- 09 Sep, 2017 40 commits
-
-
Michael Niedermayer authored
Fixes: runtime error: left shift of 1073741838 by 1 places cannot be represented in type 'int32_t' (aka 'int') Fixes: 3279/clusterfuzz-testcase-minimized-4564805744590848 Suggested-by: <atomnuker> Reviewed-by: <atomnuker> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit d98d29a7 ) Signed-off-by:
-
Mark Wachsler authored
When parsing a monochrome file, chroma_log2_weight_denom was used without being initialized, which could lead to a bogus error message being printed, e.g. [h264 @ 0x61a000026480] chroma_log2_weight_denom 24576 is out of range It also could led to warnings using AddressSanitizer. Signed-off-by:
-
Michael Niedermayer authored
Fixes: Missing EOF check in loop No testcase Found-by: Xiaohei and Wangchu from Alibaba Security Team Signed-off-by:
-
Michael Niedermayer authored
Fixes: Missing EOF check in loop No testcase Found-by: Xiaohei and Wangchu from Alibaba Security Team Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: shift exponent 64 is too large for 64-bit type 'residual' (aka 'unsigned long') Fixes: 2838/clusterfuzz-testcase-minimized-6260066086813696 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: signed integer overflow: 1073901567 + 1073901567 cannot be represented in type 'int' Fixes: 3124/clusterfuzz-testcase-minimized-454643435752652 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: signed integer overflow: 1168175789 + 1168178473 cannot be represented in type 'int' Fixes: 3081/clusterfuzz-testcase-minimized-4807564879462400 Fixes: 2844/clusterfuzz-testcase-minimized-5561715838156800 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
孙浩(晓黑) authored
Fixes: 20170829B.mxf Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com> Found-by: Xiaohei and Wangchu from Alibaba Security Team Signed-off-by:
-
孙浩(晓黑) authored
Fixes: 20170829A.mxf Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com> Found-by: Xiaohei and Wangchu from Alibaba Security Team Signed-off-by:
-
孙浩(晓黑) authored
Fixes: 20170829.nsv Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com> Found-by: Xiaohei and Wangchu from Alibaba Security Team Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: signed integer overflow: 267 * 8388608 cannot be represented in type 'int' Fixes: 2743/clusterfuzz-testcase-minimized-5820652076400640 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: shift exponent -1 is negative Fixes: 3091/clusterfuzz-testcase-minimized-6229767969832960 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: signed integer overflow: 8903997421129740175 + 354481484684609529 cannot be represented in type 'long' Fixes: 2045/clusterfuzz-testcase-minimized-6751255865065472 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: loop.mv Found-by: Xiaohei and Wangchu from Alibaba Security Team Signed-off-by:
-
孙浩 and 张洪亮(望初) authored
Fixes: loop.rl2 Found-by: Xiaohei and Wangchu from Alibaba Security Team Signed-off-by:
-
孙浩 and 张洪亮(望初) authored
Fixes: loop.ivr Found-by: Xiaohei and Wangchu from Alibaba Security Team Signed-off-by:
-
孙浩 and 张洪亮(望初) authored
Fixes: loop.cine Found-by: Xiaohei and Wangchu from Alibaba Security Team Signed-off-by:
-
孙浩 and 张洪亮(望初) authored
Fixes: loop.asf Found-by: Xiaohei and Wangchu from Alibaba Security Team Signed-off-by:
-
Michael Niedermayer authored
Fixes: loop.m3u The default max iteration count of 1000 is arbitrary and ideas for a better solution are welcome Found-by: Xiaohei and Wangchu from Alibaba Security Team Previous version reviewed-by: Steven Liu <lingjiujianke@gmail.com> Signed-off-by:
-
Michael Niedermayer authored
Signed-off-by:
-
Michael Niedermayer authored
Found-by: AD-lab of venustech Signed-off-by:
-
Michael Niedermayer authored
Fixes: integer overflow Fixes: 2893/clusterfuzz-testcase-minimized-5809330567774208 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: rtp_sdp/poc.sdp Found-by:
Bingchang <l.bing.chang.bc@gmail.com> Signed-off-by:
-
Vitaly Buka authored
Signed integer overflow is undefined behavior. Detected with clang and -fsanitize=signed-integer-overflow Signed-off-by:
Vitaly Buka <vitalybuka@google.com> Signed-off-by:
-
Vitaly Buka authored
Signed integer overflow is undefined behavior. Detected with clang and -fsanitize=signed-integer-overflow Signed-off-by:
-
Vitaly Buka authored
Signed integer overflow is undefined behavior. Detected with clang and -fsanitize=signed-integer-overflow Signed-off-by:
-
Michael Niedermayer authored
Fixes: out of array read Fixes: 2873/clusterfuzz-testcase-minimized-5924145713905664 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Previous version reviewed-by: Alex Converse <alex.converse@gmail.com> Signed-off-by:
-
Michael Niedermayer authored
Adds a diff_pixels_unaligned() Fixes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872503 Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: shift exponent 4294967289 is too large for 32-bit type 'int' Fixes: 3030/clusterfuzz-testcase-minimized-4649809254285312 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: signed integer overflow: 2147483646 + 2 cannot be represented in type 'int' Fixes: 3013/clusterfuzz-testcase-minimized-4644084197097472 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: signed integer overflow: 1037142357 + 1227025305 cannot be represented in type 'int' Fixes: 3024/clusterfuzz-testcase-minimized-5885660323905536 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: index 4 out of bounds for type 'int8_t [4]' Fixes: 3023/clusterfuzz-testcase-minimized-6421736130084864 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: negation of -2147483648 cannot be represented in type 'int32_t' (aka 'int'); cast to an unsigned type to negate this value to itself Fixes: 2879/clusterfuzz-testcase-minimized-6317542639403008 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: OOM Fixes: 2710/clusterfuzz-testcase-minimized-4750001420894208 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by:
Tomas Härdin <tjoppen@acc.umu.se> Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: signed integer overflow: 340018243 * 27 cannot be represented in type 'int' Fixes: 2861/clusterfuzz-testcase-minimized-5361070510178304 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: undefined shift Fixes: runtime error: shift exponent 264 is too large for 32-bit type 'int' Fixes: 2860/clusterfuzz-testcase-minimized-4672811689836544 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: left shift of negative value -127 Fixes: 2834/clusterfuzz-testcase-minimized-5988039123795968 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: signed integer overflow: 2146467840 + 1032192 cannot be represented in type 'int' Fixes: 2826/clusterfuzz-testcase-minimized-5901511613743104 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fix multiple: runtime error: signed integer overflow: 6497 * 3409630 cannot be represented in type 'int' Fixes: 2819/clusterfuzz-testcase-minimized-4743700301217792 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: shift exponent -2 is negative Fixes: 2818/clusterfuzz-testcase-minimized-5062943676825600 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
