c579ceffbe
avcodec/jpeg2000dec: Fix/check for multiple integer overflows
...
Fixes: shift exponent 35 is too large for 32-bit type 'int'
Fixes: 22857/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5202709358837760
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-14 19:17:07 +02:00
c0dfe134be
avcodec/lossless_audiodsp: Fix undefined overflows in scalarproduct_and_madd_int16_c()
...
Fixes: signed integer overflow: 2142077091 + 6881070 cannot be represented in type 'int'
Fixes: 22737/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5958388889681920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-14 19:17:07 +02:00
61d9bf514d
avcodec/sonic: Fix several integer state overflows
...
Fixes: signed integer overflow: -234 * -14797801 cannot be represented in type 'int'
Fixes: 20492/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-5695924975435776
Fixes: 22275/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-5695924975435776
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-14 19:17:07 +02:00
75d520e337
avcodec/sonic: Fix several integer overflows
...
Fixes: signed integer overflow: 2129689466 + 2129689466 cannot be represented in type 'int'
Fixes: 20715/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SONIC_fuzzer-5155263109922816
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-14 19:17:07 +02:00
e53235f06c
avcodec/mpeg4videodec: avoid invalid values and reinitialize in format changes for studio profile
...
Fixes: out of array access
Fixes: 23327/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-5134822992510976
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-14 18:20:37 +02:00
bd0f81526d
avcodec/pixlet: Fix log(0) check
...
Fixes: passing zero to clz(), which is not a valid argument
Fixes: 23337/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PIXLET_fuzzer-5179131989065728
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-14 18:20:37 +02:00
51225dee0a
avcodec/iff: Fix off by x error
...
Fixes: out of array access
Fixes: 23245/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5723121327013888.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-14 18:20:37 +02:00
01be03a4a0
avcodec/smvjpegdec: remove uninitialized ret
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-14 21:54:40 +08:00
9bb46cf100
avcodec/mpegvideo: remove extra space
...
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc >
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-14 21:54:40 +08:00
ab9ff762c1
lavc/qsv: fix make checkheaders warning
...
make checkheaders will get warning as follow:
In file included from libavcodec/qsv_internal.h.c:1:
./libavcodec/qsv_internal.h:24:5: warning: "CONFIG_VAAPI" is not defined, evaluates to 0 [-Wundef]
24 | #if CONFIG_VAAPI
| ^~~~~~~~~~~~
include "config.h" to fix the warning
Signed-off-by: Jun Zhao <barryjzhao@tencent.com >
2020-06-14 12:26:51 +08:00
0c2623d3aa
avcodec/ccaption_dec: switch active screen in end of caption early
...
Fixes dropping of last caption.
2020-06-13 12:02:44 +02:00
847d0b99de
avcodec/ccaption_dec: remove unused arguments from function
2020-06-13 12:02:44 +02:00
6995ea3506
avcodec/ccaption_dec: check for error codes
2020-06-13 12:02:44 +02:00
bdbe3f06a2
avcodec/alac: remove FF_ALLOC_OR_GOTO and gotos label
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
67de2d6a8c
avcodec/mpegvideo_enc: remove FF_ALLOCZ_ARRAY_OR_GOTO and gotos lable
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
70ad0b27c1
avcodec/mpegpicture: remove FF_ALLOCZ_ARRAY_OR_GOTO and gotos label
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
734e6a81b6
avcodec/mpegvideo: remove FF_ALLOCZ_ARRAY_OR_GOTO and gotos label
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
d3b2961200
avcodec/mpegvideo: simplify check for av_frame_alloc
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
44863b2c2d
avcodec/iirfilter: remove FF_ALLOCZ_OR_GOTO and gotos label
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
ebf2a8abdf
avcodec/aacenc: remove FF_ALLOCZ_ARRAY_OR_GOTO and gotos label
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
e6628ac8ff
avcodec/ac3enc_template: remove FF_ALLOC_ARRAY_OR_GOTO and gotos label
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
861b20aa95
avcodec/ac3enc: remove FF_ALLOCZ_ARRAY_OR_GOTO and gotos label
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
d5d00cb516
avcodec/snow: remove FF_ALLOCZ_ARRAY_OR_GOTO and gotos label
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
479c89aa2e
avcodec/dnxhdenc: remove FF_ALLOCZ_ARRAY_OR_GOTO and gotos label
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
afaaf27fc4
avcodec/twinvq: remove FF_ALLOCZ_ARRAY_OR_GOTO and gotos label
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:19 +08:00
8a8802e9cb
avcodec/apedec: remove FF_ALLOC_OR_GOTO and gotos lable
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:18 +08:00
4b2863ff01
avcodec: add FF_CODEC_CAP_INIT_CLEANUP for all codecs which use ff_mpv_common_init()
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:18 +08:00
42a3850360
avcodec/alac: Add FF_CODEC_CAP_INIT_CLEANUP
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:18 +08:00
17e88bf0df
avcodec/aacenc: add FF_CODEC_CAP_INIT_CLEANUP
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:18 +08:00
ee726e777b
avcodec/ac3enc: add FF_CODEC_CAP_INIT_CLEANUP
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:18 +08:00
61454bb6ff
avcodec/apedec: add FF_CODEC_CAP_INIT_CLEANUP
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:18 +08:00
3240121509
avcodec/adpcmenc: remove FF_ALLOC_OR_GOTO macros and gotos lable
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:18 +08:00
0a1dc81723
avcodec/h264dec: remove FF_ALLOCZ_ARRAY_OR_GOTO and gotos lable
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:18 +08:00
d6cdedee4c
avcodec/h264dec: store count of the tables into const variable for long lines
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:18 +08:00
96cc392a17
avcodec/h264dec: cosmetics
...
Signed-off-by: Limin Wang <lance.lmwang@gmail.com >
2020-06-13 06:59:18 +08:00
314d10f7a6
avcodec/wmalosslessdec: Check block_align maximum
...
Fixes: Assertion failure
Fixes: 22737/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5958388889681920
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-13 00:43:09 +02:00
aa88cdfd90
avcodec/loco: Fix signed integer overflow in loco_get_rice()
...
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 22975/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_LOCO_fuzzer-5658160970072064
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-13 00:43:09 +02:00
49ba60fed0
avcodec/cbs: Allocate more CodedBitstreamUnit at once in cbs_insert_unit()
...
Fixes: Timeout (85sec -> 0.5sec)
Fixes: 20791/clusterfuzz-testcase-minimized-ffmpeg_BSF_AV1_FRAME_SPLIT_fuzzer-5659537719951360
Fixes: 21214/clusterfuzz-testcase-minimized-ffmpeg_BSF_MPEG2_METADATA_fuzzer-5165560875974656
Fixes: 21247/clusterfuzz-testcase-minimized-ffmpeg_BSF_H264_METADATA_fuzzer-5715175257931776
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-13 00:43:09 +02:00
48de8f5816
avcodec/mpeg12dec: remove outdated comments
...
Found-by: Kieran
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-11 13:49:54 +02:00
38fbf33c72
avcodec/snowdec: Avoid integer overflow with huge qlog
...
Fixes: integer overflow
Fixes: 22285/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-5682428762128384
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-11 13:49:54 +02:00
d7a2311a2c
avcodec/movtextdec: Fix shift overflows in mov_text_init()
...
Fixes: left shift of 243 by 24 places cannot be represented in type 'int'
Fixes: 22716/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MOVTEXT_fuzzer-5704263425851392
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-11 13:49:54 +02:00
851e0dfe29
AVCodecContext: switch to child_class_iterate()
2020-06-10 12:36:44 +02:00
c0d6eaca50
bsf: switch to child_class_iterate()
2020-06-10 12:36:44 +02:00
0d6b4351c6
Remove unnecessary use of avcodec_close().
...
Replace it with avcodec_free_context() or drop it completely as
appropriate.
2020-06-10 11:31:16 +02:00
1ee3c984b9
avcodec/snow: ensure current_picture is writable before modifying its data
...
current_picture was not writable here because a reference existed in
at least avctx->coded_frame, and potentially elsewhere if the caller
created new ones from it.
Signed-off-by: James Almer <jamrial@gmail.com >
2020-06-09 18:18:11 -03:00
6943ab688d
pthread_frame: change the way delay is set
...
It is a constant known at codec init, so set it in
ff_frame_thread_init(). Also, only set it for video, since the meaning
of this field is not well-defined for audio with frame threading.
Fixes availability of delay in callbacks invoked from the per-thread
contexts after 1f4cf92cfb
2020-06-09 12:45:57 +02:00
c5079bf3bc
Bump minor versions after branching 4.3
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-08 22:49:04 +02:00
0a8a96c251
Bump minor versions to separate 4.3 from master
...
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-08 22:49:04 +02:00
4f33a9803a
avcodec/mpeg12dec: Fix got_output
...
This makes got_output consistent with the code in slice_end() which sets the output
in slice_end()
if (s->pict_type == AV_PICTURE_TYPE_B || s->low_delay) {
int ret = av_frame_ref(pict, s->current_picture_ptr->f);
...
} else {
Fixes: assertion failure
Fixes: 22178/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG1VIDEO_fuzzer-5664234440753152
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-08 20:45:56 +02:00
3371d0611f
tools/target_dec_fuzzer: enable mjpeg for tiff or tdsc
...
This is needed for fuzzing tiff/tdsc and should increase coverage
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2020-06-08 20:45:56 +02:00
Michael Niedermayer