ffmpeg | branch: master | Paul B Mahol | Sun Dec 20 21:31:55
2015 +0100| [484cc66f577ba25c142d73c1c2c6590b01d031c2] | committer: Paul B Mahol
avcodec/indeo2: use init_get_bits8
Signed-off-by: Paul B Mahol
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=484cc66f577ba25c142d73c1c2c6
ffmpeg | branch: master | James Almer | Sun Dec 6 02:47:45
2015 -0300| [d4c47333e1484844c9c613363242777c17e2b11f] | committer: James Almer
x86/hevc_sao: add ff_hevc_sao_edge_filter_{8,16}_{10,12}
Reviewed-by: Christophe Gisquet
Signed-off-by: James Almer
> http://git.videolan.org/gitweb.cgi
ffmpeg | branch: master | James Almer | Sun Dec 6 02:46:51
2015 -0300| [3ff2beff65af87fc9ce75d55f2c06e01d606cebc] | committer: James Almer
x86/hevc_sao: simplify sao_edge_filter 10/12bit
Reviewed-by: Michael Niedermayer
Reviewed-by: Christophe Gisquet
Signed-off-by: James Almer
> http://gi
ffmpeg | branch: master | James Almer | Sun Dec 6 02:42:34
2015 -0300| [34b2bd03cf94e26e0352b4edd5f9ca86c5e95b0b] | committer: James Almer
x86/hevc_sao: simplify sao_band_filter 10/12bit
Reviewed-by: Michael Niedermayer
Reviewed-by: Christophe Gisquet
Signed-off-by: James Almer
> http://gi
ffmpeg | branch: master | Paul B Mahol | Sun Dec 20 19:52:51
2015 +0100| [9e569abe995dc41a3e8fb30fb6d9c4d002b8ba4d] | committer: Paul B Mahol
avfilter/avf_showfreqs: make it possible to split channels
Signed-off-by: Paul B Mahol
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9e56
ffmpeg | branch: master | Paul B Mahol | Sun Dec 20 17:47:21
2015 +0100| [367ffa0c151792651a741554c608a73bad112663] | committer: Paul B Mahol
avcodec/flacenc: use designated initializers for AVClass
Signed-off-by: Paul B Mahol
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=367ffa
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Sat Dec 19 23:45:06 2015 +0100|
[b0a8095f2bf0bc03c5d4dfccaba845de6fd5bb4f] | committer: Andreas Cadhalpun
rawdec: only exempt BIT0 with need_copy from buffer sanity check
Otherwise the too small buffer is directly used in the frame, causing
se
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Wed Dec 16 16:48:19 2015 +0100|
[e32095807b86480dfa5395972f7734990e27c146] | committer: Andreas Cadhalpun
on2avc: limit number of bits to 30 in get_egolomb
More don't fit into the integer output.
Also use get_bits_long, since get_bits only su
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Tue Dec 15 22:00:31 2015 +0100|
[7a26ea7a7e67cff8c1f3367e4f505f1c650ca0f5] | committer: Andreas Cadhalpun
opus_silk: fix typo causing overflow in silk_stabilize_lsf
Due to this typo max_center can be too large, causing nlsf to be set to
too la
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Tue Dec 15 23:43:03 2015 +0100|
[465dd4bc941e96abc00e60e35947673d64d34907] | committer: Andreas Cadhalpun
sonic: make sure num_taps * channels is not larger than frame_size
If that is the case, the loop setting predictor_state in
sonic_decode_
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Wed Dec 16 20:52:39 2015 +0100|
[1317c63b4b1d96c554f88a92a6b770341c529a66] | committer: Andreas Cadhalpun
nuv: sanitize negative fps rate
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit f6830cf5ba03fdcfcd81a0358eb32d4081a2fcce)
Si
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Mon Dec 14 22:11:55 2015 +0100|
[6fc3f6f43b24b98a768acc28f03fec37ef1a79e3] | committer: Andreas Cadhalpun
ffm: reject invalid codec_id and codec_type
A negative codec_id cannot be handled by the found_decoder API of
AVStream->info: if the code
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Sat Dec 19 23:44:53 2015 +0100|
[f0eea9cc3a112f69991ffba79d6ca224d9eb60f5] | committer: Andreas Cadhalpun
mlvdec: check that index_entries exist
This fixes NULL pointer dereferencing.
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas C
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Fri Dec 18 19:28:51 2015 +0100|
[dcecc180a6ad9e05f2b1f5802ec04c95a4cc6a8d] | committer: Andreas Cadhalpun
xwddec: prevent overflow of lsize * avctx->height
This is used to check if the input buffer is large enough, so if this
overflows it can
ffmpeg | branch: release/2.4 | Michael Niedermayer |
Sat Dec 19 23:21:33 2015 +0100| [fbfb2814b28d24c275c5809a7f6f6e33efe7b7dc] |
committer: Andreas Cadhalpun
avcodec/mpeg4videodec: also for empty partitioned slices
Fixes assertion failure
Fixes: id_acf3e47f864e1ee4c7b86c0653e0ff31e5bde56e.m4v
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Fri Dec 18 15:18:47 2015 +0100|
[2306964b3a0336e24d1c9d04bd54aaecf2d198d7] | committer: Andreas Cadhalpun
nutdec: only copy the header if it exists
Fixes ubsan runtime error: null pointer passed as argument 2, which is
declared to never be nul
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Sun Dec 13 23:17:09 2015 +0100|
[e7b09eaefa5d117c79e23d7c70732249af383b2a] | committer: Andreas Cadhalpun
exr: fix out of bounds read in get_code
This macro unconditionally used out[-1], which causes an out of bounds
read, if out is the very b
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Fri Dec 4 18:13:07 2015 +0100|
[7f33fef2a28dbc63ee98b0a217acabf760c5b7cd] | committer: Andreas Cadhalpun
aaccoder: prevent crash of anmr coder
If minq is negative, the range of sf_idx can be larger than
SCALE_MAX_DIFF allows, causing assertio
ffmpeg | branch: release/2.4 | Andreas Cadhalpun
| Sat Dec 19 12:02:56 2015 +0100|
[bbe1c9839bb96f0a3988a3fdbb56283faf7f36fb] | committer: Andreas Cadhalpun
nutdec: reject negative value_len in read_sm_data
If it is negative, it can cause the byte position to move backwards in
avio_skip, which
ffmpeg | branch: master | Paul B Mahol | Sat Dec 19 21:52:19
2015 +0100| [db6e337b41fce401e67daa2f05fbe0663f825240] | committer: Paul B Mahol
avcodec/s302menc: check if buf_size can actually be put into 16bit size
This disallows creating unplayable audio.
Signed-off-by: Paul B Mahol
> http:/
ffmpeg | branch: master | Paul B Mahol | Sat Dec 19 21:34:27
2015 +0100| [577f05735511066eca48b9a5fff6bf9b75cd65e6] | committer: Paul B Mahol
avcodec/s302menc: set supported channel layouts by codec
Signed-off-by: Paul B Mahol
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=577f05
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Mon Dec 14 22:11:55 2015 +0100|
[5478e7bbc106b5781b7a49429b2b9db0f2d4f378] | committer: Andreas Cadhalpun
ffm: reject invalid codec_id and codec_type
A negative codec_id cannot be handled by the found_decoder API of
AVStream->info: if the code
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Wed Dec 16 16:48:19 2015 +0100|
[105be66545ec3fa250e3a4e4792b097cec7f62a1] | committer: Andreas Cadhalpun
on2avc: limit number of bits to 30 in get_egolomb
More don't fit into the integer output.
Also use get_bits_long, since get_bits only su
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Wed Dec 16 20:52:39 2015 +0100|
[eca27eeea95f906c7d887cd98e5406e8531f1e44] | committer: Andreas Cadhalpun
nuv: sanitize negative fps rate
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit f6830cf5ba03fdcfcd81a0358eb32d4081a2fcce)
Si
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Sat Dec 19 12:02:56 2015 +0100|
[2db78f83bad187012f446ca43f6edcb845e7f513] | committer: Andreas Cadhalpun
nutdec: reject negative value_len in read_sm_data
If it is negative, it can cause the byte position to move backwards in
avio_skip, which
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Sat Dec 19 23:44:53 2015 +0100|
[94711d3719a1d829d7381e7a317f108b97e4f795] | committer: Andreas Cadhalpun
mlvdec: check that index_entries exist
This fixes NULL pointer dereferencing.
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas C
ffmpeg | branch: release/2.5 | Michael Niedermayer |
Sat Dec 19 23:21:33 2015 +0100| [8cd0e23be83d7967ce6d0c1e933e1bd0819c8cb6] |
committer: Andreas Cadhalpun
avcodec/mpeg4videodec: also for empty partitioned slices
Fixes assertion failure
Fixes: id_acf3e47f864e1ee4c7b86c0653e0ff31e5bde56e.m4v
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Tue Dec 15 23:43:03 2015 +0100|
[46e7a63b6e011b47d87b54659b2a3799056e5753] | committer: Andreas Cadhalpun
sonic: make sure num_taps * channels is not larger than frame_size
If that is the case, the loop setting predictor_state in
sonic_decode_
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Sat Dec 19 23:45:06 2015 +0100|
[06edade7ee8a33e26e8c4b8919fde61f492c213c] | committer: Andreas Cadhalpun
rawdec: only exempt BIT0 with need_copy from buffer sanity check
Otherwise the too small buffer is directly used in the frame, causing
se
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Tue Dec 15 22:00:31 2015 +0100|
[31d6900161221f6b83b76aa85221de49b7adbf32] | committer: Andreas Cadhalpun
opus_silk: fix typo causing overflow in silk_stabilize_lsf
Due to this typo max_center can be too large, causing nlsf to be set to
too la
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Fri Dec 18 19:28:51 2015 +0100|
[882391f9758ea13643639e21de81e3f7978b0695] | committer: Andreas Cadhalpun
xwddec: prevent overflow of lsize * avctx->height
This is used to check if the input buffer is large enough, so if this
overflows it can
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Sun Dec 13 23:17:09 2015 +0100|
[79d75f1554de110d020a8035c86458a80dd7d773] | committer: Andreas Cadhalpun
exr: fix out of bounds read in get_code
This macro unconditionally used out[-1], which causes an out of bounds
read, if out is the very b
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Fri Dec 18 15:18:47 2015 +0100|
[0f1e398874399ddf0586b54735d8c85ff1228c85] | committer: Andreas Cadhalpun
nutdec: only copy the header if it exists
Fixes ubsan runtime error: null pointer passed as argument 2, which is
declared to never be nul
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Fri Dec 4 18:13:07 2015 +0100|
[26b74a7213bf720f2818e9b5e8c8359cbadf9207] | committer: Andreas Cadhalpun
aaccoder: prevent crash of anmr coder
If minq is negative, the range of sf_idx can be larger than
SCALE_MAX_DIFF allows, causing assertio
ffmpeg | branch: release/2.5 | Andreas Cadhalpun
| Wed Dec 2 22:47:12 2015 +0100|
[cc77012329f0b68373f6fadc2fda19e0d1f661cb] | committer: Andreas Cadhalpun
ffmdec: reject zero-sized chunks
If size is zero, avio_get_str fails, leaving the buffer uninitialized.
This causes invalid reads in av_s
ffmpeg | branch: release/2.6 | Andreas Cadhalpun
| Wed Dec 16 20:52:39 2015 +0100|
[b2cb7db14f82737f0d25602336c7f0ba9bbffdab] | committer: Andreas Cadhalpun
nuv: sanitize negative fps rate
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit f6830cf5ba03fdcfcd81a0358eb32d4081a2fcce)
Si
ffmpeg | branch: release/2.6 | Andreas Cadhalpun
| Sun Dec 13 23:17:09 2015 +0100|
[350f1f4919a13555167f378ef8f8f38f39db1a80] | committer: Andreas Cadhalpun
exr: fix out of bounds read in get_code
This macro unconditionally used out[-1], which causes an out of bounds
read, if out is the very b
ffmpeg | branch: release/2.6 | Andreas Cadhalpun
| Fri Dec 18 19:28:51 2015 +0100|
[c4b2985d9ab0eaac9e8b454b693570ef80f41175] | committer: Andreas Cadhalpun
xwddec: prevent overflow of lsize * avctx->height
This is used to check if the input buffer is large enough, so if this
overflows it can
ffmpeg | branch: release/2.6 | Andreas Cadhalpun
| Fri Dec 18 15:18:47 2015 +0100|
[ea5ac146cd94c781136abd2ff3e39daea9994516] | committer: Andreas Cadhalpun
nutdec: only copy the header if it exists
Fixes ubsan runtime error: null pointer passed as argument 2, which is
declared to never be nul
ffmpeg | branch: release/2.6 | Andreas Cadhalpun
| Sat Dec 19 12:02:56 2015 +0100|
[4d2f9368034353037ae4fb96c1156848fe0ebe7a] | committer: Andreas Cadhalpun
nutdec: reject negative value_len in read_sm_data
If it is negative, it can cause the byte position to move backwards in
avio_skip, which
ffmpeg | branch: release/2.6 | Andreas Cadhalpun
| Wed Dec 16 16:48:19 2015 +0100|
[564e63a0334f12ea3fbfde45d8e86be47792b3aa] | committer: Andreas Cadhalpun
on2avc: limit number of bits to 30 in get_egolomb
More don't fit into the integer output.
Also use get_bits_long, since get_bits only su
ffmpeg | branch: release/2.6 | Andreas Cadhalpun
| Sat Dec 19 23:45:06 2015 +0100|
[462afe5d00c815aef20ee33aaabcf1d30e4455c8] | committer: Andreas Cadhalpun
rawdec: only exempt BIT0 with need_copy from buffer sanity check
Otherwise the too small buffer is directly used in the frame, causing
se
ffmpeg | branch: release/2.6 | Andreas Cadhalpun
| Sat Dec 19 23:44:53 2015 +0100|
[c51800d324a9a86dcc84a57d29fff8f9d8f5b1e3] | committer: Andreas Cadhalpun
mlvdec: check that index_entries exist
This fixes NULL pointer dereferencing.
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas C
ffmpeg | branch: release/2.7 | Andreas Cadhalpun
| Sat Dec 19 23:45:06 2015 +0100|
[3219de21f4e9e9bcd09df9dbc5eab63492dd05a4] | committer: Andreas Cadhalpun
rawdec: only exempt BIT0 with need_copy from buffer sanity check
Otherwise the too small buffer is directly used in the frame, causing
se
ffmpeg | branch: release/2.7 | Andreas Cadhalpun
| Fri Dec 18 19:28:51 2015 +0100|
[f040f3e5d5abfe4f59036e7b671d7b03eda244e7] | committer: Andreas Cadhalpun
xwddec: prevent overflow of lsize * avctx->height
This is used to check if the input buffer is large enough, so if this
overflows it can
ffmpeg | branch: release/2.7 | Andreas Cadhalpun
| Fri Dec 18 15:18:47 2015 +0100|
[7f320ed15d7ba4c4c84764888eb126daea932d7b] | committer: Andreas Cadhalpun
nutdec: only copy the header if it exists
Fixes ubsan runtime error: null pointer passed as argument 2, which is
declared to never be nul
ffmpeg | branch: release/2.7 | Andreas Cadhalpun
| Sat Dec 19 12:02:56 2015 +0100|
[1dc135e03d83d14274e3049011396a5bcb36e464] | committer: Andreas Cadhalpun
nutdec: reject negative value_len in read_sm_data
If it is negative, it can cause the byte position to move backwards in
avio_skip, which
ffmpeg | branch: release/2.7 | Andreas Cadhalpun
| Sat Dec 19 23:44:53 2015 +0100|
[93eda8dcbadfe375a7fe99592e4097c08deb06d1] | committer: Andreas Cadhalpun
mlvdec: check that index_entries exist
This fixes NULL pointer dereferencing.
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas C
ffmpeg | branch: release/2.7 | Andreas Cadhalpun
| Wed Dec 16 16:48:19 2015 +0100|
[3e187a9a2dfacea0d76df90dd88d957938f9d33c] | committer: Andreas Cadhalpun
on2avc: limit number of bits to 30 in get_egolomb
More don't fit into the integer output.
Also use get_bits_long, since get_bits only su
ffmpeg | branch: release/2.7 | Andreas Cadhalpun
| Wed Dec 16 20:52:39 2015 +0100|
[7ad058168665a74c8975a2bb1bd4286d37280218] | committer: Andreas Cadhalpun
nuv: sanitize negative fps rate
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit f6830cf5ba03fdcfcd81a0358eb32d4081a2fcce)
Si
ffmpeg | branch: release/2.7 | Andreas Cadhalpun
| Sun Dec 13 23:17:09 2015 +0100|
[5b88d24f241f1ae31d86d2987b17a1db7547a509] | committer: Andreas Cadhalpun
exr: fix out of bounds read in get_code
This macro unconditionally used out[-1], which causes an out of bounds
read, if out is the very b
ffmpeg | branch: release/2.8 | Andreas Cadhalpun
| Fri Dec 18 19:28:51 2015 +0100|
[778c8de40f2c8d8bdbdf9a52306c59b6a425d401] | committer: Andreas Cadhalpun
xwddec: prevent overflow of lsize * avctx->height
This is used to check if the input buffer is large enough, so if this
overflows it can
ffmpeg | branch: release/2.8 | Andreas Cadhalpun
| Sat Dec 19 12:02:56 2015 +0100|
[174ec7d744d3e45bdb74c4c568f7bc5f689d4304] | committer: Andreas Cadhalpun
nutdec: reject negative value_len in read_sm_data
If it is negative, it can cause the byte position to move backwards in
avio_skip, which
ffmpeg | branch: release/2.8 | Andreas Cadhalpun
| Wed Dec 16 20:52:39 2015 +0100|
[79f407b79a825c3123aff65cef64b383eca5a95e] | committer: Andreas Cadhalpun
nuv: sanitize negative fps rate
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit f6830cf5ba03fdcfcd81a0358eb32d4081a2fcce)
Si
ffmpeg | branch: release/2.8 | Andreas Cadhalpun
| Fri Dec 18 15:18:47 2015 +0100|
[38f8c80901033042488579c8975efb39ab153793] | committer: Andreas Cadhalpun
nutdec: only copy the header if it exists
Fixes ubsan runtime error: null pointer passed as argument 2, which is
declared to never be nul
ffmpeg | branch: release/2.8 | Andreas Cadhalpun
| Sun Dec 13 23:17:09 2015 +0100|
[945ae04fab4513ee724751d908e87a3447c3e609] | committer: Andreas Cadhalpun
exr: fix out of bounds read in get_code
This macro unconditionally used out[-1], which causes an out of bounds
read, if out is the very b
ffmpeg | branch: release/2.8 | Andreas Cadhalpun
| Wed Dec 16 16:48:19 2015 +0100|
[6d7b4dbcb4103a0c54d486d3a51aa3122a4914b6] | committer: Andreas Cadhalpun
on2avc: limit number of bits to 30 in get_egolomb
More don't fit into the integer output.
Also use get_bits_long, since get_bits only su
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Dec 19 23:21:33 2015 +0100| [c1b7e9fe52d310d5eaa4cb218610d2aab0fe5e88] |
committer: Michael Niedermayer
avcodec/mpeg4videodec: also for empty partitioned slices
Fixes assertion failure
Fixes: id_acf3e47f864e1ee4c7b86c0653e0ff31e5bde56e.m
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Nov 28 13:42:05 2015 +0100| [3e8d9eade6557aa98813e4c2ae7dc9bc33d0727e] |
committer: Michael Niedermayer
avcodec/hevc: Check max ctb addresses for WPP
Fixes out of array read
Fixes:
2f95ddd996db8a6281d2e18c184595a7/asan_heap-oob_192fe91_
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Fri Dec 4 21:38:12 2015 +0100| [8681296bb97ff0baa6aa80548b08e33910a9fc8c] |
committer: Michael Niedermayer
avcodec/pgssubdec: Fix left shift of 255 by 24 places cannot be represented in
type int
Fixes:
b293a6479bb4b5286cff24d356bfd955/asa
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Fri Dec 4 16:23:24 2015 +0100| [7294d95689f9d70f565cb3aa8f485bed1d79928b] |
committer: Michael Niedermayer
avcodec/jpeg2000dec: Check bpno in decode_cblk()
Fixes: undefined shift
Fixes:
c409ef86f892335a0a164b5871174d5a/asan_heap-oob_1dff56
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Dec 5 13:48:06 2015 +0100| [e12f07b4751cc4b09b85c8d19b5c7a0b16c07556] |
committer: Michael Niedermayer
avcodec/wmaprodec: Check bits per sample to be within the range not causing
integer overflows
Fixes:
549d5aab1480d10f2a775ed90b0342
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Dec 19 21:59:42 2015 +0100| [d0d9fad2ba5a0d53f59f69f780e3fb6f8ad97dff] |
committer: Michael Niedermayer
avcodec/h264_refs: Fix long_idx check
Fixes out of array read
Fixes mozilla bug 1233606
Found-by: Tyson Smith
Signed-off-by: Michael
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Mon Nov 30 03:32:36 2015 +0100| [4d8d2f1991cd7514a3ccd6e4ad5e62bb8f1fba57] |
committer: Michael Niedermayer
avcodec/vp3: always set pix_fmt in theora_decode_header()
Fixes assertion failure
Fixes:
d0bb0662da342ec65f8f2a081222e6b9/signal_sig
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Dec 5 13:11:23 2015 +0100| [5164067861ed3fc5311a12b7a197f23ba546b629] |
committer: Michael Niedermayer
avcodec/wmaprodec: Fix overflow of cutoff
Fixes:
129ca3e28d73af7b1e24a9d4118e7a2d/signal_sigabrt_76ae7cc9_836_762b310fc3ef6087bd
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sun Dec 13 16:13:22 2015 +0100| [10395b4738df2c312293460c84b72c13fa0eac70] |
committer: Michael Niedermayer
avformat/mxfenc: Do not crash if there is no packet in the first stream
Fixes: Ticket4914
Signed-off-by: Michael Niedermayer
(cherr
ffmpeg | branch: release/2.6 | Timo Teräs | Sat Nov 28
08:27:39 2015 +0200| [e8fa0e3ec633f716a53ba78aa5ebe37dd69694cb] | committer:
Michael Niedermayer
mpegencts: Fix overflow in cbr mode period calculations
ts->mux_rate is int (signed 32-bit) type. The period calculations
will start to overfl
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Fri Dec 4 21:44:05 2015 +0100| [0fa22a42d6b2d5fe3a0f84c72395ea404421e9da] |
committer: Michael Niedermayer
swscale/utils: Fix for runtime error: left shift of negative value -1
Fixes:
c106b36fa36db8ff8f3ed0c82be7bea2/asan_heap-oob_32699f0_
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Mon Dec 14 18:56:13 2015 +0100| [3f7bbb0ded3f16c9c8c5de96bbc1b71b6979274b] |
committer: Michael Niedermayer
avfilter/vf_mpdecimate: Add missing emms_c()
Signed-off-by: Michael Niedermayer
(cherry picked from commit 997de2e8107cc4256e5061146
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Nov 28 17:26:05 2015 +0100| [80a24e88e3db27d3604584069122e359dda4a340] |
committer: Michael Niedermayer
avcodec/utils: Use 64bit for aspect ratio calculation in avcodec_string()
Fixes integer overflow
Fixes:
3a45b2ae02f2cf12b7bd99543cdc
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Wed Dec 9 16:16:46 2015 +0100| [8e053f61f5622feff12609e21847f33342f556f5] |
committer: Michael Niedermayer
avformat/matroskaenc: Check codecdelay before use
Fixes CID1238790
Signed-off-by: Michael Niedermayer
(cherry picked from commit e6
ffmpeg | branch: release/2.6 | Rainer Hochecker | Sun
Nov 15 13:58:50 2015 +0100| [bc264004e081db584bdac811536ad8154e07066b] |
committer: Michael Niedermayer
avformat/utils: estimate_timings_from_pts - increase retry counter, fixes
invalid duration for ts files with hevc codec
Fixes a mpegts
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Tue Dec 1 12:41:43 2015 +0100| [d8a66a150ae1ef88b6d9a43905de0f90f4a1385f] |
committer: Michael Niedermayer
avutil/integer: Fix av_mod_i() with negative dividend
Signed-off-by: Michael Niedermayer
(cherry picked from commit 3a9cb18855d29c96
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Dec 5 13:06:16 2015 +0100| [354fa47018e333baeb3a6979d13cce8703bc19c8] |
committer: Michael Niedermayer
avformat/smacker: fix integer overflow with pts_inc
Fixes:
ce19e41f0ef1e52a23edc488faecdb58/asan_heap-oob_2504e97_4202_ffa0df1baed14
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Fri Nov 27 20:52:39 2015 +0100| [20a96b9d8c71b77761b82edd1971dc54354c175f] |
committer: Michael Niedermayer
avcodec/jpeg2000dwt: Check ndeclevels before calling dwt_decode*()
Fixes out of array access
Fixes:
01859c9a9ac6cd60a008274123275574
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Wed Dec 9 17:39:38 2015 +0100| [f821441795c4131ba638216ea92f0cb9f660fdbf] |
committer: Michael Niedermayer
avutil/mathematics: Fix division by 0
Fixes: CID1341571
Signed-off-by: Michael Niedermayer
(cherry picked from commit bc8b1e694cc39
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Wed Dec 2 22:59:56 2015 +0100| [63c50350b6e5038e3acf95a56fe58d43e3db5422] |
committer: Michael Niedermayer
avcodec/vp3: ensure header is parsed successfully before tables
Fixes assertion failure
Fixes:
266ee543812e934f7b4a72923a2701d4/sign
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Tue Dec 1 12:40:32 2015 +0100| [93e168705dbe306ad040d56d4c3ac8a8567143ab] |
committer: Michael Niedermayer
avformat/dump: Fix integer overflow in av_dump_format()
Fixes part of mozilla bug 1229167
Found-by: Tyson Smith
Signed-off-by: Micha
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Tue Nov 24 22:12:37 2015 +0100| [dd4c2fe74afe76868a279fd96fbc56eeffa5] |
committer: Michael Niedermayer
avcodec/h264_slice: Limit max_contexts when slice_context_count is initialized
Fixes out of array access
Fixes:
1430e9c43fae47a24c17
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Nov 28 20:08:46 2015 +0100| [a0a2bfbfd876571344df2b7fe5fd781791ec02a3] |
committer: Michael Niedermayer
avcodec/utils: Clear dimensions in ff_get_buffer() on failure
Fixes out of array access
Fixes:
482d8f2fd17c9f532b586458a33f267c/asan
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Dec 5 17:11:54 2015 +0100| [cc88d7a640884e29490b1adb598643ab1365d747] |
committer: Michael Niedermayer
avcodec/dirac_parser: Fix potential overflows in pointer checks
Signed-off-by: Michael Niedermayer
(cherry picked from commit 79798f
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Fri Nov 27 23:33:03 2015 +0100| [c84ec8d5c93887c2a97c3da514848f5fbb5ba3e6] |
committer: Michael Niedermayer
avcodec/hevc: allocate entries unconditionally
Fixes out of array access
Fixes:
08664a2a7921ef48172f26495c7455be/asan_heap-oob_23036
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Tue Dec 1 12:44:23 2015 +0100| [100dbe1bf007024224c7ae2bb5d1aa956d979722] |
committer: Michael Niedermayer
avutil/mathematics: Do not treat INT64_MIN as positive in av_rescale_rnd
The code expects actual positive numbers and gives completel
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Dec 5 17:14:36 2015 +0100| [09305dca59fd36509b593292a78ef7e7cf8220fd] |
committer: Michael Niedermayer
avcodec/dirac_parser: Add basic validity checks for next_pu_offset and
prev_pu_offset
Signed-off-by: Michael Niedermayer
(cherry pi
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Fri Nov 27 18:30:05 2015 +0100| [6157938408a020d973b9e80c11d3e3e00899bea7] |
committer: Michael Niedermayer
avcodec/hevc: Check entry_point_offsets
Fixes out of array read
Fixes:
007c4a36608ebdf27ee260ad60a81184/asan_heap-oob_32076b4_2243_1
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Fri Dec 4 12:47:20 2015 +0100| [ad09bebe0cad7eaeda0c09eea00c68197c2a8e65] |
committer: Michael Niedermayer
avcodec/vp3: Fix "runtime error: left shift of negative value"
Fixes:
5c6129154b356b80bcab86f9e3ee5d29/signal_sigabrt_76ae7cc9_7
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Fri Nov 27 22:45:46 2015 +0100| [4916aa2383153745d2ca54c7f8ea6cbc75f1c00e] |
committer: Michael Niedermayer
avcodec/hevc_cabac: Fix multiple integer overflows
Fixes:
04ec80eefa77aecd7a49a442cc02baea/asan_heap-oob_19544fa_3303_1905796cd9d8e1
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Fri Nov 27 21:02:13 2015 +0100| [40d5f570d8aa42ab54e2f30cded7b257ee8797f5] |
committer: Michael Niedermayer
avcodec/jpeg2000dwt: Check ndeclevels before calling dwt_encode*()
Signed-off-by: Michael Niedermayer
(cherry picked from commit feb
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Fri Nov 27 13:37:50 2015 +0100| [1f6aea2cc4e379346d0b5b67e9ce775e12b39def] |
committer: Michael Niedermayer
avcodec/cabac: Check initial cabac decoder state
Fixes integer overflows
Fixes:
1430e9c43fae47a24c179c7c54f94918/signal_sigsegv_4214
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Dec 5 22:08:59 2015 +0100| [929fd61602710211ccfd3c7fd8093fb6b032ad86] |
committer: Michael Niedermayer
avcodec/hevc: Fix integer overflow of entry_point_offset
Fixes out of array read
Fixes:
d41d8cd98f00b204e9800998ecf8427e/signal_sigs
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Tue Dec 1 13:32:31 2015 +0100| [00fde782a10902270c3d92d92427297683fb911b] |
committer: Michael Niedermayer
avutil/mathematics: return INT64_MIN (=AV_NOPTS_VALUE) from av_rescale_rnd()
for overflows
Fixes integer overflow
Fixes: mozilla bug
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Sat Nov 28 00:23:54 2015 +0100| [67b29888f4dc03a45dd060fbb785481ac91b0219] |
committer: Michael Niedermayer
avcodec/vp3: Clear context on reinitialization failure
Fixes null pointer dereference
Fixes:
1536b9b096a8f95b742bae9d3d761cc6/signal
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Thu Dec 3 03:14:11 2015 +0100| [2e77ab8f100946d2467e3800a7964e2d94eae288] |
committer: Michael Niedermayer
avutil/timecode: Fix fps check
The fps variable is explicitly set to -1 in case of some errors, the check must
thus be signed or the
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Wed Dec 2 21:16:27 2015 +0100| [0350f373f7f0eebc2f49a5144511ba4a7b718c1b] |
committer: Michael Niedermayer
avcodec/apedec: Check length in long_filter_high_3800()
Fixes out of array read
Fixes:
0a7ff0c1d93da9cef28a315ec91b692a/asan_heap-oo
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Fri Nov 27 12:11:29 2015 +0100| [2da8c533869afc5836d144571fb5e8b824f15e03] |
committer: Michael Niedermayer
avcodec/cabac_functions: Fix "left shift of negative value -31767"
Fixes:
1430e9c43fae47a24c179c7c54f94918/signal_sigsegv_421427_234
ffmpeg | branch: release/2.6 | Michael Niedermayer |
Wed Sep 30 13:10:48 2015 +0200| [292842a0ed80afc0ad80626397100fed5e9595f4] |
committer: Michael Niedermayer
avcodec/vp8: Do not use num_coeff_partitions in thread/buffer setup
The variable is not a constant and can lead to race conditions
F
ffmpeg | branch: master | Andreas Cadhalpun
| Wed Dec 16 20:52:39 2015 +0100| [f6830cf5ba03fdcfcd81a0358eb32d4081a2fcce] |
committer: Andreas Cadhalpun
nuv: sanitize negative fps rate
Signed-off-by: Andreas Cadhalpun
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f6830cf5ba03fdc
ffmpeg | branch: master | Andreas Cadhalpun
| Sat Dec 19 23:44:53 2015 +0100| [9fcfe4a3cdf9a5af0c37758b178965b7b99582d4] |
committer: Andreas Cadhalpun
mlvdec: check that index_entries exist
This fixes NULL pointer dereferencing.
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhal
ffmpeg | branch: master | Andreas Cadhalpun
| Sat Dec 19 23:45:06 2015 +0100| [699e68371ec7e381e5cc48e3d96e29c669261af7] |
committer: Andreas Cadhalpun
rawdec: only exempt BIT0 with need_copy from buffer sanity check
Otherwise the too small buffer is directly used in the frame, causing
segment
99 matches
Mail list logo
