Michael Niedermayer
d577bde974
avcodec/apedec: Fix integer overflows in predictor_update_3930()
...
Fixes: signed integer overflow: 1074134419 - -1075212485 cannot be represented in type 'int'
Fixes: 43273/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-4706880883130368
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 0c9c9bbd01michael@niedermayer.cc >
2022-01-13 23:23:23 +01:00
Michael Niedermayer
ee84c87edf
avcodec/apedec: fix integer overflow in 8bit samples
...
Fixes: signed integer overflow: 2147483542 + 128 cannot be represented in type 'int'
Fixes: 42812/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6344057861832704
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 7cee3b3718michael@niedermayer.cc >
2022-01-13 23:13:02 +01:00
Michael Niedermayer
5e8556dd36
avcodec/apedec: Change avg to uint32_t
...
Fixes: Integer overflow
Fixes: 40973/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6739312704618496
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Suggested-by: Anton Khirnov <anton@khirnov.net >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 0ec75723a4michael@niedermayer.cc >
2022-01-13 22:43:27 +01:00
Michael Niedermayer
5a514d8e9b
avcodec/apedec: Use 64bit to avoid overflow
...
Fixes: runtime error: signed integer overflow: 727298502 * 3 cannot be represented in type 'int'
Fixes: 39172/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-638602483033702
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit f059b56195michael@niedermayer.cc >
2021-10-09 22:02:21 +02:00
Michael Niedermayer
8a904d1475
avcodec/apedec: Fix undefined integer overflow in long_filter_ehigh_3830()
...
Fixes: signed integer overflow: -2145648640 - 3357696 cannot be represented in type 'int'
Fixes: 38899/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5358815017566208
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit ad517ee6e4michael@niedermayer.cc >
2021-10-09 22:02:21 +02:00
Michael Niedermayer
4c6e3e4cf7
avcodec/apedec: Fix integer overflow in intermediate
...
Fixes: signed integer overflow: 559334865 * 4 cannot be represented in type 'int'
Fixes: 37929/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6751932295806976
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 90da43557fmichael@niedermayer.cc >
2021-10-09 22:02:21 +02:00
Michael Niedermayer
e6565c33a1
avcodec/apedec: Fix 2 integer overflows in filter_3800()
...
Fixes: signed integer overflow: 1683879955 - -466265224 cannot be represented in type 'int'
Fixes: 37419/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6074294407921664
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 33feb527ffmichael@niedermayer.cc >
2021-10-09 22:02:21 +02:00
Michael Niedermayer
9704e1ac08
avcodec/apedec: Fix undefined integer overflow with 24bit
...
Fixes: signed integer overflow: 8683744 * 256 cannot be represented in type 'int'
Fixes: 23527/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5679885932822528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 9f7b252cdfmichael@niedermayer.cc >
2021-10-09 22:02:19 +02:00
Michael Niedermayer
b503ec1ae1
avcodec/apedec: Fix invalid shift with 24 bps
...
Fixes: left shift of negative value -463
Fixes: 20542/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5688714435231744
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 8e27867229michael@niedermayer.cc >
2020-07-01 12:49:26 +02:00
Michael Niedermayer
ba17b9961a
avcodec/apedec: Fix integer overflows in predictor_decode_mono_3950()
...
Fixes: signed integer overflow: -2147407150 + -1871606 cannot be represented in type 'int'
Fixes: 18702/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5679095417667584
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit eb64a5c6f9michael@niedermayer.cc >
2020-07-01 12:49:26 +02:00
Michael Niedermayer
a7d8e08ddf
avcodec/apedec: Fix undefined integer overflow in decode_array_0000()
...
Fixes: signed integer overflow: -2143289344 - 6246400 cannot be represented in type 'int'
Fixes: 19239/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5173755680915456
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit a3655bb02cmichael@niedermayer.cc >
2020-07-01 12:49:26 +02:00
Michael Niedermayer
7281f83903
avcodec/apedec: Fix 2 integer overflows
...
Fixes: signed integer overflow: 2119056926 - -134217728 cannot be represented in type 'int'
Fixes: 18728/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5747539563511808
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 6e15ba2d1fmichael@niedermayer.cc >
2020-07-01 12:49:26 +02:00
Michael Niedermayer
0c67877df2
avcodec/apedec: Fixes integer overflow of res+*data in do_apply_filter()
...
Fixes: signed integer overflow: 7400 + 2147482786 cannot be represented in type 'int'
Fixes: 18405/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5708834760294400
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit dc3f327e74michael@niedermayer.cc >
2020-07-01 12:49:26 +02:00
Michael Niedermayer
d549c5d81f
avcodec/apedec: Fix integer overflow in filter_3800()
...
Fixes: signed integer overflow: 2117181180 + 60483298 cannot be represented in type 'int'
Fixes: 18344/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5685327791915008
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 1c038c5c63michael@niedermayer.cc >
2020-07-01 12:49:26 +02:00
Michael Niedermayer
53f61bdcea
avcodec/apedec: Fix undefined integer overflow in long_filter_ehigh_3830()
...
Fixes: signed integer overflow: -1094995529 * 2 cannot be represented in type 'int'
Fixes: 18281/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5692589180715008
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 1d1719a44dmichael@niedermayer.cc >
2020-07-01 12:49:26 +02:00
Michael Niedermayer
21436750a1
avcodec/apedec: Only clear the needed buffer space, instead of all
...
Fixes: Timeout (15sec -> 0.4sec)
Fixes: 18396/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5730080487112704
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit f17ea02001michael@niedermayer.cc >
2020-07-01 12:49:26 +02:00
Michael Niedermayer
462949e087
avcodec/apedec: Fix integer overflow in predictor_update_3930()
...
Fixes: signed integer overflow: -69555262 * 31 cannot be represented in type 'int'
Fixes: 17698/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5728970447781888
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 5c072c9ed7michael@niedermayer.cc >
2020-07-01 12:49:26 +02:00
Michael Niedermayer
3ef741291c
avcodec/apedec: Fix several integer overflows in predictor_update_filter() and do_apply_filter()
...
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: signed integer overflow: -14527961 - 2147483425 cannot be represented in type 'int'
Fixes: 16380/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5645957131141120
Fixes: 16968/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5716169901735936
Fixes: 17074/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5198710497083392
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 1e95a3e8a7michael@niedermayer.cc >
2020-07-01 12:49:26 +02:00
Michael Niedermayer
593f625081
avcodec/apedec: Fix 32bit int overflow in do_apply_filter()
...
Fixes: signed integer overflow: 2147480546 + 4096 cannot be represented in type 'int'
Fixes: 16280/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5123442566758400
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <tjoppen@acc.umu.se >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 9d3ddef519michael@niedermayer.cc >
2020-07-01 12:49:26 +02:00
Michael Niedermayer
db696af196
avcodec/apedec: Fix 2 signed overflows
...
Fixes: left shift of 1073741824 by 1 places cannot be represented in type 'int'
Fixes: signed integer overflow: 2049431315 + 262759074 cannot be represented in type 'int'
Fixes: 16012/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5719016003338240
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 392c028cd2michael@niedermayer.cc >
2020-07-01 12:11:55 +02:00
Michael Niedermayer
9cbe9f8054
avcodec/apedec: Do not partially clear data array
...
Fixes: Assertion failure and memleak
Fixes: 15709/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5182435093905408
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 8e4b522c91michael@niedermayer.cc >
2020-07-01 12:11:55 +02:00
Michael Niedermayer
97b4a01596
avcodec/apedec: make left/right unsigned to avoid undefined behavior
...
Fixes: signed integer overflow: 755176387 + 1515360583 cannot be represented in type 'int'
Fixes: 15506/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5706859232624640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit bf778af149michael@niedermayer.cc >
2020-07-01 12:11:55 +02:00
Michael Niedermayer
7f974f343e
avcodec/apedec: Fix multiple integer overflows and undefined behaviorin filter_3800()
...
Fixes: left shift of negative value -4
Fixes: signed integer overflow: -15091694 * 167 cannot be represented in type 'int'
Fixes: signed integer overflow: 1898547155 + 453967445 cannot be represented in type 'int'
Fixes: 15258/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5759095564402688
Fixes: signed integer overflow: 962196438 * 31 cannot be represented in type 'int'
Fixes: 15364/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5718799845687296
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 267eb2ab7fmichael@niedermayer.cc >
2020-07-01 12:11:55 +02:00
Michael Niedermayer
55a510ce32
avcodec/apedec: Fix various integer overflows
...
Fixes: signed integer overflow: -538976267 * 31 cannot be represented in type 'int'
Fixes: left shift of 65312 by 16 places cannot be represented in type 'int'
Fixes: 15255/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5718831688843264
Fixes: 15547/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5691384901664768
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 240bf0e596michael@niedermayer.cc >
2020-07-01 12:11:55 +02:00
Michael Niedermayer
a625520f85
avcodec/apedec: Fix multiple integer overflows in predictor_update_filter()
...
Fixes: signed integer overflow: -829262115 + -1410750414 cannot be represented in type 'int'
Fixes: 15251/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5651742252859392
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 0af08cb803michael@niedermayer.cc >
2020-07-01 12:11:55 +02:00
Michael Niedermayer
5cbd861f0f
avcodec/apedec: Add k < 24 check to the only k++ case which lacks such a check
...
Fixes: 15255/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-5718831688843264
Fixes: left shift of 1 by 31 places cannot be represented in type 'int'
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit 3d4f4f4a15michael@niedermayer.cc >
2020-07-01 12:11:55 +02:00
Michael Niedermayer
5bb861d45b
avcodec/apedec: Fix integer overflow
...
Fixes: out of array access
Fixes: PoC.ape and others
Found-by: Bingchang, Liu@VARAS of IIE
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
(cherry picked from commit ba4beaf614michael@niedermayer.cc >
2017-07-16 17:02:30 +02:00
Clément Bœsch
8ef57a0d61
Merge commit '41ed7ab45fc693f7d7fc35664c0233f4c32d69bb'
...
* commit '41ed7ab45fc693f7d7fc35664c0233f4c32d69bb':
cosmetics: Fix spelling mistakes
Merged-by: Clément Bœsch <u@pkh.me >
2016-06-21 21:55:34 +02:00
Luca Barbato
dd4fb2339f
ape: Unbreak adaptcoeffs computation
...
And simplify and explain the expression.
Fault introduced in f3fdef108ederek.buitenhuis@gmail.com >
2016-05-12 14:32:16 +01:00
Derek Buitenhuis
22900770c5
Merge commit 'f3fdef108eb06b1e71b29152bf6822519e787efe'
...
* commit 'f3fdef108eb06b1e71b29152bf6822519e787efe':
ape: Avoid undefined behaviour
Merged-by: Derek Buitenhuis <derek.buitenhuis@gmail.com >
2016-05-12 14:20:51 +01:00
Vittorio Giovara
41ed7ab45f
cosmetics: Fix spelling mistakes
...
Signed-off-by: Diego Biurrun <diego@biurrun.de >
2016-05-04 18:16:21 +02:00
Luca Barbato
4012fe1ee8
ape: Unbreak adaptcoeffs computation
...
And simplify and explain the expression.
Fault introduced in f3fdef108e
2016-04-24 10:18:25 +02:00
Luca Barbato
f3fdef108e
ape: Avoid undefined behaviour
...
Avoid the clang warning
"warning: shifting a negative signed value is undefined"
2016-04-19 20:22:31 +02:00
Paul B Mahol
9149e9c0ba
avcodec/apedec: fix decoding of stereo files with one channel full of silence
...
Signed-off-by: Paul B Mahol <onemda@gmail.com >
2016-04-12 11:03:48 +02:00
Carl Eugen Hoyos
9cf8c3e62c
ape: Show more information for loglevel verbose.
...
Requested by Andy E, fixes bug 687.
2016-01-19 11:02:14 +01:00
Michael Niedermayer
cd7524fdd1
avcodec/apedec: Check length in long_filter_high_3800()
...
Fixes out of array read
Fixes: 0a7ff0c1d93da9cef28a315ec91b692a/asan_heap-oob_4a52e5_3604_9c56dbb20e308f4faeef7b35f688521a.ape
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2015-12-02 21:38:11 +01:00
Ganesh Ajjanagadde
c4c389aa14
avcodec/apedec: fix bug introduced in commit d3e5fbb140
...
Signed-off-by: Ganesh Ajjanagadde <gajjanagadde@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2015-10-03 23:04:23 +02:00
Ganesh Ajjanagadde
d3e5fbb140
avcodec/apedec: fix undefined left shifts of negative numbers
...
This fixes -Wshift-negative-value reported with clang 3.7+, e.g
http://fate.ffmpeg.org/log.cgi?time=20150919172459&log=compile&slot=x86_64-darwin-clang-polly-notiling-3.7 .
Note that the patch crucially depends on int >= 32 bits,
an assumption made in many places in the codebase.
Signed-off-by: Ganesh Ajjanagadde <gajjanagadde@gmail.com >
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc >
2015-09-29 15:05:38 +02:00
Michael Niedermayer
444e9874a7
Merge commit 'def97856de6021965db86c25a732d78689bd6bb0'
...
* commit 'def97856de6021965db86c25a732d78689bd6bb0':
lavc: AV-prefix all codec capabilities
Conflicts:
cmdutils.c
ffmpeg.c
ffplay.c
libavcodec/8svx.c
libavcodec/aacenc.c
libavcodec/ac3dec.c
libavcodec/adpcm.c
libavcodec/alac.c
libavcodec/atrac3plusdec.c
libavcodec/bink.c
libavcodec/dnxhddec.c
libavcodec/dvdec.c
libavcodec/dvenc.c
libavcodec/ffv1dec.c
libavcodec/ffv1enc.c
libavcodec/fic.c
libavcodec/flacdec.c
libavcodec/flacenc.c
libavcodec/flvdec.c
libavcodec/fraps.c
libavcodec/frwu.c
libavcodec/gifdec.c
libavcodec/h261dec.c
libavcodec/hevc.c
libavcodec/iff.c
libavcodec/imc.c
libavcodec/libopenjpegdec.c
libavcodec/libvo-aacenc.c
libavcodec/libvorbisenc.c
libavcodec/libvpxdec.c
libavcodec/libvpxenc.c
libavcodec/libx264.c
libavcodec/mjpegbdec.c
libavcodec/mjpegdec.c
libavcodec/mpegaudiodec_float.c
libavcodec/msmpeg4dec.c
libavcodec/mxpegdec.c
libavcodec/nvenc_h264.c
libavcodec/nvenc_hevc.c
libavcodec/pngdec.c
libavcodec/qpeg.c
libavcodec/ra288.c
libavcodec/rv10.c
libavcodec/s302m.c
libavcodec/sp5xdec.c
libavcodec/takdec.c
libavcodec/tiff.c
libavcodec/tta.c
libavcodec/utils.c
libavcodec/v210dec.c
libavcodec/vp6.c
libavcodec/vp9.c
libavcodec/wavpack.c
libavcodec/yop.c
Merged-by: Michael Niedermayer <michael@niedermayer.cc >
2015-07-27 22:50:18 +02:00
Vittorio Giovara
def97856de
lavc: AV-prefix all codec capabilities
...
Express bitfields more simply.
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com >
2015-07-27 15:24:58 +01:00
Andreas Cadhalpun
295e05a762
ape: Support _0000 files with nblock smaller than 64
...
The decode_array_0000 assumed that 64 is the minimal block size
while it is not.
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org >
2015-05-08 11:10:51 +02:00
Andreas Cadhalpun
699341d647
apedec: prevent out of array writes in decode_array_0000
...
s->decoded_buffer is allocated with a min_size of:
2 * FFALIGN(blockstodecode, 8) * sizeof(*s->decoded_buffer)
Then it is assigned to s->decoded[0] (and s->decoded_buffer + FFALIGN(blockstodecode, 8)
to s->decoded[1]) and passed as out buffer to decode_array_0000.
In this function 64 elements of the out buffer are written
unconditionally and outside the array if blockstodecode is too small.
This causes memory corruption, leading to segmentation faults or other
crashes.
Thus change decode_array_0000 to write at most blockstodecode elements
of the out buffer.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com >
Signed-off-by: Michael Niedermayer <michaelni@gmx.at >
2015-04-28 12:43:13 +02:00
Andreas Cadhalpun
464c49155c
apedec: set s->samples only when init_frame_decoder succeeded
...
Otherwise range_start_decoding is not necessarily run and thus
ctx->rc.range still 0 in range_dec_normalize leading to an infinite
loop.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com >
Signed-off-by: Michael Niedermayer <michaelni@gmx.at >
2015-04-28 03:21:12 +02:00
zhaoxiu.zeng
ac7fc444ee
avcodec/apedec: simplify sign conversion
...
Signed-off-by: Zeng Zhaoxiu <zhaoxiu.zeng@gmail.com >
Signed-off-by: Michael Niedermayer <michaelni@gmx.at >
2015-02-14 01:09:44 +01:00
zhaoxiu.zeng
0073c8e345
avcodec/apedec: move 'coeffs[256] and delay[256]' into, long_filter_high_3800
...
Signed-off-by: Zeng Zhaoxiu <zhaoxiu.zeng@gmail.com >
Signed-off-by: Michael Niedermayer <michaelni@gmx.at >
2015-02-13 23:23:27 +01:00
Michael Niedermayer
35bb74900b
Merge commit 'c67b449bebbe0b35c73b203683e77a0a649bc765'
...
* commit 'c67b449bebbe0b35c73b203683e77a0a649bc765':
dsputil: Split bswap*_buf() off into a separate context
Conflicts:
configure
libavcodec/4xm.c
libavcodec/ac3dec.c
libavcodec/ac3dec.h
libavcodec/apedec.c
libavcodec/eamad.c
libavcodec/flacenc.c
libavcodec/fraps.c
libavcodec/huffyuv.c
libavcodec/huffyuvdec.c
libavcodec/motionpixels.c
libavcodec/truemotion2.c
libavcodec/x86/Makefile
libavcodec/x86/dsputil_init.c
Merged-by: Michael Niedermayer <michaelni@gmx.at >
2014-06-23 13:31:26 +02:00
Diego Biurrun
c67b449beb
dsputil: Split bswap*_buf() off into a separate context
2014-06-22 18:22:31 -07:00
Michael Niedermayer
42e6fc147b
avcodec/apedec: optimize sign combination
...
48078630 -> 32533850 dezi cycles
Signed-off-by: Michael Niedermayer <michaelni@gmx.at >
2014-06-23 02:15:06 +02:00
Michael Niedermayer
efec730431
Merge commit 'f83896abda1e78ebbbda0f184b682b4fabadc682'
...
* commit 'f83896abda1e78ebbbda0f184b682b4fabadc682':
ape: Replace memset(0) by zero initialization
Merged-by: Michael Niedermayer <michaelni@gmx.at >
2014-06-23 01:03:30 +02:00
Diego Biurrun
f83896abda
ape: Replace memset(0) by zero initialization
2014-06-22 18:43:11 +02:00
