- 06 Feb, 2017 8 commits
-
-
Michael Niedermayer authored
Signed-off-by:Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: null pointer dereference Fixes: 555/clusterfuzz-testcase-5986646595993600 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by:
-
Chris Cunningham authored
Blocks are marked as key frames whenever the "reference" field is zero. This breaks for non-keyframe Blocks with a reference timestamp of zero. The likelihood of reference timestamp being zero is increased by a longstanding bug in muxing that encodes reference timestamp as the absolute time of the referenced frame (rather than relative to the current Block timestamp, as described in MKV spec). Now using INT64_MIN to denote "no reference". Reported to chromium at http://crbug.com/497889 (contains sample) (cherry picked from commit ac25840e ) Signed-off-by:
-
James Almer authored
Happy new year! (cherry picked from commit d800d48f ) Signed-off-by:
-
Michael Niedermayer authored
Fixes out of array access Fixes: 546/clusterfuzz-testcase-4809433909559296 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes out of array read Fixes: 544/clusterfuzz-testcase-5936536407244800.f8bd9b24_8ba77916_70c2c7be_3df6a2ea_96cd9f14 Signed-off-by:
-
Michael Niedermayer authored
Fixes out of array read Fixes: 510/clusterfuzz-testcase-5737865715646464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes timeout Fixes: 496/clusterfuzz-testcase-5805083497332736 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by:
-
- 01 Feb, 2017 1 commit
-
-
Andreas Cadhalpun authored
The code relies on their validity and otherwise can try to access a NULL object->rle pointer, causing segmentation faults. Reviewed-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 842e98b4 ) Signed-off-by:
-
- 26 Jan, 2017 1 commit
-
-
Andreas Cadhalpun authored
Configure checks if the ebx register can be used for asm and it has to be saved if and only if this is not the case. Without this the build fails when configuring with --toolchain=hardened --disable-pic on i386 using gcc 4.8: error: PIC register clobbered by '%ebx' in 'asm' In that case gcc 4.8 reserves the ebx register for the GOT needed for PIE, so it can't be used in asm directly. Reviewed-by:
-
- 25 Jan, 2017 17 commits
-
-
Frank Liberato authored
Return AVERROR_INVALIDDATA if all four bytes aren't present. Signed-off-by:
-
Michael Niedermayer authored
Fixes out of array access Fixes: 452/fuzz-1-ffmpeg_VIDEO_AV_CODEC_ID_INTERPLAY_VIDEO_fuzzer Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes timeout Fixes: 446/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_VP6_fuzzer Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes timeout Fixes: 445/fuzz-3-ffmpeg_VIDEO_AV_CODEC_ID_MJPEG_fuzzer Fixes: 456/fuzz-2-ffmpeg_VIDEO_AV_CODEC_ID_JPEGLS_fuzzer Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes out of array access Fixes: 444/fuzz-2-ffmpeg_VIDEO_AV_CODEC_ID_PNG_fuzzer Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by:
-
Andreas Cadhalpun authored
This fixes heap-buffer-overflows in libopenmpt caused by interpreting the negative size value as unsigned size_t. Signed-off-by:
Jörn Heusipp <osmanx@problemloesungsmaschine.de> Signed-off-by:
-
Michael Niedermayer authored
Negate null check Fixes CID1396248 Signed-off-by:
-
Michael Niedermayer authored
Fixes CID1396849 Signed-off-by:
-
Tobias Rapp authored
Fixes pts gaps when reading AVI files > 256GiB generated by FFmpeg. Signed-off-by:
Tobias Rapp <t.rapp@noa-archive.com> Signed-off-by:
-
Michael Niedermayer authored
Fixes assertion failure due to unsupported case Fixes: 356/fuzz-1-ffmpeg_VIDEO_AV_CODEC_ID_MJPEG_fuzzer Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by:
-
Matt Wolenetz authored
In ff_index_search_timestamp(), if b == num_entries, m == num_entries - 1, and entries[m].flags & AVINDEX_DISCARD_FRAME is true, then the search for the next non-discarded packet could access entries[nb_entries], exceeding its bounds. This change adds a protection against that scenario. Reference: https://crbug.com/666770 Reviewed-by:
Sasi Inguva <isasi@google.com> Signed-off-by:
-
Michael Niedermayer authored
This should fix issues on BSD CLOCKS_PER_SEC is 128 on BSD while SUSv2 requires it to be a million Signed-off-by:
-
Michael Niedermayer authored
Fixes: CID1396263 Fixes: CID1396271 Signed-off-by:
-
Michael Niedermayer authored
Tested-by:
Thomas Turner <thomastdt@googlemail.com> Signed-off-by:
-
Chris Cunningham authored
MPEG Audio frame header must be 4 bytes. If we fail to read 4 bytes bail early to avoid Use-of-uninitialized-value msan error. Reference https://crbug.com/666874 . Signed-off-by:
-
Michael Niedermayer authored
Reviewed-by:
-
Michael Niedermayer authored
Fixes CVE-2016-9561, Note the security relevance of this is disputed as running out of memory can happen with valid files Suggested-by:
-
- 15 Jan, 2017 1 commit
-
-
Georgi D. Sotirov authored
Fixes ticket #5997. (cherry picked from commit 581f93f3) Fixes Debian bug 841501.
-
- 10 Dec, 2016 7 commits
-
-
Michael Niedermayer authored
Signed-off-by:
-
Michael Niedermayer authored
This allows user apps to stop OOM due to excessive number of streams Signed-off-by:
-
Michael Niedermayer authored
We are checking during encoding if there is enough space as version 4 needs that check. Fixes Ticket6005 Signed-off-by:
-
Michael Niedermayer authored
Fixes: part of 670190.ogg Found-by:
Matt Wolenetz <wolenetz@google.com> Signed-off-by:
-
Michael Niedermayer authored
Fixes: part of 670190.ogg Fixes integer overflow Found-by:
-
Michael Niedermayer authored
Signed-off-by:
-
Marton Balint authored
As I used simple RGBA formats for subtitles and for the video texture if avfilter is disabled I kind of assumed that sws_scale won't access data pointers and strides above index 0, but apparently that is not the case. Fixes Coverity CID 1396737, 1396738, 1396739, 1396740. Reviewed-by:
Marton Balint <cus@passwd.hu>
-
- 08 Dec, 2016 1 commit
-
-
Srinath K R authored
Signed-off-by:Timo Rothenpieler <timo@rothenpieler.org>
-
- 05 Dec, 2016 4 commits
-
-
Michael Niedermayer authored
Signed-off-by: -
Michael Niedermayer authored
Fixes out of array access Fixes: poc_ffserver.py Found-by:
Paul Cher <paulcher@icloud.com> Signed-off-by:
-
Michael Niedermayer authored
This should make it less ambigous that these are URLs Signed-off-by:
-
Michael Niedermayer authored
Fixes out of array access Found-by:
-
