get_len can overflow for specially crafted payload.
Reported-By: Don A. Baley <donb@securitymouse.com>
CC: libav-stable@libav.org
(cherry picked from commit ccda51b14c)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Conflicts:
libavutil/lzo.c
It is a public function, it must not assert on its parameters.
(cherry picked from commit 94a417acc0)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
(cherry picked from commit 03bfd8419f)
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
The check `src > dst' in the form `&c->out[-back] > c->out' invokes
pointer overflow, which is undefined behavior in C.
Remove the check. Also replace `&c->out[-back] < c->out_start' with
a safe form `c->out - c->out_start < back' to avoid overflow.
CC: libav-stable@libav.org
Signed-off-by: Xi Wang <xi.wang@gmail.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit ca6c3f2c53)
Conflicts:
libavutil/lzo.c
Useful to return instead of -1 when the cause of the error is unknown,
typically from an external library.
(cherry picked from commit c9bca80132)
Conflicts:
doc/APIchanges
libavutil/avutil.h
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
The functions are already av_ prefixed and intfloat header is already provided.
Install libavutil/intfloat.h
Signed-off-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 8b933129b9)
Conflicts:
doc/APIchanges
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Firstly, this test never worked as intended, always reporting
success. Secondly, bswap is available from 486 onward and can
thus be assumed present.
Signed-off-by: Mans Rullgard <mans@mansr.com>
With these changes, gcc 4.5 and later recognise it as a bswap
and use the proper instructions on ARM and x86. On x86, the
16-bit bswap is recognised from gcc 4.1.
Signed-off-by: Mans Rullgard <mans@mansr.com>
The existing functions defined in intfloat_readwrite.[ch] are
both slow and incorrect (infinities are not handled).
This introduces a new header with fast, inline conversion
functions using direct union punning assuming an IEEE-754
system, an assumption already made throughout the code.
The one use of Intel/Motorola extended 80-bit format is
replaced by simpler code sufficient under the present
constraints (positive normal values).
The old functions are marked deprecated and retained for
compatibility.
Signed-off-by: Mans Rullgard <mans@mansr.com>
Solaris Studio (suncc) has difficulty with filling in
members of a union. Instead, let's retrieve and store the
cpuid() results separately. This is still a compiler bug,
however this fix does not cause a regression on other platforms.
Signed-off-by: Janne Grunau <janne-libav@jannau.net>
A value shifted left by >31 needs to have a 64-bit type.
As there are no defined channels in this range, the fix
is purely theoretical at this point, although it does
avoid some invalid shifts triggering the overflow
checker.
Signed-off-by: Mans Rullgard <mans@mansr.com>
It makes more sense for a bit mask to use an unsigned type.
The change should be source and binary compatible on all
supported systems, hence micro version bump.
Fixes a few invalid shifts.
Signed-off-by: Mans Rullgard <mans@mansr.com>
Casting the left-most byte to unsigned avoids an undefined
result of the shift by 24 if bit 7 is set. This affects
the rm demuxer.
Signed-off-by: Mans Rullgard <mans@mansr.com>
This is useful, since the normal timegm function isn't a standard
function (requiring _BSD_SOURCE or _SVID_SOURCE on glibc to
be visible, and not available on e.g. windows). The widely available
function mktime uses the local time zone, which requires ugly
workarounds to handle UTC time.
Signed-off-by: Martin Storsjö <martin@martin.st>
