[FFmpeg-cvslog] New commits on branch release/3.0
Git System
git at videolan.org
Tue Oct 23 03:13:00 EEST 2018
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=dd5232c838470fcbd46e9a1fa7f64af8e948ce92
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Oct 20 22:35:37 2018 +0200
avcodec/jpeg2000dec: Fix off by 1 error in JPEG2000_PGOD_CPRL handling
Fixes: assertion failure
Fixes: 10785/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5672160496975872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 305e523105f6f59e7572050f19edc9f4671c036c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9c1bb7e8debdbcd8f7786c381e1f90bec9f74a45
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Oct 18 01:19:36 2018 +0200
avcodec/mpeg4videodec: Fix typo in sprite delta check
Fixes: Integer overflow
Fixes: 10890/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5636062181851136
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b737317a8813e671c00b8ac7023c47e48ffeb1c8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f9cfdf2baefd89fd6ef55afb0832aa1e2155a3b9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Oct 4 03:13:41 2018 +0200
avcodec/h264_cavlc: Check mb_skip_run
Fixes: 10300/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-6292205497483264
Fixes: signed integer overflow: -2147483648 - 1 cannot be represented in type 'int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f72b9904fefa79d799d0f6ecc8bd97ce52658725)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b15db639a5caccb2f69c1b37707e09820231b5f8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Oct 10 04:25:50 2018 +0200
avcodec/ra144: Fix integer overflow in add_wav()
Fixes: signed integer overflow: -2144033225 + -5208934 cannot be represented in type 'int'
Fixes: 10633/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RA_144_fuzzer-5679133791617024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c6282141cba20934d9801f31134872fabbd6ba3e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6a5b0a3c751303d359876a85913f5fbbe3976a99
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Oct 12 20:55:25 2018 +0200
avformat/utils: Never store negative values in last_IP_duration
Fixes: integer overflow compute_pkt_fields()
Fixes: compute_pkt_usan
Reported-by: Thomas Guilbert <tguilbert at chromium.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 079d1a7175c4b881631a7e7f449c4c13b761cdeb)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=51404bb4f6132c054c6266238d483846e6654ad3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Oct 12 03:00:32 2018 +0200
avformat/utils: Fix integer overflow in discontinuity check
Fixes: signed integer overflow: 7738135736989908991 - -7954308516317364223 cannot be represented in type 'long'
Fixes: find_stream_info_usan
Reported-by: Thomas Guilbert <tguilbert at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4e19cfcfa3944fe4cf97bea758f72f104dcaebad)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4b14c3ed7857e386ae49bd6f1c4124e52d1667f3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Sep 22 15:18:17 2018 +0200
avcodec/unary: Improve get_unary() docs
Found-by: kierank
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ad89e203bfedf25df00e2a6ed9196170d772f25b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9b95c4740d23d69e6693f974ab954c50957e4c4e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 13 03:33:50 2018 +0200
avcodec/dvdsubdec: Sanity check len in decode_rle()
Fixes: Timeout
Fixes: 9778/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DVDSUB_fuzzer-5186007132536832
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e7b023e1db9fb13175929c02a02846d03510ec91)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=58cb3ad576cb59b914b076246b116c59e084a116
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Sep 15 00:20:38 2018 +0200
avcodec/mpeg4videodec: Fix undefined shift in get_amv()
Fixes: runtime error: shift exponent -1 is negative
Fixes: 9938/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5653783529914368
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c88afa44c4823aba7b6f4a1b01fd6a4169643c57)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=648b904662c2fcb0721740f150fa9145c7cf314f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Sep 18 00:28:37 2018 +0200
avcodec/zmbv: Check that the decompressed data size is correct
This checks the value exactly for intra frames and checks it against a
minimum for inter frames as they can be variable.
Fixes: Timeout
Fixes: 10182/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ZMBV_fuzzer-6245951174344704
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e33b28cc79d164fff22bfee750c9283587c00bc4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6161aade4c8dac6d8c4c40f09e280c2ceb0d7a1a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Sep 17 21:33:59 2018 +0200
avcodec/zmbv: Update decomp_len in raw frames
decomp_len is used in raw frames, so it should not be left at the value from
whatever was decoded previously (which may be any other frame)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3d201b83cda03fd9e866acafee82d7ce88260e66)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1ed6224cdf287457040b0740616580498253f245
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Sep 15 02:08:20 2018 +0200
avcodec/shorten: Fix bitstream end check in read_header()
Fixes: Timeout
Fixes: 9961/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5687856176562176
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 28b80c2d52d82eb4f73af5f818dab60946bcf299)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1049ccec344945fd86131de8fe827a3602d453ce
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 13 04:24:49 2018 +0200
avcodec/dvdsubdec: Avoid branch in decode_run_8bit()
Speed improvment 35.5 sec -> 34.7sec
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 71bf0330505e2108935d05c5c018ec65eac4b946)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fcab1b996a219ea49f2f7eaf606cf2ce1adc1958
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Aug 17 02:06:27 2018 +0200
avcodec/h264_refs: Document last if() in ff_h264_execute_ref_pic_marking()
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 697984b9db4d4d199680f43ac3eb662cd1d37eff)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fceedd4de9b2ee68b718d2c895374232971d97be
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 26 02:26:24 2018 +0200
avcodec/ra144: Fix undefined integer overflow in add_wav()
Fixes: signed integer overflow: -26884 * 91439 cannot be represented in type 'int'
Fixes: 9687/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RA_144_fuzzer-4995588121690112
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 93a203662f6ff1bb9fd2e966bf7df27e9bdb1916)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=23c5d8d9ce7d6e687091aafb418da560fabb22fd
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Aug 20 22:53:32 2018 +0200
avcodec/hq_hqa: Check remaining input bits in hqa_decode_mb()
Fixes: Timeout
Fixes: 9634/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HQ_HQA_fuzzer-6267852259590144
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c9222b972d6cbdaf6571cf7ae0a6513bffa5ff9f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c2ac8d3147788de45abeacfa07af0d83ce1b366d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Aug 20 22:19:23 2018 +0200
avcodec/vb: Check for end of bytestream before reading blocktype
Fixes: Timeout
Fixes: 9601/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VB_fuzzer-4550228702134272
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1cbac9ce20d32806febf64cbd9f830e1485695ca)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=22f743e60201c3cc70dde007e69b03f0e35d267a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Aug 20 20:15:19 2018 +0200
avcodec/snowdec: Fix integer overflow with motion vector residual
Fixes: signed integer overflow: -19818 + -2147483648 cannot be represented in type 'int'
Fixes: 9545/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-4928769537081344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit acba153a148782c08f9fd17f0c05b93468f3cbd0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=172bb520c98fa96129d909dc9b6c6872702571b6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Aug 16 12:23:20 2018 +0200
avformat/nsvdec: Do not parse multiple NSVf
The specification states "NSV files may contain a single file header. "
Fixes: out of array access
Fixes: nsv-asan-002f473f726a0dcbd3bd53e422c4fc40b3cf3421
Found-by: Paul Ch <paulcher at icloud.com>
Tested-by: Paul Ch <paulcher at icloud.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 78d4b6bd43fc266a2ee926f0555c8782246f9445)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4babf70c7efbcc6c77839944007815e58a380ec7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Aug 16 15:36:28 2018 +0200
avformat/mlvdec: read_string() received unsigned size, make the argument unsigned
Fixes: infinite loop
Fixes: mlv-timeout-e3b8cab9835edecad6823baa057e029671329d04
Found-by: Paul Ch <paulcher at icloud.com>
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1e71cb2c8edcf3dad657c15a6fb8572862f2afb9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0ea54cae21824dab70c1d11a329ea3bbab3538af
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Aug 16 15:36:29 2018 +0200
avformat/rmdec: Fix EOF check in the stream loop in ivr_read_header()
Fixes: long running loop
Fixes: ivr-timeout-42468cb797f52f025fb329394702f5d4d64322d6
Found-by: Paul Ch <paulcher at icloud.com>
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c2eec1762d372663c35aaf3d6ee419bafb185057)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f1425b389a3b7d4758d2b1faf97f2624e27c3819
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 12 22:55:59 2018 +0200
avcodec/shorten: Fix integer overflow in residual/LPC combination
Fixes: signed integer overflow: -540538872 + -2012739576 cannot be represented in type 'int'
Fixes: 9255/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5758630052757504
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit db7e9082e1a1479c6a8844f7adf77eae03cc2aa7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5eeaaa29fae0d5c22e2e542bc3064b984e34c93b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 12 22:43:33 2018 +0200
avcodec/shorten: Check verbatim length
Fixes: Timeout
Fixes: 9252/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5780720709533696
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7007dabec08f2f9f81661e71ef482dde394e17a8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f7778c2ce95449b60e167644b3fe5bd09ec1fd14
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 5 14:51:36 2018 +0200
avcodec/mpegaudio_parser: Initialize poutbuf*
Possibly fixes: null pointer dereference
Possibly fixes: 9352/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MP3ADUFLOAT_fuzzer-5146068961460224
Fixes: Heap-use-after-free
Fixes: 9453/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MP3ADUFLOAT_fuzzer-5137954375729152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0f4c3b0b8e5435d13fd3b64c91969b31c3c018dc)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f6e570aa011b7dfc3e396fb19a1ba30b57698a38
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jul 28 10:59:09 2018 +0200
avcodec/aacpsdsp_template: Fix integer overflow in ps_stereo_interpolate_c()
Fixes: signed integer overflow: -1813244069 + -1407981383 cannot be represented in type 'int'
Fixes: 8823/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5643295618236416
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 47db5763e21c5e3b0ddde2430d15938f8d88480d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f81fd4c524e75013a496619b7571f461b12d9a06
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jul 29 12:40:48 2018 +0200
avcodec/qtrle: Check remaining bytestream in qtrle_decode_XYbpp()
Fixes: Timeout
Fixes: 9213/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QTRLE_fuzzer-5649753332252672
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7dd836a3f9771e0e44df1b27e67d6866d91e06d7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9f18b056da9be419267c11185c0ab86c817b6312
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jul 22 21:42:16 2018 +0200
avcodec/diracdec: Check bytes count in else branch in decode_lowdelay() too
Fixes: signed integer overflow: 8 * 340018243 cannot be represented in type 'int'
Fixes: 9441/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5194665207791616
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bed125b7108481574f36fdd6ee699b27354602e8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cc82d22289c94c936eec71fe4f46eb101cf281e3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jul 22 20:45:39 2018 +0200
avcodec/diracdec: Change frame_number to 64bit as its a 32bit from the bitstream and we also have a -1 special case
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 9291/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6324345860259840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 462d1be6dec5ff4768be8c202f359cbf037db3c6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=86dfce06e3acd7e0259aecac2e0b849d31a70d97
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jul 22 19:11:04 2018 +0200
avcodec/dirac_dwt_template: Fix several integer overflows in horizontal_compose_daub97i()
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 8926/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6047609228623872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 69cac9e130dc8c9d2a5b8012011df372974adf35)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=057cfa4200e4d35c89f091d932906fc75945a5dd
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jul 22 18:58:34 2018 +0200
avcodec/diracdec: Prevent integer overflow in intermediate in global_mv()
Fixes: signed integer overflow: -393471 * 5460 cannot be represented in type 'int'
Fixes: 8890/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6299775379963904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 51290406461ed40b70e0e05b389a461a283f3367)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d7d54f3fd5a68d6bcc38ff698d1d87fdbf0358aa
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jul 24 22:44:12 2018 +0200
swresample/swresample: Fix input channel count in resample_first computation
Found-by: Marcin Gorzel <gorzel at google.com>
Reviewed-by: Marcin Gorzel <gorzel at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bce4da85e8110b66040a5fb07ffc724ab4e09a86)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=60493f388ca7552970e865ff76d39c963eca955f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jul 18 22:22:35 2018 +0200
avutil/pixfmt: Document chroma plane size for odd resolutions
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit be0b77e6e83b61c2da338201b5ddfae1c9acedc5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=961eeb4035c345e756c4bbf549f1a731e53322bf
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jul 13 18:56:10 2018 +0200
avcodec/dvdsub_parser: Allocate input padding
Fixes: out of array read
Fixes: 9350/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DVDSUB_fuzzer-5746777750765568
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit cd86b5cfe278af79d6b147e122d9a72c270a9fde)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d7d237a441cbed22b8a3cce016c94e64c4ab7fed
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jul 13 18:54:48 2018 +0200
avcodec/dvdsub_parser: Init output buf/size
No testcase
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9e6c8437761661441d836876934314cb2b8fafe7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e7dc6231e2630ad61d4bab12322adffe327e79e5
Author: Simon Thelen <ffmpeg-dev at c-14.de>
Date: Tue Apr 3 14:41:33 2018 +0200
avcodec/imgconvert: fix possible null pointer dereference
regression since 354b26a3945eadd4ed8fcd801dfefad2566241de
(cherry picked from commit 8c2c97403baf95d0facb53f03e468f023eb943e1)
(cherry picked from commit c1e172c2e14ef059dac632f7c67f081dfecd30dc)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0c9c4c3103c2e980dbebb6622e05e1be4ee65a11
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jul 13 18:33:08 2018 +0200
avcodec/dirac_dwt_template: Fix signedness regression in interleave()
Found-by: <jdarnley>
Tested-by: James Darnley <james.darnley at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 181435a4de6e38e0a15ddaf16de9a157ef41cb18)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=328ab7f0a1ca1f41002772a193fa0251aa42bf8e
Author: Rahul Chaudhry <rahulchaudhry at chromium.org>
Date: Fri Apr 27 13:49:52 2018 -0700
swresample/arm: rename labels to fix xcode build error
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e84212b78e00df17799e01be1e153a073eb8f689)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0d4a11d0a9474c78fbc846fe9bc707be35426c71
Author: James Almer <jamrial at gmail.com>
Date: Fri Nov 24 17:46:16 2017 -0300
avformat/utils: fix mixed declarations and code
Signed-off-by: James Almer <jamrial at gmail.com>
(cherry picked from commit 31de45d20b1ff90d4baf7c5a65e88f582efdb2a6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c3831e89efce13d6494a1f4308198f48efd274bc
Author: James Almer <jamrial at gmail.com>
Date: Thu Mar 17 21:46:06 2016 -0300
libwebpenc_animencoder: add missing braces to struct initialization
The first member of the WebPAnimEncoderOptions struct is non scalar
Signed-off-by: James Almer <jamrial at gmail.com>
(cherry picked from commit 488e6409df2487a2aedbd5adb5ac3f7e74216588)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=790e6fead0785831e2273ad1b425a63c6b64aef3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jul 6 22:23:25 2018 +0200
avformat/movenc: Check input sample count
Fixes: division by 0
Fixes: fpe_movenc.c_199_1.wav
Fixes: fpe_movenc.c_199_2.wav
Fixes: fpe_movenc.c_199_3.wav
Fixes: fpe_movenc.c_199_4.wav
Fixes: fpe_movenc.c_199_5.wav
Fixes: fpe_movenc.c_199_6.wav
Fixes: fpe_movenc.c_199_7.wav
Found-by: #CHEN HONGXU# <HCHEN017 at e.ntu.edu.sg>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3a2d21bc5f97aa0161db3ae731fc2732be6108b8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4ead5a947003f8556bf23533cdca9409187a3ac3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jul 6 16:28:14 2018 +0200
avcodec/mjpegdec: Check for odd progressive RGB
Fixes: out of array access
Fixes: 9225/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-5684770334834688
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ee1e3ca5eb1ec7d34e925d129c893e33847ee0b7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=469503ac1de315a9288e333dbfc0896e3027227c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jun 27 16:51:51 2018 +0200
avformat/movenc: Check that frame_types other than EAC3_FRAME_TYPE_INDEPENDENT have a supported substream id
Fixes: out of array access
Fixes: ffmpeg_bof_1.avi
Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ed22dc22216f74c75ee7901f82649e1ff725ba50)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=94edbf464c007a76115cec61657d1e6accdaf8ca
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jul 3 20:33:04 2018 +0200
avformat/mms: Add missing chunksize check
Fixes: out of array read
Fixes: mms-crash-01b6c5d85f9d9f40f4e879896103e9f5b222816a
Found-by: Paul Ch <paulcher at icloud.com>
1st hunk by Paul Ch <paulcher at icloud.com>
Tested-by: Paul Ch <paulcher at icloud.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit cced03dd667a5df6df8fd40d8de0bff477ee02e8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6cadf46dff14139ff2e5cf3276eb3ad58fb080e1
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jul 3 22:14:42 2018 +0200
avformat/pva: Check for EOF before retrying in read_part_of_packet()
Fixes: Infinite loop
Fixes: pva-4b1835dbc2027bf3c567005dcc78e85199240d06
Found-by: Paul Ch <paulcher at icloud.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ee8c6566e2abd9ae46976dba9873ecd9bb24001f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jul 3 21:37:46 2018 +0200
avformat/rmdec: Do not pass mime type in rm_read_multi() to ff_rm_read_mdpr_codecdata()
Fixes: use after free()
Fixes: rmdec-crash-ffe85b4cab1597d1cfea6955705e53f1f5c8a362
Found-by: Paul Ch <paulcher at icloud.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a7e032a277452366771951e29fd0bf2bd5c029f0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=438e848b65c2f46fcc09a3809b711e12a6fc240b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jul 2 01:26:44 2018 +0200
avcodec/indeo4: Check for end of bitstream in decode_mb_info()
Fixes: Timeout
Fixes: 8776/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-5361788798369792
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 267ba2aa96354c5b6a1ea89b2943fbd7a4893862)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=21a65701581dba4f48f98b699817f126dd0da51f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jul 2 19:11:46 2018 +0200
avcodec/shorten: Fix undefined addition in shorten_decode_frame()
Fixes: signed integer overflow: 1139785606 + 1454196085 cannot be represented in type 'int'
Fixes: 8937/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-6202943597445120
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3b10bb8772c76177cc47b8d15a6970f19dd11039)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3afdb1c8a7520ed0b95d013be11baf424765cfcf
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jul 2 18:57:05 2018 +0200
avcodec/jpeg2000dec: Fixes invalid shifts in jpeg2000_decode_packets_po_iteration()
Fixes: shift exponent 47 is too large for 32-bit type 'int'
Fixes: 9163/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5661750182543360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 652d7c6348f96181fa69f8e2afb7b27a14c0a88a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=405cfcae41cd86d0485467c7ca2a22d16cea0cf9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jul 2 18:40:08 2018 +0200
avcodec/jpeg2000dec: Check that there are enough bytes for all tiles
Fixes: OOM
Fixes: 8781/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5810709081358336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0898a3d9909960324e27d3a7a4f48c4effbb654a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=dd7d2770f331cb1d2b3cdb2b2dbdbe1ce9b2b807
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jun 27 13:00:28 2018 +0200
avcodec/escape124: Fix spelling errors in comment
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f59c4e43915ed0528e2789f27ddb1635b59779df)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=181c3d82e9025ba60cf83376195e6d8ab800cafc
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jun 21 23:08:32 2018 +0200
avcodec/ra144: Fix integer overflow in ff_eval_refl()
Fixes: signed integer overflow: -4096 * -524288 cannot be represented in type 'int'
Fixes: 8650/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RA_144_fuzzer-5734816036159488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b31189881a4cf54b0057ecf3eab917ad56eecfea)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=662f7cef06d31a0b98cf5769e671e70b7e53aa36
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jun 22 01:18:20 2018 +0200
avcodec/cscd: Check output buffer size for lzo.
Fixes: Timeout
Fixes: 8665/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CSCD_fuzzer-5768442610188288
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
(cherry picked from commit 78167b498f53c36c31105a2bf11e90b03637598f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1e067b7ed86c55382699330b9e9bb1d743627974
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 24 19:23:02 2018 +0200
avcodec/escape124: Check buf_size against num_superblocks
Fixes: Timeout
Fixes: 8722/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ESCAPE124_fuzzer-4843268402577408
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6677c98626489edfdb4b49b4f66ca91867768a9f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d862380718a10132686130b4532bf3f9b3f70f14
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jun 21 22:48:54 2018 +0200
avcodec/mjpegdec: Check for end of bitstream in ljpeg_decode_rgb_scan()
Fixes: Timeout
Fixes: 8648/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5108395525799936
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 540e8c2d641bf90fc28e47e170f8c0b1962197e9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=eaefd3ada963aa35277a466170c6be3e2cbeabfc
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jun 14 16:41:49 2018 +0200
avcodec/aacdec_fixed: Fix undefined integer overflow in apply_independent_coupling_fixed()
Fixes: signed integer overflow: 1195517 * 2048 cannot be represented in type 'int'
Fixes: 8636/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-4695836326887424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8bd514d9343746566b123275f8b6d0e9c11ec2b0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a1c125d2bda6cefd940b83156bcd99ec7bd6d868
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jun 14 16:37:32 2018 +0200
avcodec/dirac_dwt_template: Fix undefined behavior in interleave()
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 8697/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5197148130902016
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 575d8ca0260fabac29e5b3541154633569ce2b5d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=626143903b1d9c102b6c7d402a6fc15906909841
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jun 14 15:41:33 2018 +0200
avutil/common: Fix undefined behavior in av_clip_uintp2_c()
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 8521/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5639024952737792
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit aa41d322be71106ce147445f2b42bb763f1eff86)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=963915a4b416e944c8f01bc3d635d6b64d8b0022
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue May 1 22:44:07 2018 +0200
fftools/ffmpeg: Fallback to duration if sample rate is unavailable
Regression since: af1761f7
Fixes: Division by 0
Fixes: ffmpeg_crash_1
Found-by: Thuan Pham, Marcel Böhme, Andrew Santosa and Alexandru Razvan Caciulescu with AFLSmart
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 16d8b13b3b26c19d7f8856e039fe6662d96b4ff3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ff75dc10fd27d97b789f6d8df179e6f82580c586
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed May 16 23:35:58 2018 +0200
avformat/mov: Only set pkt->duration to non negative values
Reviewed-by: Sasi Inguva <isasi at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8176799f31b23849382623f0f9001acc5edf7c76)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=18214e2a3f209aa097d274083dca84c246c6c945
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jun 8 18:25:14 2018 +0200
avcodec/h264_mc_template: Only prefetch motion if the list is used.
Fixes: index 59 out of bounds for type 'H264Ref [48]'
Fixes: 8232/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5703295145345024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8b55591757244d8244a2be369c2b54c9ae79b02a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=aa803d93bf89871b7d374c9fcd7d81a7e43bcb43
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jun 8 00:42:31 2018 +0200
avcodec/xwddec: Use ff_set_dimensions()
Fixes: OOM
Fixes: 8178/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XWD_fuzzer-4844793342459904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c2852e4e00de4073ff7de82d41cb3368702686e8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=23fdebaec5796268561dc8a10a68cbe32b8396a4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jun 8 00:07:04 2018 +0200
avcodec/wavpack: Fix overflow in adding tail
Fixes: signed integer overflow: 2146907204 + 26846088 cannot be represented in type 'int'
Fixes: 8105/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WAVPACK_fuzzer-6233036682166272
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit d13379fb79708f550460dd6d698023bf26f968d5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=50e55b81be23bed6a5aa836fdde602494b41c06c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 5 13:19:35 2018 +0200
avcodec/shorten: Fix multiple integer overflows
Fixes: signed integer overflow: 3 * 1006632960 cannot be represented in type 'int'
Fixes: 8278/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5692857166856192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f2abd36b3863188894fd21964c662b6c17268bfb)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=07fd8627e5c274064aed85f0db73e9128a8e8cab
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 5 13:03:48 2018 +0200
avcodec/shorten: Sanity check nmeans
Fixes: OOM
Fixes: 8195/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5179785826271232
The reference software appears to use longs for 32bits and it uses int for nmeans
hinting that the intended maximum size was not 32bit.
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit d91a0b503d7a886587281bc1ee42476aa5e89f85)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0c645bd73c7a80d7fbe4b21e4487520d7dd280b4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 5 02:17:24 2018 +0200
avcodec/mjpegdec: Fix integer overflow in ljpeg_decode_rgb_scan()
Fixes: signed integer overflow: 32768 + 2147450880 cannot be represented in type 'int'
Fixes: 7885/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THP_fuzzer-5298834394578944
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 936f4a2c2e14ec753e8835f2e820b4cd9aec9a56)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=aee71463fb2f1224e273d4f612ee7d6d63206219
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 5 02:09:59 2018 +0200
avcodec/truemotion2: Fix overflow in tm2_apply_deltas()
Fixes: signed integer overflow: 1077952576 + 1077952576 cannot be represented in type 'int'
Fixes: 7712/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5056281753681920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 79c6047c3668c639f717b3a7001a34dddba0ede2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f144d5eb4977735e1ca7fcbebb67b3ac5903ea05
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 3 01:33:54 2018 +0200
avcodec/opus_silk: Change silk_lsf2lpc() slightly toward silk/NLSF2A.c
Fixes: runtime error: signed integer overflow: -1440457022 - 785819492 cannot be represented in type 'int'
Fixes: 7700/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OPUS_fuzzer-6595838684954624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e7dda51150b73e5fbdccf4c2d3a72e356980fba3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bbd9f480f3e5199ef60374c18b8c4ef432e7fa16
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 3 00:48:06 2018 +0200
avcodec/amrwbdec: Fix division by 0 in find_hb_gain()
This restructures the code slightly toward D_UTIL_dec_synthesis()
Fixes: 7420/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AMRWB_fuzzer-6577305112543232
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit dce80a4b47efaba97707bda781a9ee57f5a26974)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7f142e5402315b2707e2316d486fa5ea090d7bb0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon May 21 03:16:58 2018 +0200
avformat/mov: replace a value error by clipping into valid range in mov_read_stsc()
Fixes: #7165
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit fe84f70819d6f5aab3c4823290e0d32b99d6de78)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b4024909c12118e0a128ada65b53c012296a2626
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue May 15 17:06:59 2018 +0200
avformat/mov: Break out early if chunk_count is 0 in mov_build_index()
Without this some operations might overflow (undefined behavior)
even though the index adding loop would never execute
No testcase known
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 56e76bd0579cc7f7b28860885d9e569a39daf41b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fe9c23bebbb2aa8e14eec9af1e99cabc8c5535ba
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat May 5 23:42:36 2018 +0200
avcodec/fic: Avoid some magic numbers related to cursors
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c6a11714c4b1227be62cbc36651ccfc415e8e623)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=243bdbde57181289b373ab50f6f91707f74f2471
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed May 16 22:50:19 2018 +0200
avcodec/g2meet: ask for sample with overflowing RGB
Suggested-by: Tomas Härdin <tjoppen at acc.umu.se>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ab834b8f36c8157b7015e849405cbf6ae21e672f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1f81818c6afef46987884ede8a20d4662800e37e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri May 25 22:06:48 2018 +0200
avcodec/aacdec_fixed: use 64bit to avoid overflow in rounding in apply_dependent_coupling_fixed()
Fixes: signed integer overflow: -2141499320 + -14469590 cannot be represented in type 'int'
Fixes: 7351/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-6351214791884800
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 90475db97e2e5931d295df6ab86519fa2e14d259)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=be77d7ba7879ceec361f095d108ed1bee98e9a0f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri May 25 22:02:20 2018 +0200
oavcodec/aacpsdsp_template: Use unsigned for hs0X to prevent undefined behavior
Fixes: signed integer overflow: 1073741842 + 1784008138 cannot be represented in type 'int'
Fixes: 6792/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5677589835284480
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 62cb6fadf33de6db386deac92853d4b95c930015)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fe37daf25dc60b92724953224b1a97713c9621e4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri May 25 21:56:04 2018 +0200
avcodec/g723_1dec: Clip bits2 in both directions
Fixes: shift exponent 33 is too large for 32-bit type 'int'
Fixes: 6743/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G723_1_fuzzer-5823772687859712
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 53f241218d9eac368e2e1c58bcca9bbdf10fd0e1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0d585110131186b47c092b683c7758922576ae61
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon May 21 23:08:05 2018 +0200
avcodec/mpeg4videoenc: Use 64 bit for times in mpeg4_encode_gop_header()
Fixes truncation
Fixes Assertion n <= 31 && value < (1U << n) failed at libavcodec/put_bits.h:169
Fixes: ffmpeg_crash_2.avi
Found-by: Thuan Pham <thuanpv at comp.nus.edu.sg>, Marcel Böhme, Andrew Santosa and Alexandru RazvanCaciulescu with AFLSmart
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e1182fac1afba92a4975917823a5f644bee7e6e8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3eff19d38806a6f219fd42d9f03abad0fafd1b1d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu May 17 13:58:46 2018 +0200
avcodec/mlpdec: Only change noise_type if the related fields are valid
Fixes: inconsistency
Fixes:runtime error: index 8 out of bounds for type 'int32_t [8]'
Fixes: 6686/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEHD_fuzzer-5191383498358784
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 63c4a4b0d692bc86142790276358ba35129f2290)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=876d3ee86209d1b1b86527f5121f1d1b0a412f7a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu May 17 13:40:38 2018 +0200
indeo4: Decode all or nothing of a band header.
This avoids inconsistent value combinations.
Alternatively it would be possible to add more checks and careful use of
temporary variables, but my try of this quickly seemed to become
a rather large change.
The disadvantage of this, is that the struct is copied back and forth.
Fixes: index 6 out of bounds for type 'const uint16_t [5][16]'
Fixes: 6557/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-4787296550256640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 10c8521265da86118597336c5589e26de377a374)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ffe4ffa4ef7afbb2f5e576344c7dd7b2ba4201b1
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue May 15 17:07:00 2018 +0200
avformat/mov: Only fail for STCO/STSC contradictions if both exist
Fixes regression with playback of GF9720Repeal20the20Eighth20with20Helen20Linehan.m4a
See: crbug 822666
Found-by: "Mattias Wadman <mattias.wadman at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2c2d689c56646cce64d02a3b75f61c12c5589260)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a8fcb810c964380c1389d8256cac96861df496aa
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon May 14 00:10:33 2018 +0200
avcodec/dirac_dwt: Fix integer overflow in COMPOSE_DD97iH0 / COMPOSE_DD137iL0
Fixes: negation of -2147483648 cannot be represented in type 'int32_t' (aka 'int');
Fixes: 6500/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-4523620274536448
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit cb944fc7f1327443a0cf449afbce5a3e8712f90f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1747563cead72a0ca74aef54317e21bba9457b01
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat May 5 22:00:01 2018 +0200
avcodec/fic: Check available input space for cursor
Fixes: out of array read
Fixes: 6546/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FIC_fuzzer-6317064647081984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit cb2f7ea96b4f6e03ebf0c0563677745fc65f148e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=00c18862a3134fb09811c5250492712c54b8130b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Apr 27 20:16:13 2018 +0200
avcodec/g2meet: Check RGB upper limit
Fixes: runtime error: left shift of 1876744317 by 16 places cannot be represented in type 'int'
Fixes: 6799/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5115274731716608
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4dd2c8b9ea46b4e008a8bfc2077834428cd5a17c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6850377b598c7540efa317476e30bc71fb0a1450
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri May 4 19:18:25 2018 +0200
avcodec/jpeg2000dec: Fix undefined shift in the jpeg2000_decode_packets_po_iteration() CPRL case
Fixes: shift exponent 47 is too large for 32-bit type 'int'
Fixes: 7955/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-6016721977606144
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 652ba72ed3124f201f98eea9bafb2232b535f549)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6aae60cc7da80c9c5c77634e412fbc52cc4677b2
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri May 4 19:11:36 2018 +0200
avcodec/jpeg2000dec: Skip init for component in CPRL if nothing is to be done
Fixes: assertion failure
Fixes: 7949/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-4819602782552064
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a96c131eb53b00de154f4773d96a3b323ea3daed)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=88e5a30cf8351c313e52f8b1f75aa18f2912e5c6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri May 4 18:16:08 2018 +0200
avcodec/g2meet: Change order of operations to avoid undefined behavior
Fixes: signed integer overflow: 65280 * 196032 cannot be represented in type 'int'
Fixes: 7279/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5977332473921536
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0a4745145840d97619c424961c1b5c625dbf516c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9505b285385e96cd25cfd9d57bc499b0914d43ce
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Apr 30 22:20:28 2018 +0200
avcodec/flac_parser: Fix infinite loop
Fixes: crbug/827204
Reported-by: Frank Liberato <liberato at google.com>
Reviewed-by: Frank Liberato <liberato at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 15a2e35e9e74bba5a27e39c26da5be2361f27945)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=04e69effbb31ba21ec5f5da625bcd1edafd8e286
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Apr 27 21:44:07 2018 +0200
avcodec/wavpack: Fix integer overflow in DEC_MED() / INC_MED()
Fixes: runtime error: signed integer overflow: 2147483637 + 128 cannot be represented in type 'int'
Fixes: 6701/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WAVPACK_fuzzer-5358324934508544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6e95d80e6fae978f8a44afc24b0c5097a062719f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=baa4913e1272211a3711078c9bcd0a8b935fc287
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 22 21:46:05 2018 +0200
avcodec/error_resilience: Fix integer overflow in filter181()
Fixes: runtime error: signed integer overflow: 197710 * 10923 cannot be represented in type 'int'
Fixes: 7010/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5667127596941312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1c97035e3b1677d6f0c5b6161ebfeffcf7bb638d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=aaa2d4a26523caff7246077de423d2314b7d571c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 22 21:07:45 2018 +0200
avcodec/h263dec: Check slice_ret in mspeg4 slice loop
Fixes infinite loop
Fixes: 6858/clusterfuzz-testcase-ffmpeg_AV_CODEC_ID_MSMPEG4V3_fuzzer-4681563766784000
Fixes: 6890/clusterfuzz-testcase-ffmpeg_AV_CODEC_ID_WMV1_fuzzer-4756103142309888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit de841fbea7655b74a9663001e01008a86c88779a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cc8710b5afebe211a4402311d036d11b8f46510d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Apr 25 01:54:17 2018 +0200
avcodec/elsdec: Fix memleaks
Fixes: 6798/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5135899701542912
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0bd0401336df4e4ca7f3da6a7e226904fd7d5add)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=70c7c7392089c7c68b6f07184dbb3073799f5d29
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Apr 23 02:08:10 2018 +0200
avcodec/vc1_block: simplify ac_val computation
also fixes: runtime error: index 1456 out of bounds for type 'int16_t [16]'
Found-by: durandal_1707
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit d06b01fc2d4f5e031d45f9460d1eea610d23d6c5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=142e1e3e9af80a31fa3f0a90b3172573697306a4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Apr 21 22:19:31 2018 +0200
avcodec/ffv1enc: Check that the crc + version combination is supported
The crc flag is only stored since version 3 thus before this crcs do not
work. We increase the version as needed same as we do with pix_fmts
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit d9706f79c17a33bf97e51a7d6ab211ce83a463ee)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=73d07e320c4a3f1c647bb5b64a2f2ba144e5caaa
Author: Stephan Holljes <klaxa1337 at googlemail.com>
Date: Fri Jan 12 19:16:29 2018 +0100
lavf/http.c: Free allocated client URLContext in case of error.
Signed-off-by: Stephan Holljes <klaxa1337 at googlemail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7b6b8c92652d6683d97515352e4a9a4147b7da7c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3bf0a405f051345b17d7dab7213c285a1bd77216
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Apr 16 22:29:09 2018 +0200
avcodec/dsicinvideo: Fail if there is only a small fraction of the data available that comprises a full frame
Fixes: Timeout
Fixes: 6306/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DSICINVIDEO_fuzzer-5079253549842432
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5549488bbf3a23c0fb9833cefc6354f97055dd96)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a8640c87a70f4ecd91b54ce70682635df8d9ab75
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Apr 16 22:28:23 2018 +0200
avcodec/dsicinvideo: Propagate errors from cin_decode_rle()
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 942217b153a9bff2d17463957abd772fcd72b400)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e49e8259df9121798989a5e22a0cb5bd9d9d1d33
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Apr 16 22:04:53 2018 +0200
avcodec/dfa: Check dimension against maximum
The headers from where the dimensions are read in actual files
are limited to 16bit per component.
Fixes: Timeout
Fixes: 6305/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DFA_fuzzer-4824270749302784
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9d5a4fcfbb51edc871bdb1c67a88223cbfb1c0e4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3009bf0be645c184dd83fb6959579b8289c4d54f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 17 02:13:43 2018 +0200
avcodec/cinepak: Skip empty frames
Speeds up decoding from 3 to 0.1 seconds for 6302/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CINEPAK_fuzzer-5626371985375232
Fixes: Timeout
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9033920bec9ccf17de205fc17c2b330906b200f5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5891d222ff6ec4ca5fc750aab84897cafb2f3750
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 17 02:13:42 2018 +0200
avcodec/cinepak: move some checks prior to frame allocation
Speeds up decoding from 8 to 3 seconds for 6302/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CINEPAK_fuzzer-5626371985375232
Fixes: Timeout
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2324ef1ff32e5effd6f295bca80580ae4816be0b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ad3ec05d036a27538e74d4c62e499e542d8d0695
Author: Rahul Chaudhry <rahulchaudhry at chromium.org>
Date: Wed Apr 18 16:29:39 2018 -0700
swresample/arm: remove unintentional relocation.
Branch to global symbol results in reference to PLT, and when compiling
for THUMB-2 - in a R_ARM_THM_JUMP19 relocation. Some linkers don't
support this relocation (ld.gold), while others can end up truncating
the relocation to fit (ld.bfd).
Convert this branch through PLT into a direct branch that the assembler
can resolve locally.
See https://github.com/android-ndk/ndk/issues/337 for background.
The current workaround is to disable neon during gstreamer build,
which is not optimal and can be reverted after this patch:
https://github.com/freedesktop/gstreamer-cerbero/commit/41556c415739fbc3a72c7eaee7e70a565b719b2f
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b22db4f465c9adb2cf1489e04f7b65ef6bb55b8b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9665d6258c6ccf6de5cc77103a22a91f07b37154
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Apr 16 18:23:12 2018 +0200
doc/APIchanges: Fix typos in hashes
Thanks-to: Moritz Barsnick <barsnick at gmx.net> for finding the correct ones
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ec8a5262b03f85158d722dbc8b8f30cb6bd67e0f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b591673c507d85238de5830f210327767bc0afdf
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Apr 13 11:38:48 2018 +0200
avformat/utils: Check cur_dts in update_initial_timestamps() more
Fixes: runtime error: signed integer overflow: 18133149658382192 - -9223090561878065151 cannot be represented in type 'long long'
Fixes: crbug 831552
Reported-by: Matt Wolenetz <wolenetz at google.com>
Reviewed-by: Matt Wolenetz <wolenetz at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 37d46dc21d708192b12aa13617ebe6a117b07363)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cf321e93c4a99635d7b5d39ed5aa6a187a13e834
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Apr 11 19:50:52 2018 +0200
avcodec/utils: Enforce minimum width also for VP5/6
Fixes: out of array access
Fixes: poc_0411
Found-by: GwanYeong Kim <gy741.kim at gmail.com>
Tested-by: GwanYeong Kim <gy741.kim at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 544324827e0131e43af1a54fb790a48a25fd7ba4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=065057c8a35197b18a939048fb52380cd37b073e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 10 22:24:03 2018 +0200
avcodec/truemotion2: Propagate out of bounds error from GET_TOK()
Fixes: Timeout
Fixes: 6389/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-5695918121680896
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f6304af2341d0cee51c2116766622e3ac567b7a0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5aaa5bd1b04d51baf328be6b536b4280509b4eb9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 10 16:12:15 2018 +0200
avcodec/mjpegdec: Check input buffer size.
Fixes: Timeout
Fixes: 6381/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-5665032743419904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8d381b57fd9d17fb5c3a851ca46c738b3afc33a2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4b04da1e52da16f1c56e1532c0e65b1f9771431c
Author: Matt Wolenetz <wolenetz at google.com>
Date: Tue Apr 10 13:59:25 2018 -0700
lavc/libopusdec: Allow avcodec_open2 to call .close
If there is a decoder initialization failure detected in avcodec_open2
after .init is called, allow graceful decoder .close to prevent leaking
libopus decoder allocations.
BUG=828526
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e43e97f0e0f0596b56ceb2f887fe7414f202f081)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c0bb5613d42f8ed6d661886b5084031387ce0882
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 8 03:29:44 2018 +0200
avcodec/movtextdec: Check style_start/end
Limits based on 3GPP TS 26.245 V14.0.0
Fixes: Timeout
Fixes: 6377/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOVTEXT_fuzzer-5175929115508736
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Philip Langdale <philipl at overt.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 249aca8f98ff7fb09c12ea68e23c862c62203b95)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=72b9ba8a5bfee62ed281e3d23de34cdd70da7955
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Apr 7 21:55:06 2018 +0200
avcodec/aacsbr_fixed: Fix integer overflow in sbr_hf_assemble()
Fixes: runtime error: signed integer overflow: 2052929346 + 204817098 cannot be represented in type 'int'
This was missed in b1bef755f617af9685b592d866b3eb7f3c4b02b1
Fixes: 5275/clusterfuzz-testcase-minimized-5367635958038528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c837918f50a7bbd6150afd340857ea43fe4717c7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b2be78f9d2dedf92b78e87d7e7e364f9744b6c4b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Apr 2 20:01:07 2018 +0200
libavcodec/rv34: error out earlier on missing references
Fixes visual corruption on seeking
Fixes: downloadTest_clip_24M.rmvb
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6cd81d68c5e4b0ff00288970c4151ff4031c0ea9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=da371c5b215d7824a40480d6d544d8604218876e
Author: Hendrik Schreiber <hs at tagtraum.com>
Date: Thu Apr 5 13:58:37 2018 +0200
swresample/swresample: Fix for seg fault in swr_convert_internal() -> sum2_float during dithering.
Removed +len1 in call to s->mix_2_1_f() as I found no logical explanation for it. After removal, problem was gone.
Signed-off-by: Hendrik Schreiber <hs at tagtraum.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 647fd4b8292e3bfae30b1086aa842a5ee47ee868)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=98096645f28f05f46ce438c977c1c33c447681a9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Mar 31 21:19:19 2018 +0200
avcodec/aacdec_fixed: Fix integer overflow in apply_independent_coupling_fixed()
I was not able to reproduce this, this fix is based on just the fuzzer log.
Fixes: 4959/clusterfuzz-testcase-minimized-6035350934781952
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 197a4e8feed45b2e5868760240e83636818f32a9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1f648a098da0aeafd2f16bd2938fee2a6d5ea79d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Mar 12 00:05:04 2018 +0100
avcodec/cscd: Error out when LZ* decompression fails
Fixes: Timeout
Fixes: 6304/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CSCD_fuzzer-5754772461191168
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit d52be5d4e91871a22dac70af3e0ab429e95a2d10)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=19379529a5b86f8179b8b16b0218169acdb0d10c
Author: heimdallr <heimdallr at ngs.ru>
Date: Sat Mar 31 19:37:23 2018 +0700
avcodec/imgconvert: Fix loss mask bug in avcodec_find_best_pix_fmt_of_list()
example:
AVPixelFormat pixFmts[] = { AV_PIX_FMT_RGB24, AV_PIX_FMT_RGBA };
int loss = 0;
AVPixelFormat best = avcodec_find_best_pix_fmt_of_list(pixFmts, AV_PIX_FMT_BGRA, 1, &loss);
best is AV_PIX_FMT_RGB24. But AV_PIX_FMT_RGBA is better.
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 354b26a3945eadd4ed8fcd801dfefad2566241de)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=03f891c05099022215eb41c7b70fa916fe454356
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Mar 25 01:51:28 2018 +0100
avcodec/wmalosslessdec: Fix null pointer dereference in decode_frame()
Fixes: 2018_03_23_poc.wav
Found-by: GwanYeong Kim <gy741.kim at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ea15915b2dc5aaa80c91879fbd183475a7e66e54)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0721e3c1bd23ac3039d11c4e18c64a1fa793356f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Mar 29 01:07:24 2018 +0200
avcodec/tableprint_vlc: Fix build failure with --enable-hardcoded-tables
Found-by: James Almer <jamrial at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5c75438b893539dd17998c489fb4c540fc5a6e48)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7ccb9c37ac47b4c7ffcd35b1f81f550dfbc26e9c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Mar 24 01:38:53 2018 +0100
avcodec/get_bits: Make sure the input bitstream with padding can be addressed
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e529fe7633762cb26a665fb6dee3be29b15285cc)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=028af5acbe7b206bad1dae0849fd97ab3d800df9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Mar 16 19:53:36 2018 +0100
avformat/mov: Check STSC and remove invalid entries
Fixes assertion failure
Fixes: crbug 822547, crbug 822666 and crbug 823009
Affects: aark15sd_9A62E2FA.mp4
Found-by: ClusterFuzz
Reviewed-by: Matt Wolenetz <wolenetz at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9e67447a4ffacf28af8bace33faf3ea432ddc43e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f4fe7022583e98efacbd02e8d9484cf88f4950cf
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 27 15:17:12 2018 +0100
avcodec/nuv: rtjpeg with dimensions less than 16 would result in no decoded pixels thus reject it
Fixes: Timeout
Fixes: 6297/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NUV_fuzzer-4882404863901696
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 939440ad1aa820bed51f54d273b4fa6c5016d9f9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e6238003876564477ce9ba973630ec45112138e4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 27 15:17:12 2018 +0100
avcodec/nuv: Check for minimum input size for uncomprssed and rtjpeg
Fixes: Timeout
Fixes: 6297/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NUV_fuzzer-4882404863901696
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8ee3265dbe2e85537affe3b3055b00ba8646aa70)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=448cd0d0b341e4afb66677a339e9d886f6fa3505
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Mar 11 00:13:57 2018 +0100
avcodec/wmalosslessdec: Reset num_saved_bits on error path
Fixes: NULL pointer dereference
Fixes: poc-201803.wav
Found-by: GwanYeong Kim <gy741.kim at gmail.com>
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 64c9ce0abc0fd8774b523afda3ddb17c86caa86a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=30d40580c4e0a42eba5e79a29fbad5ae09a78948
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Mar 9 16:43:29 2018 +0100
avformat/mov: Fix integer overflows related to sample_duration
Fixes: runtime error: signed integer overflow: -9166684017437101870 + -2495066639299164439 cannot be represented in type
Fixes: Chromium bug 791349
Reported-by: Matt Wolenetz <wolenetz at google.com>
Reviewed-by: Matt Wolenetz <wolenetz at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2f37082827a405430c40408ee2db19ea2866ce64)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ad7c57f9db506cc0c6c3b8e36a14d8e00df0dcfe
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Mar 8 17:28:36 2018 +0100
avformat/oggparsedaala: Do not adjust AV_NOPTS_VALUE
Fixes: potential signed integer overflow
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f655ddfb47e8484b205b14c7f871c643ad24d701)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=69344f628bf50dfbc1c7536b53b3ab55bedeb282
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Mar 9 01:05:20 2018 +0100
avformat/oggparseogm: Check lb against psize
No testcase, this was found during code review
Found-by: Matt Wolenetz <wolenetz at google.com>
Reviewed-by: Matt Wolenetz <wolenetz at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3e7c847aaf5a298b62afae12b4ecfb8e12385998)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=46f37c65abc0624168a88c7093baacd1e6b9a185
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Mar 8 23:14:04 2018 +0100
avformat/oggparseogm: Fix undefined shift in ogm_packet()
Fixes: shift exponent 48 is too large for 32-bit type 'int'
Fixes: Chromium bug 786793
Reported-by: Matt Wolenetz <wolenetz at google.com>
Reviewed-by: Matt Wolenetz <wolenetz at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 010b7b30b721b90993e05e9ee6338e88bb8debb3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4df16ad1ef065e86279c3fc2bd2a38cc88dafcf8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Mar 8 22:40:50 2018 +0100
avformat/avidec: Fix integer overflow in cum_len check
Fixes: signed integer overflow: 3775922176 * 4278190080 cannot be represented in type 'long'
Fixes: Chromium bug 791237
Reported-by: Matt Wolenetz <wolenetz at google.com>
Reviewed-by: Matt Wolenetz <wolenetz at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 06e092e7819b9437da32925200e7c369f93d82e7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=81a6076e4b8eb3c9bd6cb3c9c425c5053731d9f6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Mar 8 17:28:36 2018 +0100
avformat/oggparsetheora: Do not adjust AV_NOPTS_VALUE
Fixes: Chromium bug 795653
Fixes: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'long'
Reported-by: Matt Wolenetz <wolenetz at google.com>
Reviewed-by: Matt Wolenetz <wolenetz at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 02ecda4aba69670ca744ccc640391b7621f01fb0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7fd80d91f72ce456fba8d611727bbdac9038eda7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Mar 7 00:10:11 2018 +0100
avformat/utils: Fix integer overflow of fps_first/last_dts
Fixes: runtime error: signed integer overflow: 7738135736989908991 - -7898362169240453118 cannot be represented in type 'long'
Fixes: Chromium bug 796778
Reported-by: Matt Wolenetz <wolenetz at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1b1362e408cd6acb63fef126b814b0d16562aa8e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b8fd13befef430517bd262fc0cac1320128d0639
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Mar 6 18:14:12 2018 +0100
libavformat/oggparsevorbis: Fix memleak on multiple headers
Fixes: Chromium bug 800123
Reported-by: Matt Wolenetz <wolenetz at google.com>
Reviewed-by: Matt Wolenetz <wolenetz at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3934aa495d786845d9f541c84ee405c096938f76)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
More information about the ffmpeg-cvslog
mailing list