RepoMirrors/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-03-03 19:18:01 +00:00
Code Issues Projects Releases Wiki Activity
32,371 Commits 37 Branches 401 Tags 280 MiB
90294e31a1
Commit Graph

32371 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Martin Storsjö
712945d21e shorten: Use a checked bytestream reader for the wave header 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 49568851bf)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2014-01-07 09:43:56 +01:00
Martin Storsjö
d5c104c1ae smacker: Make sure we don't fill in huffman codes out of range 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 0679cec6e8)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2014-01-07 09:43:56 +01:00
Martin Storsjö
68a1df13c4 smacker: Avoid integer overflow when allocating packets 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 710b0e2702)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2014-01-07 09:43:56 +01:00
Martin Storsjö
61032c577d smacker: Don't return packets in unallocated streams 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 8d928023f9)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2014-01-07 09:43:56 +01:00
Martin Storsjö
e01d623e01 dsicin: Add some basic sanity checks for fields read from the file 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 48d6556dd4)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2014-01-07 09:43:56 +01:00
Martin Storsjö
b6fc0127ce arm: Don't clobber callee saved registers in scalarproduct 
q4-q7/d8-d15 are supposed to not be clobbered by the callee.

CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit d307e408d4)

Signed-off-by: Martin Storsjö <martin@martin.st>
 2013-12-20 22:09:24 +02:00
Reinhard Tartler
b997a6a86d Prepare for 0.8.10 Release 2013-12-14 14:34:28 -05:00
Michael Niedermayer
6f6cd7dbe5 roqvideodec: check dimensions validity 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 3ae6104511)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit fee26d352a)

CC: libav-stable@libav.org

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
(cherry picked from commit 488f87be87)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
(cherry picked from commit 52b18c1fde)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2013-12-14 14:31:29 -05:00
Michael Niedermayer
b5736759ee qdm2: check array index before use, fix out of array accesses 
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

(cherry picked from commit a7ee6281f7)

CC: libav-stable@libav.org

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
(cherry picked from commit 39bec05ed4)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
(cherry picked from commit 0b2b8ab979)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2013-12-14 14:31:03 -05:00
Reinhard Tartler
d4a24e43ed alsdec: check block length 
Fix writing over the end

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Addresses: CVE-2013-0845
(cherry picked from commit 2a0fb7286d)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
(cherry picked from commit 3f7d89034b)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
 2013-12-14 14:30:24 -05:00
Reinhard Tartler
ae9652605a Changelog for 0.8.9 2013-11-02 10:31:35 -04:00
Reinhard Tartler
d2f4846591 Prepare for 0.8.7 Release 2013-11-02 10:17:43 -04:00
Diego Biurrun
62c8bf00bb x86: fft: Remove 3DNow! optimizations, they break FATE 2013-10-30 19:19:44 +01:00
Diego Biurrun
a1b82c6b1c x86: ac3dsp: Drop mmx variant of ac3_max_msb_abs_int16 
The function accidentally uses mmxext instructions, so it causes sigill
on mmx-only CPUs and provides no benefit on CPUs with mmxext available.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-10-29 17:03:25 +01:00
Luca Barbato
2ed8a550da aac: Check init_get_bits return value 
Some code paths can call it with invalid length.

CC: libav-stable@libav.org
(cherry picked from commit 71953ebcf9)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-10-28 14:16:37 +01:00
Luca Barbato
ef67d8107e aac: return meaningful errors 
(cherry picked from commit 07c52e2c7c)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/aacdec.c
 2013-10-28 14:16:37 +01:00
Luca Barbato
8119336df4 dsicinav: K&R formatting cosmetics 
(cherry picked from commit fcae3ff124)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/dsicinav.c
 2013-10-28 14:16:37 +01:00
Martin Storsjö
86d0bf0e96 mov: Seek back if overreading an individual atom 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Cc: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 5b4eb243bc)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavformat/mov.c
 2013-10-28 14:16:37 +01:00
Anton Khirnov
be8b796f55 vcr1: add sanity checks 
Fixes invalid reads with corrupted files.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 8aba7968dd)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/vcr1.c
 2013-10-28 14:16:37 +01:00
Anton Khirnov
8297853917 pictordec: pass correct context to avpriv_request_sample 
Fixes invalid reads.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry-picked from commit fe9bb61f9a)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/pictordec.c
 2013-10-28 14:16:37 +01:00
Luca Barbato
b8ba48c725 dsicinav: Clip the source size to the expected maximum 
A packet larger than cin->bitmap_size does not make sense.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit fd81899321)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/dsicinav.c
 2013-10-28 14:16:37 +01:00
Luca Barbato
1682c9fb59 alsdec: Clean up error paths 
Fix at least a memory leak.

CC: libav-stable@libav.org
(cherry picked from commit ca488ad480)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/alsdec.c
 2013-10-28 14:16:37 +01:00
Reimar Döffinger
5971631d84 ogg: Fix potential infinite discard loop 
Seeking in certain broken files would cause ogg_read_timestamp
to fail because ogg_packet would go into a state where all packets
of stream 1 would be discarded until the end of the stream.

Bug-Id: 553
CC: libav-stable@libav.org

Signed-off-by: Jan Gerber <j@v2v.cc>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit 9a27acae9e)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavformat/oggdec.c
 2013-10-28 14:16:37 +01:00
Luca Barbato
4a11d773f9 nuv: check rtjpeg_decode_frame_yuv420 return value 
CC: libav-stable@libav.org
(cherry picked from commit 85ac12587b)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/nuv.c
 2013-10-16 23:05:51 +02:00
Luca Barbato
abb41f19cc nuv: Reset the frame on resize 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/nuv.c
 2013-10-16 23:05:51 +02:00
Luca Barbato
c1ebdef01b nuv: Use av_fast_realloc 
The decompressed buffer can be used after codec_reinit, so it must be
preserved.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 2df0776c22)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/nuv.c
 2013-10-16 23:05:51 +02:00
Anton Khirnov
d2eddcfc83 nuv: return meaningful error codes. 
(cherry picked from commit 3344f5cb74)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/nuv.c
 2013-10-16 23:05:51 +02:00
Luca Barbato
36fc320747 nuv: Pad the lzo outbuf 
And properly update the buf_size with the correct size.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 075dbc1855)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/nuv.c
 2013-10-16 23:05:51 +02:00
Luca Barbato
cda26ab21e nuv: Do not ignore lzo decompression failures 
Update the fate reference since the last broken frame is not decoded
anymore.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit aae159a7cc)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/nuv.c
 2013-10-16 23:05:51 +02:00
Luca Barbato
3cc05e0d9d oma: correctly mark and decrypt partial packets 
Incomplete crypted files would lead to a read after buffer boundary
otherwise.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 2219e27b5b)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavformat/omadec.c
 2013-10-16 23:05:51 +02:00
Luca Barbato
b98a824c3e oma: check geob tag boundary 
Prevent read after buffer boundary on corrupted tag.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 9d0b45ade8)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavformat/omadec.c
 2013-10-16 23:05:51 +02:00
Luca Barbato
e930b112d1 oma: refactor seek function 
Properly propagate seek errors from avio and the generic pcm seek.

(cherry picked from commit 4f03a77e52)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavformat/omadec.c
 2013-10-16 23:05:50 +02:00
Luca Barbato
5312fb8287 8bps: Bound-check the input buffer 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit bd7b4da0f4)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/8bps.c
 2013-10-16 23:05:50 +02:00
Luca Barbato
a9ebc17b2d rtmp: Do not misuse memcmp 
CC: libav-stable@libav.org
(cherry picked from commit 5718e3487b)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavformat/rtmppkt.h
	libavformat/rtmpproto.c
 2013-10-16 23:05:50 +02:00
Luca Barbato
067713f159 rtmp: rename data_size to size 
(cherry picked from commit ba5393a609)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavformat/rtmppkt.c
	libavformat/rtmpproto.c
 2013-10-16 23:05:50 +02:00
Luca Barbato
2da49df19e lavc: set the default rc_initial_buffer_occupancy 
rc_buffer_size is not set before.

Solve the initial the rate control underflow issue reported in
bug 222.

CC: libav-stable@libav.org

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit bff3607547)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-10-16 22:54:30 +02:00
Luca Barbato
c25bbb6fdb 4xm: Reject not a multiple of 16 dimension 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 2f034f255c)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-09-29 22:37:12 +02:00
Luca Barbato
12dc01bb1f 4xm: do not overread the prestream buffer 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit be373cb50d)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-09-29 22:37:06 +02:00
Luca Barbato
cd9b0bb07a 4xm: validate the buffer size before parsing it 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit de2e5777e2)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-09-29 22:37:03 +02:00
Luca Barbato
53c76b6803 indeo: Do not reference mismatched tiles 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit f9e5261cab)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-09-29 21:48:57 +02:00
Luca Barbato
7999ff8966 indeo: Sanitize ff_ivi_init_planes fail paths 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 28dda8a691)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-09-29 21:48:30 +02:00
Luca Barbato
a0b8f85f29 indeo: Bound-check before applying motion compensation 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 25a6666f6c)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-09-29 21:41:49 +02:00
Luca Barbato
c02b9e6e63 indeo: Bound-check before applying transform 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit dc79685195)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/ivi_common.c
 2013-09-29 21:41:12 +02:00
Luca Barbato
efe710f8a0 indeo: reject negative array indexes 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org

(cherry picked from commit 6a10142faa)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-09-29 21:39:02 +02:00
Luca Barbato
aedde1a48d indeo: Cosmetic formatting 
Trim some overly long lines.

(cherry picked from commit 6dfacd7ab1)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavcodec/ivi_common.c
 2013-09-29 21:38:28 +02:00
Luca Barbato
c5da487a38 indeo: Refactor ff_ivi_init_tiles and ivi_decode_blocks 
Spin large and mostly self contained blocks into stand alone
functions.

(cherry picked from commit 62256010e9)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-09-29 21:19:17 +02:00
Luca Barbato
f21dce6044 indeo: Refactor ff_ivi_dec_huff_desc 
Spare an indentation level.

(cherry picked from commit f6f36ca8ca)

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-09-29 21:03:27 +02:00
Anton Khirnov
9978c24abf lavf: fix the comparison in an overflow check 
CC: libav-stable@libav.org

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit 26f027fba1)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-09-23 19:54:13 -04:00
Luca Barbato
b0ca5fef09 dv: Add a guard to not overread the ppcm array 
Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
(cherry picked from commit 7ee191cab0)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

Conflicts:
	libavformat/dv.c
 2013-09-23 19:54:02 -04:00
Martin Storsjö
5473d23ece mpegvideo: Avoid 32-bit wrapping of linesize multiplications 
This makes sure that linesize * start_y doesn't overflow, so that
emulated_edge_mc can get back the original value if needed.

Reported-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit a711a2cb47)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
 2013-09-23 19:53:02 -04:00