RepoMirrors/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-02-22 23:07:00 +00:00
Code Issues Projects Releases Wiki Activity
67,563 Commits 37 Branches 400 Tags 272 MiB
a579264bc9
Commit Graph

67563 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Niedermayer
a579264bc9 avcodec/xwddec: Check bpp more completely 
Fixes out of array access
Fixes: 1399/clusterfuzz-testcase-minimized-4866094172995584

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 441026fcb1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
87ee5473c2 avcodec/s302m: Fix left shift of 8 by 28 places cannot be represented in type 'int' 
Fixes: 1395/clusterfuzz-testcase-minimized-5330939741732864

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a38e9797cb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
851129e019 avcodec/eamad: Fix runtime error: signed integer overflow: 49674 * 49858 cannot be represented in type 'int' 
Fixes: 1394/clusterfuzz-testcase-minimized-6493376885030912

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0ac1c87194)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
df8880db96 avcodec/g726: Fix runtime error: left shift of negative value -2 
Fixes: 1393/clusterfuzz-testcase-minimized-5948366791901184

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c04aa14882)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
b92defbcaf avcodec/ra144: Fix runtime error: left shift of negative value -798 
Fixes: 1388/clusterfuzz-testcase-minimized-6680800936329216

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 78bf446852)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
5e07278783 avcodec/mss34dsp: Fix multiple signed integer overflow 
Fixes: 1387/clusterfuzz-testcase-minimized-4802757766676480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 464c4b86ee)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
7bf97c4039 avcodec/targa_y216dec: Fix width type 
Fixes out of array access
Fixes: 1376/clusterfuzz-testcase-minimized-6361794975105024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3e56db8926)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
7e15899654 avcodec/ivi_dsp: Fix multiple left shift of negative value -2 
Fixes: 1385/clusterfuzz-testcase-minimized-5552882663292928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9e88cc94e5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
47ed6f1c4a avcodec/svq3: Fix multiple runtime error: signed integer overflow: 44161 * 61694 cannot be represented in type 'int' 
Fixes: 1382/clusterfuzz-testcase-minimized-6013445293998080

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 669419939c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
a530ce3b5c avcodec/msmpeg4dec: Correct table depth 
Fixes undefined shift
Fixes: 1381/clusterfuzz-testcase-minimized-5513944540119040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1121d92707)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
e334e402fe avcodec/cdxl: Check format parameter 
Fixes out of array access
Fixes: 1378/clusterfuzz-testcase-minimized-5715088008806400

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e1b60aad77)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
1d0d5d323e avcodec/mss3: Change types in rac_get_model_sym() to match the types they are initialized from 
Fixes integer overflow
Fixes: 1372/clusterfuzz-testcase-minimized-5712192982745088

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2ef0f39271)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
83a499cb51 avcodec/shorten: Check k in get_uint() 
Fixes: undefined shift
Fixes: 1371/clusterfuzz-testcase-minimized-5770822591447040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7b6a51f59c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
05a3c8d1fe avcodec/webp: Fix null pointer dereference 
Fixes: 1369/clusterfuzz-testcase-minimized-5048908029886464

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9bf4523e40)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
c767fc96e7 avcodec/dfa: Fix signed integer overflow: -2147483648 - 1 cannot be represented in type 'int' 
Fixes: 1368/clusterfuzz-testcase-minimized-4507293276176384

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 12936a4585)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
b7a69943e8 avcodec/mimic: Fix runtime error: left shift of negative value -1 
Fixes: 1365/clusterfuzz-testcase-minimized-5624158450876416

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fc2c420b82)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
7a37ef34fb avcodec/fic: Fix multiple left shift of negative value -15 
Fixes: 1356/clusterfuzz-testcase-minimized-6008489086287872

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b20c71409b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
a75075fc58 avcodec/mlpdec: Fix runtime error: left shift of negative value -22 
Fixes: 1355/clusterfuzz-testcase-minimized-6662205472768000

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c535436cbe)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
697187a6f3 avcodec/snowdec: Check qbias 
Fixes: signed integer overflow: -1094995529 * 131 cannot be represented in type 'int'
Fixes: 1353/clusterfuzz-testcase-minimized-5208180449607680

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 523205ce1e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
2b3b77e722 avcodec/aacsbr_template: Do not leave bs_num_env invalid 
Fixes out of array read
Fixes: 1349/clusterfuzz-testcase-minimized-5370707196248064

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a8ad83b793)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
766c53f9e5 avcodec/mdec: Fix signed integer overflow: 28835400 * 83 cannot be represented in type 'int' 
Fixes: 1346/clusterfuzz-testcase-minimized-5776732600664064

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a234b5ade3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
5204a50013 avcodec/dfa: Fix off by 1 error 
Fixes out of array access
Fixes: 1345/clusterfuzz-testcase-minimized-6062963045695488

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f52fbf4f3e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
e0defd45ac avcodec/nellymoser: Fix multiple left shift of negative value -8591 
Fixes: 1342/clusterfuzz-testcase-minimized-5490842129137664

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0953736b7e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
515514feeb avcodec/cdxl: Fix signed integer overflow: 14243456 * 164 cannot be represented in type 'int' 
Fixes: 1341/clusterfuzz-testcase-minimized-5441502618583040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1002932a3b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
90ea514d75 avcodec/wnv1: Fix runtime error: left shift of negative value -1 
Fixes: 1338/clusterfuzz-testcase-minimized-6485546354343936

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9fac508ca4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
2341bd7558 avcodec/tiertexseqv: set the fixed dimenasions, do not depend on the demuxer doing so 
Fixes: out of array access
Fixes: 1348/clusterfuzz-testcase-minimized-6195673642827776

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ce551a3925)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
133705f9e8 avcodec/mjpegdec: Fix runtime error: signed integer overflow: -24543 * 2031616 cannot be represented in type 'int' 
Fixes: 943/clusterfuzz-testcase-5114865297391616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a78ae465fd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
3755414d01 avcodec/cavsdec: Fix undefined behavior from integer overflow 
Fixes: 1335/clusterfuzz-testcase-minimized-5566961566089216

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a0e5f7f363)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
89683e3a5f avcodec/dvdsubdec: Fix runtime error: left shift of 242 by 24 places cannot be represented in type 'int' 
Fixes: 1080/clusterfuzz-testcase-5353236754071552

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ce7098b8f2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
ce396b2afa libavcodec/mpeg4videodec: Convert sprite_offset to 64bit 
This avoids intermediates from overflowing (the final values are checked)
Fixes: runtime error: signed integer overflow: -167712 + -2147352576 cannot be represented in type 'int'

Fixes: 1298/clusterfuzz-testcase-minimized-5955580877340672

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c1c3a14073)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
851c9c1cad avcodec/msvideo1: Check buffer size before re-getting the frame 
Fixes timeout
Fixes: 1306/clusterfuzz-testcase-minimized-6152296217968640

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cabfed6895)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
2fd6441fe4 avcodec/svq3: Increase offsets to prevent integer overflows 
Fixes: 1280/clusterfuzz-testcase-minimized-6102353767825408

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 382b4fc9b5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
880a06bd4f avcodec/indeo2: Check remaining bits in ir2_decode_plane() 
Fixes: 1290/clusterfuzz-testcase-minimized-5815578902134784
Fixes: timeout

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b29feec982)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
737624e06c avcodec/vp3: Check remaining bits in unpack_dct_coeffs() 
Decreases the time spend decoding junk.

May fix: 1283/clusterfuzz-testcase-minimized-6221126759874560

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2f00300b77)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
d9e4b19269 avcodec/mdec: Fix runtime error: left shift of negative value -127 
Fixes undefined behavior
Fixes: 1275/clusterfuzz-testcase-minimized-6718162017976320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6ca82975b7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Martin Vignali
ad5e264ae3 libavcodec/exr : fix float to uint16 conversion for negative float value 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e46d637452)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Derek Buitenhuis
a82e65f0ae avformat/webmdashenc: Validate the 'streams' adaptation sets parameter 
It should not be a value larger than the number of streams we have,
or it will cause invalid reads and/or SIGSEGV.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ec07efa700)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Derek Buitenhuis
6918b400c5 avformat/webmdashenc: Require the 'adaptation_sets' option to be set 
This seems to be non-optional, and if the muxer is run without it,
strlen() is run on NULL, causing a segfault.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cbd3a68f3e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
4b6a747c2a avcodec/dvdsubdec: Fixes 2 runtime error: left shift of 170 by 24 places cannot be represented in type 'int' 
Fixes: 619/clusterfuzz-testcase-5803914534322176

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 61ee2ca775)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
a0a20e6994 avfilter/avfiltergraph: Add assert to write down in machine readable form what is assumed about sample rates in swap_samplerates_on_filter() 
Fixes CID1397292

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5f2b360fc0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
eac727a502 avcodec/tiff: Perform multiply in tiff_unpack_lzma() as 64bit 
This should make no difference as the value should not be able to be that large
but its more correct this way

Fixes CID1348138

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f48b6b8b91)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
78664297df avcodec/tiff: Check geotag count for being non zero 
Fixes memleak
Fixes: 874/clusterfuzz-testcase-5252796175613952

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3182e19c1c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
6c06cd65a2 avcodec/vp56: Check avctx->error_concealment before enabling EC 
Fixes timeout with 847/clusterfuzz-testcase-5291877358108672
Fixes timeout with 850/clusterfuzz-testcase-5721296509861888

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 98da63b3f5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
232ced7f4e avcodec/tiff: Check stripsize strippos for overflow 
Fixes: 861/clusterfuzz-testcase-5688284384591872

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5d996b5649)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
64b7716802 avcodec/mpegaudiodec_template: Make l3_unscale() work with e=0 
Fixes undefined behavior
Fixes: 830/clusterfuzz-testcase-6253175327686656

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8ebed703f1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
e695be347e avcodec/tiff: Check for multiple geo key directories 
Fixes memleak
Fixes: 826/clusterfuzz-testcase-5316921379520512

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 108b02e547)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
00bebaca77 avcodec/wavpack: Fix runtime error: shift exponent 32 is too large for 32-bit type 'int' 
Fixes: 822/clusterfuzz-testcase-4873433189974016

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7cebc5a9cc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
2e876cd86a avcodec/rv34: Fix runtime error: signed integer overflow: 36880 * 66288 cannot be represented in type 'int' 
Fixes: 768/clusterfuzz-testcase-4807444305805312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a66c6e28b5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
551b01c5d0 avcodec/amrwbdec: Fix runtime error: left shift of negative value -1 
Fixes: 763/clusterfuzz-testcase-6007567320875008

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 44e2105189)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00
Michael Niedermayer
0d67642bcc avcodec/mpeg4videodec: Fix runtime error: signed integer overflow: -135088512 * 16 cannot be represented in type 'int' 
Fixes: 736/clusterfuzz-testcase-5580263943831552

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e2a4f1a9eb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-23 13:15:17 +02:00