FFmpeg

Author	SHA1	Message	Date
Michael Niedermayer	fb0d1cafab	avcodec/cavs: Fix runtime error: signed integer overflow: -12648062 * 256 cannot be represented in type 'int' Fixes: 2067/clusterfuzz-testcase-minimized-5578430902960128 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1e6ee86d92`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	5c82f67012	avcodec/qdrw: Fix null pointer dereference The RGB555 PACKBITSRGN case tries to read a palette, if such palette is actually stored then it accesses a null pointer. All 16bit samples i could find use DIRECTBITSRGN. Fixes: 2065/clusterfuzz-testcase-minimized-6298930457346048 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `46b865ea9f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	5c2c0979e2	avcodec/hevc_ps: Fix runtime error: index 32 out of bounds for type 'uint8_t [32]' Fixes: 2010/clusterfuzz-testcase-minimized-6209288450080768 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `29808fff33`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	439757d38a	avcodec/dxv: Check remaining bytes in dxv_decompress_raw() Fixes: Timeout Fixes: 2006/clusterfuzz-testcase-minimized-5766515037044736 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `eb50492270`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	90c38d6ab8	avcodec/pafvideo: Check packet size and frame code before ff_reget_buffer() Fixes 1745/clusterfuzz-testcase-minimized-6160693365571584 Fixes: Timeout Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `faa5a2181d`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	7edf958740	avcodec/ac3dec_fixed: Fix runtime error: left shift of 419 by 23 places cannot be represented in type 'int' Fixes: 1352/clusterfuzz-testcase-minimized-5757565017260032 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `136ce8baa4`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	6a44539bc8	avcodec/aacps: Fix runtime error: left shift of 1073741824 by 1 places cannot be represented in type 'INTFLOAT' (aka 'int') Fixes: 2005/clusterfuzz-testcase-minimized-5744226438479872 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9faf098163`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	b7afa9f8aa	avcodec/wavpack: Fix runtime error: shift exponent 32 is too large for 32-bit type 'int' Fixes: 1967/clusterfuzz-testcase-minimized-5757031199801344 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8b3e580b7f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	a8643da03a	avcodec/cfhd: Fix runtime error: signed integer overflow: 65280 * 65288 cannot be represented in type 'int' Fixes: 1925/clusterfuzz-testcase-minimized-5564569688735744 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `cd6f319a74`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	fe2a92cfd4	avcodec/wavpack: Fix runtime error: signed integer overflow: 2013265955 - -134217694 cannot be represented in type 'int' Fixes: 1922/clusterfuzz-testcase-minimized-5561194112876544 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a47273c803`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	1d6983c899	avcodec/cinepak: Check input packet size before frame reallocation Reduces time spend decoding 1917/clusterfuzz-testcase-minimized-5023221273329664 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e47057e932`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	64ecc9eda9	avcodec/hevc_ps: Fix runtime error: signed integer overflow: 2147483628 + 256 cannot be represented in type 'int' Fixes: 1909/clusterfuzz-testcase-minimized-6732072662073344 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6726328f79`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	cb14b289bc	avcodec/ra144: Fixes runtime error: signed integer overflow: 7160 * 327138 cannot be represented in type 'int' Fixes: 1908/clusterfuzz-testcase-minimized-5392712477966336 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `08cb69e870`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	ccc598dbcb	avcodec/pnm: Use ff_set_dimensions() Fixes: OOM Fixes: 1906/clusterfuzz-testcase-minimized-4599315114754048 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a1c0d1d906`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	79a5cac077	avcodec/cavsdec: Fix runtime error: signed integer overflow: 59 + 2147483600 cannot be represented in type 'int' Fixes: 1903/clusterfuzz-testcase-minimized-5359318167715840 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `58f8cd4ac5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:29 +02:00
Michael Niedermayer	625fb08959	avcodec/acelp_pitch_delay: Fix runtime error: value 4.83233e+39 is outside the range of representable values of type 'float' Fixes: 1902/clusterfuzz-testcase-minimized-4762451407011840 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `87bddba43b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	d5f5d21322	avcodec/wavpack: Check float_shift Fixes: runtime error: shift exponent 40 is too large for 32-bit type 'unsigned int' Fixes: 1898/clusterfuzz-testcase-minimized-5970744880136192 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4020b009d1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	b424fde5de	avcodec/wavpack: Fix runtime error: signed integer overflow: 24 * -2147483648 cannot be represented in type 'int' Fixes: 1894/clusterfuzz-testcase-minimized-4716739789062144 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d90c5bf105`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	df7f051f4d	avcodec/ansi: Fix frame memleak Fixes: 1892/clusterfuzz-testcase-minimized-4519341733183488 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e091b9b3c7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	9f8da7e2aa	avcodec/dds: Fix runtime error: left shift of 145 by 24 places cannot be represented in type 'int' Fixes: 1891/clusterfuzz-testcase-minimized-6274417925554176 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c49fa2a514`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	1d4199e023	avcodec/jpeg2000dec: Use ff_set_dimensions() Fixes: OOM Fixes: 1890/clusterfuzz-testcase-minimized-6329019509243904 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f3da6fbff8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	ba925988ef	avcodec/truemotion2: Fix passing null pointer to memset() Fixes part of: 1888/clusterfuzz-testcase-minimized-5237704826552320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c901627918`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	362a98eea9	avcodec/truemotion2: Fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int' Fixes part of: 1888/clusterfuzz-testcase-minimized-5237704826552320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c9e884f3d9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	5b6d056da8	avcodec/ra144: Fix runtime error: signed integer overflow: -2449 * 1398101 cannot be represented in type 'int' Fixes: 1885/clusterfuzz-testcase-minimized-5336328549957632 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7c845450d2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	efe4dbb6e6	avcodec/ra144: Fix runtime error: signed integer overflow: 11184810 * 404 cannot be represented in type 'int' Fixes: 1884/clusterfuzz-testcase-minimized-4637425835966464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4c472c5252`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	1b048028a7	avcodec/aac_defines: Add missing () to AAC_HALF_SUM() macro Fixes: runtime error: shift exponent 1073741848 is too large for 32-bit type 'INTFLOAT' (aka 'int') Fixes: 1880/clusterfuzz-testcase-minimized-4900645322620928 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `872bac8159`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	66c9e5e3eb	avcodec/webp: Fixes null pointer dereference Fixes: 1470/clusterfuzz-testcase-minimized-5404421666111488 Fixes: 1472/clusterfuzz-testcase-minimized-5677426430443520 Fixes: 1875/clusterfuzz-testcase-minimized-5536474562822144 Approved-by: BBB Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `67020711b7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	a871e42e30	avcodec/aacdec_fixed: Fix runtime error: left shift of 1 by 31 places cannot be represented in type 'int' Fixes: 1878/clusterfuzz-testcase-minimized-6441918630199296 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6b9cb5d26a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	b08f7e592f	avcodec/ylc: Check count in build_vlc() Fixes: runtime error: signed integer overflow: 211633430 + 2147483647 cannot be represented in type 'int' Fixes: 1874/clusterfuzz-testcase-minimized-5037763613163520 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `67b30decf7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	2b220944e9	avcodec/snow: Fix runtime error: signed integer overflow: 1086573993 + 1086573994 cannot be represented in type 'int' Fixes: 1871/clusterfuzz-testcase-minimized-5719950331215872 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b9c032ebc0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	ee202d98ce	avcodec/jpeg2000: Fix runtime error: signed integer overflow: 4185 + 2147483394 cannot be represented in type 'int' Fixes: 1870/clusterfuzz-testcase-minimized-4686788029317120 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `781f88bb26`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	f720b43615	avcodec/jpeg2000dec: Check tile offsets more completely Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9c1812491f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	f5839a7826	avcodec/sheervideo: Check input buffer size before allocating and decoding Fixes: Timeout Fixes: 1858/clusterfuzz-testcase-minimized-6450473802399744 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d8030c14bd`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	b1da01c051	avcodec/aacdec_fixed: Fix multiple runtime error: shift exponent 127 is too large for 32-bit type 'int' Fixes: 1851/clusterfuzz-testcase-minimized-5692607495667712 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6c3a63fc3d`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	7108189a54	avcodec/wnv1: More strict buffer size check This requires at least 25% of a picture to allocate and decode it Fixes: Timeout Fixes: 1845/clusterfuzz-testcase-minimized-5075974343360512 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7f50c25124`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	e18bd51596	avcodec/libfdk-aacdec: Correct buffer_size parameter the timeDataSize argument to aacDecoder_DecodeFrame() seems undocumented and until 2016 04 (203e3f28fbebec7011342017fafc2a0bda0ce530) unused. after that commit libfdk-aacdec interprets it as size in sample units and memsets that on error. FFmpeg as well as others (like GStreamer) did interpret it as size in bytes Fixes: 1442/clusterfuzz-testcase-minimized-4540199973421056 (This requires recent libfdk to reproduce) Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ca6776a993`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	e7776cedf5	avcodec/sbrdsp_template: Fix: runtime error: signed integer overflow: 849815297 + 1315389781 cannot be represented in type 'int' Fixes: 1770/clusterfuzz-testcase-minimized-5285511235108864 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7c36ee216f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	6eb1a6f48b	avcodec/ivi_dsp: Fix runtime error: left shift of negative value -2 Fixes: 1839/clusterfuzz-testcase-minimized-6238490993885184 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `357f2316a0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	1e74ee34f9	avcodec/mlpdec: Do not leave invalid values in matrix_out_ch[] on error Fixes: runtime error: index 12 out of bounds for type 'uint8_t [8]' Fixes: 1832/clusterfuzz-testcase-minimized-6574546079449088 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ac8dfcbd89`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	288eb8b17e	avcodec/ra144dec: Fix runtime error: left shift of negative value -17 Fixes: 1830/clusterfuzz-testcase-minimized-5828293733384192 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `53c0c637d3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:28 +02:00
Michael Niedermayer	7072201271	avcodec/aacdec_fixed: Fix runtime error: signed integer overflow: -2147483648 * -1 cannot be represented in type 'int' Fixes: 1825/clusterfuzz-testcase-minimized-6002833050566656 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8e87d146d7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:27 +02:00
Michael Niedermayer	c419022789	avcodec/smc: Check remaining input Fixes: Timeout Fixes: 1818/clusterfuzz-testcase-minimized-5039166473633792 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `356194fcb1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:27 +02:00
Michael Niedermayer	8cbe7461b3	avcodec/diracdec: Fix off by 1 error in quant check Fixes: out of array read Fixes: 1781/clusterfuzz-testcase-minimized-4617176877105152 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b946bd8ef2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:27 +02:00
Michael Niedermayer	fdba18c068	avcodec/jpeg2000dec: Fix copy and paste error Found-by: jamrial Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5782e0ba8c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:27 +02:00
Michael Niedermayer	6b1a01f3ec	avcodec/jpeg2000dec: Check tile offsets Fixes: runtime error: signed integer overflow: 4096 - -2147483648 cannot be represented in type 'int' Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `89325417e7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:27 +02:00
Max Justicz	66aa3c61fe	avcodec/sanm: Fix uninitialized reference frames Fixes: poc.snm Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ca616b0f72`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:27 +02:00
Michael Niedermayer	8d7ccdf873	avcodec/jpeglsdec: Check get_bits_left() before decoding a picture Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4bc3008d04`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:27 +02:00
Michael Niedermayer	3b0f0dab4a	avcodec/ivi_dsp: Fix multiple runtime error: left shift of negative value -71 Fixes: 1734/clusterfuzz-testcase-minimized-5385630815092736 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8fb00b3e85`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:27 +02:00
Michael Niedermayer	a7f35b7f35	avcodec/mjpegdec: Fix runtime error: signed integer overflow: -32767 * 130560 cannot be represented in type 'int' Fixes: 1724/clusterfuzz-testcase-minimized-4842395432648704 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `40fa6a2fa2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:27 +02:00
Michael Niedermayer	43db1288dd	avcodec/aacdec_fixed: Fix runtime error: shift exponent 34 is too large for 32-bit type 'int' Fixes: 1721/clusterfuzz-testcase-minimized-4719352135811072 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b5228e44c7`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2017-06-16 01:05:27 +02:00

... 2 3 4 5 6 ...

36914 Commits