chacha/FFmpeg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
31,229 Commits 36 Branches 386 Tags
cdb72c827c4fc3d8a2dfe939654fa885aaedbbd1
Commit Graph

14547 Commits

Author SHA1 Message Date
Laurent Aimar
cdb72c827c Check for out of bound bands limit in mpc v8 decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 508e47a575)
 2011-10-01 20:30:43 +02:00
Alexander Strasser
7aa24b157d h264: ff_h264_decode_extradata: check buffer args 
The buffer size and pointer were not checked prior to testing the first
byte of the buffer. These were sometimes checked before calling, but it is
better to add it inside the function as it takes buf and size arguments.

Signed-off-by: Alexander Strasser <eclipse7@gmx.net>
(cherry picked from commit 715f259bf9)
 2011-10-01 20:29:07 +02:00
Laurent Aimar
1b26a734b2 Fix potential pointer arithmetic overflows in rle_unpack() of vmd video decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 35cb6854bb)
 2011-10-01 20:25:21 +02:00
Laurent Aimar
02bdeff1ef Fix out of bound reads in rle_unpack() of vmd video decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 4749e07498)
 2011-10-01 20:25:16 +02:00
Laurent Aimar
55efeba2b5 Check for out of bound reads in vmd_decode() of vmd video decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e07377e736)
 2011-10-01 20:25:10 +02:00
Laurent Aimar
08657a2a8a Fix potential pointer arithmetic overflows in lz_unpack of vmd video decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 78cb39d2b2)
 2011-10-01 20:24:57 +02:00
Laurent Aimar
f40b04e917 Prevent out of bound read in lz_unpack in vmd video decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 5127f465bd)
 2011-10-01 20:24:52 +02:00
Laurent Aimar
d92bfc98f9 Prevent NULL dereferences when the previous frame is missing in vmd video decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6a6383bebc)
 2011-10-01 20:24:46 +02:00
Laurent Aimar
1ed90c84f6 Check for invalid update parameters in vmd video decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e7aed1280e)
 2011-10-01 20:24:39 +02:00
Laurent Aimar
21c9d92646 Fix potential overread in vmd audio decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 00cbe9e405)
 2011-10-01 20:24:31 +02:00
Laurent Aimar
be22dc60f5 vp56:Fix error recovery code on size changes in vp5/6 decoder 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 1aad9cd9d2)
 2011-10-01 20:23:03 +02:00
Laurent Aimar
35f8ad420a vp6:Reset the internal state when aborting key frames header parsing in vp6 decoder. 
It prevents leaving the state only half initialized.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 91f104496b)
 2011-10-01 20:22:52 +02:00
Michael Niedermayer
f71c761a9e h264: pass buffer & size to ff_h264_decode_extradata() 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2011-10-01 20:11:00 +02:00
Laurent Aimar
101e38e08a h264: Check for out of bounds reads in ff_h264_decode_extradata(). 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 57764c6996)
 2011-10-01 19:54:49 +02:00
Sean McGovern
1cf6348cf7 fft: avoid a signed overflow 
As a signed integer, 1<<31 overflows, so force it to unsigned.

Signed-off-by: Alex Converse <alex.converse@gmail.com>
(cherry picked from commit c2d3f56107)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2011-10-01 19:50:22 +02:00
Jean First
8c0a0f10df tiffenc: initialize forgotten avctx. 
(cherry picked from commit f7e797aa5c)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2011-10-01 19:49:11 +02:00
Jean First
92566cf6ee tiffenc: Add forgotten avclass to context. 
(cherry picked from commit 43c481e569)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2011-10-01 19:49:05 +02:00
Michael Niedermayer
03e7314dd8 aacsbr: add a assert0 to check for a inconsistency that 
occurd during debug. I dont know if this can happen normally but if so
it would be quite bad.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit abe0dbea2e)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2011-10-01 19:48:34 +02:00
Michael Niedermayer
0d68a6f72d mpeg4videoenc: remove forgotten return -1 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f9bb7395a1)
 2011-10-01 19:30:31 +02:00
Michael Niedermayer
a0acc9eff6 mpeg4videoenc: guess a good aspect when we cant store the exact one. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 394781a897)
 2011-10-01 19:30:06 +02:00
Michael Niedermayer
e62ca1ab74 mpegvideo: increase emu edge buffer size 
This fixes a crash with 422 H.264

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 7322483d72)
 2011-10-01 01:32:23 +02:00
Michael Niedermayer
ceede3a802 h264: fix FIXME and use list_count in ff_h264_fill_mbaff_ref_list() 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 237d31e0b9)
 2011-09-28 23:36:54 +02:00
Michael Niedermayer
be9183de2e h264: More correct ref_count check in decode_slice_header() 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit dc9ce40069)
 2011-09-28 23:36:39 +02:00
Sascha Sommer
9960710b87 Fix segfault in save_bits: 
use put_bits_count to get the buffer fill state instead of
num_saved_bits as num_saved_bits is sometimes reset when
frames are lost
(Ticket 495)
(cherry picked from commit 780d45473c)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 4f6187c7356111540024901932294e9807061dd0)
 2011-09-27 03:06:04 +02:00
Dustin Brody
056e9efc8e vp6: partially propagate huffman tree building errors during coeff model parsing and fix misspelling 
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit f913eeea43)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2011-09-22 01:22:21 +02:00
Laurent Aimar
cf43508eb3 Check for huffman tree building error in vp6 decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 7c249d4fba)
 2011-09-22 01:19:27 +02:00
Laurent Aimar
c9c6e5f4e8 Release old pictures after a resolution change in vp5/6 decoder 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit dba20b8478)
 2011-09-22 01:19:21 +02:00
Laurent Aimar
a5a02ea3f2 Check for missing reference in vp5/6 decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6a0e78929a)
 2011-09-22 01:19:15 +02:00
Laurent Aimar
69b6248327 Check for invalid slices offsets in RV30/40 decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit b64269ce55)
 2011-09-22 01:19:07 +02:00
Laurent Aimar
533dbaa55b Check output buffer size in nellymoser decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 741ec30bd2)
 2011-09-22 01:19:01 +02:00
Michael Niedermayer
ec7f0b527c Merge remote-tracking branch 'khirnov/release/0.7' into release/0.8 
* khirnov/release/0.7: (64 commits)
  rv34: Check for invalid slice offsets
  rv34: Fix potential overreads
  rv34: Avoid NULL dereference on corrupted bitstream
  rv10: Reject slices that does not have the same type as the first one
  lavf: Fix context pointer in av_open_input_stream when avformat_open_input fails
  oggdec: fix out of bound write in the ogg demuxer
  Fixed size given to init_get_bits().
  smacker: fix a few off by 1 errors
  Check for invalid VLC value in smacker decoder.
  Check and propagate errors when VLC trees cannot be built in smacker decoder.
  Fixed off by one packet size allocation in the smacker demuxer.
  Check for invalid packet size in the smacker demuxer.
  ape demuxer: fix segfault on memory allocation failure.
  xan: Add some buffer checks (cherry picked from commit 0872bb23b4)
  Fixed size given to init_get_bits() in xan decoder. (cherry picked from commit 393d5031c6)
  smacker demuxer: handle possible av_realloc() failure.
  Fixed segfault with wavpack decoder on corrupted decorrelation terms sub-blocks.
  cljr: init_get_bits size in bits instead of bytes (cherry picked from commit 0c1f5b93d9)
  indeo2: fail if input buffer too small (cherry picked from commit b7ce4f1d1c)
  indeo2: init_get_bits size in bits instead of bytes (cherry picked from commit 68ca330cbd)
  ...

Conflicts:
	ffmpeg.c
	libavdevice/alsa-audio.h
	libavformat/gxf.c
	libswscale/x86/swscale_template.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
 2011-09-22 01:10:24 +02:00
Carl Eugen Hoyos
bf7dc6b29d Fix dxva2 decoding for some H264 samples. 2011-09-21 23:47:34 +02:00
Laurent Aimar
d2c5904cab Check for invalid slice offsets in real decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 8716c178dd)
 2011-09-21 21:04:51 +02:00
Laurent Aimar
738c17b3a6 rv10: Reject slices that does not have the same type as the first one 
This prevents crashes with some corrupted bitstreams.

Signed-off-by: Martin Storsjö <martin@martin.st>
 2011-09-21 21:03:11 +02:00
Laurent Aimar
60a1384013 Avoid NULL dereference on corrupted bitstream with real decoder. 
rv34_decode_slice() can return without allocating any pictures.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 140dbcff35)
 2011-09-21 20:56:53 +02:00
Laurent Aimar
b59919afe2 Reject slices that does not have the same type than the first one in RV10/RV20 decoder. 
This prevents crashes with some corrupted bitstreams.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit d788af6cf6)
 2011-09-21 20:56:53 +02:00
Michael Niedermayer
764ffdd0ec check all svq3_get_ue_golomb() returns. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 979bea1300)
 2011-09-21 20:56:53 +02:00
Michael Niedermayer
ed9e561490 rv34: check for size mismatch 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 35f38b3ab9)
 2011-09-21 20:56:53 +02:00
Laurent Aimar
4d8330d095 Fix js_vlc_bits value validation when joint stereo is used in cook decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 352c878de6)
 2011-09-21 19:50:08 +02:00
Laurent Aimar
30d7dce94f Fix potential overreads in rv34 decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 9a0a64cb26)
 2011-09-21 19:50:03 +02:00
Michael Niedermayer
fa3f7391be h264: allow disabling bitstream overread protection by using the fast flag. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 205c13685f)
 2011-09-21 19:49:30 +02:00
Alex Converse
b7000d0517 xan: Add some buffer checks 
(cherry picked from commit 0872bb23b4)
 2011-09-21 19:47:12 +02:00
Alex Converse
169e634457 xan: Remove extra trailing newline 
(cherry picked from commit 350f57bd7b)
 2011-09-21 19:47:06 +02:00
Laurent Aimar
053bc4ce8b Fixed size given to init_get_bits() in xan decoder. 
(cherry picked from commit 393d5031c6)
 2011-09-21 19:47:00 +02:00
Michael Niedermayer
e952ff6981 smacker: fix a few off by 1 errors 
stereo & 16bit is untested due to lack of samples

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit d67e74929c)
 2011-09-21 19:46:34 +02:00
Michael Niedermayer
9cee26dfde smacker: add forgotten * 
found by fenrir

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f98edc73c5)
 2011-09-21 19:46:23 +02:00
Kostya Shishkov
ad6177e52c rv34: check that subsequent slices have the same type as first one. 
This prevents some crashes when corrupted bitstream reports e.g. P-type
slice in I-frame. Official RealVideo decoder demands all slices to be
of the same type too.

Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 23a1f0c592)
 2011-09-21 19:36:53 +02:00
Laurent Aimar
c9316b7c6d Fixed invalid read access on extra data in cinepak decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit dc255275f6)
 2011-09-21 18:02:40 +02:00
Laurent Aimar
2bf9a09a2c Fixed segfaults on corruped smacker streams in the decoder. 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit d07ac1853d)
 2011-09-21 18:02:29 +02:00
Michael Niedermayer
54544100a3 h264: prevent an out of array read in decode_nal_units() 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit ea0ac11e52)
 2011-09-21 18:02:18 +02:00