ffmpeg | branch: master | Hendrik Leppkes | Tue Nov 15
10:28:54 2016 +0100| [99ee8ee0930be9c68e4e1202ddf4e8493794e0b2] | committer:
Hendrik Leppkes
dxva2_vc1: support multiple slices
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=99ee8ee0930be9c68e4e1202ddf4e8493794e0b2
---
liba
ffmpeg | branch: master | Hendrik Leppkes | Tue Nov 15
10:28:10 2016 +0100| [36e27c87e7f06cac372f0a704ca3b91c3178a1ee] | committer:
Hendrik Leppkes
vc1dec: support multiple slices in frame coded images with hwaccel
Based on a patch by Jun Zhao
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/
ffmpeg | branch: release/2.8 | Moritz Barsnick | Sun Oct 9
12:56:59 2016 +0200| [bb83ff8b4192adc640df62e235c8e0646d119736] | committer:
Michael Niedermayer
lavc: fix typos
Signed-off-by: Moritz Barsnick
Signed-off-by: Michael Niedermayer
(cherry picked from commit 3305f71025289970fb34473adc
ffmpeg | branch: release/2.8 | Moritz Barsnick | Sun Oct 9
12:57:00 2016 +0200| [b480ca4dbd4b7e5c0b362cdc118473cdf84dc9f9] | committer:
Michael Niedermayer
lavfi: fix typos
Signed-off-by: Moritz Barsnick
Signed-off-by: Michael Niedermayer
(cherry picked from commit f4e4bde1f4cff99d4ec59ed36
ffmpeg | branch: release/2.8 | Moritz Barsnick | Sun Oct 9
12:56:58 2016 +0200| [d609986f39768f55bc67f144799c6f4466ee1c0a] | committer:
Michael Niedermayer
tools: fix grammar error
Signed-off-by: Moritz Barsnick
Signed-off-by: Michael Niedermayer
(cherry picked from commit f71c98ee12f9a9e95
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Oct 30 15:12:12 2016 +0100| [744f78ce0dc5d0e233828478b9f2cf0536b865df] |
committer: Michael Niedermayer
avcodec/rawdec: Check side data size before use
Fixes out of array read
Signed-off-by: Michael Niedermayer
(cherry picked from comm
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Oct 30 15:12:12 2016 +0100| [1604a2b1e6c45ac6f905a2c945de483444d48226] |
committer: Michael Niedermayer
avcodec/qtrle: Check side data size before use
Fixes out of array read
Signed-off-by: Michael Niedermayer
(cherry picked from comm
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Oct 21 19:45:21 2016 +0200| [b9ab4db9f935a00611bad89b7c0330283c2468e4] |
committer: Michael Niedermayer
avformat/mxfdec: Check size to avoid integer overflow in mxf_read_utf16_string()
Signed-off-by: Michael Niedermayer
(cherry picked f
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Wed Oct 26 00:11:52 2016 +0200| [fe4c6aeb9935fd91bbe9e8656fc70b2b3539e851] |
committer: Michael Niedermayer
avcodec/dvdsubdec: Fix off by 1 error
Fixes out of array read
Found-by: Thomas Garnier using libFuzzer
Signed-off-by: Michael Nieder
ffmpeg | branch: release/2.8 | Shivraj Patil | Wed
Oct 5 18:10:24 2016 +0530| [b9ec80322b5b6dc22747e6bc9d463d2bcc683c6e] |
committer: Michael Niedermayer
avutil/mips/generic_macros_msa: rename macro variable which causes segfault for
mips r6
Signed-off-by: Shivraj Patil
Signed-off-by: Micha
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Oct 21 14:05:00 2016 +0200| [8328c07fb13b06c2b737785b109e7808cbbe2930] |
committer: Michael Niedermayer
avcodec/mpegvideo_enc: Clear mmx state in ff_mpv_reallocate_putbitbuffer()
This function must be called from the mb or slice encoding
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Oct 30 13:44:52 2016 +0100| [e3f8b322793d54b168cf51f59ff0ec76160e6f77] |
committer: Michael Niedermayer
avcodec/8bps: Check side data size before use
Fixes out of array read
Signed-off-by: Michael Niedermayer
(cherry picked from commit
ffmpeg | branch: release/2.8 | Ronald S. Bultje | Fri Oct
14 13:01:27 2016 -0400| [e25441912baf76d61ce216f6efc24ffcc83f707a] | committer:
Michael Niedermayer
vp9: change order of operations in adapt_prob().
This is intended to workaround bug "665 Integer Divide Instruction May
Cause Unpredicta
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Oct 30 15:12:12 2016 +0100| [ef32b162e81ab6df84b32ef6d7f4affca91e18cc] |
committer: Michael Niedermayer
avcodec/idcinvideo: Check side data size before use
Fixes out of array read
Signed-off-by: Michael Niedermayer
(cherry picked from
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Nov 15 14:52:21 2016 +0100| [b0a5794e30d6ce8ec2217c64368f373863e17dcb] |
committer: Michael Niedermayer
avcodec/movtextdec: Fix tsmb_size check==0 check
Fixes: 173/fuzz-3-ffmpeg_SUBTITLE_AV_CODEC_ID_MOV_TEXT_fuzzer
Found-by: continuous
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Wed Oct 26 16:29:57 2016 +0200| [3177ea512f4b6cab403add5f17f38321a8bfd69f] |
committer: Michael Niedermayer
avcodec/dvdsubdec: Fix buf_size check
Fixes out of array access
Found-by: Thomas Garnier using libFuzzer
Signed-off-by: Michael Nied
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Oct 21 13:40:18 2016 +0200| [865e3f5553e9f28fd343f5cadc7d520d91b17d64] |
committer: Michael Niedermayer
avcodec/utils: Clear MMX state before returning from avcodec_default_execute*()
Signed-off-by: Michael Niedermayer
(cherry picked fr
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Oct 30 15:12:12 2016 +0100| [147a387fba2edb5ecd418656c4a37c36b0a202ab] |
committer: Michael Niedermayer
avcodec/msvideo1: Check side data size before use
Fixes out of array read
Signed-off-by: Michael Niedermayer
(cherry picked from co
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Nov 15 14:54:47 2016 +0100| [ecc5bada26f262b77d157c1f557bc78978b9dbff] |
committer: Michael Niedermayer
avcodec/movtextdec: Add error message for tsmb_size check
Signed-off-by: Michael Niedermayer
(cherry picked from commit 0eb319800567
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Nov 15 20:06:42 2016 +0100| [13c249e2b5f1ce6a3449637cf7eac4b22463] |
committer: Michael Niedermayer
avformat/mpeg: Adjust vid probe threshold to correct mis-detection
Fixes: _ij.mp3
Signed-off-by: Michael Niedermayer
(cherry picked
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Oct 25 03:51:17 2016 +0200| [abe16359ba805037da0866ce07c962a57f71bcf1] |
committer: Michael Niedermayer
avcodec/interplayvideo: Check side data size before use
Fixes out of array read
Found-by: Thomas Garnier using libFuzzer
Signed-off-
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Nov 15 14:46:16 2016 +0100| [63504a2d44e51999e3ce11a4b172a1b3965a2996] |
committer: Michael Niedermayer
avcodec/movtextdec: Fix potential integer overflow
Signed-off-by: Michael Niedermayer
(cherry picked from commit 6ea27157682200e5f78
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Wed Oct 5 03:31:38 2016 +0200| [afd0f8f7750a7ced0123c939be24985fe918a1e3] |
committer: Michael Niedermayer
Update for 2.8.9
Signed-off-by: Michael Niedermayer
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=afd0f8f7750a7ced012
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Oct 30 15:12:12 2016 +0100| [2312d1d97965f6c95292d787c07d12b7fe4c44e0] |
committer: Michael Niedermayer
avcodec/qpeg: Check side data size before use
Fixes out of array read
Signed-off-by: Michael Niedermayer
(cherry picked from commi
ffmpeg | branch: release/2.8 | Moritz Barsnick | Sun Oct 9
12:57:02 2016 +0200| [d1c87a4a6fd9f32b9cd5e44190dc5ea0ad95b2dc] | committer:
Michael Niedermayer
cmdutils: fix typos
Signed-off-by: Moritz Barsnick
Signed-off-by: Michael Niedermayer
(cherry picked from commit 3e5d27d7a7350e096eac9f
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Oct 30 15:12:12 2016 +0100| [3213adceb2a8bdadc0e38b45ba068b24a85306dc] |
committer: Michael Niedermayer
avcodec/tscc: Check side data size before use
Fixes out of array read
Signed-off-by: Michael Niedermayer
(cherry picked from commi
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Nov 1 19:24:49 2016 +0100| [f9e76d3304b72b66434b0a6253daf10b50464e20] |
committer: Michael Niedermayer
avcodec/sunrast: Fix input buffer pointer check
Fixes: out of array read
Fixes: poc.dat
Found-by: Bingchang, Liu @VARAS of IIE
Teste
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Oct 30 15:12:12 2016 +0100| [09411a7d5e7c8445257cba479db4d020782acf98] |
committer: Michael Niedermayer
avcodec/kmvc: Check side data size before use
Fixes out of array read
Signed-off-by: Michael Niedermayer
(cherry picked from commi
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Oct 30 13:47:38 2016 +0100| [41b1ec0810197633bd55aa5ab9cd9885443cb0ad] |
committer: Michael Niedermayer
avcodec/cinepak: Check side data size before use
Fixes out of array read
Signed-off-by: Michael Niedermayer
(cherry picked from com
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Nov 15 18:05:33 2016 +0100| [1e86f1a64690eeb132c56815917ea66ce90546cc] |
committer: Michael Niedermayer
avcodec/ituh263dec: Avoid spending a long time in slice sync
Fixes: 177/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_FLV1_fuzzer
Found-by: contin
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Oct 30 15:12:12 2016 +0100| [f39522b6e75deab0285510f87b4868da69063d10] |
committer: Michael Niedermayer
avcodec/msrle: Check side data size before use
Fixes out of array read
Signed-off-by: Michael Niedermayer
(cherry picked from comm
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Nov 15 22:50:35 2016 +0100| [698528207ab8016cd891bc5aa8c254f7f0d573dc] |
committer: Michael Niedermayer
avcodec/rv40: Test remaining space in loop of get_dimension()
Fixes infinite loop
Fixes: 178/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_RV40_fuz
ffmpeg | branch: master | Andreas Cadhalpun
| Fri Nov 25 21:56:03 2016 +0100| [ff5f4bd97654d9089b0d735178f8bfe122d8d49c] |
committer: Andreas Cadhalpun
lavf: always forward codec_whitelist in avformat_find_stream_info
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
> http:
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Tue Nov 8 23:54:41 2016 +0100|
[6a7f0585ab195bb90ed2d3938633c4cd5fe4bc09] | committer: Andreas Cadhalpun
icodec: add ico_read_close to fix leaking ico->images
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cherry picked
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Fri Nov 4 22:58:49 2016 +0100|
[1af13ea53930963981f929f78c08ca883751fdbe] | committer: Andreas Cadhalpun
lzf: update pointer p after realloc
This fixes heap-use-after-free detected by AddressSanitizer.
Reviewed-by: Luca Barbato
Signed-off-b
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Thu Oct 20 20:08:15 2016 +0200|
[2c52b749801454b041d05f6230abe5a0a3fbfdce] | committer: Andreas Cadhalpun
aiff: check block_align in aiff_read_packet
It can be unset in avcodec_parameters_from_context and a value of 0
causes SIGFPE crashes.
R
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Mon Nov 7 23:37:59 2016 +0100|
[e1c1cb4aa148d598b5ad163a3dd7e303b3522636] | committer: Andreas Cadhalpun
mpegts: prevent division by zero
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit 1bbb18fe8
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Mon Nov 7 01:16:14 2016 +0100|
[a40189348710e37fe25fc72ef71a05ec53c138f1] | committer: Andreas Cadhalpun
mpegaudio_parser: don't return AVERROR_PATCHWELCOME
The API does not allow returning AVERROR codes.
It triggers an assert in av_parser_p
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sun Oct 16 22:39:47 2016 +0200|
[b3991ccd1170d84f5b5d84566b0c78a42724a073] | committer: Andreas Cadhalpun
astdec: fix division by zero
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit 9959a52b14bcf
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Tue Nov 8 23:29:28 2016 +0100|
[c35a140e71710d815bab9581e928b42177feaf7e] | committer: Andreas Cadhalpun
icodec: correctly check avio_read return value
It can read less than the requested amount, in which case buf contains
uninitialized data,
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sat Nov 5 00:17:53 2016 +0100|
[50d34cbf5ac86a42d3273765ce8292a06ae11158] | committer: Andreas Cadhalpun
mxfdec: fix NULL pointer dereference
Metadata streams have priv_data set to NULL.
Reviewed-by: Michael Niedermayer
Signed-off-by: Andre
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sun Oct 16 22:42:32 2016 +0200|
[d4f64a0f545e48224e985b50848153f0b779b8ff] | committer: Andreas Cadhalpun
westwood_aud: prevent division by zero
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit bc7
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sun Nov 13 23:10:06 2016 +0100|
[f70e9726dcad6dfe13b64b8878ee12a9e41063ed] | committer: Andreas Cadhalpun
libschroedingerdec: fix leaking of framewithpts
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cherry picked from c
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sun Oct 16 22:29:13 2016 +0200|
[230c04e3f6d720cc7fa17735b2ef91570417964d] | committer: Andreas Cadhalpun
aiffdec: fix division by zero
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit c143a9c96ff9
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Tue Nov 8 00:42:23 2016 +0100|
[c19e9657049d1ac67aee658b2f7ad12ba051b0cd] | committer: Andreas Cadhalpun
matroskadec: fix NULL pointer dereference in webm_dash_manifest_read_header
The code assumes that s->streams[0] is valid.
Reviewed-by: M
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Wed Nov 9 00:38:50 2016 +0100|
[1499f65ad42a4f4519f27a7d3b01c55146ce2ad0] | committer: Andreas Cadhalpun
escape124: reject codebook size 0
It causes a cb_depth of 32, leading to assertion failures in get_bits.
Reviewed-by: Michael Niedermaye
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Wed Oct 19 19:23:49 2016 +0200|
[d69dc10466e234c0e4ff9cb7e4d0e5d63ceeb357] | committer: Andreas Cadhalpun
avformat: prevent triggering request_probe assert in ff_read_packet
If probe_codec is called with pkt == NULL, it sets probe_packets to 0
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Thu Nov 17 00:04:57 2016 +0100|
[b4f42e5c85f589556ed486fc743fbe16f8ed88c8] | committer: Andreas Cadhalpun
ffmdec: validate codec parameters
A negative extradata size for example gets passed to memcpy in
avcodec_parameters_from_context causing
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Thu Oct 20 20:13:54 2016 +0200|
[d77684b85305e9dca9d056c50146f43c08268ac2] | committer: Andreas Cadhalpun
dcstr: fix division by zero
Also check for possible overflows.
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cher
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Thu Oct 20 22:14:22 2016 +0200|
[72f1701c92f7f021d00c57f4f928efa719fcd53d] | committer: Andreas Cadhalpun
cavsdec: unref frame before referencing again
This fixes asserts (from commit 13aae8) in av_frame_ref and
av_frame_move_ref.
Reviewed-by
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Tue Nov 8 23:53:52 2016 +0100|
[356e035773aa2208b985521991de125dc49cf603] | committer: Andreas Cadhalpun
icodec: fix leaking pkt on error
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit 467eece1b
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Wed Nov 2 21:28:49 2016 +0100|
[e3f671b1014095cf299180f4f052a4daaec567f6] | committer: Andreas Cadhalpun
ppc: pixblockdsp: do unaligned block accesses correctly again
This was broken by the following Libav commit:
4c387c7 ppc: dsputil: do una
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sat Nov 19 14:21:11 2016 +0100|
[53e1493cb5a0977407c7869ec9adf4555ef07c66] | committer: Andreas Cadhalpun
smacker: limit recursion depth of smacker_decode_bigtree
This fixes segmentation faults due to stack-overflow caused by too deep
recursio
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Wed Nov 16 20:46:56 2016 +0100|
[71378e7937bd458233b75b4d73f0aabc3ac437fa] | committer: Andreas Cadhalpun
exr: fix out-of-bounds read
channel_index can be -1.
This problem was introduced in commit
2dd7b46132e2801ef34fe1b5c27e0113cdcfa2f9.
Re
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Thu Nov 24 23:57:46 2016 +0100|
[072246993acb9ce22f88e3df697f78dba61fcdd3] | committer: Andreas Cadhalpun
mss2: only use error correction for matching block counts
This fixes a heap-buffer-overflow in ff_er_frame_end when decoding mss2
with co
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Wed Oct 19 23:40:41 2016 +0200|
[13f032abbb26c7b47d700745f7ace05375eae34f] | committer: Andreas Cadhalpun
rsd: limit number of channels
Negative values don't make sense and too large values can cause
overflows. For AV_CODEC_ID_ADPCM_THP this l
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Fri Nov 25 00:26:51 2016 +0100|
[5d1502d4b68c458522e5a6fc446d5b0e5f88bffb] | committer: Andreas Cadhalpun
softfloat: decrease MIN_EXP to cover full float range
floats are not necessarily normalized, so a normalized softfloat needs
MIN_EXP lowe
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sun Nov 13 22:59:47 2016 +0100|
[89a22d3fbff3db11a0a09e55778ed0e041210327] | committer: Andreas Cadhalpun
libschroedingerdec: don't produce empty frames
They are not valid and can cause problems/crashes for API users.
Reviewed-by: Michael Nie
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Wed Nov 16 20:47:35 2016 +0100|
[cb936d62664c25909b320ec230b41b5a2b9c9ed3] | committer: Andreas Cadhalpun
exr: reindent after previous commit
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit ce3147eb198770b558acf6c05f33cb807a413707
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sun Nov 13 20:52:02 2016 +0100|
[d000e66c4f2f6275fc24a424ae85f7e092293347] | committer: Andreas Cadhalpun
softfloat: handle -INT_MAX correctly
This is similar to commit 9ac61e73d0843ec4b83f4e3d47eded73234e406e.
Reviewed-by: Michael Niedermaye
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sun Oct 30 21:18:20 2016 +0100|
[5a1433b19ab396cfdc7d52d9b479a7828ce5c707] | committer: Andreas Cadhalpun
interplayacm: increase bitstream buffer size by AV_INPUT_BUFFER_PADDING_SIZE
This fixes out-of-bounds reads by the bitstream reader.
Rev
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sun Nov 13 18:22:12 2016 +0100|
[52d8c1e474c3e11fed06cf17e22c1e59406a0ce3] | committer: Andreas Cadhalpun
filmstripdec: correctly check image dimensions
This prevents a division by zero in read_packet.
Reviewed-by: Paul B Mahol
Signed-off-by
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Wed Nov 9 23:49:46 2016 +0100|
[727ec4acc471b167f8af5211e860e2def6d47d02] | committer: Andreas Cadhalpun
proresdec_lgpl: explicitly check coff[3] against slice_data_size
The implicit checks via v_data_size and a_data_size don't work in the ca
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Fri Nov 4 19:00:17 2016 +0100|
[cb0b8182448cd337f8c33cd8686ba0eb04a1] | committer: Andreas Cadhalpun
diracdec: check return code of get_buffer_with_edge
If it fails, buffers aren't allocated, causing NULL pointer dereferencing.
Reviewed-
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Thu Nov 17 22:53:51 2016 +0100|
[315f1dea84a3865dfaf949f99c9828a5b8dd4bcc] | committer: Andreas Cadhalpun
mxfdec: fix NULL pointer dereference in mxf_read_packet_old
Metadata streams have priv_data set to NULL.
Reviewed-by: Josh de Kock
Sign
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Wed Nov 9 01:09:35 2016 +0100|
[a5ba9eab44da13bb0683193e2382f1bfd853a47e] | committer: Andreas Cadhalpun
pnmdec: make sure v is capped by maxval
Otherwise put_bits can be called with a value that doesn't fit in the
sample_len, causing an asse
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Thu Nov 10 22:09:03 2016 +0100|
[eaf79ac2d9c18bce3c1990dbf6722e90d9c788b1] | committer: Andreas Cadhalpun
smvjpegdec: make sure cur_frame is not negative
This fixes a heap-buffer-overflow detected by AddressSanitizer.
Reviewed-by: Michael Nie
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Tue Nov 8 22:32:42 2016 +0100|
[5c2e26275cb130293691ed0b335db0a67e8abbcf] | committer: Andreas Cadhalpun
dvbsubdec: fix division by zero in compute_default_clut
This problem was introduced in commit
4b90dcb8493552c17a811c8b1e6538dae4061f9d.
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Wed Nov 9 23:23:16 2016 +0100|
[9b506280dd9b95b944676316ae3f8ea5605a7a10] | committer: Andreas Cadhalpun
pgssubdec: only set w/h/linesize when allocating data
Rects with positive w/h/linesize but no data are invalid.
Reviewed-by: Petri Hintu
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Thu Nov 10 22:21:20 2016 +0100|
[312757eb848b96bcc1e0df17312b11a24c4f18d3] | committer: Andreas Cadhalpun
sbgdec: prevent NULL pointer access
Reviewed-by: Josh de Kock
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit dbefbb61b785c
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Thu Oct 20 22:51:55 2016 +0200|
[facf964d37eae50d1fb5c354e8d4ab897a624e45] | committer: Andreas Cadhalpun
mpeg12dec: unref discarded picture from extradata
Otherwise another frame gets referenced into picture, triggering an assert
(from commit
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Thu Nov 17 22:46:40 2016 +0100|
[e2de6f31c0dbc09033f63a94a3795488065d3b6a] | committer: Andreas Cadhalpun
rmdec: validate block alignment
This fixes division by zero crashes.
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Fri Nov 4 21:37:13 2016 +0100|
[d0f8741a5a29e6381894fe5eacbeb9145a965b6c] | committer: Andreas Cadhalpun
flvdec: require need_context_update when changing codec id
Otherwise the codec context and codecpar might disagree on the codec id,
trigg
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Mon Nov 14 21:41:45 2016 +0100|
[e70caba38480f11043963bb5eb150cfb2eebd41b] | committer: Andreas Cadhalpun
libopusdec: default to stereo for invalid number of channels
This fixes an out-of-bounds read if avc->channels is 0.
Reviewed-by: Michae
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sun Oct 30 20:47:22 2016 +0100|
[5ede8a9d8c263ff2741bf6a6c54b76287be2af36] | committer: Andreas Cadhalpun
interplayacm: check for too large b
This fixes out-of-bounds reads.
Reviewed-by: Paul B Mahol
Signed-off-by: Andreas Cadhalpun
(cherry
ffmpeg | branch: release/3.1 | Andreas Cadhalpun
| Sun Oct 30 21:41:11 2016 +0100|
[d6fbc7a2daf0311fa7c093d48bcf19d1cf35936a] | committer: Andreas Cadhalpun
interplayacm: validate number of channels
The number of channels is used as divisor in decode_frame, so it must
not be zero to avoid SIGF
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Tue Nov 8 22:32:42 2016 +0100|
[27888d13b8d370b365593312d6755d268a4428f6] | committer: Andreas Cadhalpun
dvbsubdec: fix division by zero in compute_default_clut
This problem was introduced in commit
4b90dcb8493552c17a811c8b1e6538dae4061f9d.
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Thu Oct 20 22:14:22 2016 +0200|
[1d439041ece002c6b2e8e3d57c3b389f9fc279b6] | committer: Andreas Cadhalpun
cavsdec: unref frame before referencing again
This fixes asserts (from commit 13aae8) in av_frame_ref and
av_frame_move_ref.
Reviewed-by
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Tue Nov 8 23:29:28 2016 +0100|
[3047b0a4a3e749e62e413f8fc96ae2e9fe228477] | committer: Andreas Cadhalpun
icodec: correctly check avio_read return value
It can read less than the requested amount, in which case buf contains
uninitialized data,
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Sun Nov 13 18:22:12 2016 +0100|
[e93934e100d41ddb08bb85bf9023ee1716d78718] | committer: Andreas Cadhalpun
filmstripdec: correctly check image dimensions
This prevents a division by zero in read_packet.
Reviewed-by: Paul B Mahol
Signed-off-by
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Wed Oct 19 19:23:49 2016 +0200|
[0009cf348aa85957dbbe262926e432896a628ff3] | committer: Andreas Cadhalpun
avformat: prevent triggering request_probe assert in ff_read_packet
If probe_codec is called with pkt == NULL, it sets probe_packets to 0
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Wed Nov 9 23:49:46 2016 +0100|
[416a8a06b977d8b3d113945701d9690abfdd7622] | committer: Andreas Cadhalpun
proresdec_lgpl: explicitly check coff[3] against slice_data_size
The implicit checks via v_data_size and a_data_size don't work in the ca
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Wed Nov 2 21:28:49 2016 +0100|
[087b77741526e701d392c038ae765993d60b5fab] | committer: Andreas Cadhalpun
ppc: pixblockdsp: do unaligned block accesses correctly again
This was broken by the following Libav commit:
4c387c7 ppc: dsputil: do una
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Wed Nov 9 01:09:35 2016 +0100|
[b32c9941a21ef44b95489c878b4f6a40c077eb47] | committer: Andreas Cadhalpun
pnmdec: make sure v is capped by maxval
Otherwise put_bits can be called with a value that doesn't fit in the
sample_len, causing an asse
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Tue Nov 8 23:53:52 2016 +0100|
[c3307f7e9e1889c15dcaad1247c8212628474bc5] | committer: Andreas Cadhalpun
icodec: fix leaking pkt on error
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cherry picked from commit 467eece1b
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Tue Nov 8 23:54:41 2016 +0100|
[05e6606ba98a53f10213b2f8b07afc3e62731c5a] | committer: Andreas Cadhalpun
icodec: add ico_read_close to fix leaking ico->images
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cherry picked
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Sun Nov 13 23:10:06 2016 +0100|
[4ffd5805af4a8734d238e561daa63c7b3be5eedb] | committer: Andreas Cadhalpun
libschroedingerdec: fix leaking of framewithpts
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cherry picked from c
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Sun Oct 30 20:47:22 2016 +0100|
[a1e6daeb1e92abf59e6b5a4229948ca54967f759] | committer: Andreas Cadhalpun
interplayacm: check for too large b
This fixes out-of-bounds reads.
Reviewed-by: Paul B Mahol
Signed-off-by: Andreas Cadhalpun
(cherry
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Mon Nov 7 01:16:14 2016 +0100|
[e6197a6ce986af0d2f29ed0b649f3ed531a6d66e] | committer: Andreas Cadhalpun
mpegaudio_parser: don't return AVERROR_PATCHWELCOME
The API does not allow returning AVERROR codes.
It triggers an assert in av_parser_p
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Fri Nov 25 00:26:51 2016 +0100|
[88bf1d2749624cf78be0c5a5d74c169ad16ba99c] | committer: Andreas Cadhalpun
softfloat: decrease MIN_EXP to cover full float range
floats are not necessarily normalized, so a normalized softfloat needs
MIN_EXP lowe
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Thu Nov 24 23:57:46 2016 +0100|
[0496403c08ab35b20490a48aa9e3fdbd4d3bf27d] | committer: Andreas Cadhalpun
mss2: only use error correction for matching block counts
This fixes a heap-buffer-overflow in ff_er_frame_end when decoding mss2
with co
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Sat Nov 5 00:17:53 2016 +0100|
[e78d9f3f35e379ab7da729360e3eb5ad39c150fa] | committer: Andreas Cadhalpun
mxfdec: fix NULL pointer dereference
Metadata streams have priv_data set to NULL.
Reviewed-by: Michael Niedermayer
Signed-off-by: Andre
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Thu Oct 20 20:13:54 2016 +0200|
[e8ab2bd2ac85ad0b1013f247d35032b7cd7f771e] | committer: Andreas Cadhalpun
dcstr: fix division by zero
Also check for possible overflows.
Reviewed-by: Michael Niedermayer
Signed-off-by: Andreas Cadhalpun
(cher
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Wed Oct 19 23:40:41 2016 +0200|
[45b18fbb9a7729c91d69d6359a782a0135b5f2b8] | committer: Andreas Cadhalpun
rsd: limit number of channels
Negative values don't make sense and too large values can cause
overflows. For AV_CODEC_ID_ADPCM_THP this l
ffmpeg | branch: release/3.0 | Mark Harris | Mon Feb 15
23:52:13 2016 -0800| [9375a7d85e8bc78dbb5cc101c37ff7c51f7d9b24] | committer:
Andreas Cadhalpun
avformat/icodec: Fix crash probing fuzzed file
Avoid invalid memory read/crash when frame offset >= 0xfff8.
Base64-encoded example: AAABADA
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Sat Nov 19 14:21:11 2016 +0100|
[48d24cca1308d7cc78aa99827b5449a8577a68a2] | committer: Andreas Cadhalpun
smacker: limit recursion depth of smacker_decode_bigtree
This fixes segmentation faults due to stack-overflow caused by too deep
recursio
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Sun Nov 13 22:59:47 2016 +0100|
[57665e04e22a201d3c56072532c15ce6ba71353a] | committer: Andreas Cadhalpun
libschroedingerdec: don't produce empty frames
They are not valid and can cause problems/crashes for API users.
Reviewed-by: Michael Nie
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Fri Nov 4 22:58:49 2016 +0100|
[ef2d91e9c337f50edbc7631485bfec385601f4bb] | committer: Andreas Cadhalpun
lzf: update pointer p after realloc
This fixes heap-use-after-free detected by AddressSanitizer.
Reviewed-by: Luca Barbato
Signed-off-b
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Sun Oct 30 21:41:11 2016 +0100|
[aa32d415275613e406a43d8f091d6981e4e1b872] | committer: Andreas Cadhalpun
interplayacm: validate number of channels
The number of channels is used as divisor in decode_frame, so it must
not be zero to avoid SIGF
ffmpeg | branch: release/3.0 | Andreas Cadhalpun
| Thu Nov 10 22:09:03 2016 +0100|
[69673d02790f7917d11055236ecfa20c9ff8771a] | committer: Andreas Cadhalpun
smvjpegdec: make sure cur_frame is not negative
This fixes a heap-buffer-overflow detected by AddressSanitizer.
Reviewed-by: Michael Nie
1 - 100 of 139 matches
Mail list logo
