- 30 Jan, 2016 3 commits
-
-
Michael Niedermayer authored
Fixes: 372d2df1f04b49e25f109f07f90b1505/asan_heap-oob_2835d2e_8501_99e0114d7ba3a6db885d0b4684d200c1.cine Fixes out of array read Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ad3b6fa7 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes null pointer dereference Fixes: 10412fc52ecc6eab40ed67f82ca7b372/signal_sigsegv_2618c99_2129_f808373959e46afb165593332799ffbc.aif Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 057549a9) Conflicts: libavcodec/aacenc.c
-
Michael Niedermayer authored
Found-by:
Pedro Arthur <bygrandao@gmail.com> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
- 28 Jan, 2016 4 commits
-
-
Andreas Cadhalpun authored
src and dst are only 8-bit-aligned, so accessing them as uint16_t causes SIGBUS crashes on architectures like sparc. This fixes ubsan runtime error: load of misaligned address for type 'const uint16_t', which requires 2 byte alignment Reviewed-by:
Michael Niedermayer <michael@niedermayer.cc> Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 44ac13ee ) Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
-
Andreas Cadhalpun authored
Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 1cb2331e ) Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
-
Andreas Cadhalpun authored
This fixes NULL pointer dereferencing if the codec is forced to adpcm_thp even though a different one was detected. Reviewed-by:
Paul B Mahol <onemda@gmail.com> Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit bcf4ee26 ) Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
-
Andreas Cadhalpun authored
This fixes NULL pointer dereferencing. Reviewed-by:
Paul B Mahol <onemda@gmail.com> Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit d7d37c47 ) Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
-
- 27 Jan, 2016 4 commits
-
-
Andreas Cadhalpun authored
This causes non-unique elements in floor_setup->data.t1.list, which makes the stream undecodable according to the specification. Reviewed-by:
Michael Niedermayer <michael@niedermayer.cc> Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit e7a7b313 ) Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
-
Andreas Cadhalpun authored
It causes the angle channel number to equal the magnitude channel number, which makes the stream undecodable according to the specification. Reviewed-by:
Michael Niedermayer <michael@niedermayer.cc> Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit b4b13848 ) Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
-
Andreas Cadhalpun authored
This fixes segmentation faults caused by passing a packet_ptr of NULL to memcpy. Reviewed-by:
Michael Niedermayer <michael@niedermayer.cc> Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 40eb2531 ) Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
-
Paul B Mahol authored
The size of decoding map can differ from one calculated internally, producing artifacts while decoding video. Signed-off-by:
Paul B Mahol <onemda@gmail.com> (cherry picked from commit c293ef25 ) Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
-
- 15 Jan, 2016 27 commits
-
-
James Almer authored
Fixes a warning with -Wformat-extra-args (cherry picked from commit 17e7fdf6 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
James Almer authored
Signed-off-by:
James Almer <jamrial@gmail.com> (cherry picked from commit 78129978 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
This fixes a null pointer dereference at least Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit cfda1bea) Conflicts: libavformat/hls.c
-
Michael Niedermayer authored
No case is known where these are needed Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 6ba42b64 ) Conflicts: libavformat/hls.c Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
This avoids running various table inits unnecessarily Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit cc538e9d) Conflicts: libswscale/utils.c
-
Michael Niedermayer authored
This makes SWS more robust Fixes: 07650a772d98aa63b0fed6370dc89037/asan_heap-oob_27ddeaf_2657_2c81ff264dee5d9712cb3251fb9c3bbb.264 Fixes: out of array read Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 8f3a9a8c ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 5e5f82a2 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Maxim Andreev authored
Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7145e80b) Conflicts: libavformat/hls.c
-
Michael Niedermayer authored
Fixes out of array read Fixes: 03c406ec9530e594a074ce2979f8a1f0/asan_heap-oob_7dec26_4664_37c52495b2870a2eaac65f53958e76c1.flac Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 115fb6d0 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes integer overflow Fixes: 0063df8be3aaa30dd6d76f59c8f818c8/signal_sigsegv_7b7b59_3634_bf418b6822bbfa68734411d96b667be3.mov Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7c0b84d8 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes assertion failure Fixes out of memory access Fixes: test_casex.ivf Found-by:
Tyson Smith <twsmith@mozilla.com> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7c97946d ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
They are stored in a byte, thus more than 255 is not possible Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 59c915a4 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: 1b8b83a53bfa751f01b1daa65a4758db/signal_sigabrt_7ffff6ae7cb7_7488_403f71d1a2565b598d01b6cb110fac8f.aiff Fixes: assertion failure Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 26757b02 ) Conflicts: libavcodec/wavpackenc.c Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes index out of bounds error Fixes: aac_index_out_of_bounds.wmv Found-by:
Piotr Bandurski <ami_stuff@o2.pl> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 59086387) Conflicts: libavcodec/aacdec_template.c
-
Michael Niedermayer authored
Fixes: dvdec_left_shift.avi Found-by:
Piotr Bandurski <ami_stuff@o2.pl> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 93ac72a9 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: mjpeg_left_shift.avi Found-by:
Piotr Bandurski <ami_stuff@o2.pl> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit d86d7b24 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: mss2_left_shift.wmv Found-by:
Piotr Bandurski <ami_stuff@o2.pl> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e273dade ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes Ticket 5106 Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2039b3e7 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes out of array read Fixes: test_case-mdc.264 (b47be15a120979f5a1a945c938cbef33) Found-by:
Tyson Smith <twsmith@mozilla.com> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 13f266b5 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Thomas Mundt authored
Prevents that following scalers in the filter chain will do unintentional color range conversions. Fixes Ticket #5096 Signed-off-by:
Thomas Mundt <loudmax@yahoo.de> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 73ce8162 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes out of array read Found-by:
Tyson Smith <twsmith@mozilla.com> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 5b4da8a3) Conflicts: libavcodec/motion_est.h
-
Michael Niedermayer authored
Fixes mozilla bug 1230423 Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7cc01c25 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes Ticket4960 Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1edf129c ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
This causes a overall slowdown of 0.1 % (tested with mpeg4 single thread encoding of matrixbench at QP=3) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit cccb0ffc ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Andreas Cadhalpun authored
This can happen if s->ls changes from 0 to 1, but picture allocation is skipped due to s->interlaced. In that case ff_jpegls_decode_picture could be called even though the s->picture_ptr frame has the wrong pixel format and thus a wrong linesize, which results in a too small zero buffer being allocated. This fixes an out-of-bounds read in ls_decode_line. Reviewed-by:
Michael Niedermayer <michael@niedermayer.cc> Signed-off-by:
Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> (cherry picked from commit 7ea2db6e ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes Ticket4926 Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b83d8be6 ) Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc>
-
- 08 Jan, 2016 1 commit
-
-
James Almer authored
Reviewed-by:
Christophe Gisquet <christophe.gisquet@gmail.com> Signed-off-by:
James Almer <jamrial@gmail.com> (cherry picked from commit dc79824d)
-
- 02 Jan, 2016 1 commit
-
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com> (cherry picked from commit 8bcd1997) Fixes ticket #5113.
-