e8ebfa36345241b5b70c0b1aef66dd2)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4d9462837c1d193ae325b065594bcc543761eb35
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Apr 21 00:03:40 2020 +0200
avcodec/iff: Check length before memcpy() in decode_deep_rle32()
Fixes: out of array read
Fixes:
20796/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5111364702175232.fuzz
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit b4a33387cb1cd3f4c5036e65e0fdd953c6b5012f)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=22fba2adee0b2fd0cf88a47a1c89535a54abd1b9
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Apr 21 00:03:39 2020 +0200
avcodec/iff: Fix invalid pointer intermediates in decode_deep_rle32()
Reviewed-by: Peter Ross <pr...@xvid.org>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit bc41a29a5aa3c3dedba0a85b4aeb79a07eeeb1b4)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0078687445b61d66182ed59573932f4ee721cbb0
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Apr 18 01:48:47 2020 +0200
avcodec/pngdec: Pass ret from decode_iccp_chunk()
Found while reviewing a patch fixing a similar issue
Reviewed-by: Anton Khirnov <an...@khirnov.net>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 4c7bcaa385e5e5fda0084de2fb823ac25c0deba0)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d6b070771e55c9cf274fcbd1bc3d04930427c3e4
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Feb 2 21:01:12 2020 +0100
avcodec/rv40dsp: Fix integer overflows in rv40_weight_func_*()
Fixes: signed integer overflow: 40550400 * 128 cannot be represented in
type 'int'
Fixes:
20331/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RV40_fuzzer-5676685725007872
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 13171ad2e304b2a7d959429527b98c68ec5ea320)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8777426938921b47117e86d7d541d83c7369d656
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Feb 1 21:25:33 2020 +0100
avcodec/ac3dec_fixed: Fix several invalid left shifts in scale_coefs()
Fixes: left shift of negative value -14336
Fixes:
20298/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AC3_FIXED_fuzzer-5675484201615360
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 8e30502abe62f741cfef1e7b75048ae86a99a50f)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fe91bb30e97aa21d37e6612110a8449653d964d1
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Mon Feb 3 23:20:23 2020 +0100
avcodec/flac_parser: Do not lose header count in find_headers_search()
Fixes: Timeout
Fixes: out of array access
Fixes:
20274/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLAC_fuzzer-5649631988154368
Fixes:
19275/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLAC_fuzzer-5757535722405888
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 55f9683cf6be97f4b398a7a35ee5bfd1208ac2a5)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f70d5d99ced390ae9e3f423104ff7205e7d0daef
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Feb 2 20:02:55 2020 +0100
avcodec/audiodsp: Fix integer overflow in scalarproduct_int16_c()
Fixes: signed integer overflow: 2145417478 + 76702564 cannot be represented
in type 'int'
Fixes:
20313/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RA_144_fuzzer-5734487724130304
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit abb5762e985f4ce34e97c1b2fa6d1108ce8a881f)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ed1c60d06bbecc54d85cad695fa83cb7ab2b7161
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Apr 12 22:06:10 2020 +0200
avcodec/cbs_jpeg_syntax_template: Check array index in huffman_table()
Fixes: index 224 out of bounds for type 'uint8_t [224]'
Fixes:
21534/clusterfuzz-testcase-minimized-ffmpeg_BSF_TRACE_HEADERS_fuzzer-6291612167831552
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 18f5256c0dc6cfb41e649ab80b0577ba33852d76)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=896790530757d1dcd32b22777e45ff23912f9df4
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Apr 12 21:38:55 2020 +0200
avcodec/cbs_jpeg_syntax_template: Check table index before use in dht()
Fixes: out of array access
Fixes:
21515/clusterfuzz-testcase-minimized-ffmpeg_BSF_TRACE_HEADERS_fuzzer-5766121576988672
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit d31862c2b1b1fd07dcdc503193056d6c9ad28ccb)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=33d17d1b539b408cdf9d5237c2f7924fd8a8b7d3
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Wed Apr 1 20:58:52 2020 +0200
avformat/oggdec: Check for EOF after page header
Fixes: Infinite loop
Fixes: Ticket8594
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit f1589be9fda00c417f9bcccb55dbbea998ee08ac)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=01628af26da4aff41053bb2c3e96bdf184ad661e
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu Apr 2 22:38:46 2020 +0200
swscale/yuv2rgb: Fix vertical dither offset with slices
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit be3c29e3795cb2499e3b96335286d6a8423c0bcf)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=85138be8e1926bcf0d3875ce207c897b5663cf7f
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu Apr 9 15:37:55 2020 +0200
avcodec/dpcm: clip exponent into supported range in XAN DPCM
Fixes: shift exponent 32 is too large for 32-bit type 'int'
Fixes:
21200/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XAN_DPCM_fuzzer-5754704894361600
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Anton Khirnov <an...@khirnov.net>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 20ade59d9633def4ebf84ec170f56367bfb6aa6c)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ddcbb66e0048cec0685ec8f92fdee4d7fd0e1533
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Feb 1 22:52:13 2020 +0100
avcodec/flacdsp_template: Fix invalid shifts in decorrelate
Fixes: left shift of negative value -2
Fixes:
20303/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLAC_fuzzer-5096829297623040
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 3935c891e96c0819439da43d1b862652bbbdf065)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=85b921c4dcf27046945c7c80cbab0986c1631ec8
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Fri Jan 31 23:43:57 2020 +0100
avcodec/xvididct: Fix integer overflow in MULT()
Fixes: signed integer overflow: 23170 * 95058 cannot be represented in type
'int'
Fixes:
20295/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5800212870463488
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 7ccb576191e91b393041b14917f1b681ec75ed3b)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=21be7407af6eea8229bb40540ff8daa6ff60879b
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Fri Jan 17 23:42:08 2020 +0100
avcodec/ffwavesynth: Correct undefined overflow of PINK_UNIT
Fixes: signed integer overflow: 9223372036854775775 + 128 cannot be
represented in type 'long'
Fixes:
20054/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5686385113825280
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 187161d62f35c8b613c4a6739b0a6dfa9a24da60)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=90a306ba97400765157c7301009064b9e6c3b2b9
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Mar 22 16:38:24 2020 +0100
avcodec/cbs_h264_syntax_template: fix off by 1 error with
slice_group_change_cycle
Fixes: assertion failure
Fixes:
20390/clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_REDUNDANT_PPS_fuzzer-5683400772157440
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 741565a1e69c45ce4848f01e45be5e66a68efa2f)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c3b5c1423ec29f9bf7a662b1e4243508b705a6b7
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Feb 16 20:11:52 2020 +0100
swscale/output: Fix integer overflow in yuv2rgb_write_full() with out of
range input
Fixes: signed integer overflow: 1169365504 + 981452800 cannot be
represented in type 'int'
Fixes: ticket8293
Found-by: Suhwan
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit e057e83a4ff4c0eeeb78dffe58e21af951c056b6)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=824c773263c7f749d815abc9948eac7a195a0514
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Feb 16 20:18:11 2020 +0100
swscale/output: Fix integer overflow in alpha computation in
yuv2gbrp16_full_X_c()
Fixes: signed integer overflow: 524280 * 4432 cannot be represented in type
'int'
Fixes: ticket8322
Found-by: Suhwan
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 49ba1879add99d3f64d70d34fb0255c8a49d4b28)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=83b2cc152d772d79141235233662b2080ec909c2
Author: John Rummell <jrumm...@chromium.org>
Date: Mon Mar 30 21:30:33 2020 -0700
libavformat/amr.c: Check return value from avio_read()
If the buffer doesn't contain enough bytes when reading a stream,
fail rather than continuing on with initialized data. Caught by
Chromium fuzzeras (crbug.com/1065731).
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 5b967f56b6d85f62446836fc8ef64d0dcfcbda17)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8c73f802768b5d2506510ba69c2eb63da890161f
Author: John Rummell <jrumm...@chromium.org>
Date: Mon Mar 30 14:08:01 2020 -0700
libavformat/mov.c: Free aes_decrypt to avoid leaking memory
Found by Chromium fuzzers (crbug.com/1057205).
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit ad91cf1f2f5793db5c6dd7ab9947fcc6d7832607)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=33bdb19d2378d16d70e8e3a473d16e1ad8906102
Author: John Rummell <jrumm...@chromium.org>
Date: Mon Mar 30 14:56:11 2020 -0700
libavformat/oggdec.c: Check return value from avio_read()
If the buffer doesn't contain enough bytes when reading a stream,
fail rather than continuing on with unitialized data. Caught by
Chromium fuzzers (crbug.com/1054229).
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit b7c67b1ae3657058b32b9235119d07529ad5cce1)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=52dbafe7b6d356a9d5ddad4fbf0ae09fd478175d
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Mar 15 17:26:51 2020 +0100
avformat/asfdec_f: Fix overflow check in get_tag()
Fixes: signed integer overflow: 2 * 1210064928 cannot be represented in
type 'int'
Fixes:
20873/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5761116909338624
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Anton Khirnov <an...@khirnov.net>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit c8140fe7324f264faacf7395b27e12531d1f13f7)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=69ff8871ff47d99ce6c9bc4cd34e12bfc560e5a2
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Wed Mar 18 20:20:44 2020 +0100
avformat/nsvdec: Fix memleaks on errors while reading the header
Fixes: memleaks
Fixes:
21084/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5655975492321280
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 96c04694550999cc214cae8c4a16d2d7ac0958bc)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cf64e8c5b16018ea640e1be0f5d35c9f6e51f9e8
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Mar 15 18:25:56 2020 +0100
avcodec/ffwavesynth: Fix integer overflow in computation of ddphi
Fixes: signed integer overflow: 1302123111085380114 - -8319005078741256972
cannot be represented in type 'long'
Fixes:
20991/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5148554161291264
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <geo...@nsup.org>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit c85bf1631823e9089e59a474d5c6c0efc708c507)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=838105153a579ff0cea0794afc0275c19c51d3a7
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Mar 7 15:42:58 2020 +0100
avcodec/cbs_jpeg: Check length for SOS
Fixes: out of array access
Fixes:
19734/clusterfuzz-testcase-minimized-ffmpeg_BSF_TRACE_HEADERS_fuzzer-5673507031875584
Fixes:
19353/clusterfuzz-testcase-minimized-ffmpeg_BSF_TRACE_HEADERS_fuzzer-5703944462663680
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 1812352d767ccf5431aa440123e2e260a4db2726)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=614fc179d61edef74b7b2487e8a95c631ce55cfe
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Mar 1 22:46:34 2020 +0100
avcodec/adpcm: Fix invalid shift in AV_CODEC_ID_ADPCM_PSX
Fixes: left shift of negative value -1
Fixes:
20859/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_PSX_fuzzer-5720391507247104
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 0a11ef68f0a85905e704e503b433f5aa645d59ac)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0eb38a9b841ef3e8a9584635587ea4ca839588df
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu Dec 5 22:35:03 2019 +0100
avcodec/mpeg12dec: Fix invalid shift in mpeg2_fast_decode_block_intra()
Fixes: left shift of negative value -695
Fixes:
19232/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-5702856963522560
Fixes:
19555/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-5741218147598336
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit c40df2166c7925fc81e1ef22563c2e32124cf1d6)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fe7f3e3d27854c96bfe7bd6c3afb46398bb93130
Author: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
Date: Mon Dec 9 23:26:03 2019 +0100
avcodec/cbs_h2645: Treat slices without data as invalid
Slices that end after their header (meaning slices after the header
without any data before the rbsp_stop_one_bit or possibly without any
rbsp_stop_one_bit at all) are invalid and are now dropped. This ensures
that one doesn't run into two asserts in cbs_h2645_write_slice_data().
Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
Fixes:
19629/clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_METADATA_fuzzer-5676822528524288
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 66fac1ff7ccbc4fb6a3aa6b9a95de7b6bc31d14e)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b10b63f24a27b466565e07dadd90c7816a8c6a33
Author: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
Date: Mon Dec 9 23:26:02 2019 +0100
avcodec/cbs_h2645: Remove dead code to delete trailing zeroes
Trailing zeroes are already discarded when splitting a fragment, which
makes the code to remove them when decomposing slices dead code.
Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 8f701932b39a6345f2a8bab85f48d555a98802e3)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5921562180b864b0623229352886ef51a510aecc
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Dec 14 18:43:24 2019 +0100
avcodec/cbs_av1_syntax_template: Set seen_frame_header only after
successfull uncompressed_header()
Fixes: assertion failure
Fixes:
19301/clusterfuzz-testcase-minimized-ffmpeg_BSF_AV1_FRAME_MERGE_fuzzer-5743212006473728
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit a2e4879432b9de6aa899b85aebbc0eb6a8b5f37f)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=10e9e8b811614317b13d35faa5dc967872daa086
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu Jan 23 12:41:41 2020 +0100
avcodec/mpegaudioenc_template: fix invalid shift of sample
Fixes: Ticket8010
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit a2c97a8342fab6393280cc2f0e2ffb39c381d29c)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a78fb50d1f6b702180f15ed599c43121a9753615
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu Jan 23 12:50:30 2020 +0100
avcodec/motion_est_template: Fix invalid shifts in no_sub_motion_search()
Fixes: Ticket8167
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit e13eee37ee3268b0a985ddc74a9bde0179bd553c)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1756a83aedd444ad58dce415ce6c0938ddf791ea
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Jan 26 22:19:48 2020 +0100
libavformat/avienc: Check bits per sample for PAL8
Fixes: assertion failure
Fixes: Ticket 8172
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 35958782819c00211e247332ab18fbf2f28267e1)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5946d0bafa41c43b3534254e9d6f90ad1e337da7
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Mon Jan 27 19:07:00 2020 +0100
avformat/mpegts: Improve the position determination for
avpriv_mpegts_parse_packet()
Fixes: assertion failure
Fixes: Ticket 8005
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit e5bb48ae5990347dff22fc38ff5a1c1f7f60a1c5)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c80bb322a8581fbee71620218c9c29e32da96f22
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Feb 22 00:42:30 2020 +0100
avcodec/magicyuv: Check that there are enough lines for interlacing to be
possible
Fixes: out of array access
Fixes:
20763/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MAGICYUV_fuzzer-5759562508664832
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit f8a0e9f9f71cf5650bdc250ff7475e0f7d8e8420)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=07ffedc01de88963f9273fa4f3662aba2d99dbed
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Feb 23 09:27:27 2020 +0100
avformat/mvdec: Check stream numbers
Fixes: null pointer dereference
Fixes:
20768/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5638648978735104.fuzz
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 618a9bea65112a27a106e02ada3ae475cc8ac1ac)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=85705482f2ed984019c701ff7f8a5c5ba00ee48a
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu Feb 20 22:26:18 2020 +0100
avcodec/pcm: Fix invalid shift in AV_CODEC_ID_PCM_LXF
Fixes: left shift of 233 by 24 places cannot be represented in type 'int'
Fixes:
20736/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PCM_LXF_fuzzer-4829212685107200
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 051d11f659455f38be7ce40e2dc9d03b082dcd4d)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f10514b5e66e1eb9845a0b4c26370cd706aa0c66
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Feb 18 22:58:12 2020 +0100
avcodec/qdm2: Check fft_coefs_index
Fixes: out of array access
Fixes:
20660/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QDM2_fuzzer-5658290216501248
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 9fc73bf022eb781eea7f685e2d2e9de4ba8898ca)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f5180c3b9bde59ed04dc963587ce2112cc0bed44
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Feb 15 23:23:55 2020 +0100
avformat/utils: Fix integer overflow with complex time bases in
avformat_find_stream_info()
Fixes: signed integer overflow: 2045163756 * 2 cannot be represented in
type 'int'
Fixes: Ticket5132
Found-by: tsmith
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit f3d8f517dbc42de8e2f97cc01bf5171bb05fbcc7)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c7df41ed6ba537c56a7eb90eb72f89d7496d34fc
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Feb 15 23:18:25 2020 +0100
avformat/avidec: Avoid integer overflow in NI switch check
Fixes: signed integer overflow: 0 - -9223372036854775808 cannot be
represented in type 'long'
Fixes: Ticket8149
Found-by: Suhwan
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 347920ca2102d762e4713f101a2e75811791e2b3)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=26e55785dda21a6399a915dcb43c3a942187e7e1
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Feb 15 22:56:18 2020 +0100
fftools/ffmpeg: Fix integer overflow in duration computation in
seek_to_start()
Fixes: signed integer overflow: -9223372036854775808 - 9223372036854775807
cannot be represented in type 'long'
Fixes: Ticket8142
Found-by: Suhwan
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 4f4ad33d96a01d82edf56d58599017cb0ae5bfa8)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0a565190a7bf9db3141d0f4b60c767b5e63442d2
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Feb 15 22:35:37 2020 +0100
avfilter/vf_aspect: Fix integer overflow in compute_dar()
Fixes: signed integer overflow: 1562273630 * 17 cannot be represented in
type 'int'
Fixes: Ticket8323
Found-by: Suhwan
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 0c0ca0f244b823238e5a4f5584168e620da84899)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3e88c3266926d8c28ca14f9422956bc5dacb34f2
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Feb 11 23:56:45 2020 +0100
avcodec/apedec: Fix invalid shift with 24 bps
Fixes: left shift of negative value -463
Fixes:
20542/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5688714435231744
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 8e278672294f28a3feaba0a38460afd51f0fadda)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9a6d41e9791da9e836086c0dd220ab4f5ec9d8c6
Author: Dale Curtis <dalecur...@chromium.org>
Date: Tue Jan 28 16:49:14 2020 -0800
avformat/utils: Fix undefined behavior in ff_configure_buffers_for_index()
When e2_pts == INT64_MIN and e1_pts >= 0 the calculation of
e2_pts - e1_pts will overflow an int64_t.
Signed-off-by: Dale Curtis <dalecur...@chromium.org>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit f15007afa90a3eb3639848d9702c1cc3ac3e896b)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3919ee03ddcb52fbd4a5b0c205ec6ee8b7736625
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Wed Jan 22 23:11:47 2020 +0100
avcodec/dpcm: Fix integer overflow in AV_CODEC_ID_GREMLIN_DPCM
Fixes: signed integer overflow: -2147479324 + -32568 cannot be represented
in type 'int'
Fixes:
20103/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GREMLIN_DPCM_fuzzer-5667667579240448
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit b1aecad9eae900b9c3054392994d150d5ae572c5)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1016074532cad374f0bfce641c9173bd4a814a66
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Jan 18 19:55:23 2020 +0100
avcodec/wmalosslessdec: Fix integer overflow with sliding in padding bits
Fixes: signed integer overflow: -53716100 * 256 cannot be represented in
type 'int'
Fixes:
20143/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5716604000403456
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit b8a0be93528187721a2414f66abbc252a258afa3)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=df317ec215f9f5d9d65ee33577cdfff3eca4bb17
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Jan 18 19:28:36 2020 +0100
avcodec/wmalosslessdec: Fix loop in revert_acfilter()
Fixes: out of array read
Fixes:
20059/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5691776237305856
No testcase except the fuzzed one.
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 5584c0bb945d6010a9d8c22ef3270792022e1761)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6a4b26eaf66d98860b4c5fda6b56feba7faf4a56
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Fri Jan 10 21:30:38 2020 +0100
avcodec/agm: YUV420 without DCT needs even dimensions
Fixes: out of array access
Fixes:
19892/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AGM_fuzzer-5707525924323328
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit a98eeb0c1e867238905ed095b48184f706adf328)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e6567ca7dc0901811c1925a50db9132b577270a9
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Feb 8 21:17:01 2020 +0100
avcodec/agm: Test remaining data in decode_raw_intra_rgb()
Fixes: Timeout (270sec -> 25ms)
Fixes:
20485/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AGM_fuzzer-5636954207289344
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 5c151e1491dd609ac5c8a8fbea42f21178a682db)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=10d70a65d1927c8f14864ae7a789a6cb02e31315
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Jan 28 20:12:25 2020 +0100
avcodec/lagarith: Sanity check scale
A value of 24 and above can collaps the range to 0 which would not work.
Fixes: Timeout (75sec -> 21sec)
Fixes:
18707/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LAGARITH_fuzzer-5708950892969984
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit fb3855342b9e4c577c63b38a7a5a574830a21934)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6c35049858878dff279a9501918bb12077d09a80
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Jan 28 18:35:43 2020 +0100
avcodec/apedec: Fix integer overflows in predictor_decode_mono_3950()
Fixes: signed integer overflow: -2147407150 + -1871606 cannot be
represented in type 'int'
Fixes:
18702/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5679095417667584
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit eb64a5c6f94981e4a68ad65a6e445557e11c08fc)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=792d4dc128cc57138e7b824980b98dcc45a5a2bc
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Dec 8 13:48:45 2019 +0100
avcodec/ralf: Fix integer overflow in apply_lpc()
Fixes: signed integer overflow: 2147482897 + 2048 cannot be represented in
type 'int'
Fixes:
19240/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5743240326414336
Fixes:
19869/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5150136636538880
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit fd313d8cf8368918882b6de0880e44ae25cc7394)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=40d5c0c63baeab94f991bed9e65dbb7fdee52872
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Jan 4 23:01:12 2020 +0100
avcodec/dca_lbr: Fix some error codes and error passing
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit bfea054a75f17d140f2f171056a801c4c89f6d26)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0cfd3d6dd6afe5b6db35f4bba93d3de3b400c046
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Dec 14 15:27:44 2019 +0100
avcodec/wmavoice: Fix rounding and integer anomalies in
calc_input_response()
Fixes: out of array access
Fixes: inf is outside the range of representable values of type 'int'
Fixes: signed integer overflow: -9223372036854775808 - 1 cannot be
represented in type 'long'
Fixes:
19316/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-5677369365102592
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 38d37584448731f90977132b838d50ff1a28811b)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=06df6bfdb423f78637d795125eb2e0c39cf08b00
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Dec 21 22:27:37 2019 +0100
avcodec/wmavoice: sanity check block_align
This limit is roughly based on the bitreader limit, its likely a much
tighter limit
could be used
Fixes: left shift of 1965039647 by 1 places cannot be represented in type
'int'
Fixes:
19545/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-5695391899320320
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 6847e22c8c85b80bf1d25ec66f77f7ccbcf43aed)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=38a05c972215b35f95cc063dcdcca16ab0c98e16
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Wed Dec 18 00:07:50 2019 +0100
avcodec/pcm: Fix invalid shift in pcm_decode_frame for LXF
Fixes: left shift of 32 by 28 places cannot be represented in type 'int'
Fixes:
19472/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PCM_LXF_fuzzer-5704364320096256
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 985d3666f672781152f4b68093740ea6a9888194)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b24779ffef0392b0fe0af981bea8443a2f413a5e
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Jan 19 21:51:11 2020 +0100
avcodec/snappy: Sanity check bytestream2_get_levarint()
Fixes: left shift of 79 by 28 places cannot be represented in type 'int'
Fixes:
20202/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5719004081815552
Fixes:
20219/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5641738677125120
Fixes:
20389/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5680721517871104
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit be54da2117a6f58c14283f2511e71fda8d3bfe9d)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2517ab2fa37f8faa8a1b71e4b2d35655fcc63343
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Feb 1 23:25:42 2020 +0100
avcodec/mlpdsp: Fix a invalid shift in ff_mlp_rematrix_channel()
Fixes: left shift of negative value -2
Fixes:
20305/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEHD_fuzzer-5677196618498048
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Jai Luthra <m...@jailuthra.in>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit fcc9f13717c8c3fe08ca5caf957c39e76ea35e4f)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ebbce3fa18c97aaa60da6b08eec51ea7dd720633
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Mon Jan 27 21:54:22 2020 +0100
avcodec/avdct: Clear IDCTDSPContext context
Fixes use of uninitialized variable and segfault
Reviewed-by: Paul B Mahol <one...@gmail.com>
Reviewed-by: James Almer <jamr...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit b82825eba837f7cbb24c1d66e93285d029307417)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bbd445320a8adbbd2f6f90542d75cda4bca821ea
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu Jan 30 22:04:06 2020 +0100
avcodec/x86/diracdsp: Fix high bits on Windows x86_64
Found-by: james
(cherry picked from commit 24af459d1e568fd134476f305f4fba23bf2c386a)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bc92c163f0922724a86995b09df60ad92dbe4044
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Mon Jan 6 13:43:10 2020 +0100
tests/fate/lavf-video.mak: fix fate-lavf-gif dependencies
The gif test should depend on gif not fits
Regression since: ac4b5d86222006fa71ffe5922e1a34f1422507d8
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 24a5e873b3dce4eaa19159183bc3a029b9dd953d)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=913f64e92302ece2874c5368171d0cc32b9f6d0a
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Jan 11 12:09:08 2020 +0100
avformat/mov: Check STCO location
Fixes: bypassing of checks and assertion failure
Fixes: asan_1003879.mp4
Found-by: Clusterfuzz + asan
Reported-by: Thomas Guilbert <tguilb...@google.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 1cd41840208bce7e690a4ccc48077567418a0aa8)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0724e514dc161cbbc05661477090e50f8b4e44fb
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu Jan 9 02:06:36 2020 +0100
avcodec/wmalosslessdec: Fix multiple integer overflows
Fixes: left shift of 3329 by 20 places cannot be represented in type 'int'
Fixes: signed integer overflow: -199378355 + -1948950833 cannot be
represented in type 'int'
Fixes:
19837/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5752565837070336
Fixes:
19839/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5767483265122304
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 422202516cfb6239abb4e20db9f628f3899a76e2)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c19a204706546def36b1cc3dd7bfea112b72db40
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Dec 7 20:55:16 2019 +0100
avcodec/apedec: Fix undefined integer overflow in decode_array_0000()
Fixes: signed integer overflow: -2143289344 - 6246400 cannot be represented
in type 'int'
Fixes:
19239/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5173755680915456
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit a3655bb02c21e70573335e9396632f64b2589536)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2df0ae557db9fe75256b018232931a7acaa768a9
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Wed Jan 1 20:43:05 2020 +0100
avcodec/smacker: Check space before decoding type
Fixes: Timeout (232sec -> 280ms)
Fixes:
19682/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKER_fuzzer-5654129649385472
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 6f5c18da5977a3214e1ea30e6b0c0d9d858ce83d)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7249a04d45be10d416f5d26ef0ac56a6831e6a82
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Wed Jan 1 22:32:04 2020 +0100
avcodec/rawdec: Use linesize in b64a
Fixes: out of array access
Fixes:
19750/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RAWVIDEO_fuzzer-5074834119983104
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 2b5b9d5dac9a3525d7330662724c0e9045078bfb)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=09b2cb7181535a4b3b456cd84c198b17d0ae334a
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Fri Jan 3 23:24:15 2020 +0100
avcodec/iff: Over-allocate ham_palbuf for HAM6 IFF-PBM
IFF-PBM-HAM6 can read out of array without this overallocation
Fixes: Out of array read
Fixes:
19752/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5675331403120640
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 8652f4e7a15e56fadf9697188c1ed42c9981db82)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ff668b1ff842b23fa42795f20618f959dbcf59b2
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Wed Jan 29 22:11:45 2020 +0100
avcodec/x86/diracdsp: Fix incorrect src addressing in dequant_subband_32()
Fixes: Segfault (not reproducable with asm, which made this hard to debug)
Fixes: decoding errors
Fixes:
19854/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5729372837511168
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 0694b60b7b4892eac1d6e2aca64de9e0cb096486)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9f32da1fa9230894bfec65165bf3ee03ebe481f2
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Jan 26 20:45:07 2020 +0100
avfilter/vf_find_rect: Remove assert
A score of 0 is possible
Fixes: Ticket8500
Reviewed-by: Paul B Mahol <one...@gmail.com>
Reviewed-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit dfc471488675aa257183745502d0074055db3bd2)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b6e947744910145a8ebc6167867653aa60c0efe9
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Jan 26 20:45:06 2020 +0100
avfilter/vf_find_rect: Increase worst case score
score could be 1.0 which lead to uninitialized values
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 6ff2474e02200dce7abdea3fd211fcaf49691c2c)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9430ad3e21fa94d12c8c73f1fa19fe8da0861625
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Jan 21 22:52:19 2020 +0100
swscale/input: Fix several invalid shifts related to rgb2yuv constants
Fixes: Invalid shifts
Fixes: #8140
Fixes: #8146
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit d48e510124d0fea24e2ec27271687c92e4428a18)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ea7a818c9529b24ff39baadae5658fc91b8354fc
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Jan 21 22:52:19 2020 +0100
swscale/output: Fix several invalid shifts in yuv2rgb_full_1_c_template()
Fixes: Invalid shifts
Fixes: #8320
Reviewed-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 7b7f97532b2ac8836d8d8e3c71dd026e35ae1ca7)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8a9c9711cf0d0bd7b0335ce2a5160c3d3eb9b5a4
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Tue Jan 21 22:52:19 2020 +0100
swscale/swscale: Fix several invalid shifts related to vChrDrop
Fixes: Invalid shifts
Fixes: #8166
Fixes: filter-crop_scale_vflip FATE-test
Reviewed-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit a6ca22c11834c0ff075592e3f051d41068c407db)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0e517ef4598b89691d8f3afed5d4441d4c17fa57
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Fri Dec 13 00:50:21 2019 +0100
avcodec/hevc_mp4toannexb_bsf: check that nalu size doesnt overflow
Fixes: Out of array access
Fixes:
19299/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_MP4TOANNEXB_fuzzer-5169193398042624
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit a8ceb2a72fa1bef4ab5f1ec6cdc7ce74fffda19d)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8d89e97e26fe2030e117f7ece939d13ac4cf0bd8
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Fri Dec 13 00:38:29 2019 +0100
avcodec/hevc_mp4toannexb_bsf: Avoid NULL memcpy()
Fixes: invalid memcpy use
Fixes:
19299/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_MP4TOANNEXB_fuzzer-5169193398042624
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 1e23b5a706cd378ed07a200dfee656b38504f165)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1c2b1c0428654a5f4a215fbaa955d341b8da7f71
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Thu Dec 12 23:50:27 2019 +0100
avcodec/cbs_av1: Check leb128 values read
"It is a requirement of bitstream conformance that the value returned from
the leb128 parsing process is less than or equal
to (1 << 32) - 1."
Fixes: assertion failure
Fixes:
19293/clusterfuzz-testcase-minimized-ffmpeg_BSF_TRACE_HEADERS_fuzzer-5749508361420800
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit a70d8363648fdd380df7f2ed39eaccf08d406e6a)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cc7760b0095386dd944344e906fd8f2efb848f4e
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Wed Jan 15 00:32:55 2020 +0100
avcodec/wmalosslessdec: move channel check up
Fixes: out of array access
Fixes: 2nd part of
18429/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-6210814364614656
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 891bcc4acc93e0c5a75ab7a9da668df84a0edba7)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2ac4b4fde507e60e4232d2cf3a8d1bf977186220
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Wed Dec 11 19:19:49 2019 +0100
avcodec/cbs_h2645: Skip all 0 NAL units
Fixes: assertion failure
Fixes:
19286/clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_REDUNDANT_PPS_fuzzer-5707990724509696
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 285138ef14327ec71f356e3a923c4adde0874dc6)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a641bd4ad76777255ddce40a13f604f9996d9645
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Dec 7 00:14:16 2019 +0100
avcodec/adpcm: Fix overflow in FFABS() IMA_EA_EACS
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to
an unsigned type to negate this value to itself
Fixes:
19235/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_EA_EACS_fuzzer-5680878952382464
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 794352ae9d1cb32b4b9e45d3affb83763f4ee12e)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7e0c15c3ec6fcaa5794d158fcc51b1478aefdeab
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Dec 7 20:42:54 2019 +0100
avcodec/alac: Fix integer overflow in LPC coefficient adaption
Fixes: signed integer overflow: 267693597 * 10 cannot be represented in
type 'int'
Fixes:
19237/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5755407700328448
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 6a865cec5e7584ef476f394fc55c1fc91cec1a14)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b46b2e52b8f9f9bf09f940bfc8610e7b81c20f98
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Dec 7 20:38:13 2019 +0100
avcodec/g729postfilter: Optimize out overflowing multiplication from
apply_tilt_comp()
Fixes: signed integer overflow: -1114392282 * 2 cannot be represented in
type 'int'
Fixes:
19236/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G729_fuzzer-5741678938030080
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit c0bd5fa43d193aa389bea7c5176b2fe23f6eeddd)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=26e88eb02f945001deba17f22e3fb8697a04d71f
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Dec 8 20:18:07 2019 +0100
avcodec/vc1dec: Check field_mode for sprites
Fixes: Out of array read
Fixes:
19263/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5389219325542400
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 32fb9198360402941e49aa878b9d33737b654f62)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9b97acef2217c86acd5ebb8daa68de616535f42e
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sun Dec 8 19:37:46 2019 +0100
avcodec/vc1dec: Limit bits by the actual bitstream size
Fixes: Timeout (350 ->19sec)
Fixes:
19249/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-6566896438870016
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit c56a52a82c0a4039e606e82b948a8abfe417f35f)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ec8c556db8378c7c9a629dcb4f61284cae234dd8
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Mon Jan 6 01:38:21 2020 +0100
avcodec/vmdaudio: Check block_align more
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in
type 'int'
Fixes:
19788/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VMDAUDIO_fuzzer-5743379690553344
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit 06f6857b54a7fbbd087b0803f75bed44abed50d9)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=dc33a53c2eab0c5b046e313bb487a12c85fc4e46
Author: Gyan Doshi <ffm...@gyani.pro>
Date: Wed Jan 1 12:14:30 2020 +0530
configure: bump year
(cherry picked from commit 7b58702cbdce097f32f62c87cd537ab28c04ffb2)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
URL:
http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f1d84ff4cb171dbf5e748c3d7b3cb491c8f7f049
Author: Michael Niedermayer <mich...@niedermayer.cc>
Date: Sat Jan 4 21:58:28 2020 +0100
avcodec/pgssubdec: Free subtitle on error
Fixes: Assertion failure
Fixes:
19753/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGSSUB_fuzzer-5688461843759104
Found-by: continuous fuzzing process
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <one...@gmail.com>
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
(cherry picked from commit b0a718923bb4a75b0c1cbf283fb17a319b840346)
Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
_______________________________________________
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
To unsubscribe, visit link above, or email
ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".
