Commit Graph

37155 Commits

Author SHA1 Message Date
Michael Niedermayer
01e5e97026 mjpegbdec: Fix incorrect bitstream buffer size.
Fixes CVE-2011-3947

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 23:56:09 +01:00
Paul B Mahol
dd453f197c r210, r10k and avrp encoder
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 23:40:06 +01:00
Michael Niedermayer
807a045ab7 kgv1dec: Increase offsets array size so it is large enough.
Fixes CVE-2011-3945

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 23:25:45 +01:00
Michael Niedermayer
2f3a86a761 doc/ffmpeg.texi
Merge changes from avconv.texi since the last merge into ffmpeg.texi

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 23:01:34 +01:00
Lou Logan
935c659c03 remove avconv from Doxyfile
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 22:47:45 +01:00
Michael Niedermayer
def678956a Remove avconv
All features have been merged into ffmpeg.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 22:46:37 +01:00
Michael Niedermayer
1285baaab5 smackerdec: Check that the last indexes are within the table.
Fixes CVE-2011-3944

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 22:32:11 +01:00
Michael Niedermayer
247d30a7db vp3: Copy all 3 frames for thread updates.
This fixes a double release of the current frame on deinit.
Fixes CVE-2011-3934

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 21:12:00 +01:00
Hendrik Leppkes
6071644287 indeo3: fix motion vector validation
The index of the motion vector has to be checked before being
multiplied by 2 for the array index.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 18:55:32 +01:00
Michael Niedermayer
5cb57a16ed dv: Fix null pointer dereference due to ach=0
Fixes part2 of CVE-2011-3929

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Reviewed-by: Roman Shaposhnik <roman@shaposhnik.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 16:41:27 +01:00
Michael Niedermayer
f9de136b17 dv: check stype
Fixes part1 of CVE-2011-3929
Possibly fixes part of CVE-2011-3936

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Reviewed-by: Roman Shaposhnik <roman@shaposhnik.org>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 16:41:26 +01:00
Nicolas George
4a68949cd8 lavfi: Makefile: cosmetics: align FFLIBS. 2012-01-25 16:12:52 +01:00
Michael Niedermayer
668494acd8 ffmpeg: add image size check to codec_get_buffer()
Fixes CVE-2011-3935

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 06:48:30 +01:00
Michael Niedermayer
28d634711b avidec: Fix regression with chunks that are larger than the file.
This commit makes the check specific to the case that needs it.

Regression was introduced by
commit 62adc60b97
Author: Michael Niedermayer <michaelni@gmx.at>
Date:   Fri Dec 16 06:13:04 2011 +0100

    avidec: Check that the header chunks fit in the available filesize.
    Fixes Ticket771
    Bug found by: Diana Elena Muscalu

    Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 06:48:30 +01:00
Michael Niedermayer
59e95fa4a8 h263dec: Disallow width/height changing with frame threads.
Fixes CVE-2011-3937

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 06:48:30 +01:00
Michael Niedermayer
5c011706bc nsvdec: Fix use of uninitialized streams.
Fixes CVE-2011-3940 (Out of bounds read resulting in out of bounds write)

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 06:48:30 +01:00
Carl Eugen Hoyos
7988dd1b9a Fix multi-channel encoding with libfaac. 2012-01-25 03:51:49 +01:00
Michael Niedermayer
749e5dc1fd buildsystem: 10l add v4l entry back
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 00:46:41 +01:00
Michael Niedermayer
2179b638e3 v4l: fix compilation
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-25 00:13:35 +01:00
Michael Niedermayer
1d9569f9e8 Merge remote-tracking branch 'qatar/master'
* qatar/master: (23 commits)
  aacenc: Fix identification padding when the bitstream is already aligned.
  aacenc: Write correct length for long identification strings.
  aud: remove unneeded field, audio_stream_index from context
  aud: fix time stamp calculation for ADPCM IMA WS
  aud: simplify header parsing
  aud: set pts_wrap_bits to 64.
  cosmetics: indentation
  aud: support Westwood SND1 audio in AUD files.
  adpcm_ima_ws: fix stereo decoding
  avcodec: add a new codec_id for CRYO APC IMA ADPCM.
  vqa: remove unused context fields, audio_samplerate and audio_bits
  vqa: clean up audio header parsing
  vqa: set time base to frame rate as coded in the header.
  vqa: set packet duration.
  vqa: use 1/sample_rate as the audio stream time base
  vqa: set stream start_time to 0.
  lavc: postpone the removal of AVCodecContext.request_channels.
  lavf: postpone removing av_close_input_file().
  lavc: postpone removing old audio encoding and decoding API
  avplay: remove the -er option.
  ...

Conflicts:
	Changelog
	libavcodec/version.h
	libavdevice/v4l.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-24 22:53:59 +01:00
Carl Eugen Hoyos
76c3e76eb3 Allow user to force reading mov alias from absolute path.
Based on a work-around by Alex Zhukov.

Fixes ticket #935
2012-01-24 22:39:54 +01:00
Alex Converse
efe68076da aacenc: Fix identification padding when the bitstream is already aligned. 2012-01-24 12:55:21 -08:00
Michael Niedermayer
cdfe94c5ab aacenc: Write correct length for long identification strings.
When the length is the escape value (15), the new length is calculated by
15 + get_bits(8) - 1.

Signed-off-by: Alex Converse <alex.converse@gmail.com>
2012-01-24 12:54:59 -08:00
Michael Niedermayer
c77be3a35a error concealment: initialize block index.
Fixes CVE-2011-3941 (out of bounds write)

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-24 21:08:41 +01:00
Justin Ruggles
b8dd555c63 aud: remove unneeded field, audio_stream_index from context
There is only one stream, so it will always be index 0.
This also allows for removal of the private context.
2012-01-24 14:13:47 -05:00
Justin Ruggles
be14a37066 aud: fix time stamp calculation for ADPCM IMA WS
also allows for removing some unused context fields
2012-01-24 14:13:47 -05:00
Justin Ruggles
10fef6bd6b aud: simplify header parsing
also allows for removing some unused context fields
2012-01-24 14:13:47 -05:00
Justin Ruggles
0e6a8b5cf7 aud: set pts_wrap_bits to 64.
Time stamps are not read from the bitstream, so no wrapping is needed.
2012-01-24 14:13:47 -05:00
Justin Ruggles
98c290cc08 cosmetics: indentation 2012-01-24 14:13:46 -05:00
Justin Ruggles
d481227c54 aud: support Westwood SND1 audio in AUD files.
Fixes decoding of the handful of "death scream" samples from
"Command and Conquer" that use SND1. e.g.
http://samples.libav.org/game-formats/westwood-aud/nuyell1.aud
http://samples.libav.org/game-formats/westwood-aud/nuyell7.aud
2012-01-24 14:13:46 -05:00
Justin Ruggles
02e7dbf5ad adpcm_ima_ws: fix stereo decoding
Stereo ADPCM IMA WS is planar for VQA version 3 and 2-sample interleaved for
VQA version 2.
2012-01-24 14:13:46 -05:00
Justin Ruggles
220506d23f avcodec: add a new codec_id for CRYO APC IMA ADPCM.
The stereo layout and extradata is significantly different from that in
Westwood IMA ADPCM, so a separate codec_id is warranted.
2012-01-24 14:13:41 -05:00
Justin Ruggles
4340a6363e vqa: remove unused context fields, audio_samplerate and audio_bits 2012-01-24 14:08:29 -05:00
Justin Ruggles
7e813d5933 vqa: clean up audio header parsing
Fix setting of bit_rate and bits_per_coded_sample.
Ask for sample for unsupported VQA versions.
2012-01-24 14:08:29 -05:00
Justin Ruggles
5b4c562897 vqa: set time base to frame rate as coded in the header.
According to Multimedia Wiki documentation, the frame rate is not always 15,
and the actual value can be found in the header.
2012-01-24 14:08:29 -05:00
Justin Ruggles
9ae846971f vqa: set packet duration.
Also remove unused context field, audio_frame_counter.
2012-01-24 14:08:29 -05:00
Justin Ruggles
53ed79a260 vqa: use 1/sample_rate as the audio stream time base 2012-01-24 14:08:29 -05:00
Justin Ruggles
e1ac69fa27 vqa: set stream start_time to 0.
The format has no coded timestamps and must use packet durations to generate
them.
2012-01-24 14:08:29 -05:00
Anton Khirnov
1381e9bc92 lavc: postpone the removal of AVCodecContext.request_channels.
Although it has been deprecated for a long time, its intended
replacement (request_channel_layout) is not actually used anywhere, so
request_channels is currently the only way to access that functionality.
2012-01-24 18:04:19 +01:00
Anton Khirnov
dc7ad30fa5 lavf: postpone removing av_close_input_file().
It has been deprecated only recently.
2012-01-24 18:04:19 +01:00
Anton Khirnov
af0292f33a lavc: postpone removing old audio encoding and decoding API
It has been deprecated only recently.
2012-01-24 18:04:19 +01:00
Anton Khirnov
75e2025f57 avplay: remove the -er option.
Error recognition flags can and should be set directly with AVOptions.
2012-01-24 18:04:19 +01:00
Anton Khirnov
941e9f2238 lavd: remove deprecated v4l grab device. 2012-01-24 18:04:19 +01:00
Michael Niedermayer
f1721fbc52 Merge remote-tracking branch 'tjoppen/mxf_fixes_20120124'
* tjoppen/mxf_fixes_20120124:
  mxfdec: Fix files > 2 GiB
  mxfdec: Handle small EditUnitByteCount

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-24 17:15:55 +01:00
Piotr Tomasik
62d2a75b02 Added clockwise rotate values to metadata for 90 and 270 degrees
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-24 17:01:10 +01:00
Paul B Mahol
6813450209 lavf: replace remaining use of deprecated get_strz()
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-24 17:01:10 +01:00
Michael Niedermayer
1c910d2f11 sws: Fix RGB0->alpha containing formats.
Fixes Ticket869

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-24 17:01:10 +01:00
Michael Niedermayer
fa94f8a848 buildsys: Fix shared lib build of ffserver.
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-24 17:01:10 +01:00
Alexander Strasser
79f80f5c1f build: Allow building old API/ABI libpostproc version
Allows our users to still build against a libpostproc with the old
API/ABI. Distributions can use this option to defer the soname bump.

Signed-off-by: Alexander Strasser <eclipse7@gmx.net>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2012-01-24 17:01:10 +01:00
Clément Bœsch
5dfc7f7342 doc: add Timecode documentation. 2012-01-24 16:20:21 +01:00