[FFmpeg-cvslog] New commits on branch release/4.0
Git System
git at videolan.org
Wed Jul 1 16:09:31 EEST 2020
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8c41deb6fb4e0e23bb22c39b4314a5d1f25702cb
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jul 1 13:57:48 2020 +0200
Update for 4.0.6
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=89241451959dc4b2c3d5c5ec6fc6c2b522449e34
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 21 12:24:04 2020 +0200
avformat/utils: reorder duration computation to avoid overflow
Fixes: signed integer overflow: 8 * 9223372036854774783 cannot be represented in type 'long'
Fixes: 23381/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-4818340509122560
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 10cc82c35baabbb07ffec3faccb04d8928c39e4c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=98980ce38f1d658f46b6b5b4c28084216ce74846
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jun 25 19:22:01 2020 +0200
avcodec/pngdec: Check for fctl after idat
Fixes: out of array access
Fixes: 23554/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-4796622520451072.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 65b1ba680fb67902a9c876a49d0146eaae5a1c3d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d7abedc90443d6bbd7e956fd53d91b343cba50a8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jun 29 19:49:41 2020 +0200
avformat/hls: Pass a copy of the URL for probing
The segments / url can be modified by the io read when reloading
This may be an alternative or additional fix for Ticket8673
as a further alternative the reload stuff could be disabled during
probing
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b5e39880fb7269b1b3577cee288e06aa3dc1dfa2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2a5219d359933b4d6a4ccf13e241253543fc390e
Author: Steven Liu <lq at chinaffmpeg.org>
Date: Fri May 29 11:39:05 2020 +0800
avformat/hls: check segment duration value of EXTINF
fix ticket: 8673
set the default EXTINF duration to 1ms if duration is smaller than 1ms
Signed-off-by: Steven Liu <lq at chinaffmpeg.org>
(cherry picked from commit 9dfb19baeb86a8bb02c53a441682c6e9a6e104cc)
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=919cbe750164f97c3932a87123ca07f9c3b7d081
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 28 00:21:09 2020 +0200
avutil/common: Fix integer overflow in av_ceil_log2_c()
Fixes: left shift of 1913647649 by 1 places cannot be represented in type 'int'
Fixes: 23572/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5082619795734528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e409262837712016097c187e97bf99aadf6a4cdf)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ba0c96ecd3a100806c640bea05a0ed1a754c07f0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 28 00:10:19 2020 +0200
avcodec/wmalosslessdec: fix overflow with pred in revert_cdlms
Fixes: signed integer overflow: 2048 + 2147483646 cannot be represented in type 'int'
Fixes: 23538/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5227567073460224
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 21598d711d894081d0566282473044ba4f378f33)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c92265be9027178fa9ea655c3c94f08d3951642c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 23 01:01:53 2020 +0200
avformat/mvdec: Fix integer overflow with billions of channels
Fixes: signed integer overflow: 1394614304 * 2 cannot be represented in type 'int'
Fixes: 23491/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5697377020411904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b6fbbe08c325415cc784df296058beb6604f0b9c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=27e6cb690a623c2b337d11e330df8b26d216ea2d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 23 01:43:14 2020 +0200
avformat/microdvddec: skip malformed lines without frame number.
Fixes: signed integer overflow: 1 - -9223372036854775808 cannot be represented in type 'long'
Fixes: 23490/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5133490093031424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george at nsup.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a8fb7612a97530bdd0b2549dacf91dcf71a3187a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d6c265e22ad4d4dcfd1260673c37b4fdbdb552ef
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 14 19:45:05 2020 +0200
avformat/mxfdec: free duplicated utf16 strings
Fixes: memleak
Fixes: 23415/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5124814510751744
Suggested-by: Marton Balint <cus at passwd.hu>
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0aa2768cb275bda9e9e1331ed95adc7cd686eafe)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c12f7ef056bd4415eb8f4ce7e38a4aba1d54922b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 14 19:51:23 2020 +0200
avformat/4xm: Check that a video stream was created before returning packets for it
Fixes: assertion failure
Fixes: 23434/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5227750851084288.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c517c3f4741b6897ea952d1fba199c93c5217cfe)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=26b097f06cf41c0cb1b9cb391b8e4d05e74ef210
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jun 13 21:47:03 2020 +0200
avcodec/ffwavesynth: Avoid undefined operation on ts overflow
Alternatively these conditions could be treated as errors
Fixes: 23147/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5639254549200896
Fixes: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'int64_t' (aka 'long')
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 584d334afd59714ed04637a9227a4f1368c26166)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5ea288cf5aecf23a9adab14346c1dc69bfe0be41
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jun 11 22:22:57 2020 +0200
avcodec/mpeg4videodec: Fix 2 integer overflows in get_amv()
Fixes: signed integer overflow: -144876608 * 16 cannot be represented in type 'int'
Fixes: 22782/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-6039584977977344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e361785ee05cc75d3caacf2f254160b0336f5358)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2e29f3023c93155274e9f2f85d98cbe571af21a1
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 7 19:24:10 2020 +0200
avcodec/lossless_audiodsp: Fix undefined overflows in scalarproduct_and_madd_int16_c()
Fixes: signed integer overflow: 2142077091 + 6881070 cannot be represented in type 'int'
Fixes: 22737/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5958388889681920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c0dfe134beefde4070d43910518b1f4a58f01794)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b8a1a3cc92ba130ff15c1dc8493850cd63a0f084
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Feb 20 19:56:39 2020 +0100
avcodec/sonic: Fix several integer overflows
Fixes: signed integer overflow: 2129689466 + 2129689466 cannot be represented in type 'int'
Fixes: 20715/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-5155263109922816
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 75d520e33704447f1b29ac47fd9e40994a6bc659)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=eee5414f216abe3ad79759b5d8a1fe02f76a51a0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jun 13 11:56:01 2020 +0200
avcodec/mpeg4videodec: avoid invalid values and reinitialize in format changes for studio profile
Fixes: out of array access
Fixes: 23327/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5134822992510976
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e53235f06c229a23d3241b47e32647019161fb7c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0b6c2d3dbd49d54f6fc1feee7c353422698f8574
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jun 13 11:21:52 2020 +0200
avcodec/pixlet: Fix log(0) check
Fixes: passing zero to clz(), which is not a valid argument
Fixes: 23337/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PIXLET_fuzzer-5179131989065728
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bd0f81526d3f4c23ecd0a399829103be2445c011)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=807bcc9a1e34e8c112eb9cb067bc70bfc1ff1379
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jun 13 10:48:14 2020 +0200
avcodec/iff: Fix off by x error
Fixes: out of array access
Fixes: 23245/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5723121327013888.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 51225dee0a6266780d26d43bd6802bbcf736327e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c25bfbe37db9b356988b1ccd9154352f66652eea
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 9 22:11:23 2020 +0200
avcodec/wmalosslessdec: Check block_align maximum
Fixes: Assertion failure
Fixes: 22737/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5958388889681920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 314d10f7a60f1786c85da30a569be61e2b906fef)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9942728b61b5871a49fdd0f0448bb9c6f7642533
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 9 22:14:59 2020 +0200
avcodec/loco: Fix signed integer overflow in loco_get_rice()
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 22975/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LOCO_fuzzer-5658160970072064
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit aa88cdfd90f5da0683cd6556c75a5ba5740a1c27)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e6461966458d595a01a3190cc3ff7d9b4786d875
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jun 8 09:28:55 2020 +0200
avformat/thp: Check fps
Fixes: division by zero
Fixes: 23162/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-4856420817436672
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0e15b01b4e463d12128db2c15de7741637548347)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2fb4e8f70a3aafc92a614709d6cf72931f1c9af1
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jun 8 09:47:41 2020 +0200
avformat/mpl2dec: Fix integer overflow with duration
Fixes: signed integer overflow: 9223372036854775807 - -1 cannot be represented in type 'long'
Fixes: 23167/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6425051741290496
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9a42a67c5ca198a3879b7f3663cc44ccbcaf0bd3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1f110be565a50d8ab36818c680b7e7ea8d66a184
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jun 6 19:42:07 2020 +0200
avcodec/mpeg12dec: remove outdated comments
Found-by: Kieran
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 48de8f5816aa54dc584aeb2dbbf63a0e880279e2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c8927529d057f159396c10a0fa7d126c05d12e6c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jun 6 17:45:39 2020 +0200
avcodec/snowdec: Avoid integer overflow with huge qlog
Fixes: integer overflow
Fixes: 22285/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-5682428762128384
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 38fbf33c7255b503453052c32ab5ae4fb151b29e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=742040a72242b5b2d48363c13bd372ccd2605edb
Author: Dale Curtis <dalecurtis at chromium.org>
Date: Thu May 14 14:38:07 2020 -0700
avformat/mov: Check if DTS is AV_NOPTS_VALUE in mov_find_next_sample().
Signed-off-by: Dale Curtis <dalecurtis at chromium.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bf446711bc8b7f316771870b8d4dc4dd65f5d94b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7d1f34959011626f4998e2afe305eab6d2b34106
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu May 28 00:19:56 2020 +0200
avcodec/mpeg12dec: Fix got_output
This makes got_output consistent with the code in slice_end() which sets the output
in slice_end()
if (s->pict_type == AV_PICTURE_TYPE_B || s->low_delay) {
int ret = av_frame_ref(pict, s->current_picture_ptr->f);
...
} else {
Fixes: assertion failure
Fixes: 22178/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-5664234440753152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4f33a9803a3068ce2d52289fc1db60375dc8b7a5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f167247ded0e94df05064b4eaa1686d5b11a8533
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 7 21:35:43 2020 +0200
avformat/4xm: Cleanup on GET_LIST_HEADER() failure
Fixes: memleak
Fixes: 23142/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5932860820422656
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a5313ce6542a4ee4112acd260e59bff698f3dddd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=780b72102289f12acd46763364aa7373869f5972
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu May 28 18:08:57 2020 +0200
avcodec/lzf: Consider the needed size in reallocation
Fixes: NULL pointer dereference
Fixes: 22381/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NOTCHLC_fuzzer-5659879921680384.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 292b9b93a50aa0622e33013de9f2ddc130bef671)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b25d00f6a152bcc69bae74886b52f1b81f13210a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 31 14:30:43 2020 +0200
avformat/mlvdec: fail reading a packet with 0 streams
Fixes: NULL pointer dereference
Fixes: 22604/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5667739074297856.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5bd5c3108786bf69f108c55c375f1956f67ca7a4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0a8b2def0a417e19dc2c4867e2c462d826d53305
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 31 14:24:04 2020 +0200
avformat/thp: Check compcount
Fixes: out of array access
Fixes: 22520/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5100297658826752
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1ba8484559661dfdbca36dbc17b203f33f62e26c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=79ca86c1ecb406e3321c1bcb4a9ad63d2b735ac4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 31 14:59:02 2020 +0200
avcodec/adpcm: XA: Check shift similar to filter
Fixes: negative shift
Fixes: 22499/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_XA_fuzzer-5765452130418688
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6d96bae9c480e020e9f51fabd5642d7ae6020943)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f3dca389bc978582fbe21f9793be5ce5dc3f7709
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jun 5 22:05:27 2020 +0200
avcodec/huffyuvdec: Test vertical coordinate more often
Fixes: out of array access
Fixes: 22892/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HYMT_fuzzer-5135996772679680.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a1223ddc5692772198a02600ecff2545f32b37be)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=14fe71f5dcce45c02cdc65b7dcf3ce6660f8776d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat May 30 00:43:46 2020 +0200
avcodec/hq_hqa: Check info size
Fixes: assertion failure
Fixes: 21079/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HQ_HQA_fuzzer-5737046523248640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit cf28521fee22dbe2f7eeb8ab0306c0fd0802c48a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9f1cb0b89018f1da44dfa48c3268ba4606d931f2
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat May 23 22:02:56 2020 +0200
avcodec/wmalosslessdec: Fix integer overflow in mclms_predict()
Fixes: signed integer overflow: 2147483636 + 2048 cannot be represented in type 'int'
Fixes: 22016/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5109395618004992
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c42ed06695848617350a94543823e850f190b3ab)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=63d50232571130b5e5099cd33819af898a64f8ac
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 24 00:24:40 2020 +0200
avcodec/vp9dsp_template: Fix integer overflow(s) in iadst16_1d()
Fixes: signed integer overflow: 1080285923 - -1130879337 cannot be represented in type 'int'
Fixes: 22002/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP9_fuzzer-6260237310099456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 071e2937236945c168ab99d3e3b01539194466dd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=50c508ef655cbce80b5ebe2cc467bccc41e72199
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu May 28 14:33:58 2020 +0200
avcodec/h264dec: Disable forced small_padding on flag2 fast
Fixes: 20978/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5746381832847360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=eda5c5e5fe4177dc0469bf458bd4b7a8c43aabef
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 19 17:05:52 2020 +0200
avformat/oggparsevorbis: Error out on double init of vp
Fixes: memleak
Fixes: 19949/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5743636058210304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2a3bbc0086aa608cc0465dd14901178d41cfe113)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=65cfae33e237cb4c0c641cc46b82757c7ddc9a4b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat May 16 00:31:23 2020 +0200
avcodec/pnmdec: Use unsigned for maxval rescaling
Fixes: signed integer overflow: 65535 * 55335 cannot be represented in type 'int'
Fixes: 21955/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGMYUV_fuzzer-5669206981083136
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 49459aca47d4803b2188fbf12b758bd2b01e91d7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0c903ef05afc0b899eccd7be9e873ee6187cddee
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed May 13 00:11:37 2020 +0200
avcodec/ivi: Clear got_p_frame before decoding a new frame using it
Fixes: assertion failure
Fixes: 21666/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-5706468994318336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1d633e6a0a61118c9b2d1785d96bdebaa8c38592)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a24bbffebe8570d056f2b287fa8fc992820248e1
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon May 4 00:04:49 2020 +0200
avcodec/dsddec: Check channels
Fixes: division by zero
Fixes: 21677/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DSD_MSBF_fuzzer-5712547983654912
Fixes: 21751/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DSD_LSBF_fuzzer-5197097180856320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2570a8777e7095358b10f679d35641e114a2ab33)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0fdaecd8f0ae6bc5e710e69caa129157e3744a65
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat May 2 21:25:17 2020 +0200
avcodec/xvididct: Fix integer overflow in idct_row()
Fixes: signed integer overflow: -1238335488 + -1003634688 cannot be represented in type 'int'
Fixes: 21649/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5112005765890048
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 620236e4d2ac46821911b99fa4551868675d4ed9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=221afdfc91a6bd90e69473c32da5383b5474a280
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 26 21:19:13 2020 +0200
avcodec/wmalosslessdec: Fix integer overflows in revert_inter_ch_decorr()
Fixes: signed integer overflow: -717241856 + -1434459904 cannot be represented in type 'int'
Fixes: 21405/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5677143666458624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e9a4c4fe9918220be492a4a9d74c2293fd706be3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6085934f8f1f584be985dbc5ad12a47fa929ffd5
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 16 18:51:52 2020 +0100
avformat/mpegenc: Fix integer overflow with AV_NOPTS_VALUE
Fixes: signed integer overflow: -9223372036854775808 - 45000 cannot be represented in type 'long'
Fixes: ticket8187
Found-by: Suhwan
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9874815b1aadadd7fd19aa6aabb7d9193f2f43d5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bdc4815b26cf4c5d165f0554649ef6964180f193
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 16 18:32:31 2020 +0100
avformat/swfenc: Fix integer overflow in frame rate handling
Fixes: signed integer overflow: 30000299 * 256 cannot be represented in type 'int'
Fixes: ticket8184
Found-by: Suhwan
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 31f956acadd994b8c4e22b714aaffee0f527c827)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b0037e9ee5227614268d8981f757972407e1a28a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 7 12:04:25 2020 +0200
avformat/aadec: Check toc_size to contain the minimum to demuxer uses
Fixes: out of array access
Fixes: stack-buffer-overflow-READ-0x0831fff1
Found-by: GalyCannon <galycannon at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit daa2482871dffa9af12fa6d874a3d2dedd73f42e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5bfafe838e1bc7e985233c2d9f988c77102849c0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Apr 20 23:27:04 2020 +0200
avcodec/cbs_h265_syntax_template: Limit num_long_term_pics more strictly
The limit is based on hevcdec.c
Fixes: 20854/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-5160442882424832
Fixes: out of array access
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 435fa373d1f5045b17de74934e44863e2fb3071f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2b20b1d2abfdb7480cf676144ef43b643c2acbd0
Author: Dale Curtis <dalecurtis at chromium.org>
Date: Thu May 14 15:31:55 2020 -0700
avformat/mov: Don't allow negative sample sizes.
Signed-off-by: Dale Curtis <dalecurtis at chromium.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2d8d554f15a7a27cfeca81467cc9341a86f784e2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2a5cc5d601d7a9d25128a00a27237e6e673960b1
Author: Vitaly Buka <vitalybuka-at-google.com at ffmpeg.org>
Date: Tue Apr 21 21:34:19 2020 -0700
mpeg4videoenc: Don't crash with -fsanitize=bounds
Also the patch makes this code consistent with mpeg4videodec.c
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f163d30de2090a7275f1fb8ad69258576f12c1a2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=92961de9dab1abe164fc4b38d6909c30cf127626
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu May 7 12:38:26 2020 +0200
avformat/mpegts: Shuffle avio_seek
This avoids accessing an old, no longer valid buffer.
Fixes: out of array access
Fixes: crash_audio-2020
Found-by: le wu <shoulewoba at gmail.com>
Reviewed-by: Marton Balint <cus at passwd.hu>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit cd74af14162c803f18e90bb12b52135e893d990c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=619594d2a0f164ba0156c94da23ca17413fe8159
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 19 17:05:53 2020 +0200
avcodec/binkaudio: Fix 2Ghz sample_rate
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 19950/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BINKAUDIO_DCT_fuzzer-5765514337189888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Suggested-by: Paul
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f603d10b1e6bb2fbf4dcccc43d3ea2fb911b36ba)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3594573f0a3bd1567b4ee71d805e674451b5fff7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Feb 12 21:30:08 2020 +0100
avcodec/adpcm: Fix integer overflow in ADPCM THP
The reference (thp.txt) uses floats so wrap around would seem incorrect.
Fixes: signed integer overflow: 1073741824 + 1073741824 cannot be represented in type 'int'
Fixes: 20658/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_THP_fuzzer-5646302555930624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b12b05374f7025167e2c43449ceb8ba3f0a6083f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=242bbbcd7000fa2adad09abb8b2bc650f4742fcd
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon May 11 22:17:43 2020 +0200
avcodec/ralf: Check num_blocks before use
Fixes: out of array access
Fixes: 20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5739471895265280
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f0c0471075fe52ed31c46e038df4280aef5b67a1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=535a88034ed1071ad5471347ae5118c79db1da47
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon May 11 21:18:58 2020 +0200
avcodec/iff: Test video_size being non zero
Fixes: Out of array access
Fixes: 20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5658548592967680
Fixes: 20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5723561177382912
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a035fd88ae7341a05c01f3b393921933e4ea9665)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1b981fc9e811c10e9efe73fd35ff6b77fa5e3b38
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 21:16:59 2020 +0200
avcodec/utvideodec: Fix integer overflow in decode_plane()
Fixes: signed integer overflow: 2147483594 + 142 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_UTVIDEO_fuzzer-5658568101724160
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 876cfa67f37e944b0f42cb67b2de4e2e06f52e82)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=24122adc5f24677af547db017ca4b4faf6534f12
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 21:12:22 2020 +0200
avcodec/ttadsp: Fix several integer overflows in tta_filter_process_c()
Fixes: signed integer overflow: 1931744255 + 252497024 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TTA_fuzzer-5763348114440192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8627885172cc54db95f86529d134308d4d095054)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ff893fe6102434e541ee828f04c2633b3b8880e3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 20:15:11 2020 +0200
avcodec/ralf: Fix integer overflow in decode_block()
Fixes: signed integer overflow: 289082077 - -2003141111 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5196077752123392
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0c4330847c104fcf3ef929c1acee33b5b34c20db)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=16aab4f595e3647c16a75bacf88f1e7f7a936cd6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 19:09:47 2020 +0200
avcodec/nuv: widen buf_size type
Fixes: signed integer overflow: 65312 * 65312 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NUV_fuzzer-5740176118906880
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1ac106bf5625de6aec31a34319298032e988f349)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1d2aedea013d0393f02f83b88680fe5c22a0eb2c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 12:04:05 2020 +0200
avcodec/iff: Fix several integer overflows
Fixes: negation of -2147483648 cannot be represented in type 'int32_t' (aka 'int'); cast to an unsigned type to negate this value to itself
Fixes: signed integer overflow: -2147483648 - 1 cannot be represented in type 'int32_t' (aka 'int')
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5764066459254784
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7a92147f87129851c1cc2c15f4ba714b8cf23f71)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3f686f6a7d01539e44aabb22a09bde90089db6b4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 11:34:53 2020 +0200
avcodec/g729postfilter: Clip gain before scaling with AGC_FAC1
The fixed point integer reference specifies the multiplication used
to have 16bit input and clips so we need to clip the input
The floating point implementation does not seem to do that.
Fixes: signed integer overflow: 6317568 * 410 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G729_fuzzer-5700189272932352
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 82d4c7b95ed98d38aa834ef5a8fb1d2ef3901698)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3ee001de6f71a66f52d539022a5d9b5b2ca2f735
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 11:08:28 2020 +0200
avcodec/alac: Fix integer overflow with 24/20bps samples
Fixes: signed integer overflow: 1020048 * 4096 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5753877751660544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 22e51e95ac97864b3d7b21124eaf8fcce147f61e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=033ecda2f2b894ec499f99f34c0396841f2579d9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Feb 13 20:56:56 2020 +0100
avcodec/dstdec: Check sample rate
Fixes: out of array access
Fixes: 20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DST_fuzzer-5735812071424000
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5727b1f13f36c4db30d5d0de51640f740edf01e8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6fd2a2ba41063383f66b5fada0222746d43e37a1
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Apr 15 20:27:27 2020 +0200
avformat/thp: Require a video stream
The demuxer code assumes the existence of a video stream
Fixes: assertion failure
Fixes: 21512/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5699660783288320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 97c78caf3e8f7ec4df3d3123b5e8d0e7541319e6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=deabf2bdad17950dafda8bace82b1def2b5d8e0c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 14 00:03:30 2020 +0200
avformat/mpeg: Decrease score by 1 for files with very little valid data
Fixes: 8233/PPY6574574605_cut.mp3
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 20f7b4dfc9640c910655bd153c6996e9edd42ff0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ad27c7c85044efe07f8d45b9de33a7ef9d5213ae
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 7 19:29:44 2020 +0200
avcodec/pngdec: Check length in fdAT
Fixes: 21089/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-5135981419429888
Fixes: out of array read
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 79e5c2ee2bbdf462cabd2113c723dfb613d735c2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=91e39dd6f30ff466086701aeeff2b0405a97d76f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 5 22:58:29 2020 +0200
avcodec/g2meet: Check tile_width in epic_jb_decode_tile()
Fixes: out of array access
Fixes: 21469/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5199357982015488
Alternatively the arrays can be made bigger or the index can be clipped.
In case a real file with such huge tiles exist we ask the user to upload it.
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5501bb28ddfa6441dcbf8ea0a964a13aa33f66fe)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0678c4d350dbf6f915368e5bb0c7de41b22b7fba
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Mar 28 20:36:00 2020 +0100
avcodec/hapdec: Check tex_size more strictly and before using it
Fixes: OOM
Fixes: 20774/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5678608951803904
Fixes: 20956/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5713643025203200
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 81fe316ad9852a3dfe46b4dc919ed1709b217671)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0f4944512f679ce4b9fbf3acdbae2802c31947dc
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 11 22:58:08 2020 +0100
avcodec/vp9dsp_template: Fix integer overflows in idct32_1d()
Fixes: signed integer overflow: -193177 * 11585 cannot be represented in type 'int'
Fixes: 20557/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP9_fuzzer-5704852816789504
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e16e3e63f0a96b4e0ec32972c975bc0e339a49d1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=737f15af604854ff68f7a45230bc37e521fa11bc
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 26 19:29:39 2020 +0200
avcodec/alacdsp: Fix invalid shift in append_extra_bits()
Fixes: left shift of negative value -1
Fixes: 21390/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-6242539519868928
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 49ae034b42234486712a02f9b00253a0975cea02)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1b2bb4877b23ced72be46f7a6b921baeb04a4a4b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 9 18:09:24 2020 +0100
libavcodec/wmalosslessdec: prevent sum of positive numbers from becoming negative
Fixes: left shift of negative value -8321365
Fixes: 20506/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-4798062906310656
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 62e4003780cad60ac1371fef892da08c27069964)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=00aec6d9ba5d602542d0ac010f172e2a30194a66
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 9 00:23:14 2020 +0100
avcodec/dstdec: Fix integer overflow in read_table()
Fixes: signed integer overflow: -16 * 134217879 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DST_fuzzer-5639509530378240
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2d465a401dd790e2ca126ecb9cbda43f898a492f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0e0edbc8b1976c5f6f29fe61132bdf71d44facf7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 18 23:14:16 2020 +0100
avcodec/txd: Check for input size against the header size.
Fixes: Timeout (21sec -> 80ms)
Fixes: 20673/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TXD_fuzzer-5177453863763968
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit aeb4e435847e0c970bcb1a835fe5eda17a4e1ce3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b888db436781954f32841c5668fef4f019fc4620
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 18 23:28:33 2020 +0100
avcodec/svq1dec: Check that there is data left after the header
Fixes: Timeout (21sec -> 255ms)
Fixes: 20709/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SVQ1_fuzzer-5085075089915904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 55e344ee5aa6f6e04e50bbac457e0ca53433ab75)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8ce3cf434399f3e0e9e69840336b5145cb7cbada
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 5 00:11:15 2020 +0200
avcodec/cbs_h265_syntax_template: Check num_negative/positive_pics when inter_ref_pic_set_prediction_flag is set
Fixes: out of array access
Fixes: 20446/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-5707770718584832
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 588114cea4ee434c9c61353ed91ffc817d2965f5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f358a4d68de42a5764d8627d4bf7f7bc7c045874
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Feb 6 00:33:40 2020 +0100
avcodec/intrax8: Check for end of bitstream in ff_intrax8_decode_picture()
Fixes: Timeout (105sec -> 1sec)
Fixes: 20479/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-5769846937878528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0a9ccc2514da82812584b0e49a30625151d225e9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0613282686a10188d3bc8823854d216d619a8d41
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 19 18:24:55 2020 +0200
avcodec/hevc_mp4toannexb_bsf: Check nalu_size
Fixes: Timeout (29sec -> 5ms)
Fixes: 20237/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_MP4TOANNEXB_fuzzer-5165615044362240
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ae2537f53e8ebfa36345241b5b70c0b1aef66dd2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c12d62bf777db53e4af7657cc46ac6cfc63f1875
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 21 00:03:40 2020 +0200
avcodec/iff: Check length before memcpy() in decode_deep_rle32()
Fixes: out of array read
Fixes: 20796/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5111364702175232.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b4a33387cb1cd3f4c5036e65e0fdd953c6b5012f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=101f32f843bf108c6d37d8854568927f6082245c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 21 00:03:39 2020 +0200
avcodec/iff: Fix invalid pointer intermediates in decode_deep_rle32()
Reviewed-by: Peter Ross <pross at xvid.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bc41a29a5aa3c3dedba0a85b4aeb79a07eeeb1b4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2f487066ed63dfa42640b94fec79f2905e3216b7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Apr 18 01:48:47 2020 +0200
avcodec/pngdec: Pass ret from decode_iccp_chunk()
Found while reviewing a patch fixing a similar issue
Reviewed-by: Anton Khirnov <anton at khirnov.net>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4c7bcaa385e5e5fda0084de2fb823ac25c0deba0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d97cfd89eb14825d05464394ee37aba06f5bd99a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 2 21:01:12 2020 +0100
avcodec/rv40dsp: Fix integer overflows in rv40_weight_func_*()
Fixes: signed integer overflow: 40550400 * 128 cannot be represented in type 'int'
Fixes: 20331/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RV40_fuzzer-5676685725007872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 13171ad2e304b2a7d959429527b98c68ec5ea320)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3336567ec4736309a1fca9f1680a7a96e0c97b6f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 1 21:25:33 2020 +0100
avcodec/ac3dec_fixed: Fix several invalid left shifts in scale_coefs()
Fixes: left shift of negative value -14336
Fixes: 20298/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AC3_FIXED_fuzzer-5675484201615360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8e30502abe62f741cfef1e7b75048ae86a99a50f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b499a73396e50c223d7e095d041a2230506d37c2
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Feb 3 23:20:23 2020 +0100
avcodec/flac_parser: Do not lose header count in find_headers_search()
Fixes: Timeout
Fixes: out of array access
Fixes: 20274/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLAC_fuzzer-5649631988154368
Fixes: 19275/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLAC_fuzzer-5757535722405888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 55f9683cf6be97f4b398a7a35ee5bfd1208ac2a5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c298f94143bf308119fbe1e895d2ac8c6d893862
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 2 20:02:55 2020 +0100
avcodec/audiodsp: Fix integer overflow in scalarproduct_int16_c()
Fixes: signed integer overflow: 2145417478 + 76702564 cannot be represented in type 'int'
Fixes: 20313/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RA_144_fuzzer-5734487724130304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit abb5762e985f4ce34e97c1b2fa6d1108ce8a881f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b26458b046b42f8baf65a990e98d50d329314621
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Apr 1 20:58:52 2020 +0200
avformat/oggdec: Check for EOF after page header
Fixes: Infinite loop
Fixes: Ticket8594
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f1589be9fda00c417f9bcccb55dbbea998ee08ac)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=15e323fee171ddf8e6828a70b2ff38e55109a5b8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Apr 2 22:38:46 2020 +0200
swscale/yuv2rgb: Fix vertical dither offset with slices
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit be3c29e3795cb2499e3b96335286d6a8423c0bcf)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c1a6a35bdda2489f5859ea157fc909ae54802480
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Apr 9 15:37:55 2020 +0200
avcodec/dpcm: clip exponent into supported range in XAN DPCM
Fixes: shift exponent 32 is too large for 32-bit type 'int'
Fixes: 21200/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XAN_DPCM_fuzzer-5754704894361600
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Anton Khirnov <anton at khirnov.net>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 20ade59d9633def4ebf84ec170f56367bfb6aa6c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4e834d7139a273475c8d79afa8515651f9b1db11
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 1 22:52:13 2020 +0100
avcodec/flacdsp_template: Fix invalid shifts in decorrelate
Fixes: left shift of negative value -2
Fixes: 20303/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLAC_fuzzer-5096829297623040
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3935c891e96c0819439da43d1b862652bbbdf065)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=987ec5f1d0ccad3d702c4762b677ad8b64a4bf4c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jan 31 23:43:57 2020 +0100
avcodec/xvididct: Fix integer overflow in MULT()
Fixes: signed integer overflow: 23170 * 95058 cannot be represented in type 'int'
Fixes: 20295/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5800212870463488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7ccb576191e91b393041b14917f1b681ec75ed3b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=89860dd06821e13e6b6c0fb1233aded64905e9a3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jan 17 23:42:08 2020 +0100
avcodec/ffwavesynth: Correct undefined overflow of PINK_UNIT
Fixes: signed integer overflow: 9223372036854775775 + 128 cannot be represented in type 'long'
Fixes: 20054/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5686385113825280
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 187161d62f35c8b613c4a6739b0a6dfa9a24da60)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9342a639a770ff27248cdb76297d8b9357715f5c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Mar 22 16:38:24 2020 +0100
avcodec/cbs_h264_syntax_template: fix off by 1 error with slice_group_change_cycle
Fixes: assertion failure
Fixes: 20390/clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_REDUNDANT_PPS_fuzzer-5683400772157440
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 741565a1e69c45ce4848f01e45be5e66a68efa2f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=531b3300a7c1d0639dbcacbd55552ff4d56f4f6e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 16 20:11:52 2020 +0100
swscale/output: Fix integer overflow in yuv2rgb_write_full() with out of range input
Fixes: signed integer overflow: 1169365504 + 981452800 cannot be represented in type 'int'
Fixes: ticket8293
Found-by: Suhwan
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e057e83a4ff4c0eeeb78dffe58e21af951c056b6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=81f9e29bc9befca2c1bd86787a6a0e50c1ba17c6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 16 20:18:11 2020 +0100
swscale/output: Fix integer overflow in alpha computation in yuv2gbrp16_full_X_c()
Fixes: signed integer overflow: 524280 * 4432 cannot be represented in type 'int'
Fixes: ticket8322
Found-by: Suhwan
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 49ba1879add99d3f64d70d34fb0255c8a49d4b28)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e75f8b51ea2a49b03392a794bc7c6bd1704b7203
Author: John Rummell <jrummell at chromium.org>
Date: Mon Mar 30 21:30:33 2020 -0700
libavformat/amr.c: Check return value from avio_read()
If the buffer doesn't contain enough bytes when reading a stream,
fail rather than continuing on with initialized data. Caught by
Chromium fuzzeras (crbug.com/1065731).
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5b967f56b6d85f62446836fc8ef64d0dcfcbda17)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9954fbe2739dc4a5daeb9fcb42637ca0d6c8b8ea
Author: John Rummell <jrummell at chromium.org>
Date: Mon Mar 30 14:08:01 2020 -0700
libavformat/mov.c: Free aes_decrypt to avoid leaking memory
Found by Chromium fuzzers (crbug.com/1057205).
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ad91cf1f2f5793db5c6dd7ab9947fcc6d7832607)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b561b503ff4bb4605eac49a47a3fdef72e1b545e
Author: John Rummell <jrummell at chromium.org>
Date: Mon Mar 30 14:56:11 2020 -0700
libavformat/oggdec.c: Check return value from avio_read()
If the buffer doesn't contain enough bytes when reading a stream,
fail rather than continuing on with unitialized data. Caught by
Chromium fuzzers (crbug.com/1054229).
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b7c67b1ae3657058b32b9235119d07529ad5cce1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=116b777775f89576dc104be0e449849fca6a9b84
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Mar 15 17:26:51 2020 +0100
avformat/asfdec_f: Fix overflow check in get_tag()
Fixes: signed integer overflow: 2 * 1210064928 cannot be represented in type 'int'
Fixes: 20873/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5761116909338624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Anton Khirnov <anton at khirnov.net>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c8140fe7324f264faacf7395b27e12531d1f13f7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2bef1bba734fe7f5253c96d10710c9a979dc6947
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Mar 18 20:20:44 2020 +0100
avformat/nsvdec: Fix memleaks on errors while reading the header
Fixes: memleaks
Fixes: 21084/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5655975492321280
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 96c04694550999cc214cae8c4a16d2d7ac0958bc)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c35205245708293907ffda82f33473d43f036e6c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Mar 15 18:25:56 2020 +0100
avcodec/ffwavesynth: Fix integer overflow in computation of ddphi
Fixes: signed integer overflow: 1302123111085380114 - -8319005078741256972 cannot be represented in type 'long'
Fixes: 20991/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5148554161291264
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george at nsup.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c85bf1631823e9089e59a474d5c6c0efc708c507)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bf696d436e71d087604cacdea6e9383075a4bb61
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Mar 1 22:46:34 2020 +0100
avcodec/adpcm: Fix invalid shift in AV_CODEC_ID_ADPCM_PSX
Fixes: left shift of negative value -1
Fixes: 20859/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_PSX_fuzzer-5720391507247104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0a11ef68f0a85905e704e503b433f5aa645d59ac)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=178f6ae983736fcc2e26b4f3232ac3b926ca1cd5
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Dec 5 22:35:03 2019 +0100
avcodec/mpeg12dec: Fix invalid shift in mpeg2_fast_decode_block_intra()
Fixes: left shift of negative value -695
Fixes: 19232/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-5702856963522560
Fixes: 19555/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-5741218147598336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c40df2166c7925fc81e1ef22563c2e32124cf1d6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3b4eae4cae3123ddefad6899ec01425fa65ec802
Author: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Date: Mon Dec 9 23:26:03 2019 +0100
avcodec/cbs_h2645: Treat slices without data as invalid
Slices that end after their header (meaning slices after the header
without any data before the rbsp_stop_one_bit or possibly without any
rbsp_stop_one_bit at all) are invalid and are now dropped. This ensures
that one doesn't run into two asserts in cbs_h2645_write_slice_data().
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Fixes: 19629/clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_METADATA_fuzzer-5676822528524288
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 66fac1ff7ccbc4fb6a3aa6b9a95de7b6bc31d14e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e9b438371232cd127717530e67421d86fc50f249
Author: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Date: Mon Dec 9 23:26:02 2019 +0100
avcodec/cbs_h2645: Remove dead code to delete trailing zeroes
Trailing zeroes are already discarded when splitting a fragment, which
makes the code to remove them when decomposing slices dead code.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8f701932b39a6345f2a8bab85f48d555a98802e3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=abd6b0f91383c3be7994037e8c4aa7348c506c36
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 23 12:41:41 2020 +0100
avcodec/mpegaudioenc_template: fix invalid shift of sample
Fixes: Ticket8010
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a2c97a8342fab6393280cc2f0e2ffb39c381d29c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e2979378ffc36ec0c8d9f8f62fde49ed6dde568a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 23 12:50:30 2020 +0100
avcodec/motion_est_template: Fix invalid shifts in no_sub_motion_search()
Fixes: Ticket8167
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e13eee37ee3268b0a985ddc74a9bde0179bd553c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=84be21040e0a454c869e21b7e98decad2bf1cec8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jan 26 22:19:48 2020 +0100
libavformat/avienc: Check bits per sample for PAL8
Fixes: assertion failure
Fixes: Ticket 8172
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 35958782819c00211e247332ab18fbf2f28267e1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3509ad1b0663b452378099dba1359468b3731c3a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jan 27 19:07:00 2020 +0100
avformat/mpegts: Improve the position determination for avpriv_mpegts_parse_packet()
Fixes: assertion failure
Fixes: Ticket 8005
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e5bb48ae5990347dff22fc38ff5a1c1f7f60a1c5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=447e97e51054b5b4cc84e29d38732ea63e22748a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 22 00:42:30 2020 +0100
avcodec/magicyuv: Check that there are enough lines for interlacing to be possible
Fixes: out of array access
Fixes: 20763/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MAGICYUV_fuzzer-5759562508664832
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f8a0e9f9f71cf5650bdc250ff7475e0f7d8e8420)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=07a265b140f8698c73eec2f1f108b8a1914ca3c4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 23 09:27:27 2020 +0100
avformat/mvdec: Check stream numbers
Fixes: null pointer dereference
Fixes: 20768/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5638648978735104.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 618a9bea65112a27a106e02ada3ae475cc8ac1ac)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=702ce6c8ee8f67cf9a5cfd9c1e7e69f3c1191c2b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Feb 20 22:26:18 2020 +0100
avcodec/pcm: Fix invalid shift in AV_CODEC_ID_PCM_LXF
Fixes: left shift of 233 by 24 places cannot be represented in type 'int'
Fixes: 20736/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PCM_LXF_fuzzer-4829212685107200
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 051d11f659455f38be7ce40e2dc9d03b082dcd4d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ec3635caf62e6770eb351401e9f07b07dc218bc0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 18 22:58:12 2020 +0100
avcodec/qdm2: Check fft_coefs_index
Fixes: out of array access
Fixes: 20660/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QDM2_fuzzer-5658290216501248
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9fc73bf022eb781eea7f685e2d2e9de4ba8898ca)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c901cc287f542ea29405175d4728c5f056c6c92a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 15 23:23:55 2020 +0100
avformat/utils: Fix integer overflow with complex time bases in avformat_find_stream_info()
Fixes: signed integer overflow: 2045163756 * 2 cannot be represented in type 'int'
Fixes: Ticket5132
Found-by: tsmith
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f3d8f517dbc42de8e2f97cc01bf5171bb05fbcc7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ac4fb0935a8fa4dcefb7ad01b538006d0521752e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 15 23:18:25 2020 +0100
avformat/avidec: Avoid integer overflow in NI switch check
Fixes: signed integer overflow: 0 - -9223372036854775808 cannot be represented in type 'long'
Fixes: Ticket8149
Found-by: Suhwan
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 347920ca2102d762e4713f101a2e75811791e2b3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=759febd8804e17bd6ed2cfa1fc1f2117172693df
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 15 22:56:18 2020 +0100
fftools/ffmpeg: Fix integer overflow in duration computation in seek_to_start()
Fixes: signed integer overflow: -9223372036854775808 - 9223372036854775807 cannot be represented in type 'long'
Fixes: Ticket8142
Found-by: Suhwan
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4f4ad33d96a01d82edf56d58599017cb0ae5bfa8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1bcbe5bc9bf030195cb2db287d00b0a4dfa6428b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 15 22:35:37 2020 +0100
avfilter/vf_aspect: Fix integer overflow in compute_dar()
Fixes: signed integer overflow: 1562273630 * 17 cannot be represented in type 'int'
Fixes: Ticket8323
Found-by: Suhwan
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0c0ca0f244b823238e5a4f5584168e620da84899)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=14ed91c1232bbf3eb25d7db7e50effdf960515fb
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 11 23:56:45 2020 +0100
avcodec/apedec: Fix invalid shift with 24 bps
Fixes: left shift of negative value -463
Fixes: 20542/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5688714435231744
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8e278672294f28a3feaba0a38460afd51f0fadda)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4834e4ff4a0df68798d88deeeab52eff5f86f7b9
Author: Dale Curtis <dalecurtis at chromium.org>
Date: Tue Jan 28 16:49:14 2020 -0800
avformat/utils: Fix undefined behavior in ff_configure_buffers_for_index()
When e2_pts == INT64_MIN and e1_pts >= 0 the calculation of
e2_pts - e1_pts will overflow an int64_t.
Signed-off-by: Dale Curtis <dalecurtis at chromium.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f15007afa90a3eb3639848d9702c1cc3ac3e896b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f1f5a2c11fc7883bab95d2e8f53e9e9332f7cec4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 22 23:11:47 2020 +0100
avcodec/dpcm: Fix integer overflow in AV_CODEC_ID_GREMLIN_DPCM
Fixes: signed integer overflow: -2147479324 + -32568 cannot be represented in type 'int'
Fixes: 20103/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GREMLIN_DPCM_fuzzer-5667667579240448
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b1aecad9eae900b9c3054392994d150d5ae572c5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=06dcfd24e9194754fd3d9bc3db5d75d3a71a1c34
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jan 18 19:55:23 2020 +0100
avcodec/wmalosslessdec: Fix integer overflow with sliding in padding bits
Fixes: signed integer overflow: -53716100 * 256 cannot be represented in type 'int'
Fixes: 20143/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5716604000403456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b8a0be93528187721a2414f66abbc252a258afa3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9f88c50965f2cd15d0ed9b6bc7ae008f8031addb
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jan 18 19:28:36 2020 +0100
avcodec/wmalosslessdec: Fix loop in revert_acfilter()
Fixes: out of array read
Fixes: 20059/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5691776237305856
No testcase except the fuzzed one.
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5584c0bb945d6010a9d8c22ef3270792022e1761)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=134d579dfcf108465425da75e89ee0f62aaf09be
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 28 20:12:25 2020 +0100
avcodec/lagarith: Sanity check scale
A value of 24 and above can collaps the range to 0 which would not work.
Fixes: Timeout (75sec -> 21sec)
Fixes: 18707/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LAGARITH_fuzzer-5708950892969984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit fb3855342b9e4c577c63b38a7a5a574830a21934)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=73c20eb18e99f3061e644d2426528ffa7be07075
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 28 18:35:43 2020 +0100
avcodec/apedec: Fix integer overflows in predictor_decode_mono_3950()
Fixes: signed integer overflow: -2147407150 + -1871606 cannot be represented in type 'int'
Fixes: 18702/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5679095417667584
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit eb64a5c6f94981e4a68ad65a6e445557e11c08fc)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=48802e370fdcebbd80adbb637039c857039807e4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 8 13:48:45 2019 +0100
avcodec/ralf: Fix integer overflow in apply_lpc()
Fixes: signed integer overflow: 2147482897 + 2048 cannot be represented in type 'int'
Fixes: 19240/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5743240326414336
Fixes: 19869/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5150136636538880
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit fd313d8cf8368918882b6de0880e44ae25cc7394)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=21c56049a2febc43dae364b0e8a3399a9f2b9194
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jan 4 23:01:12 2020 +0100
avcodec/dca_lbr: Fix some error codes and error passing
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bfea054a75f17d140f2f171056a801c4c89f6d26)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6e9a4759e3368068f5fd9231ff32a7954b98a931
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 14 15:27:44 2019 +0100
avcodec/wmavoice: Fix rounding and integer anomalies in calc_input_response()
Fixes: out of array access
Fixes: inf is outside the range of representable values of type 'int'
Fixes: signed integer overflow: -9223372036854775808 - 1 cannot be represented in type 'long'
Fixes: 19316/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-5677369365102592
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 38d37584448731f90977132b838d50ff1a28811b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7673afa1f6f799a46f3a651e9b6f8fb3c797e6d4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 21 22:27:37 2019 +0100
avcodec/wmavoice: sanity check block_align
This limit is roughly based on the bitreader limit, its likely a much tighter limit
could be used
Fixes: left shift of 1965039647 by 1 places cannot be represented in type 'int'
Fixes: 19545/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-5695391899320320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6847e22c8c85b80bf1d25ec66f77f7ccbcf43aed)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e491018858322322c6da6f5ec692ce6ecdc94b27
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Dec 18 00:07:50 2019 +0100
avcodec/pcm: Fix invalid shift in pcm_decode_frame for LXF
Fixes: left shift of 32 by 28 places cannot be represented in type 'int'
Fixes: 19472/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PCM_LXF_fuzzer-5704364320096256
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 985d3666f672781152f4b68093740ea6a9888194)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=77c771c4709bd50bf254761304351cb31caf251d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jan 19 21:51:11 2020 +0100
avcodec/snappy: Sanity check bytestream2_get_levarint()
Fixes: left shift of 79 by 28 places cannot be represented in type 'int'
Fixes: 20202/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5719004081815552
Fixes: 20219/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5641738677125120
Fixes: 20389/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5680721517871104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit be54da2117a6f58c14283f2511e71fda8d3bfe9d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=09cd4dbb8838728637305cdec366236cc8dd29ed
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 1 23:25:42 2020 +0100
avcodec/mlpdsp: Fix a invalid shift in ff_mlp_rematrix_channel()
Fixes: left shift of negative value -2
Fixes: 20305/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEHD_fuzzer-5677196618498048
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Jai Luthra <me at jailuthra.in>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit fcc9f13717c8c3fe08ca5caf957c39e76ea35e4f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=597c91c9e0f0fac7b85038a77cf74b965da52350
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jan 27 21:54:22 2020 +0100
avcodec/avdct: Clear IDCTDSPContext context
Fixes use of uninitialized variable and segfault
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Reviewed-by: James Almer <jamrial at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b82825eba837f7cbb24c1d66e93285d029307417)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b8ca21d0d0161a59bd3e4523d7beaa64b808615a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 30 22:04:06 2020 +0100
avcodec/x86/diracdsp: Fix high bits on Windows x86_64
Found-by: james
(cherry picked from commit 24af459d1e568fd134476f305f4fba23bf2c386a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0f41c189636d3c1ca02d8f0c81ba981ee7e1e897
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jan 11 12:09:08 2020 +0100
avformat/mov: Check STCO location
Fixes: bypassing of checks and assertion failure
Fixes: asan_1003879.mp4
Found-by: Clusterfuzz + asan
Reported-by: Thomas Guilbert <tguilbert at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1cd41840208bce7e690a4ccc48077567418a0aa8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e45920696cfb2809d5364790995503cec23e3715
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 9 02:06:36 2020 +0100
avcodec/wmalosslessdec: Fix multiple integer overflows
Fixes: left shift of 3329 by 20 places cannot be represented in type 'int'
Fixes: signed integer overflow: -199378355 + -1948950833 cannot be represented in type 'int'
Fixes: 19837/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5752565837070336
Fixes: 19839/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5767483265122304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 422202516cfb6239abb4e20db9f628f3899a76e2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b9f2afb86192226bcb23744e56545efe3b13a2db
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 7 20:55:16 2019 +0100
avcodec/apedec: Fix undefined integer overflow in decode_array_0000()
Fixes: signed integer overflow: -2143289344 - 6246400 cannot be represented in type 'int'
Fixes: 19239/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5173755680915456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a3655bb02c21e70573335e9396632f64b2589536)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ddd6e68fff668c993239c3f83faabd3a0d944a63
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 1 20:43:05 2020 +0100
avcodec/smacker: Check space before decoding type
Fixes: Timeout (232sec -> 280ms)
Fixes: 19682/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKER_fuzzer-5654129649385472
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6f5c18da5977a3214e1ea30e6b0c0d9d858ce83d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=deef4666521a75b2c3952b953d21824e4cb1e5a3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 1 22:32:04 2020 +0100
avcodec/rawdec: Use linesize in b64a
Fixes: out of array access
Fixes: 19750/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RAWVIDEO_fuzzer-5074834119983104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2b5b9d5dac9a3525d7330662724c0e9045078bfb)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4926a526582b5bd517f743e54af852925e1e9d58
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jan 3 23:24:15 2020 +0100
avcodec/iff: Over-allocate ham_palbuf for HAM6 IFF-PBM
IFF-PBM-HAM6 can read out of array without this overallocation
Fixes: Out of array read
Fixes: 19752/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5675331403120640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8652f4e7a15e56fadf9697188c1ed42c9981db82)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=799f37b23a70b6c3540f6a39a4211cb993170c85
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 29 22:11:45 2020 +0100
avcodec/x86/diracdsp: Fix incorrect src addressing in dequant_subband_32()
Fixes: Segfault (not reproducable with asm, which made this hard to debug)
Fixes: decoding errors
Fixes: 19854/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5729372837511168
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0694b60b7b4892eac1d6e2aca64de9e0cb096486)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fc797858a75a61fc18f82b75d5762febbfb7b332
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jan 26 20:45:07 2020 +0100
avfilter/vf_find_rect: Remove assert
A score of 0 is possible
Fixes: Ticket8500
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit dfc471488675aa257183745502d0074055db3bd2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=637e0f9b8f1abde60c0afa9550b4fcfd9d7c78ab
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jan 26 20:45:06 2020 +0100
avfilter/vf_find_rect: Increase worst case score
score could be 1.0 which lead to uninitialized values
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6ff2474e02200dce7abdea3fd211fcaf49691c2c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cc3a58c71802ef7ba2fa1a1d996b7f619654e5af
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 21 22:52:19 2020 +0100
swscale/input: Fix several invalid shifts related to rgb2yuv constants
Fixes: Invalid shifts
Fixes: #8140
Fixes: #8146
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit d48e510124d0fea24e2ec27271687c92e4428a18)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ffe2c013dcfc85d82dd2e2f1075690b0b95eb56a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 21 22:52:19 2020 +0100
swscale/output: Fix several invalid shifts in yuv2rgb_full_1_c_template()
Fixes: Invalid shifts
Fixes: #8320
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7b7f97532b2ac8836d8d8e3c71dd026e35ae1ca7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=04ee309be0711152de2844580639241c7703e562
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 21 22:52:19 2020 +0100
swscale/swscale: Fix several invalid shifts related to vChrDrop
Fixes: Invalid shifts
Fixes: #8166
Fixes: filter-crop_scale_vflip FATE-test
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a6ca22c11834c0ff075592e3f051d41068c407db)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5f1d74687b6c233bb2d07995cf20757f6ba1992c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Dec 13 00:50:21 2019 +0100
avcodec/hevc_mp4toannexb_bsf: check that nalu size doesnt overflow
Fixes: Out of array access
Fixes: 19299/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_MP4TOANNEXB_fuzzer-5169193398042624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a8ceb2a72fa1bef4ab5f1ec6cdc7ce74fffda19d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b1c35e4e8b648869d4232aa5dca2c36046e758e4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Dec 13 00:38:29 2019 +0100
avcodec/hevc_mp4toannexb_bsf: Avoid NULL memcpy()
Fixes: invalid memcpy use
Fixes: 19299/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_MP4TOANNEXB_fuzzer-5169193398042624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1e23b5a706cd378ed07a200dfee656b38504f165)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=90262aa2182101eb7893db3918b4501ac8fb2566
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 15 00:32:55 2020 +0100
avcodec/wmalosslessdec: move channel check up
Fixes: out of array access
Fixes: 2nd part of 18429/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-6210814364614656
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 891bcc4acc93e0c5a75ab7a9da668df84a0edba7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4582fddb3dfd606e5b6d7d9d0b25d1477a52d668
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Dec 11 19:19:49 2019 +0100
avcodec/cbs_h2645: Skip all 0 NAL units
Fixes: assertion failure
Fixes: 19286/clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_REDUNDANT_PPS_fuzzer-5707990724509696
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 285138ef14327ec71f356e3a923c4adde0874dc6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=17a911fb7fe8b23bed9693081ddff0e94750d54a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 7 00:14:16 2019 +0100
avcodec/adpcm: Fix overflow in FFABS() IMA_EA_EACS
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 19235/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_EA_EACS_fuzzer-5680878952382464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 794352ae9d1cb32b4b9e45d3affb83763f4ee12e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=98f6158d3fc247074563a727c7954bb848137d56
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 7 20:42:54 2019 +0100
avcodec/alac: Fix integer overflow in LPC coefficient adaption
Fixes: signed integer overflow: 267693597 * 10 cannot be represented in type 'int'
Fixes: 19237/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5755407700328448
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6a865cec5e7584ef476f394fc55c1fc91cec1a14)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8dbe97229e8ac2394b187f4a906c2cfb29f02de7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 7 20:38:13 2019 +0100
avcodec/g729postfilter: Optimize out overflowing multiplication from apply_tilt_comp()
Fixes: signed integer overflow: -1114392282 * 2 cannot be represented in type 'int'
Fixes: 19236/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G729_fuzzer-5741678938030080
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c0bd5fa43d193aa389bea7c5176b2fe23f6eeddd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c191bc98fd1d547c602abf4537a4553b6ad9227d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 8 20:18:07 2019 +0100
avcodec/vc1dec: Check field_mode for sprites
Fixes: Out of array read
Fixes: 19263/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5389219325542400
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 32fb9198360402941e49aa878b9d33737b654f62)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6c6ed224b2a72abbda6d862011c9891d233febd4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 8 19:37:46 2019 +0100
avcodec/vc1dec: Limit bits by the actual bitstream size
Fixes: Timeout (350 ->19sec)
Fixes: 19249/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-6566896438870016
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c56a52a82c0a4039e606e82b948a8abfe417f35f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9fe0c879921ab018336da72836a9ebb3c01b2441
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jan 6 01:38:21 2020 +0100
avcodec/vmdaudio: Check block_align more
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 19788/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VMDAUDIO_fuzzer-5743379690553344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 06f6857b54a7fbbd087b0803f75bed44abed50d9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4b0a2a3c639a65c4baeedabfa6fcaaaed95a16a8
Author: Gyan Doshi <ffmpeg at gyani.pro>
Date: Wed Jan 1 12:14:30 2020 +0530
configure: bump year
(cherry picked from commit 7b58702cbdce097f32f62c87cd537ab28c04ffb2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6d5f9c48c259d009bea160bf4c9d045e91bf2926
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jan 4 21:58:28 2020 +0100
avcodec/pgssubdec: Free subtitle on error
Fixes: Assertion failure
Fixes: 19753/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGSSUB_fuzzer-5688461843759104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b0a718923bb4a75b0c1cbf283fb17a319b840346)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7711b699ebe0443c165ef7e9a5c4154915c22107
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 25 21:50:57 2019 +0100
avcodec/ffwavesynth: Fix undefined overflow in wavesynth_synth_sample()
Fixes: signed integer overflow: 2147464192 + 21176 cannot be represented in type 'int'
Fixes: 19042/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5719828090585088
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit fa47f6412dbf93b4865adf8c66618906a3274330)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=099d4baba8a6f4dfcda902efe9ce101d48061f21
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 25 21:39:48 2019 +0100
avcodec/cook: Use 3 stage VLC decoding for channel_coupling
Fixes: shift exponent -1 is negative
Fixes: out of array read
Fixes: 19028/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_COOK_fuzzer-5759766471376896
Fixes: 19037/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_COOK_fuzzer-5734106625474560
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 89fd76db71d9d4f87c51fee2a2edf99662444df7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=163f1a8daba21abf3d8d54f3daa865bff8712a73
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Nov 29 22:45:07 2019 +0100
avcodec/wmalosslessdec: Fixes undefined overflow in dequantization in decode_subframe()
Fixes: signed integer overflow: 47875596 * 45 cannot be represented in type 'int'
Fixes: 19082/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5687766512041984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 53efab44a9d0971c6c12d9b3d1af855ca863c847)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5643b99c10bed4882bd48c9e476814c1f4bd9cb4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Oct 21 23:22:05 2019 +0200
avcodec/sonic: Check e in get_symbol()
Fixes: signed integer overflow: 1721520852 + 1721520852 cannot be represented in type 'int'
Fixes: 18346/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-5709623893426176
Fixes: 18753/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-5663299131932672
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit aea67556116330d3151e4cd3ef1e266b5d90f388)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=62c2b0dbe0e2dd77943eca651ff478a8865b4de1
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Dec 3 19:48:46 2019 +0100
avcodec/twinvqdec: Correct overflow in block align check
Fixes: signed integer overflow: 538976288 * 8 cannot be represented in type 'int'
Fixes: 19126/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TWINVQ_fuzzer-5687464110325760
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4dc93ae3d725e892927f04002021337c2f90252a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=30461ba4834ddf3929f69bd5dce6001317b77d78
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Dec 17 00:04:23 2019 +0100
avcodec/vc1dec: Fix "return -1" cases
Reviewed-by: "mypopy at gmail.com" <mypopy at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 26f040bcb4a1db78d1311af2e69de6984ecb43e5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=83a0f13813ba288b22fc24ec2154080d25543ced
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Dec 16 23:31:22 2019 +0100
avcodec/vc1dec: Free sprite_output_frame on error
Fixes: memleaks
Fixes: 19471/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5688035714269184
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3ee9240be3e4044ae9e60a9a3a68820bf8075299)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=47331a23e1a10316d3ea1863f82e33b6afbb7d76
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 30 16:46:46 2019 +0100
avcodec/wmadec: Keep track of exponent initialization per channel
Fixes: division by 0
Fixes: 19123/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAV2_fuzzer-5655493121146880
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bf5c850b795126d4f60dd9498c06f0492f5726a7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=634a3bb1d0f4c8bfecc6a26b1c7813820cef4ebe
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 30 12:22:25 2019 +0100
avcodec/iff: Check that video_size is large enough for the read parameters
video is allocated before parameters like bpp are read.
Fixes: out of array access
Fixes: 19084/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5718556033679360
Fixes: 19465/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5759908398235648
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f1b97f62f86d5dca35d01d7a5ebbc5dca2a88ae6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bd61ed2c46db44b1a9630118b532744499c40bab
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Nov 21 23:02:56 2019 +0100
avcodec/adpcm: Clip predictor for APC
Fixes: signed integer overflow: -2147483648 - 13 cannot be represented in type 'int'
Fixes: 18893/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_APC_fuzzer-5630760442920960
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9fe07908c3f67d59cf4db5668d61b34506189590)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d2b44d0eac31931c185147c65f96c08f4bda42f5
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Nov 21 22:43:01 2019 +0100
avcodec/targa: Check colors vs. available space
Fixes: Timeout (37sec -> 52ms)
Fixes: 18892/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TARGA_fuzzer-5739537854889984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 01593278cef06dbb4491d50d03b72198d2848adf)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=deedf60480318c4edeee8b5859f930ca52ac71a5
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Oct 1 00:43:03 2019 +0200
avcodec/dstdec: Use get_ur_golomb_jpegls()
Fixes: shift exponent -4 is negative
Fixes: 17793/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DST_fuzzer-5766088435957760
Fixes: 18989/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DST_fuzzer-5175008116867072
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a76690c02b4fd12d7fac6f753af8bad72c82d55c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2ef00e96b4811d79ab3253aa914bea451eee3299
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 23 09:18:12 2019 +0100
avcodec/wmavoice: Check remaining input in parse_packet_header()
Fixes: Infinite loop
Fixes: 18914/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-5731902946541568
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 19c41969b26d07519fff8182a0d3266cdb712078)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0f28c101a72dd0abd5efd8bba037e732a6573c14
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Nov 20 22:05:40 2019 +0100
avcodec/wmalosslessdec: Fix 2 overflows in mclms
Fixes: signed integer overflow: 2038337026 + 109343477 cannot be represented in type 'int'
Fixes: 18886/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5673660505653248
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 92455c8c65c403ea696cb8c63d474d386d631bbd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=204bdb39a07ef93471178f3a500eaa2eea738ccf
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Nov 20 20:34:55 2019 +0100
avcodec/wmaprodec: Fixes integer overflow with 32bit samples
Fixes: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes: 18860/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAPRO_fuzzer-5755223125786624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a9cc69c0d59057ea172a107e0308fdf5fd8fc04e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fc2fa12dbad4cb65cc3d3c7d33726df40381cdf1
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Nov 20 19:13:09 2019 +0100
avcodec/adpcm: Fix invalid shift in xa_decode()
Fixes: left shift of negative value -1
Fixes: 18859/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_XA_fuzzer-5748474213040128
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 50db30b47d016fc4e7b47067545b15d22d4faddf)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4d305cb9e8e0d3d229212711228486d222744f73
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 18 14:22:57 2019 +0100
avcodec/wmalosslessdec: Fix several integer issues
Fixes: shift exponent -1 is negative (and others)
Fixes: 18852/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5660855295541248
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ec3fe67074ad0a6a3a817f6f42175ea63a98092b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e5b6df2eb25c2220507d2bd26bd0ab3b6fd21666
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 18 12:49:25 2019 +0100
avcodec/wmalosslessdec: Check that padding bits is not more than sample bits
Fixes: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes: 18817/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5713317180211200
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9d428265808255ad2fc60355fe641aaa4fd3dae4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c8376d43d211c0fea7c456b81ef3209378168179
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 18 09:45:29 2019 +0100
avcodec/iff: Skip overflowing runs in decode_delta_d()
Fixes: Timeout (107sec - 75ms>
Fixes: 18812/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-6295585225441280
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 185f441ba26a2112725db1e8f218e54ac8068bbb)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9872730c3cbbe168a7c85e4eb70a19a603b4efae
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 14 19:19:57 2019 +0100
avcodec/pnm: Check that the header is not truncated
Fixes: Ticket8430
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c94cb8d9b21baeeecef962c72965dbedc4e0b0e1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=762d17ddac88d400415636f632b942d59181f48c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 14 00:37:27 2019 +0100
avcodec/mp3_header_decompress_bsf: Check sample_rate_index
Fixes: out of array read
Fixes: 19309/clusterfuzz-testcase-minimized-ffmpeg_BSF_MP3_HEADER_DECOMPRESS_fuzzer-5651002950942720
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f064c7c449f162a9011ad890f26ceeca26934d22)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=27153417262cbcc4e4fe37e9a562f74a983ebb7b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Nov 15 23:00:51 2019 +0100
avformat/rmdec: Initialize and sanity check offset in ivr_read_header()
Fixes: signed integer overflow: -9223372036854775808 - 17 cannot be represented in type 'long'
Fixes: 18768/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5674385247830016
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7e665e4a81e2e96eb45138a1dfa38617de2631a4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c61db4d6543adfe37b2393f674f86007750252f0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Nov 14 16:38:36 2019 +0100
avcodec/apedec: Fix 2 integer overflows
Fixes: signed integer overflow: 2119056926 - -134217728 cannot be represented in type 'int'
Fixes: 18728/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5747539563511808
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6e15ba2d1f688c61759001839811b11903de9ce0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=dc0c981850ee1e7daf597825418d18d88b4fb795
Author: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Date: Sun Nov 10 05:07:28 2019 +0100
avformat/id3v2: Fix double-free on error
ff_id3v2_parse_priv_dict() uses av_dict_set() with the flags
AV_DICT_DONT_STRDUP_KEY and AV_DICT_DONT_STRDUP_VAL. In this case both
key and value are freed on error (and owned by the destination
dictionary on success), so that freeing them again on error is a
double-free and therefore forbidden. But it nevertheless happened.
Fixes CID 1452489 and 1452421.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 67d4940a7795aa3afc8d1e624de33b030e0be51e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=046e053272f8e3cd86a4c12decd847d44ed8f18c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 12 20:25:00 2019 +0100
avcodec/wmaprodec: Set packet_loss when we error out on a sanity check
Fixes: left shift of negative value -34
Fixes: 18719/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAPRO_fuzzer-5642658173419520
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a9cbd25d89dbdf72f7b616fdf672d7da36143cfe)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d4af9987cf1943d182b62d37b099694cf3cce371
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 12 20:06:35 2019 +0100
avcodec/wmaprodec: Check offset
Fixes: index 33280 out of bounds for type 'float [32768]'
Fixes: 18718/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XMA2_fuzzer-5635373899710464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5473c7825ea627a115155313a56a907d67a0d0c1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d35091e6fedceadfdd14ef13485e91b1b1a8cd06
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 12 18:47:52 2019 +0100
avcodec/truemotion2: Fix 2 integer overflows in tm2_low_res_block()
Fixes: signed integer overflow: 1778647621 + 574372924 cannot be represented in type 'int'
Fixes: 18692/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-6248679635943424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 93d52a181ec050d3a4fb68f526604d39cd006be5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=724e1f89b623b43006f92c8275dc247d582f2936
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 12 18:39:08 2019 +0100
avcodec/wmaprodec: Check if the channel sum of all internal contexts match the external
Fixes: NULL pointer dereference
Fixes: 18689/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XMA1_fuzzer-5715114640015360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 090ac5799751c6f52358da4e5201a3845760db93)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=027fd7079f9ac90511544a756ad235c9287315dc
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 9 21:19:24 2019 +0100
avcodec/g729dec: require buf_size to be non 0
The 0 case was added with the support for multiple packets. It
appears unintended and causes extra complexity and out of array
accesses (though within padding)
No testcase
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f64be9da4c8b16071ec84056a61d1fc0d5d6728c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=17152cc43a05ed0f9f13428c60b7cb13b6d94062
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Nov 8 20:40:46 2019 +0100
avcodec/alac: Fix integer overflow in lpc_prediction() with sign
Fixes: signed integer overflow: -2147483648 * -1 cannot be represented in type 'int'
Fixes: 18643/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5672182449700864
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7686ba1f149a94c3bac235589de8aa8db92be4e5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0d4c8bd5d38cad101ded7cad6162b645189a82e3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Nov 8 19:20:31 2019 +0100
avcodec/wmaprodec: Fix buflen computation in save_bits()
Fixes: Assertion failure
Fixes: 18630/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAPRO_fuzzer-5201588654440448
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 589cb44498b5e9683c95746255a2abd6d1e74f94)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=09afd4e02b0972b2783193b222e7c2557ed3466c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Nov 8 18:31:02 2019 +0100
avcodec/vc1_block: Fix integer overflow in AC rescaling in vc1_decode_i_block_adv()
Fixes: signed integer overflow: 50176 * 262144 cannot be represented in type 'int'
Fixes: 18629/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5182370286403584
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0e010e489b70c044a67c47083cf8eb03209ee89f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=74dd55bc0bf5cb54056d0aaf8b179ce7561aed5b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Nov 8 17:28:27 2019 +0100
avcodec/vmdaudio: Check chunk counts to avoid integer overflow
Fixes: signed integer overflow: 4 * 538976288 cannot be represented in type 'int'
Fixes: 18622/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VMDAUDIO_fuzzer-5092166174507008
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 47d963335eb2c36c0e6615d7971c762458e813dd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e83b5851601af4603a895dd4b734124dbcd2dda7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Oct 31 13:32:55 2019 +0100
avformat/mxfdec: Clear metadata_sets_count in mxf_read_close()
This avoids problems if the function is called twice
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 13816a1d085fdb6598ea6dc92ed3a1e6aff0cc1f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=03504fe94f877acc008ba0914370f979ce2039d4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 23 09:29:58 2019 +0100
avcodec/nuv: Use ff_set_dimensions()
Fixes: OOM
Fixes: 18956/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NUV_fuzzer-5766505644163072
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1ca978d6366f3c7d7df6b3d50566e892f8da605a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8aef56ca7c66dff2e68bed22ec931ae625aa8b94
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 5 22:11:52 2019 +0100
avcodec/ffwavesynth: Fix integer overflow with pink_ts_cur/next
Fixes: signed integer overflow: 6175076100092079360 - -5034989061050195840 cannot be represented in type 'long'
Fixes: 18614/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5704508847423488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit d82ab96e76bfec6568d059df7c8591dda4317c62)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f1e69e4d31174b7c87d1fecedc7b80a543ad0b19
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 5 22:27:04 2019 +0100
avcodec/ralf: Fix integer overflows with the filter coefficient in decode_channel()
Fixes: signed integer overflow: 1145975808 - -1146173210 cannot be represented in type 'int'
Fixes: 18616/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5121296757424128
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 721624c2f67545989626ba4413f7b8dbd7dff678)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=64d4c90723b0af8b7f3bfcb54289cbceaf01c2c3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 5 23:28:35 2019 +0100
avcodec/g729dec: Use 64bit and clip in scalar product
The G729 reference decoder clips after each individual operation and keeps track if overflow
occurred (in the fixed point implementation), this here is
simpler and faster but not 1:1 the same what the reference does.
Non fuzzed samples which trigger any such overflow are welcome, so
the need and impact of different clipping solutions can be evaluated.
Fixes: signed integer overflow: 1271483721 + 1073676289 cannot be represented in type 'int'
Fixes: 18617/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ACELP_KELVIN_fuzzer-5137705679978496
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bf9c4a12750e593d753011166b066efce208d9e0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c6dfec88abbf30941176be10bee86fb78d1d0efe
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Nov 3 12:20:14 2019 +0100
avcodec/mxpegdec: Check for multiple SOF
Fixes: Timeout (14sec -> 9ms)
Fixes: 18598/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-5726095261564928
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 75b64e5aa36e7796a0460415a1f3fd7372029525)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=705a4bb98a826466adc8c6a4f2f15f2cdd05ee5c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 2 14:14:44 2019 +0100
avcodec/nuv: Move comptype check up
Fixes: Timeout (23sec -> 5ms)
Fixes: 18517/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NUV_fuzzer-5753135536013312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1138cdecbe0164ab1f07768418e794fddfdc636d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=763427d44b944db52ab59c659e21c975f3c29068
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 2 15:15:46 2019 +0100
avcodec/wmavoice: Fix integer overflow in synth_frame()
Fixes: left shift of negative value -3
Fixes: 18518/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-6560514359951360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit cf323f4d38f5756ecdb8fb4f72c80a8069da832e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=460dc59b2808892b9fefb569b8340719fea5052c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Oct 20 23:02:27 2019 +0200
avcodec/rawdec: Check bits_per_coded_sample more pedantically for 16bit cases
Fixes: shift exponent -14 is negative
Fixes: 18335/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RAWVIDEO_fuzzer-5723267192586240
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5634e2052533fcce46f20c2720b0c8d5f55143ce)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e24195a9cc4b1fe1aca0f2f49642b519516ca8d2
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Oct 19 21:27:41 2019 +0200
avutil/lfg: Correct index increment type to avoid undefined behavior
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 18333/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_COMFORTNOISE_fuzzer-5668481831272448
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6014bcf1b74e903f535461ade4aa5fb44dbf5d8b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=38a57d81b3d88bef4e941a5c5d9877530296b620
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Oct 19 21:58:26 2019 +0200
avcodec/cngdec: Remove AV_CODEC_CAP_DELAY
As is the decoder will never stop, it will cause an infinite loop. The RFC seems only
to speak of non empty packets so endlessly generating noise from the last empty flush
packets seems wrong.
Fixes: infinite loop
Fixes: 18333/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_COMFORTNOISE_fuzzer-5668481831272448
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 327a968817a366c24d1513526258a3dbbcf888a7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
More information about the ffmpeg-cvslog
mailing list