ffmpeg

mirror of https://git.ffmpeg.org/ffmpeg.git synced 2025-12-16 03:50:05 +01:00

Author	SHA1	Message	Date
Michael Niedermayer	fbdaceeaf6	libavformat/hls: Be more restrictive on mpegts extensions Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0113e30806`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:07 +02:00
Michael Niedermayer	71b2c24ca9	avformat/hls: .ts is always ok even if its a mov/mp4 Maybe fixes: 11435 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9e12572933`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:06 +02:00
Michael Niedermayer	e5bfb7516f	avcodec/h263dec: Check against previous dimensions instead of coded Fixes: out of array access Fixes: crash-a41ef3db699013f669b076f02f36942925f5a98c Found-by: Kacper Michajlow <kasper93@gmail.com> Reviewed-by: Kacper Michajlow <kasper93@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0fe33c99a2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:06 +02:00
Michael Niedermayer	cf2075a975	avformat/hls: Print input format in error message Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `d845533130`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:06 +02:00
Michael Niedermayer	c599745377	avformat/hls: Be more picky on extensions This blocks disallowed extensions from probing It also requires all available segments to have matching extensions to the format mpegts is treated independent of the extension It is recommended to set the whitelists correctly instead of depending on extensions, but this should help a bit, and this is easier to backport Fixes: CVE-2023-6602 II. HLS Force TTY Demuxer Fixes: CVE-2023-6602 IV. HLS XBIN Demuxer DoS Amplification The other parts of CVE-2023-6602 have been fixed by prior commits Found-by: Harvey Phillips of Amazon Element55 (element55) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `91d96dc8dd`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:05 +02:00
Michael Niedermayer	94014c8341	avformat/mxfdec: Check avio_read() success in mxf_decrypt_triplet() Fixes: Use of uninitialized memory Fixes: 71444/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5448597561212928 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6ecc96f4d0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:05 +02:00
Michael Niedermayer	072ee0c8ef	avcodec/huffyuvdec: Initialize whole output for decode_gray_bitstream() Fixes: use of uninitialized memory Fixes: 375286238/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HYMT_fuzzer-6352546854141952 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `ef71552cf9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:05 +02:00
Michael Niedermayer	3448f9bcc8	avformat/ipmovie: Check signature_buffer read Fixes: use of uninitilaized data Fixes: 385167047/clusterfuzz-testcase-minimized-ffmpeg_dem_IPMOVIE_fuzzer-5941477505564672 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `788abe0d25`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:04 +02:00
Michael Niedermayer	3eb06ef817	avformat/wtvdec: Initialize buf ff_parse_mpeg2_descriptor() reads over what is initialized Fixes: use of uninitialized memory Fixes: 383825645/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-5144130618982400 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `17b019c517`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:04 +02:00
Michael Niedermayer	10722208d9	avcodec/cbs_vp9: Initialize VP9RawSuperframeIndex Fixes: use-of-uninitialized-value Fixes: 70907/clusterfuzz-testcase-minimized-ffmpeg_BSF_VP9_METADATA_fuzzer-6339363208757248 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e81d410242`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:04 +02:00
Michael Niedermayer	fbee480fdf	avformat/vqf: Propagate errors from add_metadata() Suggested-by: Marton Balint <cus@passwd.hu> Reviewed-by: Alexander Strasser <eclipse7@gmx.net> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `49fa3f6c5b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:03 +02:00
Michael Niedermayer	242ac52700	avformat/vqf: Check avio_read() in add_metadata() Fixes: use of uninitialized data Fixes: 383825642/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5380168801124352 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c43dbecbda`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:03 +02:00
Michael Niedermayer	ceacc83011	avformat/dashdec: Check whitelist Fixes: CVE-2023-6602, V. DASH Playlist SSRF Found-by: Harvey Phillips of Amazon Element55 (element55) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4c96d6bf75`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:03 +02:00
Michael Niedermayer	b884a849d7	avutil/avstring: dont mess with NULL pointers in av_match_list() Fixes: applying zero offset to null pointer Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `c6c54943d1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:02 +02:00
Michael Niedermayer	e5036fe010	avfilter/vf_v360: Fix NULL pointer use Fixes: applying zero offset to null pointer partly Fixes: verysmall.flv Found-by: Elias Myllymäki <elias.myllymaki04p@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `66e9888bf4`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:02 +02:00
Michael Niedermayer	12307f4af5	avcodec/mpegvideo_enc: Check FLV1 resolution limits Found-by: Elias Myllymäki <elias.myllymaki04p@gmail.com> Reviewed-by: Alexander Strasser <eclipse7@gmx.net> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `827c073154`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:01 +02:00
Michael Niedermayer	924d743cd8	avcodec/ffv1enc: Fix handling of 32bit unsigned symbols This may be needed for floats Sponsored-by: Sovereign Tech Fund Reviewed-by: Alexander Strasser <eclipse7@gmx.net> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `402824e9e9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:01 +02:00
Michael Niedermayer	7e0583b565	avcodec/vc1dec: Clear block_index in vc1_decode_reset() Fixes: 377965565/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-4504434689769472 Fixes: out of array access Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `251de1791e`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:01 +02:00
Michael Niedermayer	d1546cbe26	avcodec/aacsbr_template: Clear n_q on error Fixes: index 5 out of bounds for type 'uint8_t [5]' Fixes: 377748135/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer-5167109774049280 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3f029bfb7f`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:00 +02:00
Michael Niedermayer	05d0d1a0c5	avcodec/osq: Fixes several undefined overflows in do_decode() Fixes: signed integer overflow: 1239596184 + 2119376059 cannot be represented in type 'int' Fixes: 376136844/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_OSQ_fuzzer-6581164455821312 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `0f511b4518`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:00 +02:00
Michael Niedermayer	894c8c8e08	swscale/output: Fix undefined overflow in yuv2rgba64_full_X_c_template() Fixes: signed integer overflow: -1082982400 + -1195645138 cannot be represented in type 'int' Fixes: 376136843/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-4791844321427456 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `56faee21c1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:16:00 +02:00
Michael Niedermayer	43f64690ad	avfilter/af_pan: Fix sscanf() use Fixes: Memory Data Leak Found-by: Simcha Kosman <simcha.kosman@cyberark.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b5b6391d64`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:59 +02:00
Michael Niedermayer	a89a8548b1	avfilter/vf_grayworld: Use the correct pointer for av_log() Fixes: crash Found-by: Elias Myllymäki <elias.myllymaki04p@gmail.com> Reviewed-by: Alexander Strasser <eclipse7@gmx.net> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9ffa127aa6`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:59 +02:00
Michael Niedermayer	01010e2ca7	avfilter/vf_addroi: Add missing NULL termination to addroi_var_names[]() Fixes: out of array read Found-by: Elias Myllymäki <elias.myllymaki04p@gmail.com> Reviewed-by: Alexander Strasser <eclipse7@gmx.net> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b72de49295`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:59 +02:00
Michael Niedermayer	c1b50c8188	avcodec/get_buffer: Use av_buffer_mallocz() for audio same as its done for video Fixes: Use of uninintialized value Fixes: 70993/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer-6378949754552320 Fixes: 71104/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5001538727116800 For the AAC/USAC/SBR code which reads uninitialized memory, it would be good, if it did not a fix for that is welcome! Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `b9b4c9ebf0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:58 +02:00
Michael Niedermayer	c4cf76068a	avformat/jpegxl_anim_dec: clear buffer padding Fixes: use of uninitialized value Fixes: 70992/clusterfuzz-testcase-minimized-ffmpeg_dem_IMAGE2_fuzzer-5735819170611200 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `3f0b95bb17`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:58 +02:00
Michael Niedermayer	1a53d2aad3	avformat/rmdec: check that buf if completely filled Fixes: use of uninitialized value Fixes: 70988/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5298245077630976 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9578c135d0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:58 +02:00
Michael Niedermayer	d2da4b50a9	avcodec/cfhdenc: Clear dwt_tmp This occurs on a 32x32 input Fixes: use of uninitialized value Fixes: 70897/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CFHD_fuzzer-5960860961406976 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9de721de70`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:57 +02:00
Michael Niedermayer	00345ada44	avcodec/hapdec: Clear tex buffer The code following makes no attempt to initialize all of the buffer Fixes: use of uninitialized value Fixes: 70980/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5329909059223552 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7eeeda703b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:57 +02:00
Michael Niedermayer	bf6233c85e	avformat/mxfdec: Check that key was read sucessfull Fixes: use of uninitialized value Fixes: 70932/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4870202133643264 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4c62cbcae2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:57 +02:00
Michael Niedermayer	1c2ef891ce	avformat/rpl: Fix check for negative values Fixes: signed integer overflow: 10 * -1923267925333400000 cannot be represented in type 'int64_t' (aka 'long') Fixes: 378891963/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5714338935013376 Found-by: ossfuzz Reported-by: Kacper Michajlow <kasper93@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `eab65379bf`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:56 +02:00
Michael Niedermayer	036a6e43ff	avformat/mlvdec: Check avio_read() Fixes: use-of-uninitialized-value Fixes: 383170476/clusterfuzz-testcase-minimized-ffmpeg_dem_MLV_fuzzer-4696002884337664 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `bb85423142`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:56 +02:00
Michael Niedermayer	6155ea6641	avcodec/utils: Fix block align overflow for ADPCM_IMA_WAV Fixes: signed integer overflow: 529008646 * 8 cannot be represented in type 'int' Fixes: 383379145/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-6674045107503104 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `9327093079`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:56 +02:00
Michael Niedermayer	34fab8337a	avformat/matroskadec: Check pre_ns for overflow Fixes: signed integer overflow: -3483479120376300096 - 7442323944145700864 cannot be represented in type 'long' Fixes: 383187489/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-4561470580391936 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `361d24e6d9`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:55 +02:00
Michael Niedermayer	d4f147d4f7	tools/target_dec_fuzzer: Adjust threshold for EACMV Fixes: Timeout Fixes: 382988735/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EACMV_fuzzer-5278721465974784 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `8f4eb0fe03`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:55 +02:00
Michael Niedermayer	9adc2243d5	tools/target_dec_fuzzer: Adjust threshold for MVC1 Fixes: Timeout Fixes: 378231213/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVC1_fuzzer-6640960500465664 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e7230bc503`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:55 +02:00
Michael Niedermayer	fe28f871fb	tools/target_dec_fuzzer: Adjust Threshold for indeo5 Fixes: 379768251/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO5_fuzzer-5981329084186624 Fixes: Timeout Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `89efc6c97c`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:54 +02:00
Michael Niedermayer	c17e374ff6	avutil/timecode: Avoid fps overflow in av_timecode_get_smpte_from_framenum() Fix from `c94875471e` Found-by: Youngjae Choi <youngjaechoi@korea.ac.kr> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6ba33b50f5`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:54 +02:00
Michael Niedermayer	3b48c20bce	avcodec/webp: Check ref_x/y Fixes: 70991/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WEBP_fuzzer-5544067620995072 Fixes: use of uninintailized value Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7c1e732ad2`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:54 +02:00
Michael Niedermayer	001c339971	avcodec/ilbcdec: Initialize tempbuff2 Fixes: Use of uninitialized value Fixes: 71350/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ILBC_fuzzer-6322020827070464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4482218440`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:53 +02:00
Michael Niedermayer	7bebe9f1da	avformat/qcp: Check for read failure in header Fixes: Use of uninitialized value Fixes: 71551/clusterfuzz-testcase-minimized-ffmpeg_dem_QCP_fuzzer-4647386712965120 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `f52b9d0583`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:53 +02:00
Michael Niedermayer	496c9f42b8	avcodec/eatgq: Check bytestream2_get_buffer() for failure Fixes: Use of uninitialized memory Fixes: 71546/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EATGQ_fuzzer-5607656650244096 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `4949e34d96`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:53 +02:00
Michael Niedermayer	2b8db70e23	avformat/dxa: check bpc Fixes: integer overflow: -2147483648 - 1 cannot be represented in type 'int' Fixes: 373971762/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-4880491112103936 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7e020f2141`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:52 +02:00
Michael Niedermayer	d1cdc5a187	swscale/slice: clear allocated memory in alloc_lines() Fixes: use of uninitialized memory in hScale16To15_c() Fixes: 373924007/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5841199968092160 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `aeec39f3c1`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:52 +02:00
Michael Niedermayer	d2077aeb8e	avcodec/h2645_parse: Ignore NAL with nuh_layer_id == 63 Comply with "For purposes other than determining the amount of data in the decoding units of the bitstream, decoders shall ignore all data that follow the value 63 for nuh_layer_id in a NAL unit" Rec. ITU-T H.265 v8 (08/2021) Page 67 Fixes: index 63 out of bounds for type 'const int8_t[63]' (aka 'const signed char[63]') Fixes: clusterfuzz-testcase-fuzzer_loadfile-5109286752026624 Reported-by: Kacper Michajlow <kasper93@gmail.com> Found-by: ossfuzz Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `360e7cafd0`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:52 +02:00
Michael Niedermayer	0bbd0c0eee	avcodec/mjpegdec: Disallow progressive bayer images Fixes: Null pointer dereference Fixes: sample1.dng Found-by: South East <8billion.people@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `6d8285633d`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:51 +02:00
Michael Niedermayer	acebef4efc	avformat/icodec: fix integer overflow with nb_pal Fixes: runtime error: signed integer overflow Fixes: 42536949/clusterfuzz-testcase-minimized-fuzzer_loadfile-6199846684393472 Found-by: ossfuzz Reported-by: Kacper Michajlow Tested-by: Kacper Michajlow Reviewed-by: Peter Ross <pross@xvid.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `84569b6c22`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:51 +02:00
Michael Niedermayer	ca0bafde6e	doc/developer: Document relationship between git accounts and MAINTAINERS This should have been documented long ago and i thought it was Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `7051825b01`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:50 +02:00
Michael Niedermayer	5b1eac14f3	avformat/vividas: Check avio_read() for failure Fixes: use of uninitialized value (untested) Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5505802505355264 Found-by: ossfuzz Reported-by: Kacper Michajlow Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `96d45c3b21`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:50 +02:00
Michael Niedermayer	f9afec08e1	avformat/ilbc: Check avio_read() for failure Fixes: use of uninitialized value Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_protocol_memory-6656646223298560-cut Found-by: ossfuzz Reported-by: Kacper Michajlow Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit `e30d957a9b`) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>	2025-06-11 12:15:50 +02:00

1 2 3 4 5 ...

113104 Commits