ffmpeg

mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-12-23 23:40:15 +01:00

Author	SHA1	Message	Date
John Rummell	e75f8b51ea	libavformat/amr.c: Check return value from avio_read() If the buffer doesn't contain enough bytes when reading a stream, fail rather than continuing on with initialized data. Caught by Chromium fuzzeras (crbug.com/1065731). Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5b967f56b6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
John Rummell	9954fbe273	libavformat/mov.c: Free aes_decrypt to avoid leaking memory Found by Chromium fuzzers (crbug.com/1057205). Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ad91cf1f2f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
John Rummell	b561b503ff	libavformat/oggdec.c: Check return value from avio_read() If the buffer doesn't contain enough bytes when reading a stream, fail rather than continuing on with unitialized data. Caught by Chromium fuzzers (crbug.com/1054229). Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b7c67b1ae3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
Michael Niedermayer	116b777775	avformat/asfdec_f: Fix overflow check in get_tag() Fixes: signed integer overflow: 2 * 1210064928 cannot be represented in type 'int' Fixes: 20873/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5761116909338624 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Anton Khirnov <anton@khirnov.net> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c8140fe732`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
Michael Niedermayer	2bef1bba73	avformat/nsvdec: Fix memleaks on errors while reading the header Fixes: memleaks Fixes: 21084/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5655975492321280 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `96c0469455`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
Michael Niedermayer	84be21040e	libavformat/avienc: Check bits per sample for PAL8 Fixes: assertion failure Fixes: Ticket 8172 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3595878281`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
Michael Niedermayer	3509ad1b06	avformat/mpegts: Improve the position determination for avpriv_mpegts_parse_packet() Fixes: assertion failure Fixes: Ticket 8005 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e5bb48ae59`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
Michael Niedermayer	07a265b140	avformat/mvdec: Check stream numbers Fixes: null pointer dereference Fixes: 20768/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5638648978735104.fuzz Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `618a9bea65`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
Michael Niedermayer	c901cc287f	avformat/utils: Fix integer overflow with complex time bases in avformat_find_stream_info() Fixes: signed integer overflow: 2045163756 * 2 cannot be represented in type 'int' Fixes: Ticket5132 Found-by: tsmith Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f3d8f517db`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
Michael Niedermayer	ac4fb0935a	avformat/avidec: Avoid integer overflow in NI switch check Fixes: signed integer overflow: 0 - -9223372036854775808 cannot be represented in type 'long' Fixes: Ticket8149 Found-by: Suhwan Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `347920ca21`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
Dale Curtis	4834e4ff4a	avformat/utils: Fix undefined behavior in ff_configure_buffers_for_index() When e2_pts == INT64_MIN and e1_pts >= 0 the calculation of e2_pts - e1_pts will overflow an int64_t. Signed-off-by: Dale Curtis <dalecurtis@chromium.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f15007afa9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
Michael Niedermayer	0f41c18963	avformat/mov: Check STCO location Fixes: bypassing of checks and assertion failure Fixes: asan_1003879.mp4 Found-by: Clusterfuzz + asan Reported-by: Thomas Guilbert <tguilbert@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1cd4184020`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
Michael Niedermayer	2715341726	avformat/rmdec: Initialize and sanity check offset in ivr_read_header() Fixes: signed integer overflow: -9223372036854775808 - 17 cannot be represented in type 'long' Fixes: 18768/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5674385247830016 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7e665e4a81`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:44 +02:00
Andreas Rheinhardt	dc0c981850	avformat/id3v2: Fix double-free on error ff_id3v2_parse_priv_dict() uses av_dict_set() with the flags AV_DICT_DONT_STRDUP_KEY and AV_DICT_DONT_STRDUP_VAL. In this case both key and value are freed on error (and owned by the destination dictionary on success), so that freeing them again on error is a double-free and therefore forbidden. But it nevertheless happened. Fixes CID 1452489 and 1452421. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `67d4940a77`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:43 +02:00
Michael Niedermayer	e83b585160	avformat/mxfdec: Clear metadata_sets_count in mxf_read_close() This avoids problems if the function is called twice Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `13816a1d08`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2020-07-01 13:33:43 +02:00
Andreas Rheinhardt	293c389812	avformat/matroskadec: Fix default value of BlockAddID Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `dbc50f8a93`)	2020-04-03 21:44:01 +02:00
Michael Niedermayer	a6eb5e1f70	avformat/mp3dec: Check that the frame fits within the probe buffer Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e9a335150a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-21 23:27:23 +01:00
Michael Niedermayer	0d816a9471	avformat/nutenc: Do not pass NULL to memcmp() in get_needed_flags() This compared to the other suggestions is cleaner and easier to understand keeping the condition in the if() simple. This affects alot of fate tests. See: [FFmpeg-devel] [PATCH 05/11] avformat/nutenc: Don't pass NULL to memcmp See: [FFmpeg-devel] [PATCH]lavf/nutenc: Do not call memcmp() with NULL argument Fixes: Ticket 7980 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e4fdeb3fce`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:48 +01:00
Michael Niedermayer	15320f8107	avformat/pjsdec: Check duration for overflow Fixes: signed integer overflow: -3 - 9223372036854775807 cannot be represented in type 'long' Fixes: 17828/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5645915116797952 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1efaac6932`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:48 +01:00
Michael Niedermayer	1487993fae	avformat/shortendec: Check k in probe Fixes: Assertion failure Fixes: 17640/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5708767475269632 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ea770eb559`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:48 +01:00
Michael Niedermayer	86d36769e9	avformat/mpsubdec: Clear queue on error Fixes: Memleaks Fixes: 17219/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5720539124989952 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9a0d36e562`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:47 +01:00
Michael Niedermayer	878ba99316	avformat/subtitles: Check nb_subs in ff_subtitles_queue_finalize() Fixes: null pointer dereference Fixes: 17828/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5645915116797952 Fixes: Ticket8147 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `81b53913bb`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:47 +01:00
Michael Niedermayer	07e77be69f	avformat/electronicarts: If no packet has been read at the end do not treat it as if theres a packet Fixes: Assertion failure Fixes: 17770/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5700606668308480 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c4de49edc4`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:47 +01:00
Michael Niedermayer	f8a4c39b2f	avformat/mov: Check for EOF in mov_read_meta() Fixes: Timeout (195sec -> 2ms) Fixes: 16735/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5090676403863552 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `093d1f4250`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:47 +01:00
Michael Niedermayer	c87ccb476f	avformat/cdxl: Fix integer overflow in intermediate Fixes: signed integer overflow: 65535 * 65312 cannot be represented in type 'int' Fixes: 16704/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-6294115603447808 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5c5575c8dc`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:47 +01:00
Michael Niedermayer	8827dd34ac	avformat/realtextdec: free queue on error Fixes: memleak Fixes: 16277/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5696629440512000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: James Almer <jamrial@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `493438fafc`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:47 +01:00
Michael Niedermayer	c3b4278b01	avformat/realtextdec: Check for duplicate extradata in realtext_read_header() Fixes: memleak Fixes: 16140/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5684008052064256 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `652ea23cb3`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:46 +01:00
Michael Niedermayer	73ce6c9c26	avformat/mpc: deallocate frames array on errors Fixes: memleak on error path Fixes: 15984/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5679918412726272 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `da5039415c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:46 +01:00
Matt Wolenetz	1ed2fae5d6	lafv/wavdec: Fail bext parsing on incomplete reads avio_read can successfully return even when less than the requested amount of input was read. wavdec's bext parsing mistakenly assumed a successful avio_read always read the full amount that was requested. The result could be dictionary tags populated with partially uninitialized values. This change also fixes a broken assertion in wav_parse_bext_string that was off-by-one, though no known current usage of that method hits that broken case. Chromium bug: 987270 Signed-off-by: Matt Wolenetz <wolenetz@chromium.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `052d41377a`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:46 +01:00
Michael Niedermayer	c7e33d7833	avformat/utils: Check rfps_duration_sum for overflow Fixes: signed integer overflow: 9151595917793558550 + 297519050751678697 cannot be represented in type 'long' Fixes: 15496/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5722866475073536 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `5c46fdf305`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:46 +01:00
Michael Niedermayer	917dd7e1fb	avformat/xmv: Make bitrate 64bit Fixes: signed integer overflow: 32 * 538976288 cannot be represented in type 'int' Fixes: 15633/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5752273981931520 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `39a6a79bcb`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:46 +01:00
Michael Niedermayer	6950acc1d7	avformat/utils: Check timebase before use in estimate_timings() Fixes: division by 0 Fixes: 15480/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5746727434321920 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f57e97dfd9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:46 +01:00
Michael Niedermayer	05493d7d43	avformat/aviobuf: Delay buffer downsizing until asserts are met Fixes: Assertion failure Fixes: 15151/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5757079496687616 Fixes: 15205/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5767573242642432 May fix: Ticket7094 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0334632d5c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:46 +01:00
Michael Niedermayer	1d8bef7a48	avformat/vqf: Check header_size Fixes: 15271/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5735262606327808 Fixes: signed integer overflow: -2147483648 - 8 cannot be represented in type 'int' Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7c30ff3888`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:46 +01:00
Michael Niedermayer	cd9e249726	avformat/mov: Set fragment.found_tfhd only after TFHD has been parsed Fixes: Assertion failure Fixes: crbug971646.mp4 Reported-by: Matt Wolenetz <wolenetz@google.com> Reviewed-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `696312c487`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:46 +01:00
Michael Niedermayer	0b81de7258	avformat/icodec: Free ico->images on error paths Fixes: 15116/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5715173567889408 Fixes: memleak Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `54918b5116`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:46 +01:00
Michael Niedermayer	afd6f1a6de	avformat/wsddec: Fix undefined shift Fixes: left shift of 1 by 31 places cannot be represented in type 'int' Fixes: 15123/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5738039235575808 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `112eb17a2b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:46 +01:00
Michael Niedermayer	c9cbfda7ff	avformat/wtvdec: Avoid (32bit signed) sectors Fixes: left shift of negative value -14614752 Fixes: 15174/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5670543606415360 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `dd357d76e5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:45 +01:00
Michael Niedermayer	ee8147a321	avformat/sbgdec: Fixes integer overflow in str_to_time() with hours Fixes: signed integer overflow: 904444 * 3600 cannot be represented in type 'int' Fixes: 15113/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5764083346833408 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `2a0f23b9d6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:45 +01:00
Michael Niedermayer	65b0e9f8d0	avformat/vpk: Check offset for validity Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `aa003019ab`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:45 +01:00
Michael Niedermayer	fb627bd72c	avformat/vpk: Fix integer overflow in samples_per_block computation Fixes: signed integer overflow: 84026453 * 28 cannot be represented in type 'int' Fixes: 15111/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5675630072430592 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8c6c4129b4`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:45 +01:00
Michael Niedermayer	f5f6fb9a99	avformat/mp3enc: Avoid SEEK_END as it is unsupported Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `bf3ee6a130`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:45 +01:00
Michael Niedermayer	561f28b2cd	avformat/webm_chunk: Specify expected argument length of get_chunk_filename() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `1a74b04737`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:45 +01:00
Michael Niedermayer	fc3faa6afe	avformat/webm_chunk: Check header filename length Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3b5b977c9f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:45 +01:00
Andreas Rheinhardt	8a15ae6460	lavf/webm_chunk: Respect buffer size The last argument of av_strlcpy is supposed to contain the size of the destination buffer, but it was filled with the size of the source string, effectively negating its very purpose. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `73ef1f47f5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:45 +01:00
Michael Niedermayer	17d039349f	avformat/mov: Skip stsd adjustment without chunks Fixes: Assertion failure Fixes: clusterfuzz-testcase-minimized-media_pipeline_integration_fuzzer-5683096400822272 Found-by: Clusterfuzz Reported-by: Dan Sanders <sandersd@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `18a567c369`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:45 +01:00
Michael Niedermayer	3935e8d967	avformat/aadec: Check for scanf() failure Fixes: use of uninitialized variables Fixes: blank.aa Found-by: Chamal De Silva <chamal.desilva@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ed188f6dcd`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:45 +01:00
Carl Eugen Hoyos	4a79f30d77	lavf/rawenc: Only accept the appropriate stream type for raw muxers. This does not affect the rawvideo muxer. Fixes ticket #7979. (cherry picked from commit `aef24efb0c`)	2019-09-06 18:59:23 -03:00
James Almer	1def4baa59	avformat/aacdec: resync to the next adts frame on invalid data instead of aborting Should fix ticket #6634 Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `881e1f5a62`)	2019-07-23 00:46:21 -03:00
James Almer	47bb804f78	avformat/aacdec: factorize the adts frame resync code Signed-off-by: James Almer <jamrial@gmail.com> (cherry picked from commit `a38eab8b75`)	2019-07-23 00:46:11 -03:00

1 2 3 4 5 ...

20980 Commits