ffmpeg

mirror of https://git.ffmpeg.org/ffmpeg.git synced 2026-01-22 05:51:08 +01:00

Author	SHA1	Message	Date
Michael Niedermayer	f7fb70292b	avfilter/vf_thumbnail_cuda: Set ret before checking it Fixes: CID1418336 Logically dead code Sponsored-by: Sovereign Tech Fund Reviewed-by: Timo Rothenpieler <timo@rothenpieler.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `02301017d2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-05-22 02:18:57 +02:00
Michael Niedermayer	84e5322442	avfilter/signature_lookup: Dont copy uninitialized stuff around Fixes: CID1403238 Uninitialized pointer read Fixes: CID1403239 Uninitialized pointer read Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e7174e66ac`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-05-22 02:18:19 +02:00
Michael Niedermayer	339f9e76f3	avfilter/signature_lookup: Fix 2 differences to the refernce SW Fixes: CID1403227 Division or modulo by float zero Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `25cb66369e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-05-22 02:17:56 +02:00
Michael Niedermayer	010ebbf11d	avfilter/vf_signature: Dont crash on no frames Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3d5f03bbc8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:48 +02:00
Michael Niedermayer	f7e2d40540	avfilter/signature_lookup: Do not dereference NULL pointers after malloc failure Fixes: CID 1403229 Dereference after null check Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `98ae1ad7cf`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:42 +02:00
Michael Niedermayer	87dfd6ee88	avfilter/signature_lookup: dont leave uncleared pointers in sll_free() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6c50482951`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:41 +02:00
Michael Niedermayer	4ce4f014b6	avfilter/vf_minterpolate: Check pts before division Fixes: FPE Fixes: tickets/10758/poc20ffmpeg Discovered by Zeng Yunxiang Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `68146f06f8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:40 +02:00
Michael Niedermayer	6dc59795a9	avfilter/vf_vidstabdetect: Avoid double AVERRORS Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `bb04235d72`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:39 +02:00
Michael Niedermayer	ec9821247c	avfilter/vf_swaprect: round coordinates down Fixes: out of array access: Fixes: tickets/10745/poc12ffmpeg Found-by: Li Zeyuan and Zeng Yunxiang. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7deaca71b3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:39 +02:00
Michael Niedermayer	698d4bc1be	avfilter/vf_swaprect: Use height for vertical variables Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9f4c5bd7d2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:39 +02:00
Michael Niedermayer	19b9bad4f7	avfilter/vf_swaprect: assert that rectangles are within memory Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9d1ba698d2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:38 +02:00
Michael Niedermayer	059dfb1a80	avfilter/af_alimiter: Check nextpos before use Fixes: out of array read Fixes: tickets/10744/poc11ffmpeg Found-by: Li Zeyuan and Zeng Yunxiang. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `a88b06f9ee`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:38 +02:00
Michael Niedermayer	cfcc45920e	avfilter/af_stereowiden: Check length Fixes: out of array access Fixes: tickets/10746/poc13ffmpeg Found-by: Zeng Yunxiang Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `50f0f8c53c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:38 +02:00
Michael Niedermayer	e65bae8a19	avfilter/vf_weave: Fix odd height handling Fixes: out of array access Fixes: tickets/10743/poc10ffmpeg Found-by: Zeng Yunxiang and Li Zeyuan Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0ecc1f0e48`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:37 +02:00
Michael Niedermayer	643e5f1dcb	avfilter/vf_gradfun: Do not overread last line The code works in steps of 2 lines and lacks support for odd height Implementing odd height support is better but for now this fixes the out of array access Fixes: out of array access Fixes: tickets/10702/poc6ffmpe Found-by: Zeng Yunxiang Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e4d2666bdc`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2024-04-14 22:12:37 +02:00
Michael Niedermayer	f7c84aa4db	avfilter/vf_showinfo: remove backspaces They mess with storing editing and comparing the results Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `31581ae7ee`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-10-09 21:33:04 +02:00
Michael Niedermayer	30dff62b4f	avfilter/vf_signature: Fix integer overflow in filter_frame() Fixes: CID1403233 The second of the 2 changes may be unneeded but will help coverity Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `dd6040675e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-10-09 21:32:58 +02:00
Michael Niedermayer	55a3423863	avfilter/vsrc_mandelbrot: Check for malloc failure Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `fbd22504c4`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-10-09 21:32:51 +02:00
Michael Niedermayer	54c4f1e32b	avfilter/vf_frei0r: Copy to frame allocated according to frei0r requirements Fixes: issues with non trivial linesize Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d353909e77`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-10-09 21:32:51 +02:00
Michael Niedermayer	ddc96fdb43	avfilter/video: Add ff_default_get_video_buffer2() to set specific alignment Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d740782701`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-10-09 21:32:51 +02:00
Paul B Mahol	7d4c2d90b3	avfilter/vf_colorspace: fix memmory leaks Fixes #8303 (cherry picked from commit `fddef964e8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-05-04 20:00:05 +02:00
Paul B Mahol	c6fdee5274	avfilter/vf_random: fix memory leaks Fixes #8296 (cherry picked from commit `3488e0977c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-05-04 20:00:05 +02:00
Paul B Mahol	6f579cf963	avfilter/vf_bwdif: fix heap-buffer overflow Fixes #8261 (cherry picked from commit `8c3166e1c3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-05-04 20:00:05 +02:00
Paul B Mahol	156af49b09	avfilter/vf_edgedetect: fix heap-buffer overflow Fixes #8275 (cherry picked from commit `de598f82f8`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-05-04 20:00:05 +02:00
Paul B Mahol	e103a2cb9c	avfilter/vf_w3fdif: deny processing small videos Fixes #8243 (cherry picked from commit `0e68e8c93f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-05-04 20:00:05 +02:00
Paul B Mahol	724b8fa1e2	avfilter/vf_avgblur: fix heap-buffer overflow Fixes #8274 (cherry picked from commit `f069a9c2a6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-05-04 20:00:05 +02:00
Paul B Mahol	7eb02a1f83	avfilter/af_tremolo: fix heap-buffer overflow Fixes #8317 (cherry picked from commit `58bb9d3a3a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-05-04 20:00:05 +02:00
Paul B Mahol	ff1c55c913	avfilter/vf_edgedetect: check if height is big enough Fixes #8260 (cherry picked from commit `ccf4ab8c9a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-05-04 20:00:05 +02:00
Paul B Mahol	72bc9bd8ef	avfilter/vf_bitplanenoise: fix overreads Fixes #8244 (cherry picked from commit `0b56723874`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-05-04 20:00:05 +02:00
Paul B Mahol	25b2341f9a	avfilter/vf_fieldorder: fix heap-buffer overflow Fixes #8264 (cherry picked from commit `07050d7bdc`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-05-04 20:00:05 +02:00
Paul B Mahol	b116c7a6b0	avfilter/vf_fieldmatch: fix heap-buffer overflow Also fix use of uninitialized values. Fixes #8239 (cherry picked from commit `ce5274c138`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-05-04 20:00:05 +02:00
Paul B Mahol	6ac6df4e1f	avfilter/vf_lenscorrection: make width/height int Somehow previous correct fix broke usage. (cherry picked from commit `79522411fa`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-07 23:56:00 +02:00
Oneric	4641d71fb0	avfilter/vf_subtitles: pass storage size to libass Due to a quirk of the ASS format some tags depend on the exact storage resolution of the video, so tell libass via ass_set_storage_size.	2022-04-07 16:27:00 +02:00
Paul B Mahol	84fdfdf859	avfilter/vf_gblur: fix heap-buffer overflow Fixes #8282 (cherry picked from commit `64a805883d`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-07 16:26:59 +02:00
Paul B Mahol	15900ff8e6	avfilter/vf_lenscorrection: fix division by zero Fixes #8265 (cherry picked from commit `19587c9332`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2022-04-07 16:26:59 +02:00
Paul B Mahol	98981312e1	avfilter/vf_neighbor: check if width is 1 Fixes #8242 (cherry picked from commit `e787f8fd7e`)	2022-04-07 16:26:59 +02:00
Timo Rothenpieler	2e68ac694c	avfilter/scale_npp: fix non-aligned output frame dimensions	2021-10-07 18:29:08 +02:00
Michael Niedermayer	3d3a60533b	avfilter/af_drmeter: Check that there is data Fixes: floating point division by 0 Fixes: -nan is outside the range of representable values of type 'int' Fixes: Ticket8307 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4f49fa6abe`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-10-06 13:54:16 +02:00
Michael Niedermayer	853147f753	avfilter/vf_mestimate: Check b_count Fixes: left shift of negative value -1 Fixes: Ticket8270 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `06af6e101b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-10-06 13:54:16 +02:00
Michael Niedermayer	f747fd6d6f	avfilter/vf_dctdnoiz: Check threads Fixes: floating point division by 0 Fixes: Ticket 8269 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4a3917c02c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-10-06 13:54:16 +02:00
Michael Niedermayer	879ac3418e	avfilter/vf_ciescope: Fix undefined behavior in rgb_to_xy() with black Fixes: floating point division by 0 Fixes: undefined behavior in handling NaN Fixes: Ticket 8268 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3d500e62f6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-10-06 13:54:16 +02:00
Michael Niedermayer	0ab6b4469c	avfilter/vf_yadif: Fix handing of tiny images Fixes: out of array access Fixes: Ticket8240 Fixes: CVE-2020-22021 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7971f62120`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-10-06 13:54:16 +02:00
Michael Niedermayer	e6b5c7a5fc	avfilter/vf_vmafmotion: Check dimensions Fixes: out of array access Fixes: Ticket8241 Fixes: Ticket8246 Fixes: CVE-2020-22019 Fixes: CVE-2020-22033 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `82ad1b7675`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-10-06 13:54:16 +02:00
Michael Niedermayer	41903a9dd2	avfilter/vf_scale: Fix adding 0 to NULL (which is UB) in scale_slice() Found-by: Jeremy Leconte <jleconte@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1cf96ce269`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2021-09-10 16:04:26 +02:00
Andreas Rheinhardt	15ccdea8b3	avfilter/vf_dedot: Fix leak of AVFrame if making it writable fails Even in this scenario, the frame still contains references to data that won't be freed if the frame isn't unreferenced. And the AVFrame itself will leak, too. Fixes Coverity issue #1441422. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `212077eda4`)	2020-05-20 10:51:29 +02:00
Andreas Rheinhardt	126cd3821d	avfilter/vf_paletteuse: Fix potential double-free of AVFrame apply_palette() would free an AVFrame given to it only via an AVFrame * (and not via AVFrame **) in three of its four exists (namely in the normal path and in two error paths). So upon error the caller has no way to know whether the frame has already been freed or not; load_apply_palette(), the only caller, opted to free the frame in this scenario. This commit changes this by making apply_palette not freeing the frame at all, which is left to load_apply_palette(). Fixes Coverity issue #1452434. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `adea33f465`)	2020-05-20 10:51:29 +02:00
Andreas Rheinhardt	02ac15ff35	avfilter/vf_xbr: Fix left shift of negative number Affected every usage of vf_xbr, e.g. the FATE-tests filter-2xbr, filter-3xbr, filter-4xbr. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4294dc3589`)	2020-05-20 03:49:13 +02:00
Andreas Rheinhardt	cbf4c7a6d8	avfilter/vf_hqx: Fix undefined left shifts of negative numbers Affected every usage of this filter; in particular, it affected the FATE-tests filter-2xbr, filter-3xbr and filter-4xbr. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `fa21194326`)	2020-05-20 03:48:42 +02:00
Andreas Rheinhardt	2980fb5704	avfilter/vf_unsharp: Don't dereference NULL The unsharp filter uses an array of arrays of uint32_t, each of which is separately allocated. These arrays also need to freed separately; but before doing so, one needs to check whether the array of arrays has actually been allocated, otherwise one would dereference a NULL pointer. This fixes #8408. Furthermore, the array of arrays needs to be zero-initialized so that no uninitialized pointer will be freed in case an allocation of one of the individual arrays fails. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `710ab13693`)	2020-05-20 00:24:23 +02:00
Michael Niedermayer	0a565190a7	avfilter/vf_aspect: Fix integer overflow in compute_dar() Fixes: signed integer overflow: 1562273630 * 17 cannot be represented in type 'int' Fixes: Ticket8323 Found-by: Suhwan Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0c0ca0f244`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-05-19 17:17:35 +02:00

1 2 3 4 5 ...

7629 Commits