- 07 Oct, 2018 20 commits
-
-
Michael Niedermayer authored
Fixes: dash-crash-da39a3ee5e6b4b0d3255bfef95601890afd80709.xml Found-by:
Paul Ch <paulcher@icloud.com> Reviewed-by:
Steven Liu <lq@chinaffmpeg.org> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 46753bfd) Signed-off-by:
-
Michael Niedermayer authored
Fixes: infinite loop Fixes: mlv-timeout-e3b8cab9835edecad6823baa057e029671329d04 Found-by:
Paul B Mahol <onemda@gmail.com> Signed-off-by:
-
Michael Niedermayer authored
Fixes: long running loop Fixes: ivr-timeout-42468cb797f52f025fb329394702f5d4d64322d6 Found-by:
-
Michael Niedermayer authored
Fixes: Timeout Fixes: 9342/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-4795990841229312 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: left shift of 1 by 31 places cannot be represented in type 'int' Fixes: 9480/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-6647324284551168 -rss_limit_mb=2000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Fixes: signed integer overflow: -540538872 + -2012739576 cannot be represented in type 'int' Fixes: 9255/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5758630052757504 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Fixes: Timeout Fixes: 9252/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5780720709533696 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Possibly fixes: null pointer dereference Possibly fixes: 9352/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MP3ADUFLOAT_fuzzer-5146068961460224 Fixes: Heap-use-after-free Fixes: 9453/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MP3ADUFLOAT_fuzzer-5137954375729152 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Fixes: signed integer overflow: -1813244069 + -1407981383 cannot be represented in type 'int' Fixes: 8823/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5643295618236416 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Fixes: Assertion failure Fixes: assert_flvenc.c:941_1.swf Found-by:
#CHEN HONGXU# <HCHEN017@e.ntu.edu.sg> Signed-off-by:
-
Nikolas Bowe authored
Fixes some SVQ3 encoded files which fail to decode correctly after 6d6faa2a. These files exhibit lots of artifacts and logs show "Media key encryption is not implemented". However they decode without artifacts before 6d6faa2a. The attatched patch allows these files to successfully decode, but also reject media key files. Tested on the files in #6094 and http://samples.mplayerhq.hu/V-codecs/SVQ3/Vertical400kbit.sorenson3.movSigned-off-by:
-
Michael Niedermayer authored
Fixes: undefined shift Fixes: 9216/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEHD_fuzzer-6281404575907840 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Fixes: Timeout Fixes: 9213/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QTRLE_fuzzer-5649753332252672 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Fixes: signed integer overflow: 8 * 340018243 cannot be represented in type 'int' Fixes: 9441/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5194665207791616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Fixes: signed integer overflow: 88 * 33685506 cannot be represented in type 'int' Fixes: 9433/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5725943535501312 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
avcodec/diracdec: Change frame_number to 64bit as its a 32bit from the bitstream and we also have a -1 special case Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' Fixes: 9291/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6324345860259840 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' Fixes: 8926/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6047609228623872 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Fixes: signed integer overflow: -393471 * 5460 cannot be represented in type 'int' Fixes: 8890/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-6299775379963904 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Found-by:
Marcin Gorzel <gorzel@google.com> Reviewed-by:
-
Michael Niedermayer authored
Signed-off-by:
-
- 02 Sep, 2018 1 commit
-
-
Nicolas George authored
Fix trac ticket #7387.
-
- 14 Aug, 2018 1 commit
-
-
Thilo Borgmann authored
Signed-off-by:
Aman Gupta <aman@tmm1.net> (cherry picked from commit 72d9b8f4)
-
- 03 Aug, 2018 1 commit
-
-
Aman Gupta authored
This code came originally from gstreamer, where it was added in [1] as a work-around for the Tegra 3. (The alignment was changed in [2] as a response to [3], from 32-bit to 16-bit). gstreamer only used this workaround in the case where the decoder didn't return a slice-height property, but when the code was copied into avcodec the conditional got lost. This commit restores the guard and prefers the slice-height from the decoder when it is available. This fixes segfaults decoding 1920x1080 h264 and mpeg2 videos on the NVidia SHIELD after upgrading to Android Oreo. [1] https://github.com/GStreamer/gst-plugins-bad/commit/a870e6a5c30dd85240fe75c7409cc1cf1b86541d [2] https://github.com/GStreamer/gst-plugins-bad/commit/21ff3ae0b0127bd82951d278ca24f2d54133b7cd [3] https://bugzilla.gnome.org/show_bug.cgi?id=748867Signed-off-by:
-
- 29 Jul, 2018 1 commit
-
-
James Almer authored
Fixes crashes like "ffmpeg -h bsf" caused by passing NULL to strcmp() Signed-off-by:
James Almer <jamrial@gmail.com> (cherry picked from commit 3258cc65)
-
- 27 Jul, 2018 1 commit
-
-
Timo Rothenpieler authored
Ticket #7052
-
- 19 Jul, 2018 1 commit
-
-
Thomas Guillem authored
On macOS, a zero rc_max_rate cause an error from VTSessionSetProperty(kVTCompressionPropertyKey_DataRateLimits). on iOS (depending on device/version), a zero rc_max_rate cause invalid arguments from the vtenc_output_callback after few frames and then a crash within the VideoToolbox library. Signed-off-by:
-
- 18 Jul, 2018 1 commit
-
-
Michael Niedermayer authored
Signed-off-by:
-
- 16 Jul, 2018 13 commits
-
-
Michael Niedermayer authored
Fixes: out of array read Fixes: 9350/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DVDSUB_fuzzer-5746777750765568 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
No testcase Signed-off-by:
-
Michael Niedermayer authored
Found-by: <jdarnley> Tested-by:
James Darnley <james.darnley@gmail.com> Signed-off-by:
-
Michael Niedermayer authored
Reviewed-by:
Derek Buitenhuis <derek.buitenhuis@gmail.com> Reviewed-by:
Sasi Inguva <isasi@google.com> Signed-off-by:
-
Michael Niedermayer authored
0.266 <- 0.299 sec (this is time ffmpeg so containing alot other things) Sample for benchmark was: ffmpeg -f rawvideo -pix_fmt yuv420p -s 32x32 -i /dev/zero -t 24:00:00.00 out.mp4 Reviewed-by:
-
Michael Niedermayer authored
Reviewed-by:
-
Michael Niedermayer authored
0.324 <-0.491 sec Reviewed-by:
-
Michael Niedermayer authored
The version 1 needs the channel count and would divide by 0 Fixes: division by 0 Fixes: fpe_movenc.c_1108_1.ogg Fixes: fpe_movenc.c_1108_2.ogg Fixes: fpe_movenc.c_1108_3.wav Found-by:
-
Rahul Chaudhry authored
Signed-off-by:
-
Michael Niedermayer authored
Fixes: division by 0 Fixes: fpe_movenc.c_199_1.wav Fixes: fpe_movenc.c_199_2.wav Fixes: fpe_movenc.c_199_3.wav Fixes: fpe_movenc.c_199_4.wav Fixes: fpe_movenc.c_199_5.wav Fixes: fpe_movenc.c_199_6.wav Fixes: fpe_movenc.c_199_7.wav Found-by:
-
Michael Niedermayer authored
Fixes: out of array access Fixes: 9225/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-5684770334834688 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
This is identical to what the VP9 parser does Fixes: 9215/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LIBVPX_VP8_fuzzer-5768227253649408 Fixes: out of memory access This may also fix oss fuzz issue 9212 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by:
-
Michael Niedermayer authored
Fixes: out of array read Fixes: mms-crash-01b6c5d85f9d9f40f4e879896103e9f5b222816a Found-by:
-
