[FFmpeg-cvslog] New commits on branch release/7.0
Git System
git at videolan.org
Thu Feb 27 02:47:17 EET 2025
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9aab014878c12cd8b5003d3d9d656d9363789ed6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Feb 26 22:59:00 2025 +0100
update for 7.0.3
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=33435e078f660b5122e3447a975655c33d7d3df7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Feb 9 01:28:17 2025 +0100
avformat/iff: Check that we have a stream in read_dst_frame()
Fixes: null pointer dereference
Fixes: 385644864/clusterfuzz-testcase-minimized-ffmpeg_dem_IFF_fuzzer-4551049565765632
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross at xvid.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8668957ef604bd2b99175310638bc5031ae0d991)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f43dfb5e82ad151e061d4c8e8fa4660740ba8bab
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Feb 7 02:33:21 2025 +0100
avformat/mlvdec: fix size checks
Fixes: heap-buffer-overflow
Fixes: 391962476/clusterfuzz-testcase-minimized-ffmpeg_dem_MLV_fuzzer-5746746587676672
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 251d43aef0df9262f2688c1c848af993bbb67d08)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=89a792fd3b2368d2da349e9ecc5e4bccf4f5b4ba
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Feb 7 01:24:37 2025 +0100
avformat/wavdec: Fix overflow of intermediate in block_align check
Fixes: signed integer overflow: -251517880 * 32 cannot be represented in type 'int'
Fixes: 385224934/clusterfuzz-testcase-minimized-ffmpeg_dem_W64_fuzzer-4909298151915520
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1afbc40875069312dd729b5959fb04950c3938db)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=af1eb801daac0f249c51227d3f975e0e4d18f93a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Feb 5 03:47:52 2025 +0100
avformat/mxfdec: Check edit unit for overflow in mxf_set_current_edit_unit()
Fixes: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'long'
Fixes: 392672068/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6232335892152320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <git at haerdin.se>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8a6ad9eab2f1c37a18c2f30e6660260edd7c0c16)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f28eeabd034a6005e88e08f42d65db7fe314f9a6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Feb 6 13:09:08 2025 +0100
avformat/hls: Fix twitter
Allow mp4 with all mpegts extensions
Fixes: Ticket11435
Reviewed-by: Steven Liu <lingjiujianke at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit cef3422b4819e3b6f07086625fa7890eaa8d45e7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4d00981ce73fea81f8f386ba64db17953168649e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 28 23:07:54 2025 +0100
libavformat/hls: Be more restrictive on mpegts extensions
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0113e30806b205111344e266bc69ff9657a3ca02)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8e69f09c40d09893fb0ccf784ff4c3f3ce0ea485
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 28 13:26:34 2025 +0100
avformat/hls: .ts is always ok even if its a mov/mp4
Maybe fixes: 11435
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9e12572933dc1c49e9b35d772ddcae896c2ba8a8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=584eb8c73cc702c4042331eb714ccad8910efde8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 30 02:28:32 2025 +0100
avcodec/h263dec: Check against previous dimensions instead of coded
Fixes: out of array access
Fixes: crash-a41ef3db699013f669b076f02f36942925f5a98c
Found-by: Kacper Michajlow <kasper93 at gmail.com>
Reviewed-by: Kacper Michajlow <kasper93 at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0fe33c99a26a06a6875c4abfb96362a65145264b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f57d15139f00b19d8e8232298a6e87c31e6e3fdc
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jan 28 12:51:58 2025 +0100
avformat/hls: Print input format in error message
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit d8455331302c72cde2f0b72f255004a91189dd93)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8e95a9177eb95c260b16e154c71c35767a14ed10
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 16 01:28:46 2025 +0100
avformat/hls: Be more picky on extensions
This blocks disallowed extensions from probing
It also requires all available segments to have matching extensions to the format
mpegts is treated independent of the extension
It is recommended to set the whitelists correctly
instead of depending on extensions, but this should help a bit,
and this is easier to backport
Fixes: CVE-2023-6602 II. HLS Force TTY Demuxer
Fixes: CVE-2023-6602 IV. HLS XBIN Demuxer DoS Amplification
The other parts of CVE-2023-6602 have been fixed by prior commits
Found-by: Harvey Phillips of Amazon Element55 (element55)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 91d96dc8ddaebe0b6cb393f672085e6bfaf15a31)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=55ec6d87aa41fcfb2e397f7ade42aadfb67433d0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Sep 23 20:05:37 2024 +0200
avformat/mxfdec: Check avio_read() success in mxf_decrypt_triplet()
Fixes: Use of uninitialized memory
Fixes: 71444/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5448597561212928
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6ecc96f4d08d74b0590ab03f39f93f386910c4c0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=55a3a57dffe12de105f3e9b9c71ee03f377ce208
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 30 01:48:22 2024 +0100
avcodec/huffyuvdec: Initialize whole output for decode_gray_bitstream()
Fixes: use of uninitialized memory
Fixes: 375286238/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HYMT_fuzzer-6352546854141952
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit ef71552cf970876085d99834abdb8e429aea9730)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6a50a92137b7657e782989d62906f75b70840de7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Dec 26 03:28:53 2024 +0100
avformat/iamf_reader: Initialize padding and check read in ff_iamf_read_packet()
Fixes: Use of uninitialized memory
Fixes: 377642312/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-4554550985424896
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit aec2933344b2b32fc931bdf0b46eef1bd42225ff)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1826e947d02ff568ba12c2f7ce527a4d55f4a527
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Dec 26 03:07:51 2024 +0100
avformat/ipmovie: Check signature_buffer read
Fixes: use of uninitilaized data
Fixes: 385167047/clusterfuzz-testcase-minimized-ffmpeg_dem_IPMOVIE_fuzzer-5941477505564672
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 788abe0d253b2034af15876d7889265d4746df2b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=15498e72428f3f7fa1c9684ce6ce5beff9968da3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Dec 26 02:53:45 2024 +0100
avformat/wtvdec: Initialize buf
ff_parse_mpeg2_descriptor() reads over what is initialized
Fixes: use of uninitialized memory
Fixes: 383825645/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-5144130618982400
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 17b019c517af26c6d2f0c6266938c60d36db1fa3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=884c833434b903930719633669f26ec1c9c8af88
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 1 05:03:08 2025 +0100
avcodec/cbs_vp9: Initialize VP9RawSuperframeIndex
Fixes: use-of-uninitialized-value
Fixes: 70907/clusterfuzz-testcase-minimized-ffmpeg_BSF_VP9_METADATA_fuzzer-6339363208757248
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e81d410242ea604c4f667da4a415836c1575d72f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=53be7e244c13faa7f538cf5fde2c7fae414378e4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Dec 31 04:13:25 2024 +0100
avformat/vqf: Propagate errors from add_metadata()
Suggested-by: Marton Balint <cus at passwd.hu>
Reviewed-by: Alexander Strasser <eclipse7 at gmx.net>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 49fa3f6c5ba6d43cc4b3ade4f8d9dc2fdbc71f0a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4cb1c7a31cd94516ad24b08af80378a043b2f590
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Dec 26 01:46:49 2024 +0100
avformat/vqf: Check avio_read() in add_metadata()
Fixes: use of uninitialized data
Fixes: 383825642/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5380168801124352
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c43dbecbdad152a91eadc7538b545852eee562ae)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7dd232e5876f5144a53389aa744c2614a5a3151d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 16 00:22:05 2025 +0100
avformat/dashdec: Check whitelist
Fixes: CVE-2023-6602, V. DASH Playlist SSRF
Found-by: Harvey Phillips of Amazon Element55 (element55)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4c96d6bf75357ab13808efc9f08c1b41b1bf5bdf)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=315e4e509736e78fdd3b35e25941b13c0b0cc7f0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 15 03:30:21 2025 +0100
avutil/avstring: dont mess with NULL pointers in av_match_list()
Fixes: applying zero offset to null pointer
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c6c54943d161812b3c4034116cb14f3f5c05dc43)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2080df46069fcbb829aa08710b3a2158aa40a4f9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 8 03:11:02 2025 +0100
avfilter/vf_v360: Fix NULL pointer use
Fixes: applying zero offset to null pointer
partly Fixes: verysmall.flv
Found-by: Elias Myllymäki <elias.myllymaki04p at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 66e9888bf418984a274beddbc3e87e9f1b8f5077)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=de6eed407cd7528160c24e78a8130cd84a71aa66
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jan 8 02:59:28 2025 +0100
avcodec/mpegvideo_enc: Check FLV1 resolution limits
Found-by: Elias Myllymäki <elias.myllymaki04p at gmail.com>
Reviewed-by: Alexander Strasser <eclipse7 at gmx.net>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 827c073154f4cc17d1bd3777dff3b58370210bcb)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=fdabd48bbbaedbee9c7e764fb1794359cbc53424
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 9 21:35:06 2025 +0100
avcodec/ffv1enc: Fix handling of 32bit unsigned symbols
This may be needed for floats
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Alexander Strasser <eclipse7 at gmx.net>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 402824e9e99461f1c9e74a6730ced40894669560)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2cdf8e0d8ed742760e7be3741b4397a7cc24efd9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jan 9 00:02:35 2025 +0100
avformat/mov: Factorize sanity check out
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 16b3d3e3ebb9ff7b00c0fd14b0167779ada87f86)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=be65fc7c979636888a3e47be92477ee431e6f6cf
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 1 23:30:55 2024 +0100
avcodec/vc1dec: Clear block_index in vc1_decode_reset()
Fixes: 377965565/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-4504434689769472
Fixes: out of array access
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 251de1791e645f16e80b09d82999d4a5e24b1ad1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=29ff07ab76e0aca0f0a7d9749cbd46fafc93d4ea
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 1 22:27:18 2024 +0100
avcodec/aacsbr_template: Clear n_q on error
Fixes: index 5 out of bounds for type 'uint8_t [5]'
Fixes: 377748135/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer-5167109774049280
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3f029bfb7f9ca1c73fecb8d0eacf3c4e0550f771)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=439d36d539618cbe0e0c6b6d003841bc203aa426
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 1 21:40:43 2024 +0100
avformat/iamf_parse: Check output_channel_count
Fixes: -nan is outside the range of representable values of type 'int'
Fixes: 377072730/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-6545416570601472
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4485a0fd77c50157feb308090d84b52cd84e80a2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=dfeb22ffa7c1ffcd4c88f7d53af9d768995ea3aa
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 1 03:31:56 2024 +0100
avcodec/osq: Fixes several undefined overflows in do_decode()
Fixes: signed integer overflow: 1239596184 + 2119376059 cannot be represented in type 'int'
Fixes: 376136844/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OSQ_fuzzer-6581164455821312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0f511b4518fa4337f603275f865eb13ac5520d0f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cd163136b5b8bab6506a0feae0aa936fa030b0a5
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 1 03:25:09 2024 +0100
swscale/output: Fix undefined overflow in yuv2rgba64_full_X_c_template()
Fixes: signed integer overflow: -1082982400 + -1195645138 cannot be represented in type 'int'
Fixes: 376136843/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-4791844321427456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 56faee21c136942c491f30a2e82cfbbfce180beb)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=1e3b60a916c3d6f7e1e0642f8bd50639c14a07c8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jan 6 22:01:39 2025 +0100
avfilter/af_pan: Fix sscanf() use
Fixes: Memory Data Leak
Found-by: Simcha Kosman <simcha.kosman at cyberark.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b5b6391d64807578ab872dc58fb8aa621dcfc38a)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=45944e0c1f1a537afe745299c5e99da8cae14062
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Jan 6 05:06:10 2025 +0100
avfilter/vf_grayworld: Use the correct pointer for av_log()
Fixes: crash
Found-by: Elias Myllymäki <elias.myllymaki04p at gmail.com>
Reviewed-by: Alexander Strasser <eclipse7 at gmx.net>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9ffa127aa6853790acb40004fbab97f13ff4c72e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3bdb889b116cd9b05c4d4320781aa563ab92b573
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jan 5 02:36:25 2025 +0100
avfilter/vf_addroi: Add missing NULL termination to addroi_var_names[]()
Fixes: out of array read
Found-by: Elias Myllymäki <elias.myllymaki04p at gmail.com>
Reviewed-by: Alexander Strasser <eclipse7 at gmx.net>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b72de492959fb19eab37368232e65a4371c367f7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=932b0ea281a9990ce936189f009685b20fad9056
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Aug 16 17:30:45 2024 +0200
avcodec/get_buffer: Use av_buffer_mallocz() for audio same as its done for video
Fixes: Use of uninintialized value
Fixes: 70993/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer-6378949754552320
Fixes: 71104/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5001538727116800
For the AAC/USAC/SBR code which reads uninitialized memory, it would be good, if it did not
a fix for that is welcome!
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b9b4c9ebf07748993ad91ba9b9b9f06914d67865)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3b0c222dc022b7f8ea1b636ab067a5eb0d53dd8e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Aug 16 16:33:43 2024 +0200
avformat/jpegxl_anim_dec: clear buffer padding
Fixes: use of uninitialized value
Fixes: 70992/clusterfuzz-testcase-minimized-ffmpeg_dem_IMAGE2_fuzzer-5735819170611200
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3f0b95bb176445a509d99e7497e90f20355b8411)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=e43f54f043e0925fa20188c5a43600751a77cdb8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Aug 16 14:47:42 2024 +0200
avformat/rmdec: check that buf if completely filled
Fixes: use of uninitialized value
Fixes: 70988/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5298245077630976
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9578c135d00dd9cc01491b8559d7fad5a387e90d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b6f184ac4704cbbb48f3b2ffa97a4b6494a1459c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Aug 7 22:55:03 2024 +0200
avcodec/cfhdenc: Clear dwt_tmp
This occurs on a 32x32 input
Fixes: use of uninitialized value
Fixes: 70897/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CFHD_fuzzer-5960860961406976
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9de721de709fa9cc06a3ce3f542a1e7d45b2b0bf)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9b82620275712c719a5b692282af59be87dce57c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 11 23:15:32 2024 +0200
avcodec/hapdec: Clear tex buffer
The code following makes no attempt to initialize all of the buffer
Fixes: use of uninitialized value
Fixes: 70980/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5329909059223552
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7eeeda703b599847aa89c7c08bb433d0b3da9590)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b4c888343ad0627301364345b8e12f2e848e3cf9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 11 22:53:47 2024 +0200
avformat/mxfdec: Check that key was read sucessfull
Fixes: use of uninitialized value
Fixes: 70932/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4870202133643264
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4c62cbcae2612acbc7ab5e8a7e7815674a6e8df4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=65e885dd58d5fe2dfbe1eee9f4fe31bc2bdb0f80
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 18 04:09:11 2024 +0100
avformat/rpl: Fix check for negative values
Fixes: signed integer overflow: 10 * -1923267925333400000 cannot be represented in type 'int64_t' (aka 'long')
Fixes: 378891963/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5714338935013376
Found-by: ossfuzz
Reported-by: Kacper Michajlow <kasper93 at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit eab65379bf89c55d8ec4bc6f00e04f15b37d3d85)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c99baf2ceecaaa990206c8939e211d1c1e79c57e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Dec 25 05:13:02 2024 +0100
avformat/mlvdec: Check avio_read()
Fixes: use-of-uninitialized-value
Fixes: 383170476/clusterfuzz-testcase-minimized-ffmpeg_dem_MLV_fuzzer-4696002884337664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross at xvid.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bb85423142103d694d97bad1967bd3dc55440e71)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d06fcec830502942251c58fd6395f05daacaa996
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Dec 11 22:37:07 2024 +0100
avcodec/utils: Fix block align overflow for ADPCM_IMA_WAV
Fixes: signed integer overflow: 529008646 * 8 cannot be represented in type 'int'
Fixes: 383379145/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-6674045107503104
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 93270930798da368d5b1954a73ef7ff9dfa48f73)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=caceeed2b4577c75726d10ea3f222aa99775003d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Dec 11 21:36:11 2024 +0100
avformat/matroskadec: Check pre_ns for overflow
Fixes: signed integer overflow: -3483479120376300096 - 7442323944145700864 cannot be represented in type 'long'
Fixes: 383187489/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-4561470580391936
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 361d24e6d920e4f7e4e5fa1fd6fbb6922bff35f2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b263aa0095a9a73186dbc2c2350d725b791276e6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Dec 11 21:24:00 2024 +0100
tools/target_dec_fuzzer: Adjust threshold for EACMV
Fixes: Timeout
Fixes: 382988735/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EACMV_fuzzer-5278721465974784
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8f4eb0fe03aca552d375e2bce019a5da785f50d5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7a6d21b293637179c2f3a7f9ac922164f4562409
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 8 03:04:16 2024 +0100
tools/target_dec_fuzzer: Adjust threshold for MVC1
Fixes: Timeout
Fixes: 378231213/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVC1_fuzzer-6640960500465664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e7230bc503a1180e6eb76f956e9c6b61352936e4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=cda205835ff4c80fb4c858a2b9c20c9b208c6da9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 8 00:32:38 2024 +0100
tools/target_dec_fuzzer: Adjust Threshold for indeo5
Fixes: 379768251/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO5_fuzzer-5981329084186624
Fixes: Timeout
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 89efc6c97c4faf97dfed558b7bce2f64f8bd61e1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a58941bc1f925bd1aaf394180f4df427c7e003fa
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Dec 22 00:28:21 2024 +0100
avutil/timecode: Avoid fps overflow in av_timecode_get_smpte_from_framenum()
Fix from c94875471e3ba3dc396c6919ff3ec9b14539cd71
Found-by: Youngjae Choi <youngjaechoi at korea.ac.kr>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6ba33b50f51b17eef0449f20b3524f174dc9c3cc)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d6a82f3f4996a5df0be8f0f1d7b4ab796560431d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Aug 16 16:00:01 2024 +0200
avcodec/webp: Check ref_x/y
Fixes: 70991/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WEBP_fuzzer-5544067620995072
Fixes: use of uninintailized value
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7c1e732ad2e240af5afe9ffea443c91bb233aa65)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6143f633f741b675df6a5d3baa6445317ab55e0d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Sep 23 19:57:28 2024 +0200
avcodec/ilbcdec: Initialize tempbuff2
Fixes: Use of uninitialized value
Fixes: 71350/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ILBC_fuzzer-6322020827070464
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4482218440534804d067de00ee1a4bc493c8b41d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=06d71cd465b01af28ad6d246a104667d87c94f3b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Sep 23 20:55:17 2024 +0200
avformat/qcp: Check for read failure in header
Fixes: Use of uninitialized value
Fixes: 71551/clusterfuzz-testcase-minimized-ffmpeg_dem_QCP_fuzzer-4647386712965120
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f52b9d05837c23b0c55013551bc28dce4922de0b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f4d37b1a60dee0c82f6a342547544b08221bc0b3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Sep 23 20:52:02 2024 +0200
avcodec/eatgq: Check bytestream2_get_buffer() for failure
Fixes: Use of uninitialized memory
Fixes: 71546/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EATGQ_fuzzer-5607656650244096
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4949e34d96cc751aedaace02123c2fb02b5ac174)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=690d4bb8cb7c19ed13bd28ac0deecfdeccf5687f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Oct 19 01:15:53 2024 +0200
avformat/dxa: check bpc
Fixes: integer overflow: -2147483648 - 1 cannot be represented in type 'int'
Fixes: 373971762/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-4880491112103936
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7e020f21413269418180eea7933a94ecb6bf2ef8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d60d2313dadb79aa39f1eacf21b6862aef1ca841
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Oct 19 00:08:03 2024 +0200
swscale/slice: clear allocated memory in alloc_lines()
Fixes: use of uninitialized memory in hScale16To15_c()
Fixes: 373924007/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5841199968092160
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit aeec39f3c1be82863efe64ce95242de58e075e8f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=47b3b3079b509f8c63913602bbaddfec225eb4ec
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 18 03:22:27 2024 +0100
avcodec/h2645_parse: Ignore NAL with nuh_layer_id == 63
Comply with "For purposes other than determining the amount of data in the decoding units
of the bitstream, decoders shall ignore all data that follow the value 63 for nuh_layer_id in a NAL unit"
Rec. ITU-T H.265 v8 (08/2021) Page 67
Fixes: index 63 out of bounds for type 'const int8_t[63]' (aka 'const signed char[63]')
Fixes: clusterfuzz-testcase-fuzzer_loadfile-5109286752026624
Reported-by: Kacper Michajlow <kasper93 at gmail.com>
Found-by: ossfuzz
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 360e7cafd0e65fdf4b186c95e2517a94b9f3fa4f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=47f88bf02a00acc9c34561c1144ab5d788f1d521
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Nov 29 02:28:18 2024 +0100
avformat/iamf_parse: reject ambisonics mode > 1
ambisonics mode > 1 does not initialize any layer but layer 0
is unconditionally dereferenced
Fixes: poc-2024-11
Fixes: null pointer dereference
Found-by: 苏童 <220235212 at seu.edu.cn>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8334cae2654a266adda6241cc30de2ffe239474c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Nov 18 23:55:05 2024 +0100
avcodec/mjpegdec: Disallow progressive bayer images
Fixes: Null pointer dereference
Fixes: sample1.dng
Found-by: South East <8billion.people at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6d8285633d8965658dfa6cd0b201cca36184c467)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=041084f753c7296004986509d1f5ff291f2991b6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Nov 3 11:07:27 2024 +0100
avformat/icodec: fix integer overflow with nb_pal
Fixes: runtime error: signed integer overflow
Fixes: 42536949/clusterfuzz-testcase-minimized-fuzzer_loadfile-6199846684393472
Found-by: ossfuzz
Reported-by: Kacper Michajlow
Tested-by: Kacper Michajlow
Reviewed-by: Peter Ross <pross at xvid.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 84569b6c22cb4eda9c682aabeb5f658112126780)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=69c4c8543279f167838189ccf0d9c82e13becebd
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 16 21:32:53 2024 +0100
doc/developer: Document relationship between git accounts and MAINTAINERS
This should have been documented long ago and i thought it was
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7051825b0171bd5d566c5a5cc78852c5f3aa3072)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2c07fa346f157bc58fc467caeed055de2fe3ab07
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Nov 19 23:18:31 2024 +0100
doc/infra: Document trac backup system
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit edc4855f7710c4563e7cd5773598f8341f64e019)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=68c41b95e03925e7bab2a9da0b95ccb2cf8f25d6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Nov 13 19:28:15 2024 +0100
doc/infra: Document gitolite
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 07904231cb9730e09e2b7948e3977e7c2eafbb10)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8dfb82b7327e3fe04d161f629847c890088dbc02
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Nov 3 20:54:29 2024 +0100
avformat/vividas: Check avio_read() for failure
Fixes: use of uninitialized value (untested)
Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5505802505355264
Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 96d45c3b212689f82bff2530c3637405df9e9369)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=9078f0f524af18457ee761beea2a0c241927bb88
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Nov 3 20:47:07 2024 +0100
avformat/ilbc: Check avio_read() for failure
Fixes: use of uninitialized value
Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_protocol_memory-6656646223298560-cut
Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e30d957a9bacf7f7307c640aa0bd1e70cb3bbe7e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3cead954c89a258d0e68c5a325c0f0a516dc943f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Nov 3 20:43:21 2024 +0100
avformat/nistspheredec: Clear buffer
Fixes: use-of-uninitialized-value
Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_protocol_memory-6515855798632448-cut
Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 898f6582eb51bf77b1f88e8f55eab67ee6ee13b8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=aa9e07461cac3c4ada17784013e2b3164d9f205b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Nov 3 20:18:36 2024 +0100
avformat/mccdec: Initialize and check rate.den
Fixes: Assertion c > 0 failed at libavutil/mathematics.c:61
Fixes: use-of-uninitialized-value
Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_protocol_memory-5939605805793280
Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bf8e43083f68c383b9d905d2c8c791ac33ecc7bc)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4310bcb07db0b646a50b9728b9e48ff45a03c2f4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Nov 3 20:08:07 2024 +0100
avformat/rpl: check channels
Fixes: 42537199/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5447162658357248
Fixes: runtime error: signed integer overflow: -3330498059201358222 * 4 cannot be represented in type 'int64_t' (aka 'long')
Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit beca13a42e9fb5341e8bd6356fd7d9c2d18aac9b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3c53b9ff3e76b9bc259a493f604c5d684a4e57f6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Nov 2 18:23:50 2024 +0100
INSTALL: explain the circular dependency issue and solution
Sponsored-by: Sovereign Tech Fund
Reviewed-by: James Almer <jamrial at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit df00705e0010cc2c53d17d51944f847c2c852189)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=483b77b03852eb77e5af588ec2100d0e350f3528
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Oct 9 23:44:00 2024 +0200
avformat/mpegts: Initialize predefined_SLConfigDescriptor_seen
Fixes: use of uninitialized variable
Fixes: 368729566/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGTS_fuzzer-6044501804646400
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit db7b4fc89fb18d5ff0a1426bd433c234555a3fff)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=351392460a02e2e674a7af1459a6d9373b8a100a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Oct 9 20:47:34 2024 +0200
avformat/mxfdec: Fix overflow in midpoint computation
Fixes: signed integer overflow: 4611686016549392399 + 9223372033098784800 cannot be represented in type 'long long'
Fixes: 368503277/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5928227458056192
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 23088a5ff2b549fa4fc037bb9ed833fffbc89ca0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b5cb8e4951ddef0dff7755453383cc3628d72a6f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Oct 9 20:39:07 2024 +0200
swscale/output: used unsigned for bit accumulation
Fixes: Integer overflow
Fixes: 368725672/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5009093023563776
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3fe3014405494503a03c2e6eff4743db91a21c00)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c530cff25d29c9ebb93f4b06ee6b4e8f26ad2464
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Oct 16 14:39:20 2024 +0200
avcodec/rangecoder: only perform renorm check/loop for callers that need it
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit d147b3d7ecba2bd40cb45284f920238da97a95ee)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a770e544a2d0d786877506344ebabcce939a2d3c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Oct 10 20:39:23 2024 +0200
avcodec/ffv1dec: Fix end computation with ec=2
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 10e5af15bf220d9da128ca12d2d474ff6ab0076e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5a988a5fede904af3580ba65c18ecfc1d39142c7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Oct 1 22:06:40 2024 +0200
avcodec/ffv1enc: Prevent generation of files with broken slices
Fixes: Ticket5548
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b7ff66a35804275b25c1176cad560540785e8750)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=64cd344fbecbcc817a3fe4fbd4e44f87a803878f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jul 28 22:08:23 2024 +0200
avformat/matroskadec: Check desc_bytes so bits fit in 64bit
Likely a tighter check can be done
Fixes: signed integer overflow: 3305606804154370442 * 8 cannot be represented in type 'long'
Fixes: 70449/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-4771166007918592
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c4122406f6d2726aea833480a2a8e345833dd881)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=16127ebb9fcd3aef5fa4c23ada6f6dc5b800d27e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Jul 28 20:53:49 2024 +0200
avformat/mov: Avoid overflow in dts
This basically ignores the overflow without undefined behavior, alternatively we could detect and error out
Fixes: signed integer overflow: 6310596683470275584 + 7660622966157213696 cannot be represented in type 'long'
Fixes: 70433/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5483347233538048
Fixes: 369662284/clusterfuzz-testcase-minimized-media_metadata_parser_fuzzer-5327368763670528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 057b8c2066da3554072565744f4f00435cc3342b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=24e1f327a591004c15dfe01a050a310b2927b5ae
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Oct 1 22:04:58 2024 +0200
avcodec/ffv1enc: Correct error message about unsupported version
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 556c767786e9e3c072f7666d60a68a31a3400438)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=654d329fcb80e591408c97a991cfcfc9dab15053
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Oct 6 22:23:33 2023 +0200
avcodec/ffv1enc: Slice combination is unsupported
We always write minimal slices, the size calculation is wrong in some
corner cases but as its always 1x1 (minus1) we can for now just hard-code it
This helps with ticket 5548
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7d514655bfa47c6e5cc1b81fbba8e750e368036e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=27ed6de46dcee791ddc206aa2c243125589e937f
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Sep 30 23:42:50 2024 +0200
avcodec/ffv1enc: 2Pass mode is not possible with golomb coding
"Fixes" Ticket7063
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 417b163c00555ccda201a963e797bfa663a26ff5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5585e331816650ec86b3931651134a537a6d402b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Sep 24 23:43:09 2024 +0200
avcodec/ffv1enc: Fix >8bit context size
Fixes: Ticket5405
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a9c83e43f2fc9128e20851291b0270add1a6b95f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ad989ae50bfca49ca977dfd025442a3c7e0987d5
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Sep 22 23:15:35 2024 +0200
avcodec/xan: Add basic input size check
Fixes: Timeout
Fixes: 71739/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XAN_WC3_fuzzer-6170301405134848
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpe
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 56bef2fd58d0ed30dbe940083c30ada2b0404491)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=6f395fba57201a1d73fbd0f012dc2e2db3c417aa
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Sep 22 22:47:03 2024 +0200
avcodec/imm4: Check input size
Fixes: Timeout
Fixes: 71324/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IMM4_fuzzer-5388489435185152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8367d7e184562f8b9f410c0f325596f7e041884f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0f0645381b954585f21326f97765f00e8f4b0aad
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Sep 22 20:31:58 2024 +0200
avcodec/svq3: Check for minimum size input
Fixes: Timeout
Fixes: 71295/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SVQ3_fuzzer-4999941125111808
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 050b5e85cbe61414ba9b78f76a04b2488e816f42)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f8b1d416e3b695b72bd25c1620016c08aa3b4561
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 19 23:57:31 2024 +0200
avcodec/eacmv: Check input size for intra frames
Fixes: Timeout
Fixes: 71135/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EACMV_fuzzer-6251879028293632
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c3a1cbbf5d99337b5e99260eb95c84e65c7587f6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0b5bfff1c09e73ed378ba41e683bd7aa25d702a9
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 19 23:41:39 2024 +0200
tools/target_dec_fuzzer: Adapt threshold for RASC
Fixes: Timeout
Fixes: 71108/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RASC_fuzzer-4799330484027392
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9a823fbcfae33c8022086cbdea94e8e6d7b32ec1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d4bdaa24ea6dfa4a196aefbe6b9fcf556c97c20a
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 19 23:33:49 2024 +0200
avcodec/encode: Check bitrate
Fixes: -1.80923e+19 is outside the range of representable values of type 'long'
Fixes: 71103/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-6542773681979392
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 74385dd496bdcda9a6e029fabf4946f2234a0d13)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ab1b1ef730569d8916d415b4014e94f4cd0c84d8
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 19 22:32:36 2024 +0200
avcodec/cbs_h266_syntax_template: Check bit depth with range extension
Fixes: shift exponent 62 is too large for 32-bit type 'int'
Fixes: 71020/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VVC_fuzzer-6444916325023744
Fixes: 71285/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VVC_fuzzer-4761971281428480
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 9d25b9665edb45c31ad6dda9612fd6e63fc289f3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=b67e271bed0ca8fc610d94d25da9d7b487761ba0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 19 22:03:37 2024 +0200
avcodec/osq: use unsigned for decorrelation
Fixes: signed integer overflow: 1205469696 + 1901074655 cannot be represented in type 'int'
Fixes: 70773/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OSQ_fuzzer-5419594888577024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e9f588af9530e5e6f9422ffa0d8e8dc8f80a2ae1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=44bf027a3f97b099a13a101b3318191de134bdec
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 19 21:57:09 2024 +0200
avcodec/jfdctint_template: use unsigned z* in row_fdct()
Fixes: signed integer overflow: 856827136 + 2123580416 cannot be represented in type 'int'
Fixes: 70772/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_KS_fuzzer-5180569961431040
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f27c8b04d3059fa538db8f2db6503cbb586eb3ad)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5ea1ae9385259fb61bf7f44ba951b1e9aeb619f1
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 19 19:56:48 2024 +0200
avformat/asf: Check picsize
Fixes: signed integer overflow: 1073750247 * 2 cannot be represented in type 'int'
Fixes: 70722/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_O_fuzzer-5447231587549184
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit fde8637fda8e5ac4ccfa4b137a7467e16cd631b6)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=af50c43d82d708d450271b681bf5ab093269a7c2
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 19 19:43:03 2024 +0200
avcodec/osq: Treat sum = 0 as k = 0
We have no valid sample that triggers this so we do not know if this would decode
correctly, but -inf is not the correct k value
Fixes: Assertion n>=0 && n<=32 failed at libavcodec/get_bits.h:423
Fixes: -inf is outside the range of representable values of type 'int'
Fixes: 70709/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OSQ_fuzzer-6223623839350784
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
(cherry picked from commit ad35eaf848bb605d9b2b3a638265ac9d385878e3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c3d84bdcbf8bf1e5c8a773b00016ff7cb13c3b76
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 12 22:05:24 2024 +0200
avformat/mxfdec: Check timecode for overflow
Fixes: signed integer overflow: 9223372036840103968 + 538976288 cannot be represented in type 'long'
Fixes: 70604/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4844090340999168
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6be3786c828edfd60d810c98a42a43eeac4f050c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c709d551d6ca9633fd80bcc3159c4bb49a2f38d7
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 12 22:29:04 2024 +0200
avformat/mxfdec: More offset_temp checks
Fixes: signed integer overflow: 9223372036854775807 - -1927491430256034080 cannot be represented in type 'long'
Fixes: 70607/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5282235077951488
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <git at haerdin.se>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5a96aa435af0d66bdec52ee115cf4dd971855fcd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=73475dfa8d9a7ce1adf35c0c5b6faf7b08aa3e97
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 12 22:57:44 2024 +0200
avformat/flvdec: Free metaVideoColor
Fixes: memeleak
Fixes: 70659/clusterfuzz-testcase-minimized-ffmpeg_dem_KUX_fuzzer-4539872627458048
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Steven Liu <lingjiujianke at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 176db9db6e23f3299da379060adc89e4abc980b9)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=8840b815359360e4afade2e26c812e2a36330bf3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 12 22:51:53 2024 +0200
swscale/output: Fix undefined integer overflow in yuv2rgba64_2_c_template()
Fixes: signed integer overflow: -1082982400 + -1083218484 cannot be represented in type 'int'
Fixes: 70657/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-6707819712675840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit bd80c97391969f9dbb312d6c498211ad85bb67cb)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d300b23bad12c1a874c9383cdccaf3440d98dba0
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 12 20:08:42 2024 +0200
swscale/swscale: Use unsigned operation to avoid undefined behavior
I have not checked that the constant is correct, this just fixes the undefined behavior
Fixes: signed integer overflow: -646656 * 3517 cannot be represented in type 'int
Fixes: 70559/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5209368631508992
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 44c5641ae82387fcfce94820f5b53ce8e9dcd27f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=748e8c6afa0e1e86bfe871536504cbe850053dde
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Sep 12 20:03:55 2024 +0200
avcodec/vc2enc: basic sanity check on slice_max_bytes
Fixes: left shift of 896021632 by 3 places cannot be represented in type 'int'
Fixes: 70544/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC2_fuzzer-6685593652756480
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6df9a0292ca6c29ef3b220fbf9b257924cabf035)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bd29e0ca59394c88ba27ab9d04c6135f38dee2e4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Aug 15 00:37:05 2024 +0200
avformat/mvdec: Check if name was fully read
Fixes: use of uninitialized value
Fixes: 70901/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-6341913949569024
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4e39795c75e664ef06f17473adec8c75fcf9de6f)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=45c9900a9f675352f62027ff3d27783ca5b55787
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Aug 15 00:37:04 2024 +0200
avcodec/wmavoice: Do not use uninitialized pitch[0]
Fixes: use of uninitialized value
Fixes: 70850/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-4806127362048000
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 53387079301690f1bd38b97fdf31d63194201d17)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7289a09477f7f00fb57ce4ce9754e0166d5374c2
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Aug 19 22:17:48 2024 +0200
avformat/argo_brp: Check that ASF chunk header is completely read
Fixes: Use of uninitialized value
Fixes: 71280/clusterfuzz-testcase-minimized-ffmpeg_dem_ARGO_BRP_fuzzer-4692991866896384
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 815d00868101956e2f1f9f8dd509c11af5a63684)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d349ad7bb698d8d41e44e643cefcd6241ca0850d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Aug 19 20:37:56 2024 +0200
avcodec/notchlc: Check bytes left before reading
Fixes: Use of uninitialized value
Fixes: 71230/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NOTCHLC_fuzzer-4624502095413248
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b9c7f50c7de9b7d8c533eae173c9b77a6719346c)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f2d7b8089f453189ea79de6c645741b5494fdc04
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Aug 19 20:02:41 2024 +0200
avcodec/vc1_block: propagate error codes
Fixes: use of uninitialized value
Fixes: 71228/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-6188476880453632
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 01910ca6037379804572c5ec9bbd0b94e7e4b83e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d649d42a2c52b4934fd8c7b263819d235422f219
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Aug 19 17:02:12 2024 +0200
avformat/apetag: Check APETAGEX
Fixes: Use of uninitialized value
Fixes: 71074/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5697034877730816
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 796ff2d599449ed798b69ab798ebcbcc0a5853f5)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5742fce47afa94e3fef266af0b9d747910af7336
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Aug 19 16:25:27 2024 +0200
avcodec/magicyuvenc: better slice height
Fixes: Use of uninitialized value
Fixes: 71072/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MAGICYUV_fuzzer-4835252046987264
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b08776e3ae9a5315c19e8619ca71921006c1abe1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=24396a0caf27a27c22a4f82e4fc6a367ac2ae487
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Aug 17 01:11:50 2024 +0200
avcodec/avcodec: Warn about data returned from get_buffer*()
Text based on suggestion by: epirat07 at gmail.com
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 93444c46fce195e378c4ebb1a20ea662e7f0123b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=470718d8cb9e290f1b102afa36d378de5c650217
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Aug 3 18:35:48 2024 +0200
avformat/av1dec: Better fix for 70872/clusterfuzz-testcase-minimized-ffmpeg_dem_OBU_fuzzer-6005782487826432
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 7ad937f0c8cb9f120c50f3e792a699076923768e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d8be286c006e864289120682e9ef4c4e0c47a3ea
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Aug 14 18:46:10 2024 +0200
avcodec/apac: Fix discards ‘const’ qualifier
Found-by: courmisch
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 45ee6b1e3d4f762e372e09505c9c8ca37c1321a0)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=677e7cd8147fb3f9951aabd27a1e68885f79dc2d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 4 22:32:31 2024 +0200
avcodec/alsdec: clear last_acf_mantissa
Fixes: use-of-uninitialized-value
Fixes: 70869/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5476567461986304
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit db843c8910781eb72a4658780283ef4e2da4591d)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=01c406b1d6aefb567288b1a4e478ace3fcafa38b
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 4 22:30:03 2024 +0200
avcodec/aic: Clear slice_data
Fixes: use-of-uninitialized-value
Fixes: 70865/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AIC_fuzzer-4874102695854080
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit de3f6c8888bcf3df4ca6cb265a83507b95c884cd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=2909f4235126bd5dee78217b3fe10a62da7c9b5c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 4 22:15:08 2024 +0200
avcodec/vc1dec: Clear mb_type_base and ttblk_base
Fixes: two use-of-uninitialized-value
Fixes: 70856/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5539349918187520
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 50471f96c4a68874575ab21f799c5999ed920838)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=87de55344c101081b99f03de22bd4e3a3cd608b4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 4 22:10:48 2024 +0200
avcodec/shorten: clear padding
Fixes: use-of-uninitialized-value
Fixes: 70854/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5533480570650624
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e44349ee88418ac16051bbc9231c1bfdc25d3504)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d4394c8dce0dcf5f7d67fff0eab29af3f6bdcc40
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 4 21:27:44 2024 +0200
avformat/mpeg: Check an avio_read() for failure
Fixes: use-of-uninitialized-value
Fixes: 70849/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGPS_fuzzer-4684401009557504
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 66ee75d76ce56a3553a99d67e74b8a9970c18f5b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d9e078dcd7fe0dd4563dd240499aba0f99e0448d
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 4 21:20:55 2024 +0200
avcodec/apac: Clean padding space
Fixes: use-of-uninitialized-value
Fixes: 70842/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APAC_fuzzer-5758325067677696
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 8ca072a373f5e2b6689a8649c79a03d12db5eb0b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4926619103ab34d5a5ffada991b50b81370f6d0e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Aug 3 19:11:33 2024 +0200
avcodec/mvha: Clear remaining space after inflate()
Fixes: use-of-uninitialized-value
Fixes: 70838/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVHA_fuzzer-4878509466517504
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit cba4e2e40dec1ff2ce534fec87c7e3e8bef7ff9b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=68a8dc4dd79b9d299158fdaaa2c647d27766c2dc
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Aug 3 13:30:28 2024 +0200
bsf/media100_to_mjpegb: Clear output buffer padding
Fixes: use-of-uninitialized-value
Fixes: 70855/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MEDIA100_fuzzer-5537446610141184
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a0f22218f74e3af73492e05e6696546b0da8d40e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c419b928cdc4f422179683cd9d94af8b09338a07
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Jul 16 23:19:58 2024 +0200
avformat/iamfdec: Check nb_layers before dereferencing layer
Fixes: dereferencing pointers near NULL
Fixes: 70432/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5255672845893632
Fixes: 70877/clusterfuzz-testcase-minimized-ffmpeg_dem_IAMF_fuzzer-5348547432611840
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit d7f83fc2f423863b78c140ba23b5d28058a59f45)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a6d7abc88b81319c626a05bfad69386aad25da40
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Aug 6 18:18:15 2024 +0200
avformat/av1dec: Check bits left before get_leb128()
Fixes: use of uninitialized value
Fixes: 70872/clusterfuzz-testcase-minimized-ffmpeg_dem_OBU_fuzzer-6005782487826432
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 6996e1238e80b23caf05428dcbdd065fbd70ff10)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=29fc028ae2b697656d644d20a05aa333caaba3ad
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Tue Aug 6 18:02:58 2024 +0200
avformat/segafilm: Set keyframe
Fixes: use of uninitialized value
Fixes: 70871/clusterfuzz-testcase-minimized-ffmpeg_dem_SEGAFILM_fuzzer-5883617752973312
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 4dc7dfe65aaa21801a907c66592b92b05da921dc)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=53c666d17ed60d2009ffbc8d648e80ebf03a5cd3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Aug 12 18:20:33 2024 +0200
avcodec/sga: av_assert1 check init_get_bits8()
Related: CID1473562 Unchecked return value
Related: CID1473592 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 0f4524f07a93bf9061f9034ffa510d4bf9b582e8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5a0393bf01176e740a1688f9e42cb93e4e8e78b6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon Aug 12 15:23:56 2024 +0200
tools/target_dec_fuzzer: Check that FFv1 doesnt leave uninitialized memory in its buffers
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e40b23c52abe3356effa552549b2e989708a6e70)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=21ef3948a5b650e522a8c4e2a19d146b6f1638b3
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Mon May 27 01:24:09 2024 +0200
avdevice/dshow: Initialize 2 pointers
Coverity claims these are used uninitilaized in CID1598561 Uninitialized pointer write and CID1598565 Uninitialized pointer write
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 43cde54fc14bc4644374b4736b2b7fff05359171)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=02231d401249aa75a4264c1cff987edc1945f059
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 26 22:33:11 2024 +0200
avcodec/dxva2: initialize hr in ff_dxva2_common_end_frame()
Related: CID1591924 Uninitialized scalar variable
Related: CID1591938 Uninitialized scalar variable
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1d6a2aebae202652feb5964a2d62bdba4e5cc6e4)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c15df4daca4d181c34fed74866d6a0a597cea147
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 26 22:28:04 2024 +0200
avcodec/dxva2: initialize validate
Related: CID1591915 Uninitialized scalar variable
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2232c4cc8c3d64dec4e4399b58e057f5dbb9ff98)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=32dd9118c74fe4d5397a320d685994d74ceecd68
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 26 22:23:16 2024 +0200
avcodec/dxva2: Initialize ConfigBitstreamRaw
Related: CID1591894 Uninitialized scalar variable
Related: CID1591906 Uninitialized scalar variable
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 489c05b9c3ea7d856b7a81abce247721b3b3d6e8)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bd1b5e7b58ca2ef586a724acdc90507ab3f21025
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun May 26 22:13:28 2024 +0200
avcodec/dxva2: Initialize dxva_size and check it
Related: CID1591878 Uninitialized scalar variable
Related: CID1591928 Uninitialized pointer read
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c8c59e99295f9ef572b5d6f0fd9075bb2b79acbd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=bbba5e041c6e520c8f0ac68e311d92923a5820a4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jul 11 00:17:39 2024 +0200
avfilter/vf_xfade: Compute w2, h2 with float
Fixes: CID1458148 Result is not floating-point
Fixes: CID1458149 Result is not floating-point
Fixes: CID1458150 Result is not floating-point
Fixes: CID1458151 Result is not floating-point
Fixes: CID1458152 Result is not floating-point
Fixes: CID1458154 Result is not floating-point
Fixes: CID1458155 Result is not floating-point
Fixes: CID1458156 Result is not floating-point
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit b98125e5a52c2f96dc02380f8f7e3bb16752765b)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=069bf0efff20c5faa6331e453ad8006ac8e35526
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Thu Jul 11 00:10:45 2024 +0200
avfilter/vf_v360: Assert that vf was initialized
Maybe helps: CID1504571 Uninitialized scalar variable
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f802d65de0fe419563705a6846a73b77b020ef14)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=11037bdec0943bceff51da13f78f6681119e9e07
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Jul 10 23:47:46 2024 +0200
avfilter/vf_tonemap_opencl: Dereference after NULL check
Fixes: CID1437472 Dereference before null check
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit e5c0f56ca09b4cb4ea87a61547218f9c818b52d7)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=53ac4363757499aa41e27a5a98b5b5e831c130df
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jul 12 22:16:13 2024 +0200
avfilter/af_surround: Check output format
Fixes: CID1516994 Out-of-bounds access
Fixes: CID1516996 Out-of-bounds access
Fixes: CID1516999 Out-of-bounds access
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 22ee55a1da8218fb00c536723d488b7ca9344bd3)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d392adb19a41a10cc6b979cd55453271adfa5973
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Fri Jul 12 00:28:14 2024 +0200
avfilter/vf_xfade_opencl: Check ff_inlink_consume_frame() for failure
Fixes: CID1458127 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 43b62b7e0c85c0a1038ac2bc90ae06597e3ef706)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=dd1058a7b4673b6be54b54bff1baa109a183e34e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Jul 13 09:16:48 2024 +0200
avformat/lmlm4: Eliminate some AVERROR(EIO)
Found by code review related to CID732224 Overflowed constant
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 191a685010319cb0d248771574c7c61d76e4eb95)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0a10ae25bac178e73b5e183eac1bcfcfec629a3e
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Aug 7 00:18:52 2024 +0200
tools/target_dec_fuzzer: Use av_buffer_allocz() to avoid missing slices to have unpredictable content
This matches production code which also zeros these buffers
Fixes: use of uninitialized values
Fixes: 70885/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VP6F_fuzzer-4610946029387776 (and likely others)
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 1b8d95da3a4a5c9441238928a36b653da693c286)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d4d154f7149713c6034c5ee806b2a5c240eef5d6
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Aug 7 00:18:53 2024 +0200
avformat/wtvdec: Check length of read mpeg2_descriptor
Fixes: Use of uninitialized value
Fixes: 70900/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-6286909377150976
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross at xvid.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c390234da2e3c7a8884f5592f0b9b4928c482b3e)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=7b942f342f93c557bc350a8a8b6dfe74d0475652
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Wed Aug 7 00:18:51 2024 +0200
avformat/wtvdec: clear sectors
The code can leave uninitialized holes in the array.
Fixes: use of uninitialized values
Fixes: 70883/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-6698694567591936
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross at xvid.org>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit c95ea0310468e0a0906fa7d590ff7406c39d6991)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=be882efb533c3e4dac87d297818613d13d990d16
Author: Kacper Michajłow <kasper93 at gmail.com>
Date: Thu Jun 27 02:40:35 2024 +0200
avcodec/parser: ensure input padding is zeroed
Fixes use of uninitialized value, reported by MSAN.
Found by OSS-Fuzz.
Signed-off-by: Kacper Michajłow <kasper93 at gmail.com>
Fixes: 70852/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5179190066872320
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 5dfc0cc84129758b4eab2acdc3e186c3116deacd)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=24c9ecad42467c767e71f169e158819c2ec07a64
Author: Kacper Michajłow <kasper93 at gmail.com>
Date: Thu Jun 27 02:40:37 2024 +0200
avformat/jpegxl_anim_dec: ensure input padding is zeroed
Fixes use of uninitialized value, reported by MSAN.
Found by OSS-Fuzz.
Signed-off-by: Kacper Michajłow <kasper93 at gmail.com>
Fixes: 70837/clusterfuzz-testcase-minimized-ffmpeg_dem_JPEGXL_ANIM_fuzzer-5089407768526848
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 2b5f000d3f6f9e737e918a5438e6c881f65e70e2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=13ca705eebb47b81c17b3cd224e36493e5eba6a4
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sun Aug 4 22:00:35 2024 +0200
avformat/img2dec: Clear padding data after EOF
Fixes: use-of-uninitialized-value
Fixes: 70852/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5179190066872320
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Kacper Michajlow <kasper93 at gmail.com>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 3978e81809a3daf278199849f7bbeacbffb9fa09)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
URL: http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=aaaf20a11fbea83718b9a6c5ce20fc15c203784c
Author: Michael Niedermayer <michael at niedermayer.cc>
Date: Sat Aug 3 19:45:15 2024 +0200
avformat/wavdec: Check if there are 16 bytes before testing them
Fixes: use-of-uninitialized-value
Fixes: 70839/clusterfuzz-testcase-minimized-ffmpeg_dem_W64_fuzzer-5212907590189056
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit 79a1cf30d1289f90da682263ba160f6e4a5a7bf1)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
More information about the ffmpeg-cvslog
mailing list