date:20170525

[FFmpeg-cvslog] avcodec/jpeg2000dec: Fix copy and paste error

2017-05-25 Thread Michael Niedermayer

ffmpeg | branch: master | Michael Niedermayer  | Thu 
May 25 11:11:33 2017 +0200| [5782e0ba8cc30bb08a806cdeda1adfb89a0556b4] | 
committer: Michael Niedermayer

avcodec/jpeg2000dec: Fix copy and paste error

Found-by: jamrial
Signed-off-by: Michael Niedermayer 

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5782e0ba8cc30bb08a806cdeda1adfb89a0556b4
---

 libavcodec/jpeg2000dec.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
index d1425654df..db4bb50a03 100644
--- a/libavcodec/jpeg2000dec.c
+++ b/libavcodec/jpeg2000dec.c
@@ -301,8 +301,7 @@ static int get_siz(Jpeg2000DecoderContext *s)
 if (s->tile_offset_x < 0 || s->tile_offset_y < 0 ||
 s->image_offset_x < s->tile_offset_x ||
 s->image_offset_y < s->tile_offset_y) {
-av_log(s->avctx, AV_LOG_ERROR, "Tile offsets are invalid\n",
-   s->ncomponents);
+av_log(s->avctx, AV_LOG_ERROR, "Tile offsets are invalid\n");
 return AVERROR_INVALIDDATA;
 }
 

___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

[FFmpeg-cvslog] avcodec/wavpack: Fix runtime error: left shift of negative value -14778

2017-05-25 Thread Michael Niedermayer

ffmpeg | branch: master | Michael Niedermayer  | Wed 
May 24 00:21:21 2017 +0200| [ea71a48c7e8a76ee447fa518cca087df9288288d] | 
committer: Michael Niedermayer

avcodec/wavpack: Fix runtime error: left shift of negative value -14778

Fixes: 1778/clusterfuzz-testcase-minimized-5128953268273152

Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer 

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ea71a48c7e8a76ee447fa518cca087df9288288d
---

 libavcodec/wavpack.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavcodec/wavpack.c b/libavcodec/wavpack.c
index 20774e61d2..3b3c6b2d16 100644
--- a/libavcodec/wavpack.c
+++ b/libavcodec/wavpack.c
@@ -113,10 +113,10 @@ static int update_error_limit(WavpackFrameContext *ctx)
 if (ctx->stereo_in && ctx->hybrid_bitrate) {
 int balance = (sl[1] - sl[0] + br[1] + 1) >> 1;
 if (balance > br[0]) {
-br[1] = br[0] << 1;
+br[1] = br[0] * 2;
 br[0] = 0;
 } else if (-balance > br[0]) {
-br[0] <<= 1;
+br[0]  *= 2;
 br[1]   = 0;
 } else {
 br[1] = br[0] + balance;

___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

[FFmpeg-cvslog] avcodec/wavpack: Fix: runtime error: signed integer overflow: 3 * -2147483648 cannot be represented in type 'int'

2017-05-25 Thread Michael Niedermayer

ffmpeg | branch: master | Michael Niedermayer  | Wed 
May 24 00:21:20 2017 +0200| [5f91786fc8ad9b4108e09e6cbf119d95c8ac4db7] | 
committer: Michael Niedermayer

avcodec/wavpack: Fix: runtime error: signed integer overflow: 3 * -2147483648 
cannot be represented in type 'int'

Fixes: 1776/clusterfuzz-testcase-minimized-6191258231898112

Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer 

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5f91786fc8ad9b4108e09e6cbf119d95c8ac4db7
---

 libavcodec/wavpack.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavcodec/wavpack.c b/libavcodec/wavpack.c
index 103a416f28..20774e61d2 100644
--- a/libavcodec/wavpack.c
+++ b/libavcodec/wavpack.c
@@ -542,9 +542,9 @@ static inline int wv_unpack_mono(WavpackFrameContext *s, 
GetBitContext *gb,
 t = s->decorr[i].value;
 if (t > 8) {
 if (t & 1)
-A =  2 * s->decorr[i].samplesA[0] - 
s->decorr[i].samplesA[1];
+A =  2U * s->decorr[i].samplesA[0] - 
s->decorr[i].samplesA[1];
 else
-A = (3 * s->decorr[i].samplesA[0] - 
s->decorr[i].samplesA[1]) >> 1;
+A = (int)(3U * s->decorr[i].samplesA[0] - 
s->decorr[i].samplesA[1]) >> 1;
 s->decorr[i].samplesA[1] = s->decorr[i].samplesA[0];
 j= 0;
 } else {

___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

[FFmpeg-cvslog] avcodec/tscc2: Skip duplicate frames

2017-05-25 Thread Michael Niedermayer

ffmpeg | branch: master | Michael Niedermayer  | Sun 
May 21 15:34:21 2017 +0200| [4dc3714c48e74e75a3a9c7d9fb52fd5917107508] | 
committer: Michael Niedermayer

avcodec/tscc2: Skip duplicate frames

This turns CFR duplicated frames into skiped frames

Fixes: Timeout
Fixes: 1719/clusterfuzz-testcase-minimized-6375090079924224

Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer 

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4dc3714c48e74e75a3a9c7d9fb52fd5917107508
---

 libavcodec/tscc2.c   | 13 +
 tests/ref/fate/tscc2-avi |  8 
 2 files changed, 5 insertions(+), 16 deletions(-)

diff --git a/libavcodec/tscc2.c b/libavcodec/tscc2.c
index f64c76507e..a8c7ee7996 100644
--- a/libavcodec/tscc2.c
+++ b/libavcodec/tscc2.c
@@ -235,18 +235,15 @@ static int tscc2_decode_frame(AVCodecContext *avctx, void 
*data,
 return AVERROR_INVALIDDATA;
 }
 
-if ((ret = ff_reget_buffer(avctx, c->pic)) < 0) {
-return ret;
-}
-
 if (frame_type == 0) {
-*got_frame  = 1;
-if ((ret = av_frame_ref(data, c->pic)) < 0)
-return ret;
-
+// Skip duplicate frames
 return buf_size;
 }
 
+if ((ret = ff_reget_buffer(avctx, c->pic)) < 0) {
+return ret;
+}
+
 if (bytestream2_get_bytes_left(&gb) < 4) {
 av_log(avctx, AV_LOG_ERROR, "Frame is too short\n");
 return AVERROR_INVALIDDATA;
diff --git a/tests/ref/fate/tscc2-avi b/tests/ref/fate/tscc2-avi
index 6f0e8a53d3..09ed897337 100644
--- a/tests/ref/fate/tscc2-avi
+++ b/tests/ref/fate/tscc2-avi
@@ -5,33 +5,25 @@
 #sar 0: 0/1
 0,  0,  0,1,   230400, 0x7a2103c0
 0,  1,  1,1,   230400, 0xd381c279
-0,  2,  2,1,   230400, 0xd381c279
 0,  3,  3,1,   230400, 0x110aec27
 0,  4,  4,1,   230400, 0x4be67ee7
 0,  5,  5,1,   230400, 0xd87fe4b4
-0,  6,  6,1,   230400, 0xd87fe4b4
 0,  7,  7,1,   230400, 0x9bc6a398
 0,  8,  8,1,   230400, 0xd67d92db
 0,  9,  9,1,   230400, 0x3df6559e
-0, 10, 10,1,   230400, 0x3df6559e
 0, 11, 11,1,   230400, 0x2136ff25
 0, 12, 12,1,   230400, 0x94573fe6
 0, 13, 13,1,   230400, 0xbf67d3f5
-0, 14, 14,1,   230400, 0xbf67d3f5
 0, 15, 15,1,   230400, 0x2592b5cf
 0, 16, 16,1,   230400, 0x5b23cd93
 0, 17, 17,1,   230400, 0x9b76d079
-0, 18, 18,1,   230400, 0x9b76d079
 0, 19, 19,1,   230400, 0x771a017e
 0, 20, 20,1,   230400, 0xacfee1d0
 0, 21, 21,1,   230400, 0x6b9ff4eb
-0, 22, 22,1,   230400, 0x6b9ff4eb
 0, 23, 23,1,   230400, 0xbaf643e1
 0, 24, 24,1,   230400, 0x052efe59
 0, 25, 25,1,   230400, 0xd751f901
-0, 26, 26,1,   230400, 0xd751f901
 0, 27, 27,1,   230400, 0x6f94e11f
 0, 28, 28,1,   230400, 0x17eeabb9
 0, 29, 29,1,   230400, 0x3733a035
-0, 30, 30,1,   230400, 0x3733a035
 0, 31, 31,1,   230400, 0xb0829f45

___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

[FFmpeg-cvslog] hevc: fix race condition in max_ra/seq_decode.

2017-05-25 Thread Ronald S . Bultje

ffmpeg | branch: master | Ronald S. Bultje  | Wed May 24 
11:46:07 2017 -0400| [ca2209d67af0a73fe0edb2fce1cea2445dbfd8db] | committer: 
Ronald S. Bultje

hevc: fix race condition in max_ra/seq_decode.

These variables are shared between frame threads, but they are updated
post-setup_finished() if a EOB/EOS slice type occurs. Moving the EOB/EOS
slices to the next frame thread instance (by parsing them leading into
the next picture instead of trailing behind the last picture) effectively
prevents this race condition.

This fixes tsan failures on hevc-conformance-NoOutPrior_A_Qualcomm_1.

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ca2209d67af0a73fe0edb2fce1cea2445dbfd8db
---

 libavcodec/hevc_parser.c |  2 +-
 libavcodec/hevcdec.c | 12 ++--
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/libavcodec/hevc_parser.c b/libavcodec/hevc_parser.c
index c72b1465f1..2b58eb62fe 100644
--- a/libavcodec/hevc_parser.c
+++ b/libavcodec/hevc_parser.c
@@ -267,7 +267,7 @@ static int hevc_find_frame_end(AVCodecParserContext *s, 
const uint8_t *buf,
 
 nut = (pc->state64 >> 2 * 8 + 1) & 0x3F;
 // Beginning of access unit
-if ((nut >= HEVC_NAL_VPS && nut <= HEVC_NAL_AUD) || nut == 
HEVC_NAL_SEI_PREFIX ||
+if ((nut >= HEVC_NAL_VPS && nut <= HEVC_NAL_EOB_NUT) || nut == 
HEVC_NAL_SEI_PREFIX ||
 (nut >= 41 && nut <= 44) || (nut >= 48 && nut <= 55)) {
 if (pc->frame_start_found) {
 pc->frame_start_found = 0;
diff --git a/libavcodec/hevcdec.c b/libavcodec/hevcdec.c
index ee001fd9f2..fc9a5b749e 100644
--- a/libavcodec/hevcdec.c
+++ b/libavcodec/hevcdec.c
@@ -2890,6 +2890,7 @@ fail:
 static int decode_nal_units(HEVCContext *s, const uint8_t *buf, int length)
 {
 int i, ret = 0;
+int eos_at_start = 1;
 
 s->ref = NULL;
 s->last_eos = s->eos;
@@ -2907,8 +2908,15 @@ static int decode_nal_units(HEVCContext *s, const 
uint8_t *buf, int length)
 
 for (i = 0; i < s->pkt.nb_nals; i++) {
 if (s->pkt.nals[i].type == HEVC_NAL_EOB_NUT ||
-s->pkt.nals[i].type == HEVC_NAL_EOS_NUT)
-s->eos = 1;
+s->pkt.nals[i].type == HEVC_NAL_EOS_NUT) {
+if (eos_at_start) {
+s->last_eos = 1;
+} else {
+s->eos = 1;
+}
+} else {
+eos_at_start = 0;
+}
 }
 
 /* decode the NAL units */

___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

[FFmpeg-cvslog] frame_thread_encoder: extend critical code covered by finished_task_mutex.

2017-05-25 Thread Ronald S . Bultje

ffmpeg | branch: master | Ronald S. Bultje  | Thu May 25 
08:20:21 2017 -0400| [d98f34d7d440ab3671be4e55c00d2cc7bf007eab] | committer: 
Ronald S. Bultje

frame_thread_encoder: extend critical code covered by finished_task_mutex.

Should fix tsan errors in utvideoenc_rgb_left and related tests.

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d98f34d7d440ab3671be4e55c00d2cc7bf007eab
---

 libavcodec/frame_thread_encoder.c | 13 +++--
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/libavcodec/frame_thread_encoder.c 
b/libavcodec/frame_thread_encoder.c
index 27ae356af3..6cf1a68fe7 100644
--- a/libavcodec/frame_thread_encoder.c
+++ b/libavcodec/frame_thread_encoder.c
@@ -272,15 +272,16 @@ int ff_thread_video_encode_frame(AVCodecContext *avctx, 
AVPacket *pkt, const AVF
 pthread_mutex_unlock(&c->task_fifo_mutex);
 
 c->task_index = (c->task_index+1) % BUFFER_SIZE;
-
-if(!c->finished_tasks[c->finished_task_index].outdata && 
(c->task_index - c->finished_task_index) % BUFFER_SIZE <= avctx->thread_count)
-return 0;
 }
 
-if(c->task_index == c->finished_task_index)
-return 0;
-
 pthread_mutex_lock(&c->finished_task_mutex);
+if (c->task_index == c->finished_task_index ||
+(frame && !c->finished_tasks[c->finished_task_index].outdata &&
+ (c->task_index - c->finished_task_index) % BUFFER_SIZE <= 
avctx->thread_count)) {
+pthread_mutex_unlock(&c->finished_task_mutex);
+return 0;
+}
+
 while (!c->finished_tasks[c->finished_task_index].outdata) {
 pthread_cond_wait(&c->finished_task_cond, &c->finished_task_mutex);
 }

___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

[FFmpeg-cvslog] avcodec/diracdec: Fix off by 1 error in quant check

2017-05-25 Thread Michael Niedermayer

ffmpeg | branch: master | Michael Niedermayer  | Thu 
May 25 16:35:40 2017 +0200| [b946bd8ef2c7aeee09469a4901182a44f9b67189] | 
committer: Michael Niedermayer

avcodec/diracdec: Fix off by 1 error in quant check

Fixes: out of array read
Fixes: 1781/clusterfuzz-testcase-minimized-4617176877105152

Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer 

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b946bd8ef2c7aeee09469a4901182a44f9b67189
---

 libavcodec/diracdec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/diracdec.c b/libavcodec/diracdec.c
index 601d701bc8..c031b40b5e 100644
--- a/libavcodec/diracdec.c
+++ b/libavcodec/diracdec.c
@@ -823,7 +823,7 @@ static int decode_hq_slice(DiracContext *s, DiracSlice 
*slice, uint8_t *tmp_buf)
 skip_bits_long(gb, 8*s->highquality.prefix_bytes);
 quant_idx = get_bits(gb, 8);
 
-if (quant_idx > DIRAC_MAX_QUANT_INDEX) {
+if (quant_idx > DIRAC_MAX_QUANT_INDEX - 1) {
 av_log(s->avctx, AV_LOG_ERROR, "Invalid quantization index - %i\n", 
quant_idx);
 return AVERROR_INVALIDDATA;
 }

___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

[FFmpeg-cvslog] avcodec/diracdec: Factor quant matrix reads

2017-05-25 Thread Michael Niedermayer

ffmpeg | branch: master | Michael Niedermayer  | Thu 
May 25 16:22:49 2017 +0200| [6d6fc4105b871490068958ded491dbb8b19c65be] | 
committer: Michael Niedermayer

avcodec/diracdec: Factor quant matrix reads

Signed-off-by: Michael Niedermayer 

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6d6fc4105b871490068958ded491dbb8b19c65be
---

 libavcodec/diracdec.c | 7 +++
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/libavcodec/diracdec.c b/libavcodec/diracdec.c
index 3573298ca1..601d701bc8 100644
--- a/libavcodec/diracdec.c
+++ b/libavcodec/diracdec.c
@@ -1257,11 +1257,10 @@ static int dirac_unpack_idwt_params(DiracContext *s)
 if (get_bits1(gb)) {
 av_log(s->avctx,AV_LOG_DEBUG,"Low Delay: Has Custom Quantization 
Matrix!\n");
 /* custom quantization matrix */
-s->lowdelay.quant[0][0] = get_interleaved_ue_golomb(gb);
 for (level = 0; level < s->wavelet_depth; level++) {
-s->lowdelay.quant[level][1] = get_interleaved_ue_golomb(gb);
-s->lowdelay.quant[level][2] = get_interleaved_ue_golomb(gb);
-s->lowdelay.quant[level][3] = get_interleaved_ue_golomb(gb);
+for (i = !!level; i < 4; i++) {
+s->lowdelay.quant[level][i] = 
get_interleaved_ue_golomb(gb);
+}
 }
 } else {
 if (s->wavelet_depth > 4) {

___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

[FFmpeg-cvslog] avcodec/smc: Check remaining input

2017-05-25 Thread Michael Niedermayer

ffmpeg | branch: master | Michael Niedermayer  | Thu 
May 25 20:07:49 2017 +0200| [356194fcb17375de2472f4cbff6ede48d6a374b2] | 
committer: Michael Niedermayer

avcodec/smc: Check remaining input

Fixes: Timeout
Fixes: 1818/clusterfuzz-testcase-minimized-5039166473633792

Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer 

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=356194fcb17375de2472f4cbff6ede48d6a374b2
---

 libavcodec/smc.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/libavcodec/smc.c b/libavcodec/smc.c
index 89524219f8..79f9a757a0 100644
--- a/libavcodec/smc.c
+++ b/libavcodec/smc.c
@@ -132,6 +132,10 @@ static void smc_decode_stream(SmcContext *s)
 row_ptr, image_size);
 return;
 }
+if (bytestream2_get_bytes_left(&s->gb) < 1) {
+av_log(s->avctx, AV_LOG_ERROR, "input too small\n");
+return;
+}
 
 opcode = bytestream2_get_byte(&s->gb);
 switch (opcode & 0xF0) {

___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

[FFmpeg-cvslog] avcodec/aacdec_fixed: Fix runtime error: signed integer overflow: -2147483648 * -1 cannot be represented in type 'int'

2017-05-25 Thread Michael Niedermayer

ffmpeg | branch: master | Michael Niedermayer  | Thu 
May 25 23:01:27 2017 +0200| [8e87d146d798ca25d8f3a4520a6deb7946b39d73] | 
committer: Michael Niedermayer

avcodec/aacdec_fixed: Fix runtime error: signed integer overflow: -2147483648 * 
-1 cannot be represented in type 'int'

Fixes: 1825/clusterfuzz-testcase-minimized-6002833050566656

Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer 

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8e87d146d798ca25d8f3a4520a6deb7946b39d73
---

 libavcodec/aacdec_fixed.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/aacdec_fixed.c b/libavcodec/aacdec_fixed.c
index 27547667ab..53a971c8d3 100644
--- a/libavcodec/aacdec_fixed.c
+++ b/libavcodec/aacdec_fixed.c
@@ -187,7 +187,7 @@ static void subband_scale(int *dst, int *src, int scale, 
int offset, int len)
 round = 1U << (s-1);
 for (i=0; i> s);
-dst[i] = out * ssign;
+dst[i] = out * (unsigned)ssign;
 }
 }
 }

___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

[FFmpeg-cvslog] avcodec/clearvideo: Check buf_size before decoding frame

2017-05-25 Thread Michael Niedermayer

ffmpeg | branch: master | Michael Niedermayer  | Fri 
May 26 01:37:14 2017 +0200| [43c394dcaebe9eec5802b420f273385473380909] | 
committer: Michael Niedermayer

avcodec/clearvideo: Check buf_size before decoding frame

Fixes; Timeout
Fixes: 1826/clusterfuzz-testcase-minimized-5728569256837120

Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer 

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=43c394dcaebe9eec5802b420f273385473380909
---

 libavcodec/clearvideo.c | 5 +
 1 file changed, 5 insertions(+)

diff --git a/libavcodec/clearvideo.c b/libavcodec/clearvideo.c
index 27b00ce820..a9fa0228bd 100644
--- a/libavcodec/clearvideo.c
+++ b/libavcodec/clearvideo.c
@@ -297,6 +297,11 @@ static int clv_decode_frame(AVCodecContext *avctx, void 
*data,
 c->pic->pict_type = frame_type & 0x20 ? AV_PICTURE_TYPE_I : 
AV_PICTURE_TYPE_P;
 
 if (frame_type & 0x2) {
+if (buf_size < c->mb_width * c->mb_height) {
+av_log(avctx, AV_LOG_ERROR, "Packet too small\n");
+return AVERROR_INVALIDDATA;
+}
+
 bytestream2_get_be32(&gb); // frame size;
 c->ac_quant= bytestream2_get_byte(&gb);
 c->luma_dc_quant   = 32;

___
ffmpeg-cvslog mailing list
ffmpeg-cvslog@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog

[FFmpeg-cvslog] avcodec/jpeg2000dec: Fix copy and paste error

[FFmpeg-cvslog] avcodec/wavpack: Fix runtime error: left shift of negative value -14778

[FFmpeg-cvslog] avcodec/wavpack: Fix: runtime error: signed integer overflow: 3 * -2147483648 cannot be represented in type 'int'

[FFmpeg-cvslog] avcodec/tscc2: Skip duplicate frames

[FFmpeg-cvslog] hevc: fix race condition in max_ra/seq_decode.

[FFmpeg-cvslog] frame_thread_encoder: extend critical code covered by finished_task_mutex.

[FFmpeg-cvslog] avcodec/diracdec: Fix off by 1 error in quant check

[FFmpeg-cvslog] avcodec/diracdec: Factor quant matrix reads

[FFmpeg-cvslog] avcodec/smc: Check remaining input

[FFmpeg-cvslog] avcodec/aacdec_fixed: Fix runtime error: signed integer overflow: -2147483648 * -1 cannot be represented in type 'int'

[FFmpeg-cvslog] avcodec/clearvideo: Check buf_size before decoding frame

11 matches

Site Navigation

Mail list logo

Footer information