chacha/FFmpeg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
92,860 Commits 36 Branches 386 Tags
2b5abf94de1741bcd1ed68bbd3fd674398a43f3f
Commit Graph

41341 Commits

Author SHA1 Message Date
Michael Niedermayer
67d030787e avcodec/scpr: Fix use of uninitialized variable 
Fixes: Undefined shift
Fixes: 12911/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-5677102915911680

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 53248acfb3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
c90836cc3d avcodec/qpeg: Limit copy in qpeg_decode_intra() to the available bytes 
Fixes: Timeout (27 sec -> 39 milli sec)
Fixes: 13151/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QPEG_fuzzer-5717536023248896

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b819472995)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
6c0124d392 avcodec/aic: Check remaining bits in aic_decode_coeffs() 
Fixes: Timeout (78 seconds -> 2 seconds)
Fixes: 13186/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AIC_fuzzer-5639516533030912

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 951bb7632f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
29619a8ac2 avcodec/gdv: Check for truncated tags in decompress_5() 
Testcase: 13169/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5666354038833152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5cf42f65b6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
09683e1f4e avcodec/bethsoftvideo: Check block_type 
Fixes: Timeout (17 seconds -> 1 second)
Fixes: 13184/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BETHSOFTVID_fuzzer-5711446296494080

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b8ecadec05)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
662b6351c8 avcodec/jpeg2000dwt: Fix integer overflow in dwt_decode97_int() 
Fixes: runtime error: signed integer overflow: 2147483598 + 128 cannot be represented in type 'int'
Fixes: 12926/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5705100733972480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4801eea0d4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
b8dd1d2d4b avcodec/error_resilience: Use a symmetric check for skipping MV estimation 
This speeds up the testcase by a factor of 4

Fixes: Timeout
Fixes: 13100/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV2_fuzzer-5767533905313792

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e4289cb253)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
92335fc02b avcodec/mlpdec: Insuffient typo 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fc32e08941)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
ff491b1544 avcodec/zmbv: obtain frame later 
The frame is not needed that early so obtaining it later avoids
the costly operation in case other checks fail.

Fixes: Timeout (14sec -> 4sec)
Fixes: 13140/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ZMBV_fuzzer-5738330308739072

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 177b40890c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
4e624c89fd avcodec/jvdec: Check available input space before decode8x8() 
Fixes: Timeout (78 sec -> 15 millisec)
Fixes: 13147/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JV_fuzzer-5727107827630080

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 61523683c5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
9495228df0 avcodec/h264_direct: Fix overflow in POC comparission 
Fixes: runtime error: signed integer overflow: 2147421862 - -33624063 cannot be represented in type 'int'
Fixes: 12885/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-5733516975800320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5ccf296e74)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Kevin Backhouse via RT
f7f3937494 avcodec/htmlsubtitles: Fixes denial of service due to use of sscanf in inner loop for handling braces 
Fixes: [Semmle Security Reports #19439]
Fixes: dos_sscanf2.mkv

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 894995c41e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Kevin Backhouse via RT
cc5361ed18 avcodec/htmlsubtitles: Fixes denial of service due to use of sscanf in inner loop for tag scaning 
Fixes: [Semmle Security Reports #19438]
Fixes: dos_sscanf1.mkv

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1f00c97bc3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
8066cb3556 avcodec/mpeg4videodec: Clear interlaced_dct for studio profile 
Fixes: Out of array access
Fixes: 13090/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5408668986638336

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Kieran Kunhya <kierank@obe.tv>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1f686d023b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Michael Niedermayer
1a82246cae avcodec/sbrdsp_fixed.c: remove input value limit for sbr_sum_square_c() 
Fixes: 1377/clusterfuzz-testcase-minimized-5487049807233024
Fixes: assertion failure in sbr_sum_square_c()

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4cde7e62db)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
Alex Mogurenko
7e204f7260 avcodec/prores_ks: Fix luma quantization if q >= MAX_STORED_Q 
The problem occurs in slice quant estimation and slice encoding:

If the slice quant is larger than  MAX_STORED_Q we don't use pre-calculated
quant matrices, but generate a new one, but both qmat and qmat_chroma both
point to the same table, so the luma table ends up having chroma table
values.

Add custom_chroma_q the same way as custom_q.

Signed-off-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
(cherry picked from commit e4788ae31b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-03-14 00:24:44 +01:00
James Almer
33c8009773 avcodec/cbs_av1: don't call cbs_av1_read_trailing_bits() when no bits remain in the OBU 
Reviewed-by: jkqxz
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 3e8b8b6b50)
 2019-02-10 21:02:06 -03:00
Michael Niedermayer
7816497ba0 avcodec/pgssubdec: Check for duplicate display segments 
In such a duplication the previous gets overwritten and leaks

Fixes: memleak
Fixes: 12510/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PGSSUB_fuzzer-5694439226343424

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e35c3d887b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-02-04 00:32:09 +01:00
Michael Niedermayer
b482e94e59 avcodec/rasc: Move ff_get_buffer() after frame checks 
If the frame1/2 checks fail this avoids doing the allocation of a new frame

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9f4af97aff)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-31 17:29:05 +01:00
Michael Niedermayer
0f1332309a avcodec/rasc: Check uncompressed dlta size 
We assume that if the compressed size is bigger than if each byte is encoded in a single raw packet
that the data is invalid.

Fixes: Out of memory
Fixes: 12208/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RASC_fuzzer-5648916473708544

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f4079d5174)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-31 17:28:23 +01:00
Michael Niedermayer
f5c9753bfd avcodec/fic: Check that there is input left in fic_decode_block() 
Fixes: Timeout
Fixes: 12450/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FIC_fuzzer-5661984622641152

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit db1c4acd02)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-31 17:23:01 +01:00
Michael Niedermayer
d8b8b27dc3 avcodec/ilbcdec: Fix undefined integer overflow lsf2poly() 
The addition is moved up into the context where the variable is unsigned avoiding
the undefined behavior

Fixes: runtime error: signed integer overflow: 2147481972 + 4096 cannot be represented in type 'int'
Fixes: 12444/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ILBC_fuzzer-5755706244857856

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4523cc5e75)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-31 17:20:38 +01:00
Michael Niedermayer
62f5325ca3 avcodec/ilbcdec: Fix integer overflow in construct_vector() 
webrtc contains explicit code to ignore the undefined behavior (RTC_NO_SANITIZE / OverflowingAddS32S32ToS32())

Probably fixes: Integer overflow (unreproducable here)
Probably fixes: 12215/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ILBC_fuzzer-5767142427852800

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c95d0fb239)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-31 17:20:24 +01:00
Michael Niedermayer
31fa50f3d9 avcodec/prosumer: Error out if decompress() stops reading data 
if 0 is encountered in the LUT then decompress() will continue to output 0 bytes but never read more data.
Without a specification it is impossible to say if this is invalid or a feature.
None of the valid prosumer files tested cause a 0 to be read, so it is likely
not a intended feature.

Fixes: Timeout
Fixes: 11266/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PROSUMER_fuzzer-5681827423977472

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 62f8d27ef1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
552733d48b avcodec/tiff: Check for 12bit gray fax 
Fixes: Assertion failure
Fixes: 11898/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-5759794191794176

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ec28a85107)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
3a52cae2c7 avcodec/tests/rangecoder: initialize array to avoid valgrind warning 
Found-by: jamrial
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c15972f0af)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
792df36f42 avcodec/gdv: Optimize and factorize scaling loops 
Fixes: Timeout
Fixes: 11067/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5686623711264768

Before change: Executed clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5686623711264768 in 34386 ms
After  change: Executed clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GDV_fuzzer-5686623711264768 in 24327 ms

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6e23736aef)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
c694273feb avcodec/h264_slice: Fix integer overflow in implicit_weight_table() 
Fixes: signed integer overflow: 2 * 2132811760 cannot be represented in type 'int'
Fixes: 11156/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_fuzzer-6237685933408256

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 77e56d74f9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
9239d58b36 avcodec/exr: set layer_match in all branches 
Otherwise it is left to the value from the previous iteration

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 433d2ae435)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
1623f42d99 avcodec/exr: Check for duplicate channel index 
Fixes: Out of memory
Fixes: 11582/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5730204559867904

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f9728feaf9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
15857674c5 avcodec/4xm: Fix returned error codes 
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 07607a1db8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
41ee513c81 avcodec/v4l2_m2m: fix cant typo 
Reviewed-by: Lou Logan <lou@lrcd.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 062bf56393)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
33b4aba5bd avcodec/mjpegbdec: Fix some misplaced {} and spaces 
Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 11a8d2ccab)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
gxw
929b5519d8 avcodec/mips: Fix failed case: hevc-conformance-AMP_A_Samsung_* when enable msa 
The AV_INPUT_BUFFER_PADDING_SIZE has been increased to 64, but the value is still 32
in function ff_hevc_sao_edge_filter_8_msa. So, use AV_INPUT_BUFFER_PADDING_SIZE directly.
Also, use MAX_PB_SIZE directly instead of 64. Fate tests passed.

Reviewed-by: Derek Buitenhuis <derek.buitenhuis@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f652c7a45c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
5ed024e40b avcodec/fic: Fail on invalid slice size/off 
Fixes: Timeout
Fixes: 11486/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FIC_fuzzer-5677133863583744

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 30a7a81cdc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
5550946ff4 avcodec/ilbcdec: fix integer overflow in energy 
webrtc uses a int32_t like the existing code in ilbcdec

Fixes: signed integer overflow: 2080245063 + 257939661 cannot be represented in type 'int'
Fixes: 11037/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ILBC_fuzzer-5682976612941824

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fbf409cd91)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
c22b67feaa avcodec/rpza: Check that there is enough data for all the blocks 
Fixes: Timeout
Fixes: 11547/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RPZA_fuzzer-5678435842654208

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e63517e00a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
4c0be3a60c avcodec/rpza: Move frame allocation to a later point 
This will allow performing some fast checks before the slow allocation

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8a708aa99c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
42357b37cb avcodec/avcodec: Document the data type for AV_PKT_DATA_MPEGTS_STREAM_ID 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 68e011e410)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
e1f40f0dae avcodec/mjpegdec: Fix indention of ljpeg_decode_yuv_scan() 
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ea30ac1e40)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
321c418b87 avcodec/rasc: Check that the number of moves is less than or equal the number of pixels 
Fixes: OOM
Fixes: 10307/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RASC_fuzzer-5393974559244288

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 092cb17983)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
228f17ced3 avcodec/clearvideo: Check remaining input bits in P macro block loop 
Fixes: Timeout
Fixes: 11083/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CLEARVIDEO_fuzzer-5657180351496192

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7aaab127be)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
9b5a6bb67b avcodec/rasc: Check input space before reading chunk 
Fixes: Timeout
Fixes: 11118/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RASC_fuzzer-5652564066959360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 52ba824c65)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
219cbc5527 avcodec/dxv: Check that there is enough data to decompress 
Fixes: Timeout
Fixes: 10979/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DXV_fuzzer-6178582203203584

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2bc3811c0d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
55c36d2498 avcodec/ppc/hevcdsp: Fix build failures with powerpc-linux-gnu-gcc-4.8 with --disable-optimizations 
The affected functions could also be changed into macros, this is the
smaller change to fix it though. And avoids (probably) less readable macros
The extra code should be optimized out when optimizations are done as all values
are known at build after inlining.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2c64a6bcd2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
558ba71de5 avcodec/msvideo1: Check for too small dimensions 
Such low resolution would result in empty output as a minimum of 4x4 is needed
We could also check for multiple of 4 dimensions but that is not needed

Fixes: Timeout
Fixes: 11191/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSVIDEO1_fuzzer-5739529588178944

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 953bd58861)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
1a5db666ac avcodec/wmv2dec: Skip I frame if its smaller than 1/8 of the minimal size 
Frames that small are not valid and of limited use for error concealment, while
being very computationally intensive to process.

Fixes: Timeout
Fixes: 11168/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMV2_fuzzer-5733782032744448

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d6f4341522)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
eee0cf487a avcodec/msmpeg4dec: Skip frame if its smaller than 1/8 of the minimal size 
Frames that small are not valid and of limited use for error concealment, while
being very computationally intensive to process.

Fixes: Timeout
Fixes: 11318/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSMPEG4V1_fuzzer-5710884555456512

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 09ec182864)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
90db1e441f avcodec/truemotion2rt: Fix rounding in input size check 
Fixes: Timeout
Fixes: 11332/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEMOTION2RT_fuzzer-5678456612847616

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7f22a4ebc9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00
Michael Niedermayer
4fe90900d8 avcodec/diracdec: Check component quant 
Fixes: Timeout
Fixes: 10708/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DIRAC_fuzzer-5730140957442048

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 28c96c2ce2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2019-01-21 07:53:26 +01:00