URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=df61b59fe2a2943b0a144ece76b35bf5363e37d2 Author: Andreas Rheinhardt <andreas.rheinha...@gmail.com> Date: Wed Sep 23 20:20:12 2020 +0200
avcodec/diracdsp: Remove unused variable Forgotten in ca3c6c981aa5b0af8a5576020b79fdd3cdf9ae9e. Reviewed-by: Paul B Mahol <one...@gmail.com> Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com> (cherry picked from commit 310d4062e7639217d717e447426343366775ac30) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=85993ceae3738c672b95e4414b202dbc34c19023 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Wed Aug 28 19:07:23 2019 +0200 avformat/hcom: Tell the compiler about set but not read variables This avoids 3 warnings Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cf1bc6898c02032b8bd5ef1e1215ac128cb2cdee Author: Carl Eugen Hoyos <ceffm...@gmail.com> Date: Tue Aug 13 12:42:27 2019 +0200 lavf/chromaprint: Silence compilation warnings Fixes the following warnings: libavformat/chromaprint.c:117:42: warning: passing argument 2 of ‘chromaprint_feed’ from incompatible pointer type libavformat/chromaprint.c:132:52: warning: passing argument 2 of ‘chromaprint_get_raw_fingerprint’ from incompatible pointer type libavformat/chromaprint.c:143:71: warning: passing argument 4 of ‘chromaprint_encode_fingerprint’ from incompatible pointer type URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9dab6f69a429e8c479e40b56b8d89a4ffab96696 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 23:27:34 2024 +0200 avutil/slicethread: Check pthread_*_init() for failure Fixes: CID1604383 Unchecked return value Fixes: CID1604439 Unchecked return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 23851c9ee0f231122c58955e795e17cfe8ca5d98) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=787e8cfafe74e3df905b0db2fef025bc38c8f5d2 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 23:04:42 2024 +0200 avutil/frame: Check log2_crop_align Fixes: CID1604586 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 15540b3d28676d5e797764a04f6681dcd01736f8) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=15b5b0e45544d1930c524e603a2b87deb4b80d67 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 22:55:31 2024 +0200 avutil/buffer: Check ff_mutex_init() for failure Fixes: CID1604487 Unchecked return value Fixes: CID1604494 Unchecked return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 82f5b20ff5be4fccbf42f4b90f155db0076c0462) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7d53bbe195c2ef1e7e5abf76b4e24b048339c364 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 22:37:54 2024 +0200 avformat/xmv: Check this_packet_size Fixes: CID1604489 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 696685df0ccf437083d15f40358a6ec86f5748ac) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b22859bd001662e65dc1b692c28f00b93c70470c Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 21:53:58 2024 +0200 avformat/ty: rec_size seems to only need 32bit May help CID1604560 Overflowed integer argument Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit be30913538d4be9a50672ceb683f8745d8aa75a9) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ec4e9633182f48eefb46094e577749fd8f5951b3 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 21:05:20 2024 +0200 avformat/tty: Check avio_size() Fixes: CID1220824 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 41745e550a0274571bd9fbfb12b36ff1743d4e9c) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cedd68972dbab9be9ff335cb359519e88029c006 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 20:58:21 2024 +0200 avformat/siff: Basic pkt_size check Fixes: half of CID1258461 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 124a97dd8b7636fb52e042b2e85a44cce40ab5e7) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fd8b766daf8eb1d8486927f1d1a4c48bae1cf8a1 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 20:49:08 2024 +0200 avformat/sauce: Check avio_size() for failure Fixes: CID1604592 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 759aae590c0298414db4d2925a33b084d7f9e7f9) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cde55124dff54ce2ebc7e6a4e6eb287ffed3a234 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 20:44:45 2024 +0200 avformat/sapdec: Check ffurl_get_file_handle() for error Fixes: CID1604506 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 3e305a0e703843765d4dd7042092c3a38c0f97af) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bc559f233ca725fb86b7f1930db9df207def0bd9 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 20:29:10 2024 +0200 avformat/nsvdec: Check asize for PCM Fixes: CID1604527 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit e83e24650489e63f6b31e8c72a973db6367947b9) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=16ab4d1280d1f42e09a7ef93896778051bd27ff0 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 20:20:53 2024 +0200 avformat/mp3dec: Check header_filesize Fixes: CID1608714 Division or modulo by float zero Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit cea4dbc903eaf8cb7a4ea53b281deff495ff8fa0) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0522da9af445ac34bc67c2a1e3ec1feb3bff9614 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 20:17:00 2024 +0200 avformat/mp3dec; Check for avio_size() failure Fixes: CID1608710 Improper use of negative value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit bb936a1a720856a51c48bf907475daa8065920c9) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0562ec0f9a403352f8a15d8ccc81628c084ef506 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 20:03:45 2024 +0200 avformat/mov: Use 64bit for str_size We assign a 64bit variable to it before checking Fixes: CID1604544 Overflowed integer argument Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 046d069552f5c2824f36fcf95d409670208dc94b) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cda69b543830da22cacd946c54ed7735ce81a5f1 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 19:29:14 2024 +0200 avformat/mm: Check length Fixes: CID1220824 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 139bf412464e62a83984cd49093936dcaa7a0865) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b7937a478e2d84e2f101faeed5142b11e829bd79 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 18:40:46 2024 +0200 avformat/hnm: Check *chunk_size Fixes: CID1604419 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 291356f58b8a1af491c692a89e6c4e70e9496f9d) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=17fdfb231eabfabb62a85c28879040515f5fd15c Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jul 11 17:38:08 2024 +0200 avformat/asfdec_o: Check size of index object We subtract 24 so it must be at least 24 Fixes: CID1604482 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 891bc070f0294e564a02f9a71f6591b6a62c90cc) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=94cc79e6f495d6d6ba5ff98db6fa169b553bf4ff Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Jul 8 01:33:11 2024 +0200 avfilter/vf_lut3d: Check av_scanf() Fixes: CID1604398 Unchecked return value Fixes: CID1604542 Unchecked return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit ace2e25720b8a26906b15aab7eebbac860bb7bf0) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=82953b7570389f8992d421dc2d33dd50853a6d3a Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Tue Jul 16 23:44:04 2024 +0200 swscale/output: Fix integer overflows in yuv2rgba64_X_c_template Fixes: signed integer overflow: -1082982400 + -1068681048 cannot be represented in type 'int' Fixes: 69995/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-6285740271534080 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit bcab9789ef750670277956e79736bca442aec2ff) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4e68dd522edf19a2b88d3ee0295e96f3f8a2217d Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Tue Jul 16 21:31:21 2024 +0200 avformat/mxfdec: Reorder elements of expression in bisect loop Fixes: signed integer overflow: 9223372036854775807 - -1 cannot be represented in type 'long' Fixes: 68578/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6032171648221184 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit d8d288479d3431d65318d957aab710b13714fc05) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b230ab82872ff9a3049c993553fa9e7e447c0a7c Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Wed Jun 19 23:55:01 2024 +0200 avcodec/utvideoenc: Use unsigned shift to build flags Fixes: left shift of 255 by 24 places cannot be represented in type 'int' Fixes: 69083/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_UTVIDEO_fuzzer-5608202363273216 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 69e90491f15d8eef643f8dfd1b75805829496678) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b1e529b1ada8a73acc841569ef06973801d7c28d Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Jun 17 22:43:22 2024 +0200 avcodec/vc2enc: Fix overflows with storing large values Fixes: left shift of 1431634944 by 2 places cannot be represented in type 'int' Fixes: left shift of 1073741824 by 1 places cannot be represented in type 'int' Fixes: 69061/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC2_fuzzer-6325700826038272 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit af9935835335cae1ae5a4ec7fc14c1b5e25c1f2d) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8dfbe9602eed2b24b4f04487b11477533127ea00 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jun 20 00:44:08 2024 +0200 avcodec/mpegvideo_enc: Do not duplicate pictures on shifting Fixes: out of array access Fixes: 69098/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG2VIDEO_fuzzer-6107989688778752 Fixes: 69599/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-4848626296225792.fuzz Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 9c8881cb3534b257d6e6539f563006599cd96b48) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f7223b68b98173f29923b20c38fbd9007d8e7c72 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu Jun 13 00:22:10 2024 +0200 avfilter/vf_bm3d: Dont round MSE2SSE to an integer Fixes: CID1439581 Result is not floating-point Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit ec18ec9fc1080c37a02f3709afda5c4b08d4ea89) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5d303460fda16b9fa01f0a53c9eb274df9199300 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon May 27 01:52:24 2024 +0200 avdevice/dshow: Check device_filter_unique_name before use Fixes: CID1591931 Explicit null dereferenced Sponsored-by: Sovereign Tech Fund Reviewed-by: Roger Pack <rogerdp...@gmail.com> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 175c19166824bd93b02f60c5178365014212366e) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=942581505ed6250bbe8289830ece94ddb44da72b Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon May 27 01:34:48 2024 +0200 avdevice/dshow_filter: Use wcscpy_s() Fixes: CID1591929 Copy into fixed size buffer Sponsored-by: Sovereign Tech Fund Reviewed-by: Roger Pack <rogerdp...@gmail.com> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit daf61dddc8e27424c320d5c3abe3e0c5182cd5c0) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a6f438d1ca39c18ffeb9db6f1050a92ba36fca7c Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun May 5 01:51:59 2024 +0200 avcodec/flac_parser: Assert that we do not overrun the link_penalty array Helps: CID1454676 Out-of-bounds read Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 9af348bd1aa41ea10d6719c56ed2b4eda97642f3) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=96a702950337ce17a618675804680ef5120d3f62 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jul 5 02:21:56 2024 +0200 avcodec/pixlet: Simplify pfx computation Found by reviewing code related to CID1604365 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 0474614e6cf8edcd0077b95772c29fae894a7db9) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=027e1b567f6f499c4d4b1636caddc2e18c09cfca Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jul 5 02:21:55 2024 +0200 avcodec/motion_est: Fix score squaring overflow Fixes: CID1604552 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit f18b442370d714b930e3e983c2e5d789229f3356) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=deb5899fd15f170d83f6fb4c53cf21bddd77b8d9 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jul 5 02:21:52 2024 +0200 avcodec/loco: Check loco_get_rice() for failure Fixes: CID1604495 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit d55327684349b4db5d5905eefaa7d2aec597908d) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1a0f4df41bb4c68ba997b2dc6144e3bad4d5be85 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jul 5 02:21:51 2024 +0200 avcodec/loco: check get_ur_golomb_jpegls() for failure Fixes: CID1604400 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit b9899866418cb3bd930846271470e3096917f5f6) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a08d5d9c208c1acac1a4da1a1f7adb12a70bb918 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jul 5 02:21:49 2024 +0200 avcodec/imm4: check cbphi for error Fixes: CID1604356 Overflowed constant Fixes: CID1604573 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 6e4c037833c3ca0e0bd3e348701c4c0dc58bed91) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f6d8f260dab3333e5b55f271b5f07099542fb426 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jul 5 02:21:48 2024 +0200 avcodec/iff: Use signed count This is more a style fix than a bugfix (CID1604392 Overflowed constant) Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit cfe66dfebb8a1e1394bcf834b6cc785f280ccecf) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=67f5cefa71979fa8245613f7e5df6ff9928fd123 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jul 5 02:21:46 2024 +0200 avcodec/golomb: Assert that k is in the supported range for get_ur/sr_golomb() Found by code review related to CID1604563 Overflowed return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit b2aaeb81f65aaa61238d74a77034b118055340d3) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b4980eb3a8702dfacf17bb0ca0d04bcb603230e0 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jul 5 02:21:45 2024 +0200 avcodec/golomb: Document return for get_ur_golomb_jpegls() and get_sr_golomb_flac() Found while reviewing code related to CID1604409 Overflowed return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 7cf5b83f6fa367f99aefc1321bafc0a7e8db33cd) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d7b0f161f8c864532413bd0dc546879829a5a1ac Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jul 5 02:21:44 2024 +0200 avcodec/dxv: Fix type in get_opcodes() Found by code review related to CID1604386 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit e5af1c6e91e86b184101ef2abb49178ff409703b) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=970435d98219ca6cf519356d1a1064b26a74ae4e Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jul 5 02:21:42 2024 +0200 avcodec/xsubdec: Check parse_timecode() Fixes: CID1604490 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 96fd9417e250540f228d1ad5b43a77c120208eba) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ff190b57fd74379c655f943434d82506c5e2e6bb Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Wed Jul 10 17:49:56 2024 +0200 avutil/imgutils: av_image_check_size2() ensure width and height fit in 32bit width and height > 32bit is not supported and its easier to check in a central place Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit ba63e329572b74207045fd82c93fcc0fa0479bc4) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5a092a2c7995431c0308465e45a50b982d46d855 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Tue Jun 18 15:48:26 2024 +0200 avcodec/proresenc_kostya: use unsigned alpha for rotation Fixes: left shift of negative value -208 Fixes: 69073/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_KS_fuzzer-4745020002336768 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 93e0265e27e6dd567812a8661988109421c5447a) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a7212731933751366f8f700cba3a51c15f711e23 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jun 7 23:05:47 2024 +0200 avformat/rtmppkt: Simplify and deobfuscate amf_tag_skip() slightly Found while reviewing: CID1530313 Untrusted loop bound Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit cedbef03946625bc0f7f96e9f77ad59c512b9900) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=99d609a44e278f9c412ec30b3fdb3438c3787d4a Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jun 7 21:57:40 2024 +0200 avformat/rmdec: use 64bit for audio_framesize checks It is not entirely clear what would prevent such overflow so even if it is not possible, it is better to use 64bit Fixes: CID1491898 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 665be4fa2f47910bf85a6f17b6cac9dabc6591f0) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9f223bdd89779a8d961e71d8b5d44bae4eba22d3 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Jun 9 17:47:43 2024 +0200 avutil/hwcontext_d3d11va: correct sizeof IDirect3DSurface9 Fixes: CID1591944 Wrong sizeof argument Sponsored-by: Sovereign Tech Fund Reviewed-by: Steve Lhomme <rob...@ycbcr.xyz> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 628ba061c8d5ae018c3e8aa8ce05b8dfcdfd8410) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=15e9ddc7d567160eb5f9819dd86387ab1792ac97 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Jun 9 17:47:41 2024 +0200 avutil/hwcontext_d3d11va: correct sizeof AVD3D11FrameDescriptor Fixes: CID1591909 Wrong sizeof argument Sponsored-by: Sovereign Tech Fund Reviewed-by: Steve Lhomme <rob...@ycbcr.xyz> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 698ed0d5a5a3a1219179facb5538eea463fae13f) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=443a1af5b7dbbbd4dea1d1b163fdea28eb9e39fc Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Jun 9 00:09:24 2024 +0200 avformat/tls_schannel: Initialize ret Fixes: CID1591881 Uninitialized scalar variable Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit f022afea77ced5067f511530dd8ff137967db1d9) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2da89fbfb359067b78cc862b01bc5a126974ca18 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat Jun 8 20:46:28 2024 +0200 avformat/subfile: Assert that whence is a known case This may help CID1452449 Uninitialized scalar variable Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 426d8c84c37064eef93bbcfaffd886d00a9a4ee8) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=68973a0e6cd77bb9b0f344dc2ec1a8a8ba1e54dc Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat Jun 8 20:45:32 2024 +0200 avformat/subfile: Merge if into switch() Found while reviewing CID1452449 Uninitialized scalar variable Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 2a0a7d964bfd5da8859c715627eeb7a048bddb79) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d2bc683a221d86f6892d74b65a5b553c3c88a036 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat Jun 8 19:43:15 2024 +0200 avformat/rtsp: Check that lower transport is handled in one of the if() Fixes: CID1473554 Uninitialized scalar variable Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit c8200d382503f5fd839a72af7ba93d53880ad4b7) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f9ee20fe6068bb9b555a3d9d3ce4f0f3ac6be5aa Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat Jun 8 18:28:49 2024 +0200 avformat/rtsp: initialize reply1 It seems reply1 is initialized by ff_rtsp_send_cmd() in most cases but there are code paths like "continue" which look like they could skip it but even if not writing this so a complex loop after several layers of calls initialized a local variable through a pointer is just bad design. This patch simply initialized the variable. Fixes: CID1473532 Uninitialized scalar variable Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 498ce4e8b82e2312690613df45f87e592dcb91a9) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b410d30ee992815c03c1c1cf36d900a5868b1207 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat Jun 8 18:23:47 2024 +0200 avformat/rtsp: use < 0 for error check Found while reviewing CID1473532 Uninitialized scalar variable Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 9bb38ba2b782cdb6052ddcb415ef1554b0462401) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f5b33e8f6d0eb79ec0dd676a29978e429361686e Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat Jun 8 10:17:42 2024 +0200 avformat/rtpenc_vc2hq: Check sizes Fixes: CID1452585 Untrusted loop bound Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 7a9ddb705152d5090d2cb815f905bf592cc487f5) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3ce3d744502a0a5c4bde328dec83971964931412 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Jun 9 17:47:46 2024 +0200 avfilter/af_aderivative: Free out on error Fixes: CID1197065 Resource leak Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 382e9e79f3a0011d93af4b11ca6ba6b85113a09a) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0458066f8f9012e71dc3b20f4eb8484f7c5c13bf Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Jun 10 23:41:07 2024 +0200 avfilter/af_pan: check nb_output_channels before use Fixes: CID1500281 Out-of-bounds write Fixes: CID1500331 Out-of-bounds write Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 5fe8bf4aa51350b14d0babd47b0314232e703caf) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=80dc3dd0e4938166b59a5bb05f743d4d5bd031b0 Author: Mark Thompson <s...@jkqxz.net> Date: Sun Oct 22 19:35:52 2023 +0100 cbs_av1: Reject thirty-two zero bits in uvlc code The spec allows at least thirty-two zero bits followed by a one to mean 2^32-1, with no constraint on the number of zeroes. The libaom reference decoder does not match this, instead reading thirty-two zeroes but not the following one to mean 2^32-1. These two interpretations are incompatible and other implementations may follow one or the other. Therefore reject thirty-two zeroes because the intended behaviour is not clear. Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 7110a36ba07f85ca2996d3b99898a4819e72d9bb) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6a9d1c7673d4aa787425ec57b89ca4ff7dc6c715 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Jul 1 23:18:47 2024 +0200 tools/coverity: Phase 1 study of anti-halicogenic for coverity av_rescale() Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 380a8213b165d1fda419c566241d2641cb6f5c3c) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=add09d1fb679c08cc5cfa5e43183800876fba59c Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Tue Jun 11 23:43:37 2024 +0200 avfilter/vf_avgblur: Check plane instead of AVFrame Fixes: CID1551694 Use after free (false positive based on assuming that out == in and one is freed and one used) Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit c296d4fdec198a32ea3995e312cede7be83352c7) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=791704d8ec8daff6101f58cbe38b7ee8bdd6f0b4 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jun 7 01:50:00 2024 +0200 avformat/rdt: Check pkt_len Fixes: CID1473553 Untrusted loop bound Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 0d0373de3bc6aa6fa5c71247191afccfaf20723d) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=07cbcedc4653d9e01239887e77e87d0318902326 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jun 7 00:19:01 2024 +0200 avformat/mpeg: Check len in mpegps_probe() Fixes: CID1473590 Untrusted loop bound Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit ca237a841e9e78ac02694124d81ff78c74b0bf72) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=68089f6940dd9bc27afa42b95cce6ca724463042 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon May 27 01:52:25 2024 +0200 avdevice/dshow: Check ICaptureGraphBuilder2_SetFiltergraph() for failure Fixes: CID1591939 Logically dead code Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 4c285bb2789667bcf014ede8b0ab06ebbbee833f) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9e38ce882e8cd5f83b8112199901717c71525c4b Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Tue May 24 01:45:44 2022 +0200 avcodec/vc1_loopfilter: Factor duplicate code in vc1_b_h_intfi_loop_filter() Fixes: CID1435168 Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 63ecce9ba87867b21a7cdcd677bb268c0d807db1) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f2513d30130e21775d0d8b8a26d34b38457a21ae Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Wed May 8 04:15:50 2024 +0200 avformat/img2dec: assert no pipe on ts_from_file Help coverity with CID1500302 Uninitialized scalar variable Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 4824156fa06bd60b27f9f0673fbd6a3cfc780e56) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4ac8994d9d17bffa51c1b1389d553e5233c9d905 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Wed May 1 22:33:14 2024 +0200 avcodec/cbs_jpeg: Try to move the read entity to one side in a test The checked entity should be alone on one side of the check, this avoids complex considerations of overflows. This fixes a issue of bad style in our code and a coverity issue. Fixes: CID1439654 Untrusted pointer read Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 385784a148d2886884aac69acc31bf179fac3ac2) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5d7f80e69685f085df18ec0192817133085fec66 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Mar 25 03:13:50 2024 +0100 avformat/mov: Check edit list for overflow Fixes: 67492/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5778297231310848 Fixes: signed integer overflow: 2314885530818453536 + 7782220156096217088 cannot be represented in type 'long' Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 2882d30e3acfc3155e2be11db653c7c721f94f34) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3b471ef25ebaea440cfac5fc6ec8428d0aedf0d9 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Jun 30 22:23:06 2024 +0200 fftools/ffmpeg: Check read() for failure Fixes: CID1591932 Ignoring number of bytes read Sponsored-by: Sovereign Tech Fund Reviewed-by: Anton Khirnov <an...@khirnov.net> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 34fd247c3bf06418c1eaafacf0d6052e3bbe4f5e) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=77c7c10755eb74533411f133b58ab763862fdff3 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Jun 16 01:59:23 2024 +0200 swscale/output: Avoid undefined overflow in yuv2rgb_write_full() Fixes: signed integer overflow: -140140 * 16525 cannot be represented in type 'int' Fixes: 68859/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-4516387130245120 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit c221c7422f07f2245db5c4cdc958b42ca25eb2b7) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=709fae3a49a8ea1b0eebaba86d27fb209a8d8d7e Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Jun 16 01:51:22 2024 +0200 swscale/output: alpha can become negative after scaling, use multiply Fixes: left shift of negative value -3245 Fixes: 69047/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-6571511551950848 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 9e6c5b6e865a6b1b9c3a471fc06143f11e69d71b) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a97cd26f1ca395f0e7e9ea7777f21129d397469b Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Jun 16 19:33:02 2024 +0200 avcodec/targaenc: Allocate space for the palette Fixes: out of array access Fixes: 68927/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TARGA_fuzzer-5105665067515904 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 4a7220bd5c1871827ee0edba14fc88f63173e169) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7b45312ef36f7bc6542d74f3dfac149f9e563917 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Jun 16 23:42:37 2024 +0200 avcodec/r210enc: Use av_rescale for bitrate Fixes: signed integer overflow: 281612954574848 * 65344 cannot be represented in type 'long' Fixes: 68956/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_R210_fuzzer-6459074458746880 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit d34d4b6a7ce7fa72239c47d22ab6592d0687ac86) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b5aa25d9d4532b5a395f89305d83f8cd979ce7f5 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Tue Jun 18 15:48:24 2024 +0200 avcodec/jfdctint_template: Fewer integer anomalies Fixes: signed integer overflow: 105788 * -20995 cannot be represented in type 'int' Fixes: signed integer overflow: 923211729 + 2073948236 cannot be represented in type 'int' Fixes: signed integer overflow: 1281179284 + 2073948236 cannot be represented in type 'int' Fixes: 68975/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_fuzzer-6266769177116672 Fixes: 68997/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_KS_fuzzer-6284237161431040 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 228f255b5d9b839149cd53f0537ce76b068228ae) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b3e4512055452e2ec3f1eaef8fd6d9e42c092936 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Tue Jun 18 15:48:23 2024 +0200 avcodec/snowenc: MV limits due to mv_penalty table size Fixes: out of array read Fixes: 69673/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-5476592894148608 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 3a9292aff320d7b5048b371b1babea2f9b3c4e69) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1804f1a533297ad304763ad90caccd7262f89617 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Jun 7 02:32:13 2024 +0200 avformat/mxfdec: Check container_ul->desc before use Fixes: CID1592939 Dereference after null check Sponsored-by: Sovereign Tech Fund Reviewed-by: Tomas Härdin <g...@haerdin.se> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 4cab028bd0e381f2ed4ccb7f139407f1f6f537c0) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d62cc430e2879a59d48fe6dd691027a93370713e Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Jun 16 22:32:03 2024 +0200 MAINTAINERS: Update the entries for the release maintainer for FFmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 97ecfb5a193c43eef2e47b3e45afd3fc629c107d) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6553f7e641a2e187632a8beb033f9aa2e148bd46 Author: Lynne <d...@lynne.ee> Date: Mon Jan 1 00:00:00 2024 +0000 configure: update copyright year (cherry picked from commit b95ee2ec5f84054de8bf6db9fe1b1119d569f269) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=139a843a47b4a2739918638bd209c236b89c1843 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Jun 3 19:51:49 2024 +0200 avfilter/vf_rotate: Check ff_draw_init2() return value Fixes: NULL pointer dereference Fixes: 3_343 Found-by: De3mond Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 9c9f095e30c196c0e3d510dc5300182ddb49a803) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9110293732336a880194b7fd824e5d4615f1c780 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Jun 3 01:25:59 2024 +0200 avformat/matroskadec: Assert that num_levels is non negative Maybe Closes: CID1452496 Uninitialized scalar variable Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 019fce18bb0628ac8bc47a81d647a23d604b6123) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=31cf3e5eb307434260d5b88e9b39500bbc8e8b76 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Jun 3 00:28:16 2024 +0200 avformat/img2dec: Move DQT after unrelated if() Fixes: CID1494636 Missing break in switch Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 7d04c6016b0971fecb890d3a0afe4e6706a1a68e) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2d829ce1e37520546c6f55df40b531348e26da2a Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Jun 2 23:32:43 2024 +0200 avdevice/xcbgrab: Check sscanf() return Alot more input checking can be performed, this is only checking the obvious missing case Fixes: CID1598562 Unchecked return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 78d6d13babc62fa14727ee590e5a9661f23a0d9f) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2bf3c458add1e1a6815d2129990eb950b3cd014b Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Apr 28 00:53:51 2024 +0200 fftools/cmdutils: Add protective () to FLAGS issue found while reviewing CID1452612 Free of array-typed value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit d9b9fc4be26014eb7221d9bbc297a5323d5ad40b) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ef800a7072263e9d1cb6bb4779f90eca726676fa Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Wed May 8 04:07:40 2024 +0200 avformat/sdp: Check before appending "," Found by reviewing code related to CID1500301 String not null terminated Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 5b82852519e92a2b94de0f22da1a81df5b3e0412) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7d21ba839bf6dc637ed51f07beb79f3a23925354 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu May 9 23:30:49 2024 +0200 avcodec/ilbcdec: Remove dead code Yes the same dead code is in "iLBC Speech Coder ANSI-C Source Code" Fixes: CID1509370 Logically dead code Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 8a64a003b5d567354e82af679e056615c8464a6f) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=dec23acac58108b06bf354e1435ac5705d055820 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun May 26 23:50:40 2024 +0200 avcodec/vp8: Check cond init Fixes: CID1598563 Unchecked return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 9b76e49061a321467df23f7b1c8e8e715c8dec71) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f34e52ed28619af7bf77fdf89c059f739025637a Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun May 26 23:50:40 2024 +0200 avcodec/vp8: Check mutex init Fixes: CID1598556 Unchecked return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 4ac7405aafb8e66dff2ac926f33b7ff755f224cf) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6cc4e8e759d192e5fb366e54fd9ef1818278fe53 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri May 17 00:46:24 2024 +0200 avcodec/tests/dct: Use 64bit in intermediate for error computation Fixes: CID1500284 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 161d0aa2a8d18f1f8a01cbc4c1061eadcbe592e5) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9803a178bd66aa4e9b90c13927ec2cc6ce662485 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu May 16 21:16:00 2024 +0200 avcodec/scpr3: Check add_dec() for failure Fixes: CID1441459 Improper use of negative value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit d741638042d827aed994b819857d6587121627ab) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b48f33a17c50ea0242aa3900a76d19ffb278cb2c Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun May 19 04:49:15 2024 +0200 avcodec/wavpackenc: Use unsigned for potential 31bit shift Fixes: CID1465481 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 6f976db251864ad698c935130370774783bf12f4) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a7ac6a5cfc678e2e7e10e749abae0fb5ce98fa8b Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun May 19 22:07:32 2024 +0200 avcodec/tests/jpeg2000dwt: Use 64bit in comparission Found while reviewing: CID1500309 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 12391b732f811fc6e868be2f08dc188e508d2567) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=26497c68676b8752a5526eb7caf692d88a27ee6a Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun May 19 22:07:31 2024 +0200 avcodec/tests/jpeg2000dwt: Use 64bit in err2 computation This issue cannot happen with the current function parameters Fixes: CID1500309 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 847a53f264db0b22dcc5a23ca9ade71a627f1c6c) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=86ec84e4d0a0476583e71fde716d6cafc2d1dc52 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Thu May 23 01:51:53 2024 +0200 avformat/ape: Use 64bit for final frame size Fixes: CID1505963 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit a2b8d03347930c051358fcbbdc557e57e157d9c9) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8cb6ff56c297ebd26dcf3f5001045af389dad853 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri May 17 23:58:30 2024 +0200 avcodec/tiff: Assert init_get_bits8() success in unpack_gray() Helps: CID1441939 Unchecked return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit a287f17db22c0c85f0445a1d31139cc70e73205e) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=97411b17908396361a43e78be7d09a0e96fc1c3b Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Tue May 21 01:35:08 2024 +0200 swscale/yuv2rgb: Use 64bit for brightness computation This will not overflow for normal values Fixes: CID1500280 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit bfc22f364d31d8f2dc2acae1bd03d5894a00b8c5) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9c5d490f3b52ad377aefec66a0a62a401c6e19e4 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon May 20 22:52:38 2024 +0200 avutil/tests/opt: Check av_set_options_string() for failure This is test code after all so it should test things Fixes: CID1518990 Unchecked return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit e3481730ed9b3b781a0d85370826bcc57d601958) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=da238fcbeb5aac8c147b305a9e43c352cf3a7749 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon May 20 21:55:44 2024 +0200 avutil/tests/dict: Check av_dict_set() before get for failure Failure is possible due to strdup() Fixes: CID1516764 Dereference null return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit e8a1e1899d9ededd78f8ec4722fe80c345bbf8f7) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f7758af2eb7e0e09e8821400e2237d0d048c103a Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon May 27 00:50:02 2024 +0200 avdevice/dshow: fix badly indented line Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit c4004605b2fa6e2ecbd1cfc2a1da382e4f5237a5) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3d5dec9fa41d3db2d9a8e1f56c9aa64069d5a104 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun May 12 00:43:48 2024 +0200 avcodec/mscc & mwsc: Check loop counts before use This could cause timeouts Fixes: CID1439568 Untrusted loop bound Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit e35fe3d8b9e345527a05b1ae958ac851fe09f1ed) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a751406b915baccc6607ad06b870fac2425ea7dd Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun May 12 00:13:58 2024 +0200 avcodec/mpegvideo_enc: Fix potential overflow in RD Fixes: CID1500285 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit b6b2b01025e016ce29e5add57305384a663edcfc) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=96fcd5b12b17bfa8008bd91c5bc629177c0cc8d1 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat May 11 22:08:21 2024 +0200 avcodec/mpeg4videodec: assert impossible wrap points Helps: CID1473517 Uninitialized scalar variable Helps: CID1473497 Uninitialized scalar variable Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 8fc649b931a3cbc3a2dd9b50b75a9261a2fb4b49) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bf085d1625532f1f761a7a550b5b316600328c89 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat May 18 00:32:43 2024 +0200 avcodec/vble: Check av_image_get_buffer_size() for failure Fixes: CID1461482 Improper use of negative value Sponsored-by: Sovereign Tech Fund Reviewed-.by: "Xiang, Haihao" <haihao.xi...@intel.com> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit dd5379db5d83d8b06654582afe327daa6be678a3) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9733f4e4a2635eb19168a4658f67a90367cc9fdd Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat May 18 03:16:08 2024 +0200 avcodec/vp3: Replace check by assert Fixes: CID1452425 Logically dead code Sponsored-by: Sovereign Tech Fund Reviewed-by: Peter Ross <pr...@xvid.org> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 1b991e77b9b19392214f6a788541bea5662de337) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b404e4687a46e2ee7f086a47047249658a622e19 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri May 10 16:07:04 2024 +0200 avcodec/jpeg2000dec: remove ST=3 case Fixes: CID1460979 Logically dead code Sponsored-by: Sovereign Tech Fund Reviewed-by: Tomas Härdin <g...@haerdin.se> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 4ed4f9a6c0a99c823706bfc4bb4df53f963f2f5a) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b7ec078810b0984fdc4c4d7de8e4b933c81fb57c Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat May 4 23:29:26 2024 +0200 avcodec/fmvc: remove dead assignment Fixes: CID1529220 Unused value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 96c116254527cc40b386f14b77e17fbe2388d5da) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9f8e7f85967916f3df97a9450c2b6c99d6130bfd Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon May 6 03:17:26 2024 +0200 avcodec/h264_slice: Remove dead sps check Fixes: CID1439574 Dereference after null check Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit a68aa951b21b8b7db0a5200bcfebc0a077a5f094) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5c7f74004b251f4a398ac4c994dd9d72f6cd10a9 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat May 11 20:50:44 2024 +0200 avcodec/lpc: copy levenson coeffs only when they have been computed Fixes: CID1473514 Uninitialized scalar variable Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit c2d897f3566fdf5c190583c6f5197ead5abec2ed) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=81333bd9fdf5a3251225be1b0ac9825e2cf038f7 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat May 11 03:14:16 2024 +0200 avutil/tests/base64: Check with too short output array Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit c304784a86cc7e2af211ed80ce2121e788680a8e) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7ed79fe736ad07d0d57d11fe74ee66d1a681da62 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat May 11 03:13:17 2024 +0200 libavutil/base64: Try not to write over the array end Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 2d216566f258badd07bc58de1e089b6e4175dc46) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=98c7f5a2fcd938a14c26201484f75ac166c44209 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Wed May 1 21:44:33 2024 +0200 avcodec/cbs_av1: Avoid shift overflow Fixes: CID1465488 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit d7924a4f60f2088de1e6790345caba929eb97030) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c241b2c23af7d7edd94f92b8890885b844d32560 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Apr 8 18:38:42 2024 +0200 avcodec/mpegvideo_enc: Fix 1 line and one column images Fixes: Ticket10952 Fixes: poc21ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 96449cfeaeb95fcfd7a2b8d9ccf7719e97471ed1) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c3078364aff714e374fa9f835b6c01627b5ca73e Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Apr 26 05:08:36 2024 +0200 swscale/output: Fix integer overflow in yuv2rgba64_full_1_c_template() Fixes: signed integer overflow: -1082982400 + -1079364728 cannot be represented in type 'int' Fixes: 67910/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5329011971522560 The input is 9bit in 16bit, the fuzzer fills all 16bit thus generating "invalid" input No overflow should happen with valid input. Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 1330a73ccadd855542ac4386f75fd72ff0ab5ea1) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=658d282659b6058ff0ec1c483da87efd1dfd90af Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Apr 26 05:08:35 2024 +0200 swscale/output: Fix integer overflow in yuv2rgba64_1_c_template Fixes: signed integer overflow: -831176 * 9539 cannot be represented in type 'int' Fixes: 67869/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5117342091640832 The input is 9bit in 16bit, the fuzzer fills all 16bit thus generating "invalid" input No overflow should happen with valid input. Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit a56559e688ffde40fcda5588123ffcb978da86d7) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f92cfcec5fc44e0e2f72968f9c67baf1f0bf6f6b Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Fri Apr 26 03:46:33 2024 +0200 avformat/mxfdec: Check body_offset Fixes: signed integer overflow: 538976288 - -9223372036315799520 cannot be represented in type 'long' Fixes: 68060/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5523457266745344 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Tomas Härdin <g...@haerdin.se> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 20a6bfda0f7c6447ac94611736cee6e9ce6972a0) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f18ee4d5a21dd0cac3899b18327a7a4a12660d51 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sun Apr 28 21:09:45 2024 +0200 avcodec/ac3_parser: Check init_get_bits8() for failure Fixes: CID1420393 Unchecked return value Sponsored-by: Sovereign Tech Fund Reviewed-by: Lynne <d...@lynne.ee> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 63415168dbd96475372e37ae0fd47bafe151e2f0) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ed652b3070e62e9e9724063db3176dc51631af68 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Sat Apr 27 00:09:02 2024 +0200 avcodec/hevcdec: Check ref frame Fixes: NULL pointer dereferences Fixes: 68197/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-6382538823106560 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Andreas Rheinhardt <andreas.rheinha...@outlook.com> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 5eb05f44503da3fdff82f1fed8ee2706d9841a9a) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4aaea247e8737317b52075b0afa6c9c5ab02076b Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Wed Apr 24 03:20:38 2024 +0200 doc/examples/vaapi_transcode: Simplify loop Fixes: CID1428858(1/2) Logically dead code Sponsored-by: Sovereign Tech Fund Reviewed-by: "myp...@gmail.com" <myp...@gmail.com> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit c9c11a0866d45827201b034349bceb2dc58a3499) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f7fb70292b459b9fe8475067df4bef3d03cd3f81 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Apr 22 03:09:54 2024 +0200 avfilter/vf_thumbnail_cuda: Set ret before checking it Fixes: CID1418336 Logically dead code Sponsored-by: Sovereign Tech Fund Reviewed-by: Timo Rothenpieler <t...@rothenpieler.org> Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 02301017d28422e4d0a4badb16f2226e70ec534a) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=84e532244202c198fc7b5ceddb31b02b3b0f486a Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Apr 22 00:57:43 2024 +0200 avfilter/signature_lookup: Dont copy uninitialized stuff around Fixes: CID1403238 Uninitialized pointer read Fixes: CID1403239 Uninitialized pointer read Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit e7174e66ac6025cea4b8e590525314d3aea6a134) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=339f9e76f37b2844bf4b2fa9a7c1d718974567d1 Author: Michael Niedermayer <mich...@niedermayer.cc> Date: Mon Apr 22 00:43:19 2024 +0200 avfilter/signature_lookup: Fix 2 differences to the refernce SW Fixes: CID1403227 Division or modulo by float zero Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> (cherry picked from commit 25cb66369e7b81bd280f0bdd6d51a0e2e11881e3) Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog To unsubscribe, visit link above, or email ffmpeg-cvslog-requ...@ffmpeg.org with subject "unsubscribe".