[FFmpeg-cvslog] New commits on branch release/3.4
Git System
git at videolan.org
Thu Jul 2 23:07:38 EEST 2020
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5b8e98c0d56703ea1adb8622389ff54df14b7db1
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jul 1 21:27:23 2020 +0200
avcodec/dstdec: Replace AC overread check by sample rate check
Real files do skip coding 0 bits at the end, thus this kind of check
does not work reliable.
Fixes: Ticket 8770
Fixes: dst-256fs44-6ch-refdstencoder.dff
The samplerate is specified in ISO/IEC 14496-3:2005(E) as one of 3 fixed
values, this also can be used to limit the duration and avoid the timeout
This reverts commit f6df99dba1ae64b05d08fba8160d13eb9795042f.
(cherry picked from commit 1679f23beb3cfc3639352b3cbe7c08c00189c6b0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2a4edfd64c07d925770977693717ebd83183dd27
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 21 12:24:04 2020 +0200
avformat/utils: reorder duration computation to avoid overflow
Fixes: signed integer overflow: 8 * 9223372036854774783 cannot be represented in type 'long'
Fixes: 23381/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-4818340509122560
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 10cc82c35baabbb07ffec3faccb04d8928c39e4c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6674fb44f109ce022f5afa7092e156a95502194d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jun 25 19:22:01 2020 +0200
avcodec/pngdec: Check for fctl after idat
Fixes: out of array access
Fixes: 23554/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-4796622520451072.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 65b1ba680fb67902a9c876a49d0146eaae5a1c3d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=21ce988f98f2399b8919a8a425d467da682a29a7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jun 29 19:49:41 2020 +0200
avformat/hls: Pass a copy of the URL for probing
The segments / url can be modified by the io read when reloading
This may be an alternative or additional fix for Ticket8673
as a further alternative the reload stuff could be disabled during
probing
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b5e39880fb7269b1b3577cee288e06aa3dc1dfa2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bd09c9d46c70ef94d34c91f502326853d3f741ab
Author: Steven Liu <lq at chinaffmpeg.org>
Date: Fri May 29 11:39:05 2020 +0800
avformat/hls: check segment duration value of EXTINF
fix ticket: 8673
set the default EXTINF duration to 1ms if duration is smaller than 1ms
Signed-off-by: Steven Liu <lq at chinaffmpeg.org>
(cherry picked from commit 9dfb19baeb86a8bb02c53a441682c6e9a6e104cc)
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=12c61c2fda31ee772823556230201e8a7b76ec46
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 28 00:21:09 2020 +0200
avutil/common: Fix integer overflow in av_ceil_log2_c()
Fixes: left shift of 1913647649 by 1 places cannot be represented in type 'int'
Fixes: 23572/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5082619795734528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e409262837712016097c187e97bf99aadf6a4cdf)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f8f2629b4e0dc2b1bdf80e08f6af475992284105
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 28 00:10:19 2020 +0200
avcodec/wmalosslessdec: fix overflow with pred in revert_cdlms
Fixes: signed integer overflow: 2048 + 2147483646 cannot be represented in type 'int'
Fixes: 23538/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5227567073460224
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 21598d711d894081d0566282473044ba4f378f33)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9953671609f7d7f4b3ae0d8152d814c5f74d141e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 23 01:01:53 2020 +0200
avformat/mvdec: Fix integer overflow with billions of channels
Fixes: signed integer overflow: 1394614304 * 2 cannot be represented in type 'int'
Fixes: 23491/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5697377020411904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b6fbbe08c325415cc784df296058beb6604f0b9c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3d888131d1892427e26a8fbb1eeb4758c8a30b33
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 23 01:43:14 2020 +0200
avformat/microdvddec: skip malformed lines without frame number.
Fixes: signed integer overflow: 1 - -9223372036854775808 cannot be represented in type 'long'
Fixes: 23490/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5133490093031424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george at nsup.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a8fb7612a97530bdd0b2549dacf91dcf71a3187a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=73a41531e562b4f0a0a74ab0d0ef23eb3bc3cb36
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 14 19:45:05 2020 +0200
avformat/mxfdec: free duplicated utf16 strings
Fixes: memleak
Fixes: 23415/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5124814510751744
Suggested-by: Marton Balint <cus at passwd.hu>
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0aa2768cb275bda9e9e1331ed95adc7cd686eafe)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2e3f6afda52d599e70a5b0a29d4d22857054f32a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 14 19:51:23 2020 +0200
avformat/4xm: Check that a video stream was created before returning packets for it
Fixes: assertion failure
Fixes: 23434/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5227750851084288.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c517c3f4741b6897ea952d1fba199c93c5217cfe)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bd103bd3feee6f0ffaa76975e86712ac7ed06d3e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jun 13 21:47:03 2020 +0200
avcodec/ffwavesynth: Avoid undefined operation on ts overflow
Alternatively these conditions could be treated as errors
Fixes: 23147/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5639254549200896
Fixes: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'int64_t' (aka 'long')
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 584d334afd59714ed04637a9227a4f1368c26166)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d9629dcd5d0a445f1a012f357e7eb45d14b63f09
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jun 11 22:22:57 2020 +0200
avcodec/mpeg4videodec: Fix 2 integer overflows in get_amv()
Fixes: signed integer overflow: -144876608 * 16 cannot be represented in type 'int'
Fixes: 22782/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-6039584977977344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e361785ee05cc75d3caacf2f254160b0336f5358)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b27f5309167234baa45b6979aab7d9e9ab97a1c3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 7 19:24:10 2020 +0200
avcodec/lossless_audiodsp: Fix undefined overflows in scalarproduct_and_madd_int16_c()
Fixes: signed integer overflow: 2142077091 + 6881070 cannot be represented in type 'int'
Fixes: 22737/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5958388889681920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c0dfe134beefde4070d43910518b1f4a58f01794)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=78c0117119a9fbd35ecd366d2e9b85a49d6b5261
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Feb 20 19:56:39 2020 +0100
avcodec/sonic: Fix several integer overflows
Fixes: signed integer overflow: 2129689466 + 2129689466 cannot be represented in type 'int'
Fixes: 20715/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-5155263109922816
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 75d520e33704447f1b29ac47fd9e40994a6bc659)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2f25de29cf4dcde2a03973542effcc16f55c0071
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jun 13 11:21:52 2020 +0200
avcodec/pixlet: Fix log(0) check
Fixes: passing zero to clz(), which is not a valid argument
Fixes: 23337/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PIXLET_fuzzer-5179131989065728
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bd0f81526d3f4c23ecd0a399829103be2445c011)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=91f56dc64738c17d694b817a6f08db3966766446
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jun 13 10:48:14 2020 +0200
avcodec/iff: Fix off by x error
Fixes: out of array access
Fixes: 23245/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5723121327013888.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 51225dee0a6266780d26d43bd6802bbcf736327e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=58997137b42db3df4fa0a201646ab544d4e02977
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 9 22:11:23 2020 +0200
avcodec/wmalosslessdec: Check block_align maximum
Fixes: Assertion failure
Fixes: 22737/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5958388889681920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 314d10f7a60f1786c85da30a569be61e2b906fef)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9765341d648ad24fc598d838a5c140ec673e479c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jun 9 22:14:59 2020 +0200
avcodec/loco: Fix signed integer overflow in loco_get_rice()
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 22975/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LOCO_fuzzer-5658160970072064
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit aa88cdfd90f5da0683cd6556c75a5ba5740a1c27)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=685a7d671888570dc06d6f60402803d4b059a1aa
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jun 8 09:28:55 2020 +0200
avformat/thp: Check fps
Fixes: division by zero
Fixes: 23162/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-4856420817436672
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0e15b01b4e463d12128db2c15de7741637548347)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=54b8ce27f45cea0e82f2b13a52f276f8ad26b432
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jun 8 09:47:41 2020 +0200
avformat/mpl2dec: Fix integer overflow with duration
Fixes: signed integer overflow: 9223372036854775807 - -1 cannot be represented in type 'long'
Fixes: 23167/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6425051741290496
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9a42a67c5ca198a3879b7f3663cc44ccbcaf0bd3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=248048d53f497cff9bb419a9bd400716a70cfc51
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jun 6 19:42:07 2020 +0200
avcodec/mpeg12dec: remove outdated comments
Found-by: Kieran
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 48de8f5816aa54dc584aeb2dbbf63a0e880279e2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=06298dbe8f8739e26cc9830ac9ea1de1877b0fa5
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jun 6 17:45:39 2020 +0200
avcodec/snowdec: Avoid integer overflow with huge qlog
Fixes: integer overflow
Fixes: 22285/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-5682428762128384
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 38fbf33c7255b503453052c32ab5ae4fb151b29e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=39a986a5c2c171adf574e98c63fddd0bf2238c73
Author: Dale Curtis <dalecurtis at chromium.org>
Date: Thu May 14 14:38:07 2020 -0700
avformat/mov: Check if DTS is AV_NOPTS_VALUE in mov_find_next_sample().
Signed-off-by: Dale Curtis <dalecurtis at chromium.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bf446711bc8b7f316771870b8d4dc4dd65f5d94b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e30f9de0877e3ce4b63ee6377090eec426898200
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu May 28 00:19:56 2020 +0200
avcodec/mpeg12dec: Fix got_output
This makes got_output consistent with the code in slice_end() which sets the output
in slice_end()
if (s->pict_type == AV_PICTURE_TYPE_B || s->low_delay) {
int ret = av_frame_ref(pict, s->current_picture_ptr->f);
...
} else {
Fixes: assertion failure
Fixes: 22178/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-5664234440753152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4f33a9803a3068ce2d52289fc1db60375dc8b7a5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=794d40a500ced454f6fad322b83b4454e7d5b2ea
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jun 7 21:35:43 2020 +0200
avformat/4xm: Cleanup on GET_LIST_HEADER() failure
Fixes: memleak
Fixes: 23142/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5932860820422656
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a5313ce6542a4ee4112acd260e59bff698f3dddd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7ba0435959d95212bd673a0ba3dd6dc89923035a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu May 28 18:08:57 2020 +0200
avcodec/lzf: Consider the needed size in reallocation
Fixes: NULL pointer dereference
Fixes: 22381/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NOTCHLC_fuzzer-5659879921680384.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 292b9b93a50aa0622e33013de9f2ddc130bef671)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=97181789302302cac633ecb303cc59f88ae8f594
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 31 14:30:43 2020 +0200
avformat/mlvdec: fail reading a packet with 0 streams
Fixes: NULL pointer dereference
Fixes: 22604/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5667739074297856.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5bd5c3108786bf69f108c55c375f1956f67ca7a4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d46f466bb7041de84834aac5f1cb210ca3abd1b8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 31 14:24:04 2020 +0200
avformat/thp: Check compcount
Fixes: out of array access
Fixes: 22520/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5100297658826752
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1ba8484559661dfdbca36dbc17b203f33f62e26c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=33b0592bfe3b74136285eab01b07be6c05bc0036
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 31 14:59:02 2020 +0200
avcodec/adpcm: XA: Check shift similar to filter
Fixes: negative shift
Fixes: 22499/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_XA_fuzzer-5765452130418688
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6d96bae9c480e020e9f51fabd5642d7ae6020943)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2f51ee968cd821ee170b59333366cbcf2d28241a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jun 5 22:05:27 2020 +0200
avcodec/huffyuvdec: Test vertical coordinate more often
Fixes: out of array access
Fixes: 22892/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HYMT_fuzzer-5135996772679680.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a1223ddc5692772198a02600ecff2545f32b37be)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6f6066ef09ae7798e21673e42185419da0fd732b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat May 30 00:43:46 2020 +0200
avcodec/hq_hqa: Check info size
Fixes: assertion failure
Fixes: 21079/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HQ_HQA_fuzzer-5737046523248640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit cf28521fee22dbe2f7eeb8ab0306c0fd0802c48a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=762daa3975de652731dacfc2298d2276a50efbba
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat May 23 22:02:56 2020 +0200
avcodec/wmalosslessdec: Fix integer overflow in mclms_predict()
Fixes: signed integer overflow: 2147483636 + 2048 cannot be represented in type 'int'
Fixes: 22016/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5109395618004992
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c42ed06695848617350a94543823e850f190b3ab)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0f39caec999ff7ee4a3c55df39ec98491e84e462
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 24 00:24:40 2020 +0200
avcodec/vp9dsp_template: Fix integer overflow(s) in iadst16_1d()
Fixes: signed integer overflow: 1080285923 - -1130879337 cannot be represented in type 'int'
Fixes: 22002/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP9_fuzzer-6260237310099456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 071e2937236945c168ab99d3e3b01539194466dd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d36e98b072bbe10cd5a74dc08357f19e1ab90719
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu May 28 14:33:58 2020 +0200
avcodec/h264dec: Disable forced small_padding on flag2 fast
Fixes: 20978/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5746381832847360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d08b1cec2cb7bdc4cb09523790d734bf56d105f5
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 19 17:05:52 2020 +0200
avformat/oggparsevorbis: Error out on double init of vp
Fixes: memleak
Fixes: 19949/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5743636058210304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2a3bbc0086aa608cc0465dd14901178d41cfe113)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=979800019983cd398eee78dda0f2cfd4890e933e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat May 16 00:31:23 2020 +0200
avcodec/pnmdec: Use unsigned for maxval rescaling
Fixes: signed integer overflow: 65535 * 55335 cannot be represented in type 'int'
Fixes: 21955/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGMYUV_fuzzer-5669206981083136
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 49459aca47d4803b2188fbf12b758bd2b01e91d7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f56853057388f3e0b0550aee2c32a05c332ea08a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed May 13 00:11:37 2020 +0200
avcodec/ivi: Clear got_p_frame before decoding a new frame using it
Fixes: assertion failure
Fixes: 21666/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-5706468994318336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1d633e6a0a61118c9b2d1785d96bdebaa8c38592)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e1f9f5168b6d0ac7dfb7890d61298be226e9af85
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon May 4 00:04:49 2020 +0200
avcodec/dsddec: Check channels
Fixes: division by zero
Fixes: 21677/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DSD_MSBF_fuzzer-5712547983654912
Fixes: 21751/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DSD_LSBF_fuzzer-5197097180856320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2570a8777e7095358b10f679d35641e114a2ab33)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a8b61aaa115128f2c0fcdcd9535b9921dd5ef99b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat May 2 21:25:17 2020 +0200
avcodec/xvididct: Fix integer overflow in idct_row()
Fixes: signed integer overflow: -1238335488 + -1003634688 cannot be represented in type 'int'
Fixes: 21649/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5112005765890048
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 620236e4d2ac46821911b99fa4551868675d4ed9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=af354a91d33dbf4e18f0a82d317efe504bc3386b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 26 21:19:13 2020 +0200
avcodec/wmalosslessdec: Fix integer overflows in revert_inter_ch_decorr()
Fixes: signed integer overflow: -717241856 + -1434459904 cannot be represented in type 'int'
Fixes: 21405/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5677143666458624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e9a4c4fe9918220be492a4a9d74c2293fd706be3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=738e284ff9b53523e467baff8c7eb8c3b1caa447
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 16 18:51:52 2020 +0100
avformat/mpegenc: Fix integer overflow with AV_NOPTS_VALUE
Fixes: signed integer overflow: -9223372036854775808 - 45000 cannot be represented in type 'long'
Fixes: ticket8187
Found-by: Suhwan
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9874815b1aadadd7fd19aa6aabb7d9193f2f43d5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4dd9ae41a2e447e43b89dd814e470215eb20c179
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 16 18:32:31 2020 +0100
avformat/swfenc: Fix integer overflow in frame rate handling
Fixes: signed integer overflow: 30000299 * 256 cannot be represented in type 'int'
Fixes: ticket8184
Found-by: Suhwan
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 31f956acadd994b8c4e22b714aaffee0f527c827)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=42d2468ce4d3e711bf8dc0944eb1f70b767a0d9e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 7 12:04:25 2020 +0200
avformat/aadec: Check toc_size to contain the minimum to demuxer uses
Fixes: out of array access
Fixes: stack-buffer-overflow-READ-0x0831fff1
Found-by: GalyCannon <galycannon at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit daa2482871dffa9af12fa6d874a3d2dedd73f42e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c9672ca36330751f6c7455965d61634a94328fe0
Author: Dale Curtis <dalecurtis at chromium.org>
Date: Thu May 14 15:31:55 2020 -0700
avformat/mov: Don't allow negative sample sizes.
Signed-off-by: Dale Curtis <dalecurtis at chromium.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2d8d554f15a7a27cfeca81467cc9341a86f784e2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=34c4c9114cc718ab7371ca2cdd2c7bb1115cb18e
Author: Vitaly Buka <vitalybuka-at-google.com at ffmpeg.org>
Date: Tue Apr 21 21:34:19 2020 -0700
mpeg4videoenc: Don't crash with -fsanitize=bounds
Also the patch makes this code consistent with mpeg4videodec.c
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f163d30de2090a7275f1fb8ad69258576f12c1a2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=57ef3712d7a7197938a7ccc238769f8abb63c99f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu May 7 12:38:26 2020 +0200
avformat/mpegts: Shuffle avio_seek
This avoids accessing an old, no longer valid buffer.
Fixes: out of array access
Fixes: crash_audio-2020
Found-by: le wu <shoulewoba at gmail.com>
Reviewed-by: Marton Balint <cus at passwd.hu>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit cd74af14162c803f18e90bb12b52135e893d990c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4077647a8f9fd9c0a6622bf13bc35138c7dfcd4a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 19 17:05:53 2020 +0200
avcodec/binkaudio: Fix 2Ghz sample_rate
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 19950/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BINKAUDIO_DCT_fuzzer-5765514337189888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Suggested-by: Paul
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f603d10b1e6bb2fbf4dcccc43d3ea2fb911b36ba)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5e4238c3fd5f00df72766db772a77923b531c475
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Feb 12 21:30:08 2020 +0100
avcodec/adpcm: Fix integer overflow in ADPCM THP
The reference (thp.txt) uses floats so wrap around would seem incorrect.
Fixes: signed integer overflow: 1073741824 + 1073741824 cannot be represented in type 'int'
Fixes: 20658/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_THP_fuzzer-5646302555930624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b12b05374f7025167e2c43449ceb8ba3f0a6083f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=68ecaacbac77c2fe80f5bebfa11445f982fe7492
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon May 11 22:17:43 2020 +0200
avcodec/ralf: Check num_blocks before use
Fixes: out of array access
Fixes: 20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5739471895265280
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f0c0471075fe52ed31c46e038df4280aef5b67a1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9aaf2c77dbd245b6796c54100e13f59dcf625a7c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon May 11 21:18:58 2020 +0200
avcodec/iff: Test video_size being non zero
Fixes: Out of array access
Fixes: 20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5658548592967680
Fixes: 20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5723561177382912
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a035fd88ae7341a05c01f3b393921933e4ea9665)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=15062f646646487cb756edcb0fd76b0d67bf2b1b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 21:16:59 2020 +0200
avcodec/utvideodec: Fix integer overflow in decode_plane()
Fixes: signed integer overflow: 2147483594 + 142 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_UTVIDEO_fuzzer-5658568101724160
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 876cfa67f37e944b0f42cb67b2de4e2e06f52e82)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8858e92b7a1d3f51f488790fc0d370c27da7b22c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 21:12:22 2020 +0200
avcodec/ttadsp: Fix several integer overflows in tta_filter_process_c()
Fixes: signed integer overflow: 1931744255 + 252497024 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TTA_fuzzer-5763348114440192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8627885172cc54db95f86529d134308d4d095054)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=14b955ba85aa870c3db0074e78515a05a6f77100
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 20:15:11 2020 +0200
avcodec/ralf: Fix integer overflow in decode_block()
Fixes: signed integer overflow: 289082077 - -2003141111 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5196077752123392
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0c4330847c104fcf3ef929c1acee33b5b34c20db)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1ddde7f986f3f210debe5a79a7013a9b58acabf0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 19:09:47 2020 +0200
avcodec/nuv: widen buf_size type
Fixes: signed integer overflow: 65312 * 65312 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NUV_fuzzer-5740176118906880
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1ac106bf5625de6aec31a34319298032e988f349)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=926bec89cc8b4ab2b0a50b74b8d5c9215231dd52
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 12:04:05 2020 +0200
avcodec/iff: Fix several integer overflows
Fixes: negation of -2147483648 cannot be represented in type 'int32_t' (aka 'int'); cast to an unsigned type to negate this value to itself
Fixes: signed integer overflow: -2147483648 - 1 cannot be represented in type 'int32_t' (aka 'int')
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5764066459254784
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7a92147f87129851c1cc2c15f4ba714b8cf23f71)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c7d003e0b7e362d45ac9b53d7aaab1eb2719d1af
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 11:34:53 2020 +0200
avcodec/g729postfilter: Clip gain before scaling with AGC_FAC1
The fixed point integer reference specifies the multiplication used
to have 16bit input and clips so we need to clip the input
The floating point implementation does not seem to do that.
Fixes: signed integer overflow: 6317568 * 410 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G729_fuzzer-5700189272932352
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 82d4c7b95ed98d38aa834ef5a8fb1d2ef3901698)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1974e661b05d7ac7c3962e7ac034c688ce665b88
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 10 11:08:28 2020 +0200
avcodec/alac: Fix integer overflow with 24/20bps samples
Fixes: signed integer overflow: 1020048 * 4096 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5753877751660544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 22e51e95ac97864b3d7b21124eaf8fcce147f61e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3168a4aeea7aa3202a8c708c9886dacf9f9cc730
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Feb 13 20:56:56 2020 +0100
avcodec/dstdec: Check sample rate
Fixes: out of array access
Fixes: 20659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DST_fuzzer-5735812071424000
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5727b1f13f36c4db30d5d0de51640f740edf01e8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f698ec9a2398e5ffd16090d3ad59f9463fdec467
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Apr 15 20:27:27 2020 +0200
avformat/thp: Require a video stream
The demuxer code assumes the existence of a video stream
Fixes: assertion failure
Fixes: 21512/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5699660783288320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 97c78caf3e8f7ec4df3d3123b5e8d0e7541319e6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d98833eb792f884b7a8e4f78351824c5059efb7c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 14 00:03:30 2020 +0200
avformat/mpeg: Decrease score by 1 for files with very little valid data
Fixes: 8233/PPY6574574605_cut.mp3
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 20f7b4dfc9640c910655bd153c6996e9edd42ff0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=997d5b45b58ddb8acdc0cec3e216b238eeb08105
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 7 19:29:44 2020 +0200
avcodec/pngdec: Check length in fdAT
Fixes: 21089/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APNG_fuzzer-5135981419429888
Fixes: out of array read
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 79e5c2ee2bbdf462cabd2113c723dfb613d735c2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=77751f605383b9af212bce74c62a6d81c4837b61
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 5 22:58:29 2020 +0200
avcodec/g2meet: Check tile_width in epic_jb_decode_tile()
Fixes: out of array access
Fixes: 21469/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G2M_fuzzer-5199357982015488
Alternatively the arrays can be made bigger or the index can be clipped.
In case a real file with such huge tiles exist we ask the user to upload it.
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5501bb28ddfa6441dcbf8ea0a964a13aa33f66fe)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=264f478274e784aeccd64e639585989def31b3fa
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 11 22:58:08 2020 +0100
avcodec/vp9dsp_template: Fix integer overflows in idct32_1d()
Fixes: signed integer overflow: -193177 * 11585 cannot be represented in type 'int'
Fixes: 20557/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP9_fuzzer-5704852816789504
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e16e3e63f0a96b4e0ec32972c975bc0e339a49d1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9ee52de7af57c9da24f20e1383dfbe372233730e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 26 19:29:39 2020 +0200
avcodec/alacdsp: Fix invalid shift in append_extra_bits()
Fixes: left shift of negative value -1
Fixes: 21390/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-6242539519868928
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 49ae034b42234486712a02f9b00253a0975cea02)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6feb24a33699d47d8a748047ed6d0d5fd2194719
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 9 18:09:24 2020 +0100
libavcodec/wmalosslessdec: prevent sum of positive numbers from becoming negative
Fixes: left shift of negative value -8321365
Fixes: 20506/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-4798062906310656
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 62e4003780cad60ac1371fef892da08c27069964)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0e7a8c9665bcef96a084c7118c11773e034872f7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 9 00:23:14 2020 +0100
avcodec/dstdec: Fix integer overflow in read_table()
Fixes: signed integer overflow: -16 * 134217879 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DST_fuzzer-5639509530378240
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2d465a401dd790e2ca126ecb9cbda43f898a492f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=53b2e3268833faa4a0d81fa6fd7bb3164e36ad6f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 18 23:14:16 2020 +0100
avcodec/txd: Check for input size against the header size.
Fixes: Timeout (21sec -> 80ms)
Fixes: 20673/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TXD_fuzzer-5177453863763968
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit aeb4e435847e0c970bcb1a835fe5eda17a4e1ce3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=96d4183cd292f7908b9f5ddde68cf82491772363
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 18 23:28:33 2020 +0100
avcodec/svq1dec: Check that there is data left after the header
Fixes: Timeout (21sec -> 255ms)
Fixes: 20709/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SVQ1_fuzzer-5085075089915904
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 55e344ee5aa6f6e04e50bbac457e0ca53433ab75)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=90cbc65f4fe9155b7d8e9d76593426574895ed0f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Feb 6 00:33:40 2020 +0100
avcodec/intrax8: Check for end of bitstream in ff_intrax8_decode_picture()
Fixes: Timeout (105sec -> 1sec)
Fixes: 20479/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-5769846937878528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0a9ccc2514da82812584b0e49a30625151d225e9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9ce7c9c463b3f912b234af3dbfe1b4b46c4b443a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Apr 19 18:24:55 2020 +0200
avcodec/hevc_mp4toannexb_bsf: Check nalu_size
Fixes: Timeout (29sec -> 5ms)
Fixes: 20237/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_MP4TOANNEXB_fuzzer-5165615044362240
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ae2537f53e8ebfa36345241b5b70c0b1aef66dd2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2f1bf3452262311f58f68bd15e468509fe72e511
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 21 00:03:40 2020 +0200
avcodec/iff: Check length before memcpy() in decode_deep_rle32()
Fixes: out of array read
Fixes: 20796/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5111364702175232.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b4a33387cb1cd3f4c5036e65e0fdd953c6b5012f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e038ecf7076746752d76f4049968eae646dd830c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Apr 21 00:03:39 2020 +0200
avcodec/iff: Fix invalid pointer intermediates in decode_deep_rle32()
Reviewed-by: Peter Ross <pross at xvid.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bc41a29a5aa3c3dedba0a85b4aeb79a07eeeb1b4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f0f164f8c535d8785b7d44a6f95f1aa4c8aefa13
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Apr 18 01:48:47 2020 +0200
avcodec/pngdec: Pass ret from decode_iccp_chunk()
Found while reviewing a patch fixing a similar issue
Reviewed-by: Anton Khirnov <anton at khirnov.net>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4c7bcaa385e5e5fda0084de2fb823ac25c0deba0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4e4fc148d06c7c9137d6c176b04694cdd821c532
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 2 21:01:12 2020 +0100
avcodec/rv40dsp: Fix integer overflows in rv40_weight_func_*()
Fixes: signed integer overflow: 40550400 * 128 cannot be represented in type 'int'
Fixes: 20331/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RV40_fuzzer-5676685725007872
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 13171ad2e304b2a7d959429527b98c68ec5ea320)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5c1985f22b7320064e977a3825df24240b88451f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 1 21:25:33 2020 +0100
avcodec/ac3dec_fixed: Fix several invalid left shifts in scale_coefs()
Fixes: left shift of negative value -14336
Fixes: 20298/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AC3_FIXED_fuzzer-5675484201615360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8e30502abe62f741cfef1e7b75048ae86a99a50f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=725a2495f80ff00e678ac0a029f8e93d5b712fc8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Feb 3 23:20:23 2020 +0100
avcodec/flac_parser: Do not lose header count in find_headers_search()
Fixes: Timeout
Fixes: out of array access
Fixes: 20274/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLAC_fuzzer-5649631988154368
Fixes: 19275/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLAC_fuzzer-5757535722405888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 55f9683cf6be97f4b398a7a35ee5bfd1208ac2a5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4eccd918994d4e2f15b7d38eccb2b2823e7f0bae
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 2 20:02:55 2020 +0100
avcodec/audiodsp: Fix integer overflow in scalarproduct_int16_c()
Fixes: signed integer overflow: 2145417478 + 76702564 cannot be represented in type 'int'
Fixes: 20313/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RA_144_fuzzer-5734487724130304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit abb5762e985f4ce34e97c1b2fa6d1108ce8a881f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e0c13429cacb4d1510081c0153703ff688ced7c3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Apr 1 20:58:52 2020 +0200
avformat/oggdec: Check for EOF after page header
Fixes: Infinite loop
Fixes: Ticket8594
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f1589be9fda00c417f9bcccb55dbbea998ee08ac)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3a53f3795084afef052ca46beb51b83ffc89b988
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Apr 2 22:38:46 2020 +0200
swscale/yuv2rgb: Fix vertical dither offset with slices
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit be3c29e3795cb2499e3b96335286d6a8423c0bcf)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=63c6e55edf231c2ad4915bad43f862da8be9e0e7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Apr 9 15:37:55 2020 +0200
avcodec/dpcm: clip exponent into supported range in XAN DPCM
Fixes: shift exponent 32 is too large for 32-bit type 'int'
Fixes: 21200/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XAN_DPCM_fuzzer-5754704894361600
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Anton Khirnov <anton at khirnov.net>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 20ade59d9633def4ebf84ec170f56367bfb6aa6c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bc624d1853182e16c8704c67d51ea88826a23e4b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 1 22:52:13 2020 +0100
avcodec/flacdsp_template: Fix invalid shifts in decorrelate
Fixes: left shift of negative value -2
Fixes: 20303/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLAC_fuzzer-5096829297623040
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3935c891e96c0819439da43d1b862652bbbdf065)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a8ba25defd34795f46ab7034412ae96f00648894
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jan 31 23:43:57 2020 +0100
avcodec/xvididct: Fix integer overflow in MULT()
Fixes: signed integer overflow: 23170 * 95058 cannot be represented in type 'int'
Fixes: 20295/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MJPEG_fuzzer-5800212870463488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7ccb576191e91b393041b14917f1b681ec75ed3b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4a60aa9bd3b759d0956ca7c0948cb12fcb318eba
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jan 17 23:42:08 2020 +0100
avcodec/ffwavesynth: Correct undefined overflow of PINK_UNIT
Fixes: signed integer overflow: 9223372036854775775 + 128 cannot be represented in type 'long'
Fixes: 20054/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5686385113825280
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 187161d62f35c8b613c4a6739b0a6dfa9a24da60)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=64bee9c2f8479f50fcf61b71b1f0970014621228
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 16 20:11:52 2020 +0100
swscale/output: Fix integer overflow in yuv2rgb_write_full() with out of range input
Fixes: signed integer overflow: 1169365504 + 981452800 cannot be represented in type 'int'
Fixes: ticket8293
Found-by: Suhwan
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e057e83a4ff4c0eeeb78dffe58e21af951c056b6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d33f8f2871d6d3ecdc589cf72a75e04715cc5e33
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 16 20:18:11 2020 +0100
swscale/output: Fix integer overflow in alpha computation in yuv2gbrp16_full_X_c()
Fixes: signed integer overflow: 524280 * 4432 cannot be represented in type 'int'
Fixes: ticket8322
Found-by: Suhwan
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 49ba1879add99d3f64d70d34fb0255c8a49d4b28)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1e61cc5c51357f30f3e5ddcf69868b68afccc407
Author: John Rummell <jrummell at chromium.org>
Date: Mon Mar 30 21:30:33 2020 -0700
libavformat/amr.c: Check return value from avio_read()
If the buffer doesn't contain enough bytes when reading a stream,
fail rather than continuing on with initialized data. Caught by
Chromium fuzzeras (crbug.com/1065731).
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5b967f56b6d85f62446836fc8ef64d0dcfcbda17)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c703bdf3c8617016589b2896a3b5e23c2b0c236d
Author: John Rummell <jrummell at chromium.org>
Date: Mon Mar 30 14:08:01 2020 -0700
libavformat/mov.c: Free aes_decrypt to avoid leaking memory
Found by Chromium fuzzers (crbug.com/1057205).
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ad91cf1f2f5793db5c6dd7ab9947fcc6d7832607)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e9b952d2837cca0bfb5b556ffa76f2a7b0903bea
Author: John Rummell <jrummell at chromium.org>
Date: Mon Mar 30 14:56:11 2020 -0700
libavformat/oggdec.c: Check return value from avio_read()
If the buffer doesn't contain enough bytes when reading a stream,
fail rather than continuing on with unitialized data. Caught by
Chromium fuzzers (crbug.com/1054229).
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b7c67b1ae3657058b32b9235119d07529ad5cce1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=47b6f07f32afbbbb8f3ddf3b26e9b9eb155ad46d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Mar 15 17:26:51 2020 +0100
avformat/asfdec_f: Fix overflow check in get_tag()
Fixes: signed integer overflow: 2 * 1210064928 cannot be represented in type 'int'
Fixes: 20873/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5761116909338624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Anton Khirnov <anton at khirnov.net>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c8140fe7324f264faacf7395b27e12531d1f13f7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e2d4a434413668e4bff9a53ca8b4d3b3e1182c3f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Mar 18 20:20:44 2020 +0100
avformat/nsvdec: Fix memleaks on errors while reading the header
Fixes: memleaks
Fixes: 21084/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5655975492321280
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 96c04694550999cc214cae8c4a16d2d7ac0958bc)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=658085fbcff249da29b45d398d59ea17d8dc06e0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Mar 15 18:25:56 2020 +0100
avcodec/ffwavesynth: Fix integer overflow in computation of ddphi
Fixes: signed integer overflow: 1302123111085380114 - -8319005078741256972 cannot be represented in type 'long'
Fixes: 20991/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5148554161291264
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Nicolas George <george at nsup.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c85bf1631823e9089e59a474d5c6c0efc708c507)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=807af727507ac125c1ec4706d1dad44f67f373c7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Mar 1 22:46:34 2020 +0100
avcodec/adpcm: Fix invalid shift in AV_CODEC_ID_ADPCM_PSX
Fixes: left shift of negative value -1
Fixes: 20859/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_PSX_fuzzer-5720391507247104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0a11ef68f0a85905e704e503b433f5aa645d59ac)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=51d2137b98592ac43ac700270db14f4546f1aeb3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Dec 5 22:35:03 2019 +0100
avcodec/mpeg12dec: Fix invalid shift in mpeg2_fast_decode_block_intra()
Fixes: left shift of negative value -695
Fixes: 19232/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-5702856963522560
Fixes: 19555/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-5741218147598336
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c40df2166c7925fc81e1ef22563c2e32124cf1d6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2e893054bf32b80c32256152f8d4fa7e9d4186ec
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 23 12:41:41 2020 +0100
avcodec/mpegaudioenc_template: fix invalid shift of sample
Fixes: Ticket8010
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a2c97a8342fab6393280cc2f0e2ffb39c381d29c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3a2dfcf3a1f3b601e92db135742c033440499db0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 23 12:50:30 2020 +0100
avcodec/motion_est_template: Fix invalid shifts in no_sub_motion_search()
Fixes: Ticket8167
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e13eee37ee3268b0a985ddc74a9bde0179bd553c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=15ca3c1c8b3d2a2de146ac8feaa826cbb82f6ea8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jan 26 22:19:48 2020 +0100
libavformat/avienc: Check bits per sample for PAL8
Fixes: assertion failure
Fixes: Ticket 8172
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 35958782819c00211e247332ab18fbf2f28267e1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=50a35f078086e5c8aebbfd47677c56e0488a7085
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jan 27 19:07:00 2020 +0100
avformat/mpegts: Improve the position determination for avpriv_mpegts_parse_packet()
Fixes: assertion failure
Fixes: Ticket 8005
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e5bb48ae5990347dff22fc38ff5a1c1f7f60a1c5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=80d6a3c271275a66e6165681e91ac43ad976fa23
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 22 00:42:30 2020 +0100
avcodec/magicyuv: Check that there are enough lines for interlacing to be possible
Fixes: out of array access
Fixes: 20763/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MAGICYUV_fuzzer-5759562508664832
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f8a0e9f9f71cf5650bdc250ff7475e0f7d8e8420)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fa85195a94f3954565081db6b3156e13fb92b98b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 23 09:27:27 2020 +0100
avformat/mvdec: Check stream numbers
Fixes: null pointer dereference
Fixes: 20768/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5638648978735104.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 618a9bea65112a27a106e02ada3ae475cc8ac1ac)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8c594a9070375e136230cd2b2718d385f676a8c5
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Feb 20 22:26:18 2020 +0100
avcodec/pcm: Fix invalid shift in AV_CODEC_ID_PCM_LXF
Fixes: left shift of 233 by 24 places cannot be represented in type 'int'
Fixes: 20736/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PCM_LXF_fuzzer-4829212685107200
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 051d11f659455f38be7ce40e2dc9d03b082dcd4d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b2c54369feeefb1cb2132909a1b427489d768feb
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 18 22:58:12 2020 +0100
avcodec/qdm2: Check fft_coefs_index
Fixes: out of array access
Fixes: 20660/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QDM2_fuzzer-5658290216501248
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9fc73bf022eb781eea7f685e2d2e9de4ba8898ca)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cdd886b1fb782f17970c7f2caa5bf203eb4dd608
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 15 23:23:55 2020 +0100
avformat/utils: Fix integer overflow with complex time bases in avformat_find_stream_info()
Fixes: signed integer overflow: 2045163756 * 2 cannot be represented in type 'int'
Fixes: Ticket5132
Found-by: tsmith
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f3d8f517dbc42de8e2f97cc01bf5171bb05fbcc7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=aab46bb8d6a06e61d3c3f6c6821c673c17d6c40e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 15 23:18:25 2020 +0100
avformat/avidec: Avoid integer overflow in NI switch check
Fixes: signed integer overflow: 0 - -9223372036854775808 cannot be represented in type 'long'
Fixes: Ticket8149
Found-by: Suhwan
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 347920ca2102d762e4713f101a2e75811791e2b3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=49a8960cdce0fcbf1460fe81c46ddc2874d4aa82
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 15 22:56:18 2020 +0100
fftools/ffmpeg: Fix integer overflow in duration computation in seek_to_start()
Fixes: signed integer overflow: -9223372036854775808 - 9223372036854775807 cannot be represented in type 'long'
Fixes: Ticket8142
Found-by: Suhwan
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4f4ad33d96a01d82edf56d58599017cb0ae5bfa8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4f04fa75dd07ff51015af61ee7140e5cb4980597
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 15 22:35:37 2020 +0100
avfilter/vf_aspect: Fix integer overflow in compute_dar()
Fixes: signed integer overflow: 1562273630 * 17 cannot be represented in type 'int'
Fixes: Ticket8323
Found-by: Suhwan
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0c0ca0f244b823238e5a4f5584168e620da84899)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f6d0260a81cea5dbe385df36d8b63fd237c162c8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Feb 11 23:56:45 2020 +0100
avcodec/apedec: Fix invalid shift with 24 bps
Fixes: left shift of negative value -463
Fixes: 20542/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5688714435231744
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8e278672294f28a3feaba0a38460afd51f0fadda)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=89c4c3c9442a86c747dbc09ef906e52a5c8635d5
Author: Dale Curtis <dalecurtis at chromium.org>
Date: Tue Jan 28 16:49:14 2020 -0800
avformat/utils: Fix undefined behavior in ff_configure_buffers_for_index()
When e2_pts == INT64_MIN and e1_pts >= 0 the calculation of
e2_pts - e1_pts will overflow an int64_t.
Signed-off-by: Dale Curtis <dalecurtis at chromium.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f15007afa90a3eb3639848d9702c1cc3ac3e896b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e4921f409d839a07c90d232ea0629779ee064e1f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 22 23:11:47 2020 +0100
avcodec/dpcm: Fix integer overflow in AV_CODEC_ID_GREMLIN_DPCM
Fixes: signed integer overflow: -2147479324 + -32568 cannot be represented in type 'int'
Fixes: 20103/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GREMLIN_DPCM_fuzzer-5667667579240448
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b1aecad9eae900b9c3054392994d150d5ae572c5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d60daf43bc7dced5088434a7209a7135830bc811
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jan 18 19:55:23 2020 +0100
avcodec/wmalosslessdec: Fix integer overflow with sliding in padding bits
Fixes: signed integer overflow: -53716100 * 256 cannot be represented in type 'int'
Fixes: 20143/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5716604000403456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b8a0be93528187721a2414f66abbc252a258afa3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=41447fcbcb7f0c4bcc2eb2bf879a0ff8a0eca50d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jan 18 19:28:36 2020 +0100
avcodec/wmalosslessdec: Fix loop in revert_acfilter()
Fixes: out of array read
Fixes: 20059/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5691776237305856
No testcase except the fuzzed one.
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5584c0bb945d6010a9d8c22ef3270792022e1761)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b6e15c1156f6ecb78ce805cc7660eb9a060b7f07
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 28 20:12:25 2020 +0100
avcodec/lagarith: Sanity check scale
A value of 24 and above can collaps the range to 0 which would not work.
Fixes: Timeout (75sec -> 21sec)
Fixes: 18707/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LAGARITH_fuzzer-5708950892969984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit fb3855342b9e4c577c63b38a7a5a574830a21934)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c3e113d705fb8b644e0548496cdd196241d056f6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 28 18:35:43 2020 +0100
avcodec/apedec: Fix integer overflows in predictor_decode_mono_3950()
Fixes: signed integer overflow: -2147407150 + -1871606 cannot be represented in type 'int'
Fixes: 18702/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5679095417667584
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit eb64a5c6f94981e4a68ad65a6e445557e11c08fc)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4c1c8ea33ec3a6847c9f6c8aa9e5bde0426b18aa
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 8 13:48:45 2019 +0100
avcodec/ralf: Fix integer overflow in apply_lpc()
Fixes: signed integer overflow: 2147482897 + 2048 cannot be represented in type 'int'
Fixes: 19240/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5743240326414336
Fixes: 19869/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RALF_fuzzer-5150136636538880
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit fd313d8cf8368918882b6de0880e44ae25cc7394)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=57879ec143ee19be638c2f1776a1a2e8c9c15280
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jan 4 23:01:12 2020 +0100
avcodec/dca_lbr: Fix some error codes and error passing
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bfea054a75f17d140f2f171056a801c4c89f6d26)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=168e6748eeca9ad4b925208e2a35d59e7b009815
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 14 15:27:44 2019 +0100
avcodec/wmavoice: Fix rounding and integer anomalies in calc_input_response()
Fixes: out of array access
Fixes: inf is outside the range of representable values of type 'int'
Fixes: signed integer overflow: -9223372036854775808 - 1 cannot be represented in type 'long'
Fixes: 19316/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-5677369365102592
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 38d37584448731f90977132b838d50ff1a28811b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a344f245c42ff2d47523c8d339c2caed75009e17
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 21 22:27:37 2019 +0100
avcodec/wmavoice: sanity check block_align
This limit is roughly based on the bitreader limit, its likely a much tighter limit
could be used
Fixes: left shift of 1965039647 by 1 places cannot be represented in type 'int'
Fixes: 19545/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-5695391899320320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6847e22c8c85b80bf1d25ec66f77f7ccbcf43aed)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7a0317e38cdebd673ea0353843f1e76fe9ade1bb
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Dec 18 00:07:50 2019 +0100
avcodec/pcm: Fix invalid shift in pcm_decode_frame for LXF
Fixes: left shift of 32 by 28 places cannot be represented in type 'int'
Fixes: 19472/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PCM_LXF_fuzzer-5704364320096256
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 985d3666f672781152f4b68093740ea6a9888194)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2b57b593b5216f369888aa7672ab4a11b26163ed
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jan 19 21:51:11 2020 +0100
avcodec/snappy: Sanity check bytestream2_get_levarint()
Fixes: left shift of 79 by 28 places cannot be represented in type 'int'
Fixes: 20202/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5719004081815552
Fixes: 20219/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5641738677125120
Fixes: 20389/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5680721517871104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit be54da2117a6f58c14283f2511e71fda8d3bfe9d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=afc97ceb22f2e7a04644b826298f1d5793e697bc
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Feb 1 23:25:42 2020 +0100
avcodec/mlpdsp: Fix a invalid shift in ff_mlp_rematrix_channel()
Fixes: left shift of negative value -2
Fixes: 20305/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEHD_fuzzer-5677196618498048
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Jai Luthra <me at jailuthra.in>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit fcc9f13717c8c3fe08ca5caf957c39e76ea35e4f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=344368df558725e65fb9bf008fd96d0f0e6c1f86
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jan 27 21:54:22 2020 +0100
avcodec/avdct: Clear IDCTDSPContext context
Fixes use of uninitialized variable and segfault
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Reviewed-by: James Almer <jamrial at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b82825eba837f7cbb24c1d66e93285d029307417)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=06f3cea696d863361ad524e6ec394eb04bbaa11b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 30 22:04:06 2020 +0100
avcodec/x86/diracdsp: Fix high bits on Windows x86_64
Found-by: james
(cherry picked from commit 24af459d1e568fd134476f305f4fba23bf2c386a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b20f8759cd8cd03b5e81845d7a35d78a9aeb1243
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jan 11 12:09:08 2020 +0100
avformat/mov: Check STCO location
Fixes: bypassing of checks and assertion failure
Fixes: asan_1003879.mp4
Found-by: Clusterfuzz + asan
Reported-by: Thomas Guilbert <tguilbert at google.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1cd41840208bce7e690a4ccc48077567418a0aa8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=05cafd2a0e4757733701161b74fb8e4fb7eab4d8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 9 02:06:36 2020 +0100
avcodec/wmalosslessdec: Fix multiple integer overflows
Fixes: left shift of 3329 by 20 places cannot be represented in type 'int'
Fixes: signed integer overflow: -199378355 + -1948950833 cannot be represented in type 'int'
Fixes: 19837/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5752565837070336
Fixes: 19839/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5767483265122304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 422202516cfb6239abb4e20db9f628f3899a76e2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=848a93b8c8e98e9300f1d8b2a45a50e60c24d15d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 7 20:55:16 2019 +0100
avcodec/apedec: Fix undefined integer overflow in decode_array_0000()
Fixes: signed integer overflow: -2143289344 - 6246400 cannot be represented in type 'int'
Fixes: 19239/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5173755680915456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a3655bb02c21e70573335e9396632f64b2589536)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1dc21175138b31e70a862b58f761efb02c22676f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 1 20:43:05 2020 +0100
avcodec/smacker: Check space before decoding type
Fixes: Timeout (232sec -> 280ms)
Fixes: 19682/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKER_fuzzer-5654129649385472
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6f5c18da5977a3214e1ea30e6b0c0d9d858ce83d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6452023550c15dde16efde5d8a62a65d7532115a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 1 22:32:04 2020 +0100
avcodec/rawdec: Use linesize in b64a
Fixes: out of array access
Fixes: 19750/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RAWVIDEO_fuzzer-5074834119983104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2b5b9d5dac9a3525d7330662724c0e9045078bfb)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a45cc681cc53bd7fc3816eaf7b7c67ca7a25d568
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jan 3 23:24:15 2020 +0100
avcodec/iff: Over-allocate ham_palbuf for HAM6 IFF-PBM
IFF-PBM-HAM6 can read out of array without this overallocation
Fixes: Out of array read
Fixes: 19752/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5675331403120640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8652f4e7a15e56fadf9697188c1ed42c9981db82)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f2c99c2f882e8da3d47cd1a4e4bebecdd25eba4d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 29 22:11:45 2020 +0100
avcodec/x86/diracdsp: Fix incorrect src addressing in dequant_subband_32()
Fixes: Segfault (not reproducable with asm, which made this hard to debug)
Fixes: decoding errors
Fixes: 19854/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5729372837511168
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0694b60b7b4892eac1d6e2aca64de9e0cb096486)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cb9ec725c31dc8d3a7e1fe165a8dbdcc1ec4e935
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jan 26 20:45:07 2020 +0100
avfilter/vf_find_rect: Remove assert
A score of 0 is possible
Fixes: Ticket8500
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit dfc471488675aa257183745502d0074055db3bd2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bd8633d4d3e194a7b018ae081674b4f06890013a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jan 26 20:45:06 2020 +0100
avfilter/vf_find_rect: Increase worst case score
score could be 1.0 which lead to uninitialized values
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6ff2474e02200dce7abdea3fd211fcaf49691c2c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4e1480a4e85e9b8212d74ba9c7a51cd842dd0070
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 21 22:52:19 2020 +0100
swscale/input: Fix several invalid shifts related to rgb2yuv constants
Fixes: Invalid shifts
Fixes: #8140
Fixes: #8146
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit d48e510124d0fea24e2ec27271687c92e4428a18)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=65d9d164da20ac95d54d35f558e1e101c1f8a6a9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 21 22:52:19 2020 +0100
swscale/output: Fix several invalid shifts in yuv2rgb_full_1_c_template()
Fixes: Invalid shifts
Fixes: #8320
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7b7f97532b2ac8836d8d8e3c71dd026e35ae1ca7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=850eec92d0e594ae8839e76c2aaac90e2e3856da
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 21 22:52:19 2020 +0100
swscale/swscale: Fix several invalid shifts related to vChrDrop
Fixes: Invalid shifts
Fixes: #8166
Fixes: filter-crop_scale_vflip FATE-test
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a6ca22c11834c0ff075592e3f051d41068c407db)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a0868285c097808a6a49f09906e436a887fbbf33
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Dec 13 00:50:21 2019 +0100
avcodec/hevc_mp4toannexb_bsf: check that nalu size doesnt overflow
Fixes: Out of array access
Fixes: 19299/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_MP4TOANNEXB_fuzzer-5169193398042624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a8ceb2a72fa1bef4ab5f1ec6cdc7ce74fffda19d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0ab57e062641c8f6df5b8bc43e3ae392edb76a7a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Dec 13 00:38:29 2019 +0100
avcodec/hevc_mp4toannexb_bsf: Avoid NULL memcpy()
Fixes: invalid memcpy use
Fixes: 19299/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_MP4TOANNEXB_fuzzer-5169193398042624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1e23b5a706cd378ed07a200dfee656b38504f165)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=04ef299aa0dd8261ec9d0e5e13bf97c8cdfaddb4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 15 00:32:55 2020 +0100
avcodec/wmalosslessdec: move channel check up
Fixes: out of array access
Fixes: 2nd part of 18429/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-6210814364614656
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 891bcc4acc93e0c5a75ab7a9da668df84a0edba7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bdb0af634e3fa8b04fc63fa201dfceae9a5f7a89
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 7 00:14:16 2019 +0100
avcodec/adpcm: Fix overflow in FFABS() IMA_EA_EACS
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 19235/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_EA_EACS_fuzzer-5680878952382464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 794352ae9d1cb32b4b9e45d3affb83763f4ee12e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5684147644f529f4ac9f8aa3b658d80296db36ba
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 7 20:42:54 2019 +0100
avcodec/alac: Fix integer overflow in LPC coefficient adaption
Fixes: signed integer overflow: 267693597 * 10 cannot be represented in type 'int'
Fixes: 19237/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5755407700328448
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6a865cec5e7584ef476f394fc55c1fc91cec1a14)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4f739a58795ad76207bb9a2674333dbd08914c0f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 7 20:38:13 2019 +0100
avcodec/g729postfilter: Optimize out overflowing multiplication from apply_tilt_comp()
Fixes: signed integer overflow: -1114392282 * 2 cannot be represented in type 'int'
Fixes: 19236/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G729_fuzzer-5741678938030080
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c0bd5fa43d193aa389bea7c5176b2fe23f6eeddd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bcc836d1f27469eac3a5a928aa961f95381452dd
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 8 20:18:07 2019 +0100
avcodec/vc1dec: Check field_mode for sprites
Fixes: Out of array read
Fixes: 19263/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5389219325542400
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 32fb9198360402941e49aa878b9d33737b654f62)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5e874507e141143cdd7fbc6c09054d5e295369d4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 8 19:37:46 2019 +0100
avcodec/vc1dec: Limit bits by the actual bitstream size
Fixes: Timeout (350 ->19sec)
Fixes: 19249/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-6566896438870016
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c56a52a82c0a4039e606e82b948a8abfe417f35f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b4e369cf36994a6127f2747582f2565116ef8609
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jan 6 01:38:21 2020 +0100
avcodec/vmdaudio: Check block_align more
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 19788/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VMDAUDIO_fuzzer-5743379690553344
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 06f6857b54a7fbbd087b0803f75bed44abed50d9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b4ff849594acef6c69d40fd33ede8e588dbbada3
Author: Gyan Doshi <ffmpeg at gyani.pro>
Date: Wed Jan 1 12:14:30 2020 +0530
configure: bump year
(cherry picked from commit 7b58702cbdce097f32f62c87cd537ab28c04ffb2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0b05ea827ee20e744304e0c6ee6abb0b126865be
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jan 4 21:58:28 2020 +0100
avcodec/pgssubdec: Free subtitle on error
Fixes: Assertion failure
Fixes: 19753/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGSSUB_fuzzer-5688461843759104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b0a718923bb4a75b0c1cbf283fb17a319b840346)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b9b2ac5dbb858927db5ad528a00e12809cf4862c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 25 21:50:57 2019 +0100
avcodec/ffwavesynth: Fix undefined overflow in wavesynth_synth_sample()
Fixes: signed integer overflow: 2147464192 + 21176 cannot be represented in type 'int'
Fixes: 19042/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5719828090585088
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit fa47f6412dbf93b4865adf8c66618906a3274330)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d22da8f54c97ed66e23c0ef57163eb4874dbcd4e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 25 21:39:48 2019 +0100
avcodec/cook: Use 3 stage VLC decoding for channel_coupling
Fixes: shift exponent -1 is negative
Fixes: out of array read
Fixes: 19028/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_COOK_fuzzer-5759766471376896
Fixes: 19037/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_COOK_fuzzer-5734106625474560
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 89fd76db71d9d4f87c51fee2a2edf99662444df7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0f8f37a99418039923e6db8e8bbc53fe5fac1167
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Nov 29 22:45:07 2019 +0100
avcodec/wmalosslessdec: Fixes undefined overflow in dequantization in decode_subframe()
Fixes: signed integer overflow: 47875596 * 45 cannot be represented in type 'int'
Fixes: 19082/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5687766512041984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 53efab44a9d0971c6c12d9b3d1af855ca863c847)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5dea535114c90f4f83e4ed981b94ffae56bf1572
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Oct 21 23:22:05 2019 +0200
avcodec/sonic: Check e in get_symbol()
Fixes: signed integer overflow: 1721520852 + 1721520852 cannot be represented in type 'int'
Fixes: 18346/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-5709623893426176
Fixes: 18753/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-5663299131932672
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit aea67556116330d3151e4cd3ef1e266b5d90f388)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a1474a83048620d734001414db0f75e16d97adcc
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Dec 3 19:48:46 2019 +0100
avcodec/twinvqdec: Correct overflow in block align check
Fixes: signed integer overflow: 538976288 * 8 cannot be represented in type 'int'
Fixes: 19126/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TWINVQ_fuzzer-5687464110325760
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4dc93ae3d725e892927f04002021337c2f90252a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6583f572d1244736e5ef8599cf7a8296347274b4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Dec 17 00:04:23 2019 +0100
avcodec/vc1dec: Fix "return -1" cases
Reviewed-by: "mypopy at gmail.com" <mypopy at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 26f040bcb4a1db78d1311af2e69de6984ecb43e5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9fbd7b65d754f1b68c83e66f144ff89f7000759a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Dec 16 23:31:22 2019 +0100
avcodec/vc1dec: Free sprite_output_frame on error
Fixes: memleaks
Fixes: 19471/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5688035714269184
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3ee9240be3e4044ae9e60a9a3a68820bf8075299)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6c5be12e7c7bf518398ab0b9e5a0b3f4466e5c2c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 30 16:46:46 2019 +0100
avcodec/wmadec: Keep track of exponent initialization per channel
Fixes: division by 0
Fixes: 19123/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAV2_fuzzer-5655493121146880
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bf5c850b795126d4f60dd9498c06f0492f5726a7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cda7dd2124480dec91363d8dd4728842d74d46ad
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 30 12:22:25 2019 +0100
avcodec/iff: Check that video_size is large enough for the read parameters
video is allocated before parameters like bpp are read.
Fixes: out of array access
Fixes: 19084/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5718556033679360
Fixes: 19465/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5759908398235648
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f1b97f62f86d5dca35d01d7a5ebbc5dca2a88ae6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d8e5d0264eea4c9b9e3d7e36e0053ab14e33af4f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Nov 21 23:02:56 2019 +0100
avcodec/adpcm: Clip predictor for APC
Fixes: signed integer overflow: -2147483648 - 13 cannot be represented in type 'int'
Fixes: 18893/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_IMA_APC_fuzzer-5630760442920960
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9fe07908c3f67d59cf4db5668d61b34506189590)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b84ab52628568f477e9f78a69dbedf4b57123be5
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Nov 21 22:43:01 2019 +0100
avcodec/targa: Check colors vs. available space
Fixes: Timeout (37sec -> 52ms)
Fixes: 18892/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TARGA_fuzzer-5739537854889984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 01593278cef06dbb4491d50d03b72198d2848adf)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9645c0b322c108a6b3a2d437fae10a2529eb3f7e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Oct 1 00:43:03 2019 +0200
avcodec/dstdec: Use get_ur_golomb_jpegls()
Fixes: shift exponent -4 is negative
Fixes: 17793/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DST_fuzzer-5766088435957760
Fixes: 18989/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DST_fuzzer-5175008116867072
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a76690c02b4fd12d7fac6f753af8bad72c82d55c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=71c228d2b8c93857a104c034937b1350d1959b3f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 23 09:18:12 2019 +0100
avcodec/wmavoice: Check remaining input in parse_packet_header()
Fixes: Infinite loop
Fixes: 18914/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-5731902946541568
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 19c41969b26d07519fff8182a0d3266cdb712078)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3191aecdfa7ec0218c578c031ae9555bb2f98c2b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Nov 20 22:05:40 2019 +0100
avcodec/wmalosslessdec: Fix 2 overflows in mclms
Fixes: signed integer overflow: 2038337026 + 109343477 cannot be represented in type 'int'
Fixes: 18886/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5673660505653248
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 92455c8c65c403ea696cb8c63d474d386d631bbd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5f820ffe81265016eb9caaf4d8b2606a6b9fd0d9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Nov 20 20:34:55 2019 +0100
avcodec/wmaprodec: Fixes integer overflow with 32bit samples
Fixes: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes: 18860/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAPRO_fuzzer-5755223125786624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a9cc69c0d59057ea172a107e0308fdf5fd8fc04e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9776bc11257293243827dbfecfe120835e677b08
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Nov 20 19:13:09 2019 +0100
avcodec/adpcm: Fix invalid shift in xa_decode()
Fixes: left shift of negative value -1
Fixes: 18859/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ADPCM_XA_fuzzer-5748474213040128
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 50db30b47d016fc4e7b47067545b15d22d4faddf)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=18a6ff88ce380e3d652cbefbaf7da20ea5e8f0b8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 18 14:22:57 2019 +0100
avcodec/wmalosslessdec: Fix several integer issues
Fixes: shift exponent -1 is negative (and others)
Fixes: 18852/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5660855295541248
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ec3fe67074ad0a6a3a817f6f42175ea63a98092b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=699a6dddc757d3ac9010c2444ec6f33c0d702ad9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 18 12:49:25 2019 +0100
avcodec/wmalosslessdec: Check that padding bits is not more than sample bits
Fixes: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes: 18817/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5713317180211200
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9d428265808255ad2fc60355fe641aaa4fd3dae4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2309850cb90b72edfcb4637237725842f938bb80
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 18 09:45:29 2019 +0100
avcodec/iff: Skip overflowing runs in decode_delta_d()
Fixes: Timeout (107sec - 75ms>
Fixes: 18812/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-6295585225441280
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 185f441ba26a2112725db1e8f218e54ac8068bbb)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bbae90e2cb658e336d0104154f37235782253ba9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 14 19:19:57 2019 +0100
avcodec/pnm: Check that the header is not truncated
Fixes: Ticket8430
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c94cb8d9b21baeeecef962c72965dbedc4e0b0e1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=41fc3f3851d3a54a14e98b204ccba0f7aaf24967
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Dec 14 00:37:27 2019 +0100
avcodec/mp3_header_decompress_bsf: Check sample_rate_index
Fixes: out of array read
Fixes: 19309/clusterfuzz-testcase-minimized-ffmpeg_BSF_MP3_HEADER_DECOMPRESS_fuzzer-5651002950942720
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f064c7c449f162a9011ad890f26ceeca26934d22)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=57c602ab246a5ed2fb14d0bd0180c76a1984d494
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Nov 15 23:00:51 2019 +0100
avformat/rmdec: Initialize and sanity check offset in ivr_read_header()
Fixes: signed integer overflow: -9223372036854775808 - 17 cannot be represented in type 'long'
Fixes: 18768/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5674385247830016
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7e665e4a81e2e96eb45138a1dfa38617de2631a4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bc73f923e23d7e0ebcc64dac11b1309d3be3ed82
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Nov 14 16:38:36 2019 +0100
avcodec/apedec: Fix 2 integer overflows
Fixes: signed integer overflow: 2119056926 - -134217728 cannot be represented in type 'int'
Fixes: 18728/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5747539563511808
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6e15ba2d1f688c61759001839811b11903de9ce0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=081aa19ac93af7a7aec2233d29621c801ed5101d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 12 20:25:00 2019 +0100
avcodec/wmaprodec: Set packet_loss when we error out on a sanity check
Fixes: left shift of negative value -34
Fixes: 18719/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAPRO_fuzzer-5642658173419520
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a9cbd25d89dbdf72f7b616fdf672d7da36143cfe)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=47d0725b91eb1b59722dd0ba6b8c9226c05d8ad7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 12 20:06:35 2019 +0100
avcodec/wmaprodec: Check offset
Fixes: index 33280 out of bounds for type 'float [32768]'
Fixes: 18718/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XMA2_fuzzer-5635373899710464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5473c7825ea627a115155313a56a907d67a0d0c1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6d3a91c49d21842ca32f6cc176a9086c77d4d827
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 12 18:47:52 2019 +0100
avcodec/truemotion2: Fix 2 integer overflows in tm2_low_res_block()
Fixes: signed integer overflow: 1778647621 + 574372924 cannot be represented in type 'int'
Fixes: 18692/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2_fuzzer-6248679635943424
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 93d52a181ec050d3a4fb68f526604d39cd006be5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=63bad93076218af1b0dd3248f6b9149b0ebe7f47
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 12 18:39:08 2019 +0100
avcodec/wmaprodec: Check if the channel sum of all internal contexts match the external
Fixes: NULL pointer dereference
Fixes: 18689/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XMA1_fuzzer-5715114640015360
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 090ac5799751c6f52358da4e5201a3845760db93)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
More information about the ffmpeg-cvslog
mailing list