- 29 Dec, 2023 29 commits
-
-
Michael Niedermayer authored
-
Michael Niedermayer authored
Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 029294ff ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit bb04235d ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit bf115977 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array access: Fixes: tickets/10745/poc12ffmpeg Found-by: Li Zeyuan and Zeng Yunxiang. Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7deaca71 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 9f4c5bd7 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 9d1ba698 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array read Fixes: tickets/10744/poc11ffmpeg Found-by: Li Zeyuan and Zeng Yunxiang. Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a88b06f9 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array access Fixes: tickets/10753/poc16ffmpeg Regression since: 45dc668a Found-by: Zeng Yunxiang Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 61e73851 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array access Fixes: tickets/10746/poc13ffmpeg Found-by: Zeng Yunxiang Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 50f0f8c5 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Thomas Guilbert authored
Fixes: use of uninitialized value Fixes: bbb-320x240-2video-2audio.mp4 Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ff451df9 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: shift exponent -1 is negative Fixes: 63889/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6009343056936960 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 850ab8f6 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array access Fixes: tickets/10743/poc10ffmpeg Found-by: Zeng Yunxiang and Li Zeyuan Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 0ecc1f0e ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array access Fixes: Ticket10699 Fixes: poc5ffmpeg Found-by: Zeng Yunxiang Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c443658d ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
The code works in steps of 2 lines and lacks support for odd height Implementing odd height support is better but for now this fixes the out of array access Fixes: out of array access Fixes: tickets/10702/poc6ffmpe Found-by: Zeng Yunxiang Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e4d2666b ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array access Fixes: tickets/10749/poc15ffmpeg Regression since: 81df787b Found-by: Zeng Yunxiang Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ab0fdaed ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array access Fixes: 64081/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6151006496620544 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 5f88458b ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: signed integer overflow: 2314885530818453536 - -7412889664301817824 cannot be represented in type 'long' Fixes: 64296/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-6304027146846208 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit cfc0a68d ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: signed integer overflow: 2147478526 + 33924 cannot be represented in type 'int' Fixes: shift exponent 32 is too large for 32-bit type 'unsigned int' Fixes: 64243/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-5195717848989696 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c72a20f0 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array access Fixes: 62164/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OSQ_fuzzer-6227491892887552 Fixes: 62164/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OSQ_fuzzer-6268561729126400 Fixes: 62164/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OSQ_fuzzer-6414805046788096 Fixes: 62164/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OSQ_fuzzer-6538151088488448 Fixes: 62164/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OSQ_fuzzer-6608131540779008 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit c75fccd1 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Brad Smith authored
Fixes the build. It's a requirement when utilizing PIE. Signed-off-by:
Brad Smith <brad@comstyle.com> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 6066c430 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Nuo Mi authored
Fixes: out of array access Fixes: 62603/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5837632490569728 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ce0c178a ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Pierre-Anthony Lemieux authored
Intended to replace https://patchwork.ffmpeg.org/project/ffmpeg/patch/20230802000135.26482-3-michael@niedermayer.cc/ with a more accurate block decoding magnitude bound. Fixes: 62433/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5828618092937216 Fixes: 58299/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5828618092937216 Previous-version-reviewed-by:
Tomas Härdin <git@haerdin.se> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a1384b4e ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: Timeout Fixes: 62286/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VMIX_fuzzer-5155237134204928 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit aa1e7681 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: Out of array read Fixes: global-buffer-overflow-AV1 Found-by:
"Leonelli, Matteo" <matteo.leonelli@cispa.de> Tested-by:
"Wang, Fei W" <fei.w.wang@intel.com> Reviewed-by:
"Wang, Fei W" <fei.w.wang@intel.com> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 22daf214 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: switch_1080p_720p.mp4 Found-by:
Dale Curtis <dalecurtis@chromium.org> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4cdf2c7f ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Dale Curtis authored
Fixes https://crbug.com/1499669 : runtime error: signed integer overflow: 9223372036853334272 + 1375731456 cannot be represented in type 'int64_t' (aka 'long') Signed-off-by:
Dale Curtis <dalecurtis@chromium.org> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2182173a ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Haihao Xiang authored
The type of qsv decoders is FF_CODEC_CB_TYPE_DECODE which must not return AVERROR(EAGAIN). commit 42b20c93 added an assertion to check the returned value. Signed-off-by:
Haihao Xiang <haihao.xiang@intel.com> (cherry picked from commit e233f3e7)
-
- 27 Dec, 2023 1 commit
-
-
Leo Izen authored
The specification doesn't mention that clusters cannot have alphabet sizes greater than 1 << bundle->log_alphabet_size, but the reference implementation rejects these entropy streams as invalid, so we should too. Refusing to do so can overflow a stack variable that should be large enough otherwise. Fixes #10738. Found-by: Zeng Yunxiang and Li Zeyuan Signed-off-by:
Leo Izen <leo.izen@gmail.com>
-
- 19 Dec, 2023 1 commit
-
-
Frank Plowman authored
Reduce false positives for VVC files by adding additional checks in `vvc_probe`. Specifically, `nuh_temporal_id_plus1` is tested for valid values in extra cases depending on the NAL unit type, as per ITU-T H.266 section 7.4.2.2. Resolves trac #10703. Signed-off-by:
Frank Plowman <post@frankplowman.com> Signed-off-by:
Zhao Zhili <zhilizhao@tencent.com> (cherry picked from commit 7d7ba217)
-
- 11 Dec, 2023 1 commit
-
-
Benjamin Cheng authored
win32 typically doesn't have unistd.h, so always including it will break MSVC builds. The usage of those POSIX functions are already guarded by _WIN32, so use that to guard unistd.h include as well. (cherry picked from commit 185871fd)
-
- 04 Dec, 2023 1 commit
-
-
Lynne authored
Forgotten. Reviewed-by:
Neal Gompa <ngompa13@gmail.com> Tested-by:
Neal Gompa <ngompa13@gmail.com> (cherry picked from commit 8c117b75)
-
- 02 Dec, 2023 1 commit
-
-
Anton Khirnov authored
Fixes #10650 (cherry picked from commit 5230257e ) Signed-off-by:
Anton Khirnov <anton@khirnov.net>
-
- 22 Nov, 2023 1 commit
-
-
Dmitry Rogozhkin authored
Validate that a hw_frames_ctx is available before using it for the AVHWAccel.free_frame_priv callback, and don't require it to be present when the callback is not in use by the HWAccel. v2: check for free_frame_priv (Hendrik) v3: return EINVAL (Christoph Reiter) v4: better commit message (Hendrik) v5: fix typo with missed frames_ctx (Lynne) See[1]: https://github.com/msys2/MINGW-packages/pull/19050 Fixes: be071451 ("avcodec: add AVHWAccel.free_frame_priv callback") CC: Lynne <dev@lynne.ee> CC: Christoph Reiter <reiter.christoph@gmail.com> Signed-off-by:
Dmitry Rogozhkin <dmitry.v.rogozhkin@intel.com> (cherry picked from commit e9c93009)
-
- 12 Nov, 2023 2 commits
-
-
Sebastian Ramacher authored
Signed-off-by:
James Almer <jamrial@gmail.com> (cherry picked from commit 250471ea)
-
Sebastian Ramacher authored
Signed-off-by:
James Almer <jamrial@gmail.com> (cherry picked from commit a562cfee)
-
- 10 Nov, 2023 3 commits
-
-
James Almer authored
Reviewed-by:
Anton Khirnov <anton@khirnov.net> Signed-off-by:
James Almer <jamrial@gmail.com> (cherry picked from commit 4cba3e0f)
-
Michael Niedermayer authored
Name taken to match the suggested news posted by lynne Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
-