ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Feb 18 00:11:33 2018 +0100| [36a1e9be5a1d16a6b006eccaa043ac7fd2ebce32] |
committer: Michael Niedermayer
avcodec/jpeg2000dwt: Fix integer overflows in sr_1d53()
Fixes: 5918/clusterfuzz-testcase-minimized-5120505435652096
Found-by: contin
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Feb 26 03:02:48 2018 +0100| [e724bd1dd9efea3abb8586d6644ec07694afceae] |
committer: Michael Niedermayer
avcodec/utvideodec: Check subsample factors
Fixes: Out of array read
Fixes: heap_poc
Found-by: GwanYeong Kim
Signed-off-by: Michael
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Feb 27 15:17:12 2018 +0100| [ff587292238c4f35036c5208492f34a546bcc6c7] |
committer: Michael Niedermayer
avcodec/nuv: Check for minimum input size for uncomprssed and rtjpeg
Fixes: Timeout
Fixes:
6297/clusterfuzz-testcase-minimized-ffmpe
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Mar 25 01:51:28 2018 +0100| [367d459f78c1cecce1d1a8e5bbe6a8b908de3e2f] |
committer: Michael Niedermayer
avcodec/wmalosslessdec: Fix null pointer dereference in decode_frame()
Fixes: 2018_03_23_poc.wav
Found-by: GwanYeong Kim
Signed-off
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sat Mar 24 01:38:53 2018 +0100| [20e6a8dee8f82e38fc9c51ae7960fc01cf2fbea8] |
committer: Michael Niedermayer
avcodec/get_bits: Make sure the input bitstream with padding can be addressed
Signed-off-by: Michael Niedermayer
(cherry picked from
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Feb 27 15:17:12 2018 +0100| [b4e66382c207a3fd1e5e1aee0882b367c65e18c8] |
committer: Michael Niedermayer
avcodec/nuv: rtjpeg with dimensions less than 16 would result in no decoded
pixels thus reject it
Fixes: Timeout
Fixes:
6297/cluste
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Mar 9 01:05:20 2018 +0100| [6b51dc9223460b40b14c2c61187b135fb690ebb7] |
committer: Michael Niedermayer
avformat/oggparseogm: Check lb against psize
No testcase, this was found during code review
Found-by: Matt Wolenetz
Reviewed-by: Ma
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sat Feb 17 23:54:44 2018 +0100| [299b981382725c1befb56c8f324ce067783220d6] |
committer: Michael Niedermayer
avcodec/diracdec: Use int64 in global mv to prevent overflow
Fixes: runtime error: signed integer overflow: 361 * -6295541 cannot be
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Thu Mar 8 22:40:50 2018 +0100| [3b5645a72928e3eab7594205bab2d8aed8c114e8] |
committer: Michael Niedermayer
avformat/avidec: Fix integer overflow in cum_len check
Fixes: signed integer overflow: 3775922176 * 4278190080 cannot be represented
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Mar 6 18:14:12 2018 +0100| [5279e865961f6eb7bf05c46c6c59835000f5bd50] |
committer: Michael Niedermayer
libavformat/oggparsevorbis: Fix memleak on multiple headers
Fixes: Chromium bug 800123
Reported-by: Matt Wolenetz
Reviewed-by: Matt
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Feb 26 21:17:08 2018 +0100| [6d3f8992acc9de0af0bfae5a8844c87747d92ad0] |
committer: Michael Niedermayer
avcodec/bintext: sanity check dimensions
Fixes: Timeout
Fixes:
6277/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XBIN_fuzzer-60
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Feb 18 21:51:38 2018 +0100| [84bf347ff054a928e69debb3d84b7c4f9d1a832e] |
committer: Michael Niedermayer
avcodec/diracdec: Fix integer overflow in mv computation
Fixes: signed integer overflow: -2072 + -2147483646 cannot be represented in
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Thu Mar 29 01:07:24 2018 +0200| [e1aec9bb8d80e4e88225a527da5c8c3b32301f4f] |
committer: Michael Niedermayer
avcodec/tableprint_vlc: Fix build failure with --enable-hardcoded-tables
Found-by: James Almer
Signed-off-by: Michael Niedermayer
(
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Mar 11 00:13:57 2018 +0100| [1c0914e4f34edb02a242d58d3929fdd07a59f211] |
committer: Michael Niedermayer
avcodec/wmalosslessdec: Reset num_saved_bits on error path
Fixes: NULL pointer dereference
Fixes: poc-201803.wav
Found-by: GwanYeong
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Feb 23 03:40:02 2018 +0100| [11d0464565d1cac24c57ad7c6822fc9db046a057] |
committer: Michael Niedermayer
avcodec/smc: Check input packet size
Fixes: Timeout
Fixes:
6261/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMC_fuzzer-5811309
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Thu Mar 8 17:28:36 2018 +0100| [7d915afd23aabe58c0d8fe260960263d7665703a] |
committer: Michael Niedermayer
avformat/oggparsetheora: Do not adjust AV_NOPTS_VALUE
Fixes: Chromium bug 795653
Fixes: signed integer overflow: 9223372036854775807
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Mar 9 16:43:29 2018 +0100| [5770793dec3af51a513174c87aad95b44a7e00e0] |
committer: Michael Niedermayer
avformat/mov: Fix integer overflows related to sample_duration
Fixes: runtime error: signed integer overflow: -9166684017437101870 +
ffmpeg | branch: release/2.8 | heimdallr | Sat Mar 31
19:37:23 2018 +0700| [eb8654610927dc3dcacf777b0a8bd52ce6c02431] | committer:
Michael Niedermayer
avcodec/imgconvert: Fix loss mask bug in avcodec_find_best_pix_fmt_of_list()
example:
AVPixelFormat pixFmts[] = { AV_PIX_FMT_RGB24, AV_PIX_FMT
ffmpeg | branch: release/2.8 | Hendrik Schreiber | Thu Apr
5 13:58:37 2018 +0200| [fe4e35e202d36e51e0a638827e810a2d5a9ec812] | committer:
Michael Niedermayer
swresample/swresample: Fix for seg fault in swr_convert_internal() ->
sum2_float during dithering.
Removed +len1 in call to s->mix_2_1
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Mar 16 19:53:36 2018 +0100| [17f626528a2913fa5b449cdad70f3796f2deacf2] |
committer: Michael Niedermayer
avformat/mov: Check STSC and remove invalid entries
Fixes assertion failure
Fixes: crbug 822547, crbug 822666 and crbug 823009
Affec
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Feb 20 23:11:01 2018 +0100| [d81e0f925a94a3d4f2a1c85447dc1d938e1e4fe5] |
committer: Michael Niedermayer
avcodec/cavsdec: Check alpha/beta offset
Fixes: Integer overflow
Fixes: 6183/clusterfuzz-testcase-minimized-6269224436629504
Found-b
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Thu Mar 8 23:14:04 2018 +0100| [31783dc5fe00335f82df16ba37f83a9b9751c004] |
committer: Michael Niedermayer
avformat/oggparseogm: Fix undefined shift in ogm_packet()
Fixes: shift exponent 48 is too large for 32-bit type 'int'
Fixes: Chromium
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Wed Mar 7 00:10:11 2018 +0100| [4bcfe9f19c8edf469158e0da6ef8d6e3ba6eec28] |
committer: Michael Niedermayer
avformat/utils: Fix integer overflow of fps_first/last_dts
Fixes: runtime error: signed integer overflow: 7738135736989908991 -
-789
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sat Mar 31 21:19:19 2018 +0200| [d3d5382dadcd1b6dbc09da02d9958f027e38] |
committer: Michael Niedermayer
avcodec/aacdec_fixed: Fix integer overflow in apply_independent_coupling_fixed()
I was not able to reproduce this, this fix is based
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Wed Apr 25 01:54:17 2018 +0200| [6f68d2ca0b04731eed95aa4993fdee1f68359702] |
committer: Michael Niedermayer
avcodec/elsdec: Fix memleaks
Fixes:
6798/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5135899701542912
Found-by: co
ffmpeg | branch: release/2.8 | Matt Wolenetz | Tue Apr 10
13:59:25 2018 -0700| [54bde32f37fd69c556c1c65047f9d27c2a6da229] | committer:
Michael Niedermayer
lavc/libopusdec: Allow avcodec_open2 to call .close
If there is a decoder initialization failure detected in avcodec_open2
after .init is c
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Mar 12 00:05:04 2018 +0100| [704bebc91fa573dd770e49b805e1a9d7f68fea6f] |
committer: Michael Niedermayer
avcodec/cscd: Error out when LZ* decompression fails
Fixes: Timeout
Fixes:
6304/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CS
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Apr 16 18:23:12 2018 +0200| [f337adcd28de23aa551e8c0ffc3cde73fdd4c80f] |
committer: Michael Niedermayer
doc/APIchanges: Fix typos in hashes
Thanks-to: Moritz Barsnick for finding the correct ones
Signed-off-by: Michael Niedermayer
(ch
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Apr 10 16:12:15 2018 +0200| [23dcc9ff7c37e8da1808802be66de89d70b06599] |
committer: Michael Niedermayer
avcodec/mjpegdec: Check input buffer size.
Fixes: Timeout
Fixes:
6381/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzze
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Apr 13 11:38:48 2018 +0200| [25ecdac8beca8978ff09da97dbd5e1bda9675253] |
committer: Michael Niedermayer
avformat/utils: Check cur_dts in update_initial_timestamps() more
Fixes: runtime error: signed integer overflow: 18133149658382192 -
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Apr 8 03:29:44 2018 +0200| [07cd51f10e96a4b9208d3aa99caea1068f89041b] |
committer: Michael Niedermayer
avcodec/movtextdec: Check style_start/end
Limits based on 3GPP TS 26.245 V14.0.0
Fixes: Timeout
Fixes:
6377/clusterfuzz-testcase-min
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sat Apr 7 21:55:06 2018 +0200| [01f124da7f797eb62c71ce5e655f81a4867bcbfe] |
committer: Michael Niedermayer
avcodec/aacsbr_fixed: Fix integer overflow in sbr_hf_assemble()
Fixes: runtime error: signed integer overflow: 2052929346 + 204817098
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Apr 22 21:46:05 2018 +0200| [9a7a3b22625e361097579fc4183e1c1167c7ac5c] |
committer: Michael Niedermayer
avcodec/error_resilience: Fix integer overflow in filter181()
Fixes: runtime error: signed integer overflow: 197710 * 10923 cannot be
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri May 4 18:16:08 2018 +0200| [02f4e846d2883871a2bb19175875f58e1d700cc2] |
committer: Michael Niedermayer
avcodec/g2meet: Change order of operations to avoid undefined behavior
Fixes: signed integer overflow: 65280 * 196032 cannot be repre
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Apr 27 21:44:07 2018 +0200| [f20c62538b03bd211360c8501c4e13c227266e33] |
committer: Michael Niedermayer
avcodec/wavpack: Fix integer overflow in DEC_MED() / INC_MED()
Fixes: runtime error: signed integer overflow: 2147483637 + 128 cannot
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Apr 22 21:07:45 2018 +0200| [1f057b23c70c249a7432dd493f7fd3c9104aae9f] |
committer: Michael Niedermayer
avcodec/h263dec: Check slice_ret in mspeg4 slice loop
Fixes infinite loop
Fixes:
6858/clusterfuzz-testcase-ffmpeg_AV_CODEC_ID_MSMPEG
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon May 14 00:10:33 2018 +0200| [a89f074d895324af8b7da911a1727197684b40cb] |
committer: Michael Niedermayer
avcodec/dirac_dwt: Fix integer overflow in COMPOSE_DD97iH0 / COMPOSE_DD137iL0
Fixes: negation of -2147483648 cannot be represented in
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Apr 17 02:13:43 2018 +0200| [bd7231cad119894d79c4f05c2e5471caee66d197] |
committer: Michael Niedermayer
avcodec/cinepak: Skip empty frames
Speeds up decoding from 3 to 0.1 seconds for
6302/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Thu May 17 13:40:38 2018 +0200| [931f83773119649a975ddeea727950fbc36810a3] |
committer: Michael Niedermayer
indeo4: Decode all or nothing of a band header.
This avoids inconsistent value combinations.
Alternatively it would be possible to ad
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Apr 10 22:24:03 2018 +0200| [6186bfad387042f36a6fbf7c38dafaeec6cc774a] |
committer: Michael Niedermayer
avcodec/truemotion2: Propagate out of bounds error from GET_TOK()
Fixes: Timeout
Fixes:
6389/clusterfuzz-testcase-minimized-ffmpeg_A
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri May 4 19:18:25 2018 +0200| [c10babcadc341b8bec6b16572e4373ae571af7e7] |
committer: Michael Niedermayer
avcodec/jpeg2000dec: Fix undefined shift in the
jpeg2000_decode_packets_po_iteration() CPRL case
Fixes: shift exponent 47 is too lar
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sat May 5 22:00:01 2018 +0200| [888bdb127b545731148d7f678f69c863a55889a8] |
committer: Michael Niedermayer
avcodec/fic: Check available input space for cursor
Fixes: out of array read
Fixes:
6546/clusterfuzz-testcase-minimized-ffmpeg_AV_CO
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sat Apr 21 22:19:31 2018 +0200| [8eee712737c2aa2f643998e752f480ad42bb0612] |
committer: Michael Niedermayer
avcodec/ffv1enc: Check that the crc + version combination is supported
The crc flag is only stored since version 3 thus before this c
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Apr 27 20:16:13 2018 +0200| [fc097bf1cd0af7bbab09e2f1af4ae39eb0ca4eea] |
committer: Michael Niedermayer
avcodec/g2meet: Check RGB upper limit
Fixes: runtime error: left shift of 1876744317 by 16 places cannot be
represented in type 'int
ffmpeg | branch: release/2.8 | Stephan Holljes | Fri
Jan 12 19:16:29 2018 +0100| [18772823239094cb23df43ceb01152a9bcf80710] |
committer: Michael Niedermayer
lavf/http.c: Free allocated client URLContext in case of error.
Signed-off-by: Stephan Holljes
Signed-off-by: Michael Niedermayer
(cher
ffmpeg | branch: release/2.8 | Rahul Chaudhry |
Wed Apr 18 16:29:39 2018 -0700| [e5b29c60f02fa03a69b047ebc5d35737dd77ed1d] |
committer: Michael Niedermayer
swresample/arm: remove unintentional relocation.
Branch to global symbol results in reference to PLT, and when compiling
for THUMB-2 - in
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Apr 23 02:08:10 2018 +0200| [60e7be58d996b8f14e99876472fdbdbc4db370d8] |
committer: Michael Niedermayer
avcodec/vc1_block: simplify ac_val computation
also fixes: runtime error: index 1456 out of bounds for type 'int16_t [16]'
Found-by:
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Thu May 17 13:58:46 2018 +0200| [3d4e0858d68bce81f25bbab4ac912d971175daaf] |
committer: Michael Niedermayer
avcodec/mlpdec: Only change noise_type if the related fields are valid
Fixes: inconsistency
Fixes:runtime error: index 8 out of bound
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Apr 30 22:20:28 2018 +0200| [8e3918f1db50544b5f2255c41323de6cf6258e81] |
committer: Michael Niedermayer
avcodec/flac_parser: Fix infinite loop
Fixes: crbug/827204
Reported-by: Frank Liberato
Reviewed-by: Frank Liberato
Signed-off-by:
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon May 21 23:08:05 2018 +0200| [6bbef938839adc55e8e048bc9cc2e0fafe2064df] |
committer: Michael Niedermayer
avcodec/mpeg4videoenc: Use 64 bit for times in mpeg4_encode_gop_header()
Fixes truncation
Fixes Assertion n <= 31 && value < (1U << n
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Apr 16 22:28:23 2018 +0200| [a868e804d92fbc973c585c5e56e7e382004ce538] |
committer: Michael Niedermayer
avcodec/dsicinvideo: Propagate errors from cin_decode_rle()
Signed-off-by: Michael Niedermayer
(cherry picked from commit 942217b153
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri May 25 22:06:48 2018 +0200| [4c2bb473d3f9a04bf3eafeb64b93c745ae44db6a] |
committer: Michael Niedermayer
avcodec/aacdec_fixed: use 64bit to avoid overflow in rounding in
apply_dependent_coupling_fixed()
Fixes: signed integer overflow: -2
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue May 15 17:07:00 2018 +0200| [854835966b33ce70ea61d0701b0e88b7700438fd] |
committer: Michael Niedermayer
avformat/mov: Only fail for STCO/STSC contradictions if both exist
Fixes regression with playback of
GF9720Repeal20the20Eighth20with
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Apr 16 22:04:53 2018 +0200| [79cc326baba5ed80e752d9d03f110e7d3a15354b] |
committer: Michael Niedermayer
avcodec/dfa: Check dimension against maximum
The headers from where the dimensions are read in actual files
are limited to 16bit per
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Apr 17 02:13:42 2018 +0200| [173e04ee85a8de7475eecb486e27adefc01847d3] |
committer: Michael Niedermayer
avcodec/cinepak: move some checks prior to frame allocation
Speeds up decoding from 8 to 3 seconds for
6302/clusterfuzz-testcase-min
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri May 4 19:11:36 2018 +0200| [4e9e1ab815c525471bf51f31e05a708bd6c74a82] |
committer: Michael Niedermayer
avcodec/jpeg2000dec: Skip init for component in CPRL if nothing is to be done
Fixes: assertion failure
Fixes:
7949/clusterfuzz-testc
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Wed Apr 11 19:50:52 2018 +0200| [9af1e014f788a9c8700c4415130475f27a35e3db] |
committer: Michael Niedermayer
avcodec/utils: Enforce minimum width also for VP5/6
Fixes: out of array access
Fixes: poc_0411
Found-by: GwanYeong Kim
Tested-by: G
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Apr 16 22:29:09 2018 +0200| [c7329c733cb3dc2350a2df430feb55c37209f95b] |
committer: Michael Niedermayer
avcodec/dsicinvideo: Fail if there is only a small fraction of the data
available that comprises a full frame
Fixes: Timeout
Fixes:
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Jun 3 00:48:06 2018 +0200| [832d9accfc23b837a3c6e10fd92c9a5a6129bf0b] |
committer: Michael Niedermayer
avcodec/amrwbdec: Fix division by 0 in find_hb_gain()
This restructures the code slightly toward D_UTIL_dec_synthesis()
Fixes:
7420
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue May 15 17:06:59 2018 +0200| [674929cd46c76285f4d739c0436a75a5402dee61] |
committer: Michael Niedermayer
avformat/mov: Break out early if chunk_count is 0 in mov_build_index()
Without this some operations might overflow (undefined behavio
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon May 21 03:16:58 2018 +0200| [17ed3c809da5852c3d5c41df14f0d44a8d7c10a9] |
committer: Michael Niedermayer
avformat/mov: replace a value error by clipping into valid range in
mov_read_stsc()
Fixes: #7165
Signed-off-by: Michael Niedermayer
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sat May 5 23:42:36 2018 +0200| [f98794c73a7f90da43e06126e60a7bbda530fba7] |
committer: Michael Niedermayer
avcodec/fic: Avoid some magic numbers related to cursors
Signed-off-by: Michael Niedermayer
(cherry picked from commit c6a11714c4b12
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Jun 3 01:33:54 2018 +0200| [4c3a7aaea8ba76225780bd867a053bb0084503d6] |
committer: Michael Niedermayer
avcodec/opus_silk: Change silk_lsf2lpc() slightly toward silk/NLSF2A.c
Fixes: runtime error: signed integer overflow: -1440457022 - 7
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Wed May 16 22:50:19 2018 +0200| [781dcd5db6ac7597a8c2e7ad165a4ef6b0d1697a] |
committer: Michael Niedermayer
avcodec/g2meet: ask for sample with overflowing RGB
Suggested-by: Tomas Härdin
Signed-off-by: Michael Niedermayer
(cherry picked f
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Jun 5 02:17:24 2018 +0200| [ce4cb475a3714def0ad80a5ad74f2c9c90683f88] |
committer: Michael Niedermayer
avcodec/mjpegdec: Fix integer overflow in ljpeg_decode_rgb_scan()
Fixes: signed integer overflow: 32768 + 2147450880 cannot be repres
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Wed May 16 23:35:58 2018 +0200| [ed4e35a0fdef551041a2d0e412e90321dbd6bf3e] |
committer: Michael Niedermayer
avformat/mov: Only set pkt->duration to non negative values
Reviewed-by: Sasi Inguva
Signed-off-by: Michael Niedermayer
(cherry pic
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Jun 8 00:07:04 2018 +0200| [acfdaa463e7c7ab5d8603b6e8aa31eaf9e8a555e] |
committer: Michael Niedermayer
avcodec/wavpack: Fix overflow in adding tail
Fixes: signed integer overflow: 2146907204 + 26846088 cannot be represented in
type 'in
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Jun 8 18:25:14 2018 +0200| [cc65755a0ddbc8985462ac8f961188e08d89110f] |
committer: Michael Niedermayer
avcodec/h264_mc_template: Only prefetch motion if the list is used.
Fixes: index 59 out of bounds for type 'H264Ref [48]'
Fixes:
823
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Jun 5 13:19:35 2018 +0200| [6fdc61b8f6f1a8f7ded6fa858dd5b5fe69e0237e] |
committer: Michael Niedermayer
avcodec/shorten: Fix multiple integer overflows
Fixes: signed integer overflow: 3 * 1006632960 cannot be represented in type
'int'
F
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Jun 5 02:09:59 2018 +0200| [ea0734e3f011964e12da5f7d8dacf4a86670cbf0] |
committer: Michael Niedermayer
avcodec/truemotion2: Fix overflow in tm2_apply_deltas()
Fixes: signed integer overflow: 1077952576 + 1077952576 cannot be represented
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Jun 5 13:03:48 2018 +0200| [f41da2bd5ff7d9d6b1141284dbd526d8b232e29b] |
committer: Michael Niedermayer
avcodec/shorten: Sanity check nmeans
Fixes: OOM
Fixes:
8195/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5179785
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Thu Jun 14 15:41:33 2018 +0200| [c1121e7ec29b78bf96a4411ca378e2336a32dbcd] |
committer: Michael Niedermayer
avutil/common: Fix undefined behavior in av_clip_uintp2_c()
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue May 1 22:44:07 2018 +0200| [83260729955b9249599a23be5f9ad4e9051db002] |
committer: Michael Niedermayer
fftools/ffmpeg: Fallback to duration if sample rate is unavailable
Regression since: af1761f7
Fixes: Division by 0
Fixes: ffmpeg_cras
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Jun 8 00:42:31 2018 +0200| [2b60986513c98b35fecdf75663bc014b7344b572] |
committer: Michael Niedermayer
avcodec/xwddec: Use ff_set_dimensions()
Fixes: OOM
Fixes:
8178/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XWD_fuzzer-48447933
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Thu Jun 21 22:48:54 2018 +0200| [8db6c2993bb58937167dd2d4b8014ea4ab784846] |
committer: Michael Niedermayer
avcodec/mjpegdec: Check for end of bitstream in ljpeg_decode_rgb_scan()
Fixes: Timeout
Fixes:
8648/clusterfuzz-testcase-minimized-ff
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Jun 22 01:18:20 2018 +0200| [3b02b9ad2b81fb536587d45ee7463aaf1fa93a4c] |
committer: Michael Niedermayer
avcodec/cscd: Check output buffer size for lzo.
Fixes: Timeout
Fixes:
8665/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CSCD_fu
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Thu Jun 14 16:41:49 2018 +0200| [e495910d4ca368be51fdc2ecc056ed0fb0ff2526] |
committer: Michael Niedermayer
avcodec/aacdec_fixed: Fix undefined integer overflow in
apply_independent_coupling_fixed()
Fixes: signed integer overflow: 1195517 *
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Thu Jun 21 23:08:32 2018 +0200| [65c9c1b061db7eaf2559f4f984de679751803665] |
committer: Michael Niedermayer
avcodec/ra144: Fix integer overflow in ff_eval_refl()
Fixes: signed integer overflow: -4096 * -524288 cannot be represented in type
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Sun Jun 24 19:23:02 2018 +0200| [9bfdb49b74026f380488cd857f0dddf7bb3834ca] |
committer: Michael Niedermayer
avcodec/escape124: Check buf_size against num_superblocks
Fixes: Timeout
Fixes:
8722/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Wed Jun 27 13:00:28 2018 +0200| [f780dabc501921448b11d2e1800255ff54df5ee5] |
committer: Michael Niedermayer
avcodec/escape124: Fix spelling errors in comment
Signed-off-by: Michael Niedermayer
(cherry picked from commit f59c4e43915ed0528e27
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Jul 2 19:11:46 2018 +0200| [29c7a02bb2858e669441c642af3230db5f147f50] |
committer: Michael Niedermayer
avcodec/shorten: Fix undefined addition in shorten_decode_frame()
Fixes: signed integer overflow: 1139785606 + 1454196085 cannot be r
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Jul 2 18:57:05 2018 +0200| [b6af5c8880e1b60e5008326329d2e83b3901d638] |
committer: Michael Niedermayer
avcodec/jpeg2000dec: Fixes invalid shifts in
jpeg2000_decode_packets_po_iteration()
Fixes: shift exponent 47 is too large for 32-bit
ffmpeg | branch: release/2.8 | James Almer | Fri Nov 24
17:46:16 2017 -0300| [7ae182e0b7dea18c2c682021dabf3542af5e04c1] | committer:
Michael Niedermayer
avformat/utils: fix mixed declarations and code
Signed-off-by: James Almer
(cherry picked from commit 31de45d20b1ff90d4baf7c5a65e88f582efdb2
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Jul 3 20:33:04 2018 +0200| [feb31c7ade15719d292c20da60763173e2ba3991] |
committer: Michael Niedermayer
avformat/mms: Add missing chunksize check
Fixes: out of array read
Fixes: mms-crash-01b6c5d85f9d9f40f4e879896103e9f5b222816a
Found-b
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Jul 6 16:28:14 2018 +0200| [270a7ff111aa95793ba156b797f1d1e4caaa7efd] |
committer: Michael Niedermayer
avcodec/mjpegdec: Check for odd progressive RGB
Fixes: out of array access
Fixes:
9225/clusterfuzz-testcase-minimized-ffmpeg_AV_CODE
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Fri Jul 6 22:23:25 2018 +0200| [5775f837963dcf178876ca7d618e6d7dead830c0] |
committer: Michael Niedermayer
avformat/movenc: Check input sample count
Fixes: division by 0
Fixes: fpe_movenc.c_199_1.wav
Fixes: fpe_movenc.c_199_2.wav
Fixes: fpe
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Wed Jun 27 16:51:51 2018 +0200| [a80b8a01cc934b3417cea5c50a9f607d77f223ec] |
committer: Michael Niedermayer
avformat/movenc: Check that frame_types other than EAC3_FRAME_TYPE_INDEPENDENT
have a supported substream id
Fixes: out of array acc
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Tue Jul 3 22:14:42 2018 +0200| [c75b8c9733efce84304a2dcec1bbfe806ab2e90f] |
committer: Michael Niedermayer
avformat/pva: Check for EOF before retrying in read_part_of_packet()
Fixes: Infinite loop
Fixes: pva-4b1835dbc2027bf3c567005dcc78e851
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Jul 2 18:40:08 2018 +0200| [76e10cd327b3070af6df4a581727ba6602776175] |
committer: Michael Niedermayer
avcodec/jpeg2000dec: Check that there are enough bytes for all tiles
Fixes: OOM
Fixes:
8781/clusterfuzz-testcase-minimized-ffmpeg_AV
ffmpeg | branch: release/2.8 | Michael Niedermayer |
Mon Jul 2 01:26:44 2018 +0200| [4652b0f8fe8a444619f695bc1921d0d8133e1203] |
committer: Michael Niedermayer
avcodec/indeo4: Check for end of bitstream in decode_mb_info()
Fixes: Timeout
Fixes:
8776/clusterfuzz-testcase-minimized-ffmpeg_AV_C
ffmpeg | branch: release/2.8 | James Almer | Thu Mar 17
21:46:06 2016 -0300| [81997136995e795ee6c9e7643d03247f5dd5fdf9] | committer:
Michael Niedermayer
libwebpenc_animencoder: add missing braces to struct initialization
The first member of the WebPAnimEncoderOptions struct is non scalar
Sign
ffmpeg | branch: master | Steven Liu | Mon Jul 9
17:05:30 2018 +0800| [bd8a5c6b7ce71c739ab95f6b17e8caeeec2dc9e7] | committer:
Steven Liu
avformat/hlsenc: improve compute after_init_list_dur
fix ticket: 7305
vs->sequence - hls->start_sequence - vs->nb_entries is the
after_init_list_dur fragmen
92 matches
Mail list logo
