summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* avcodec/vdpau_mpeg4: fix order of quant matrix coefficientsrelease/5.1Hendrik Leppkes2023-05-151-2/+3
| | | | | | The matrix coefficients are stored permutated for the IDCT, rather then in plain raster order, and need to be un-permutated for the hardware.
* avcodec/vdpau_mpeg12: fix order of quant matrix coefficientsHendrik Leppkes2023-05-151-2/+3
| | | | | | The matrix coefficients are stored permutated for the IDCT, rather then in plain raster order, and need to be un-permutated for the hardware.
* avcodec/nvdec_mpeg4: fix order of quant matrix coefficientsHendrik Leppkes2023-05-151-2/+3
| | | | | | The matrix coefficients are stored permutated for the IDCT, rather then in plain raster order, and need to be un-permutated for the hardware.
* avcodec/nvdec_mpeg2: fix order of quant matrix coefficientsHendrik Leppkes2023-05-151-2/+3
| | | | | | The matrix coefficients are stored permutated for the IDCT, rather then in plain raster order, and need to be un-permutated for the hardware.
* fftools/ffmpeg: avoid possible invalid reads with short -tag valuesAnton Khirnov2023-04-171-4/+10
| | | | | | Fixes #10319 and #10309. Based on 89c9a3ac3542c3684e511607d88b265bfa6aa64f.
* avcodec/mp_cmp: reject invalid comparison function valuesJames Almer2023-04-166-12/+26
| | | | | | | Fixes tickets #10306 and #10318. Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit 7c6e26a18403376987541f1ca801ae225f8ee6d4)
* avcodec/aacpsy: clip global_quality within the psy_vbr_map array boundariesJames Almer2023-04-161-1/+1
| | | | | | | Fixes ticket #10317. Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit 5cda6b94f45c347805cbd5a0c7ed1d712b5722d7)
* avutil/wchar_filename: propagate MultiByteToWideChar() and ↵James Almer2023-04-161-2/+4
| | | | | | | | | WideCharToMultiByte() failures Don't return success if the string could not be converted. Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit 92885f26817b6b2515ac9fd5410c9e8be64bd0c0)
* avformat/concatf: check if any nodes were allocatedJames Almer2023-04-161-0/+2
| | | | | | | Fixes ticket #10304 Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit 19c2dc677f81c940aebe63ed09dacf5c725f0b35)
* avcodec/nvenc: fix b-frame DTS behavior with fractional frameratesKyle Manning2023-04-031-1/+1
| | | | | | | | When using fractional framerates (or any fraction with a numerator != 1), DTS values for packets would be calculated incorrectly. Signed-off-by: Kyle Manning <tt2468@irltoolkit.com> Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
* Changelog: updaten5.1.3Michael Niedermayer2023-03-261-0/+5
| | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/tests/snowenc: Fix 2nd testMichael Niedermayer2023-03-261-2/+2
| | | | | (cherry picked from commit 163013c72452621624f634c706824c77222b77c5) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/tests/snowenc: return a failure if DWT/IDWT mismatchesMichael Niedermayer2023-03-261-3/+10
| | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 771c266c0be29e6a1001fbd6795dd343147da1f2) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/snowenc: Fix visual weight calculationMichael Niedermayer2023-03-268-40/+44
| | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 5b5fcadea059ab458a886261a5b7a1cc134b517a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/tests/snowenc: unbreak DWT testsMichael Niedermayer2023-03-261-9/+14
| | | | | | | | the IDWT data type mismatched current code Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 8b3351bbead47f7f306621b45c8f2391b6bd23d2) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avfilter/vf_untile: swap the chroma shift values used for plane offsetsJames Almer2023-03-161-2/+2
| | | | | | | Fixes ticket #10265 Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit dc61d5cf195bc6de9263883c42a58348863e6d4f)
* update for 5.1.3Michael Niedermayer2023-03-163-2/+62
| | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg12dec: Check input sizeMichael Niedermayer2023-03-161-0/+4
| | | | | | | | | | Fixes: Timeout Fixes: 53599/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IPU_fuzzer-4950102511058944 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 7c130d6911f5b09bfc648f6ae678c4c0749f61bb) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/escape124: Fix some return codesMichael Niedermayer2023-03-161-7/+7
| | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 98df605f7a8e80471a113f7beb0983c90aa84525) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/escape124: fix signdness of end of input checkMichael Niedermayer2023-03-161-1/+1
| | | | | | | | | | Fixes: Timeout Fixes: 56561/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ESCAPE124_fuzzer-5560363635834880 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 87ad0a5dd7d12c91badc215c3b5d6745fa7acb02) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* Use https for repository linksMichael Niedermayer2023-03-163-5/+5
| | | | | | | Reviewed-by: Stefano Sabatini <stefasab@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 011f30fc8205eff8e775d04afb98e02685cd8a7a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/rpzaenc: stop accessing out of bounds framePaul B Mahol2023-03-161-7/+15
| | | | | (cherry picked from commit 92f9b28ed84a77138105475beba16c146bdaf984) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/smcenc: stop accessing out of bounds framePaul B Mahol2023-03-161-4/+14
| | | | | (cherry picked from commit 13c13109759090b7f7182480d075e13b36ed8edd) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/motionpixels: Mask pixels to valid valuesMichael Niedermayer2023-03-161-1/+1
| | | | | | | | | | Fixes: out of array access Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOTIONPIXELS_fuzzer-6724203352555520 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ac6eec1fc258efce219e4fccb84312a1b13a7a23) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/xpmdec: Check size before allocation to avoid truncationMichael Niedermayer2023-03-161-0/+3
| | | | | | | | | | | Fixes:OOM Fixes:out of array access (no testcase) Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XPM_fuzzer-6573323838685184 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 95f0f84dae4f040d91f1e60dc5438612c58e8906) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/bink: Avoid undefined out of array end pointers in binkb_decode_plane()Michael Niedermayer2023-03-161-4/+4
| | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit ea9deafd3b13233802c4548c4c58a707d76805a3) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/bink: Fix off by 1 error in ref endMichael Niedermayer2023-03-161-1/+1
| | | | | | | | | | | | | | Fixes: out of array access Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BINK_fuzzer-6657932926517248 Alterantivly to this it is possibly to allocate a bigger array Note: oss-fuzz assigned this issue to a unrelated theora bug so the bug number matches that Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 49487045dde6f69194332aac51fd4e598e19c7b6) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/utils: Ensure linesize for SVQ3Michael Niedermayer2023-03-161-0/+3
| | | | | | | | | | Fixes: Assertion block_w * sizeof(uint8_t) <= ((buf_linesize) >= 0 ? (buf_linesize) : (-(buf_linesize)) Fixes: 54861/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SVQ3_fuzzer-5352418248622080 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4eef658ca59d3d6ba46ab52a36d7faf5fe820874) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/utils: allocate a line more for VC1 and WMV3Michael Niedermayer2023-03-161-0/+1
| | | | | | | | | | | | | | Fixes: out of array read on 32bit Fixes: 54857/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-5840588224462848 The chroma MC code reads over the currently allocated frame. Alternative fixes would be allocating a few bytes more at the end instead of a whole line extra or to adjust the threshold where the edge emu code is activated Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 01636a63d452c592ece35af6f72bb7affcad58f2) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/videodsp_template: Adjust pointers to avoid undefined pointer thingsMichael Niedermayer2023-03-161-2/+2
| | | | | | | | | | Fixes: subtraction of unsigned offset from 0xf6602770 overflowed to 0xf6638c80 Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_THEORA_fuzzer-495074400600064 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit f0150cd41c2d3c01050a6c4f3df1de511a217913) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/pngdec: dont skip/read chunk twiceMichael Niedermayer2023-03-161-0/+1
| | | | | | | | | | Fixes: out of array access Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PNG_fuzzer-6668158952144896.fuzz Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit df1a38d5200e14a29903f1027b4548d595c7ff8a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/pngdec: Check deloco index more exactlyMichael Niedermayer2023-03-161-1/+1
| | | | | | | | | | | | Fixes: out of array access: Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PNG_fuzzer-6716193709096960 Alternatively it should be possible to limit this to 3 plane RGB 8 /16bit to ensure the size is what it should be Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit d5bae704068dc37191280e024eecb8d02b762b28) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/ffv1dec: Check that num h/v slices is supportedMichael Niedermayer2023-03-161-0/+5
| | | | | | | | | | Fixes: out of array access Fixes: 55597/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFV1_fuzzer-4898293416329216 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 8ead0ae68eb64ad325efafd686c434727f3d666a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mov: Check samplesize and offset to avoid integer overflowMichael Niedermayer2023-03-161-0/+7
| | | | | | | | | | Fixes: signed integer overflow: 9223372036854775584 + 536870912 cannot be represented in type 'long' Fixes: 55844/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-510613920664780 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 53c1f5c2e28e54ea8174b196d5cf4a158907395a) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavu/vulkan: fix handle type for 32-bit targetsKacper Michajłow2023-03-092-1/+5
| | | | | | | | | Fixes compilation with clang which errors out on Wint-conversion. Signed-off-by: Kacper Michajłow <kasper93@gmail.com> Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit cc76e8340d28438c1ac56ee7dfd774d25e944264) Signed-off-by: Martin Storsjö <martin@martin.st>
* vulkan: Fix win/i386 calling conventionMartin Storsjö2023-03-091-4/+4
| | | | | | | | | | | | | This fixes the following error when compiling with a modern version of Clang for Windows/i386: src/libavutil/hwcontext_vulkan.c:738:32: error: incompatible function pointer types initializing 'PFN_vkDebugUtilsMessengerCallbackEXT' (aka 'unsigned int (*)(enum VkDebugUtilsMessageSeverityFlagBitsEXT, unsigned int, const struct VkDebugUtilsMessengerCallbackDataEXT *, void *) __attribute__((stdcall))') with an expression of type 'VkBool32 (VkDebugUtilsMessageSeverityFlagBitsEXT, VkDebugUtilsMessageTypeFlagsEXT, const VkDebugUtilsMessengerCallbackDataEXT *, void *)' (aka 'unsigned int (enum VkDebugUtilsMessageSeverityFlagBitsEXT, unsigned int, const struct VkDebugUtilsMessengerCallbackDataEXT *, void *)') [-Wincompatible-function-pointer-types] .pfnUserCallback = vk_dbg_callback, ^~~~~~~~~~~~~~~ Signed-off-by: Martin Storsjö <martin@martin.st> (cherry picked from commit f9620d74cd49c35223304ba41e28be6144e45783) Signed-off-by: Martin Storsjö <martin@martin.st>
* avcodec/pictordec: Remove mid exit branchMichael Niedermayer2023-02-221-2/+0
| | | | | | | | | | | This causes the RLE decoder to exit before applying the last RLE run All images i tested with are unchanged, this makes the special case for handling the last run unused for non truncated images. Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 88f0e05c72f0de0cae3d9f0c5644f1965632b641) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/eac3dec: avoid float noise in fixed mode addition to overflowMichael Niedermayer2023-02-222-1/+5
| | | | | | | | | | Fixes: 2.28595e+09 is outside the range of representable values of type 'int' Fixes: 54644/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AC3_FIXED_fuzzer-4816961584627712 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 2f48d227c153fa6f0a2156f3e8d18ea1bfedf18d) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/utils: use 32pixel alignment for binkMichael Niedermayer2023-02-221-0/+2
| | | | | | | | | | | | bink supports 16x16 blocks in chroma planes thus we need to allocate enough. Fixes: out of array access Fixes: 55026/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BINK_fuzzer-6013915371012096 Reviewed-by: Peter Ross <pross@xvid.org> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit b95b2c8492fc1b52afd8fbe67b3be3cd518485d6) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/scpr3: Check bxMichael Niedermayer2023-02-221-0/+3
| | | | | | | | | | Fixes: Out of array access Fixes: 55102/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-4877396618903552 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit cc7e984a05b28dcfaaaad95afa061be71b4ba7fc) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/012v: Order operations for odd size handlingMichael Niedermayer2023-02-221-2/+2
| | | | | | | | | | | | Fixes: out of array access Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ZERO12V_fuzzer-6714182078955520.fuzz Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ZERO12V_fuzzer-6698145212137472.fuzz Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 4d42d82563d806b5610c0c91497e24ef7f37d4cf) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/eatgq: : Check index increments in tgq_decode_block()Michael Niedermayer2023-02-221-3/+11
| | | | | | | | | | Fixes: out of array access Fixes: 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EATGQ_fuzzer-6743211456724992 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit e7755b433e913e32bb061f17d5ecfcbcfef995b7) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/h274: fix includeMichael Niedermayer2023-02-221-1/+1
| | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 379e43e6ec4a7da692be3c7b8039e6c716adbf68) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/scpr: Test bx before useMichael Niedermayer2023-02-221-0/+3
| | | | | | | | | | Fixes: out of array access on 32bit Fixes: 54850/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SCPR_fuzzer-5302669294305280 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 1b59de3770b2e3f7f44ec4adba27c88b79adaaec) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/mxfdec: Use 64bit in remainderMichael Niedermayer2023-02-221-2/+2
| | | | | | | | | | | Fixes: signed integer overflow: 48000 * 223587 cannot be represented in type 'int' Fixes: 54513/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5817594836025344 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Tomas Härdin <git@haerdin.se> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 64a04fc165d453fe49906b228ac16385eda28564) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/sunrast: Fix maplength checkMichael Niedermayer2023-02-211-2/+17
| | | | | | | | | | Fixes: out of bounds read Found-by: Ibrahim Mohamed <ielsayed@meta.com> Reviewed-by; Ibrahim Mohamed <ielsayed@meta.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit f8a2a65078eaac37eae4a0d7ef440849a9d8f5b5) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/wavpack: Avoid undefined shift in get_tail()Michael Niedermayer2023-02-211-1/+1
| | | | | | | | | | Fixes: left shift of 1208485947 by 1 places cannot be represented in type 'int' Fixes: 54058/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WAVPACK_fuzzer-5827521084260352 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 8374a747af247d45eb466fcb4aee90f3ae798aad) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/wavpack: Check for end of input in wv_unpack_dsd_high()Michael Niedermayer2023-02-211-0/+4
| | | | | | | | | | Fixes: Timeout Fixes: 50793/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WAVPACK_fuzzer-4980185027444736 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 6ad7403bcee47e7c5e99a9c0266935e0da50c9d2) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avformat/id3v2: Check taglen in read_uslt()Michael Niedermayer2023-02-211-2/+2
| | | | | | | | | | | Fixes: Timeout (read mostly the same data repeatly) Fixes: 52457/clusterfuzz-testcase-minimized-ffmpeg_dem_ALP_fuzzer-6610706313379840 Fixes: 53098/clusterfuzz-testcase-minimized-ffmpeg_dem_SOL_fuzzer-6481382981632000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit a798af91d7d1fc31cfc1ae09cc6ab3907304f44f) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/tiff: Ignore tile_countMichael Niedermayer2023-02-211-4/+2
| | | | | | | | | | Fixes: out of array access Fixes: 52427/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_fuzzer-4849108968144896 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 65ce417828cc6f5209d8467bc7755f0c59e9aa49) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
View Lorry Controller Status