Commit graph

29885 commits

Author SHA1 Message Date
Michael Niedermayer
63523485f4 avcodec/svq1dec: zero terminate embedded message before printing
Fixes out of array access
Fixes: asan_stack-oob_49b1e5_10_009.mov
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e91ba2efa9)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Michael Niedermayer
35bc67503e avcodec/cook: check that the subpacket sizes fit in block_align
Fixes out of array read
Fixes: asan_heap-oob_fb5c50_19_018.rmvb
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 10e32618ac)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Michael Niedermayer
1f636a697f avcodec/g2meet: check tile dimensions to avoid integer overflow
Fixes out of array access
Fixes: asan_heap-oob_12a55d3_30_029.wmv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 32e666c354)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Michael Niedermayer
24d725f455 avcodec/utils: Align dimensions by at least their chroma sub-sampling factors.
Fixes: out of array accesses
Fixes: asan_heap-oob_112c6b3_13_012.avi
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit df74811cd5)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Michael Niedermayer
66fcf1fa40 avcodec/dnxhddec: treat pix_fmt like width/height
Fixes out of array accesses
Fixes: asan_heap-oob_22c9a39_16_015.mxf
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit f3c0e0bf6f)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Michael Niedermayer
c7b7e0790c avcodec/dxa: check dimensions
Fixes out of array access
Fixes: asan_heap-oob_11222fb_21_020.dxa
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e70312dfc2)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Michael Niedermayer
3f3e5f8f60 avcodec/dirac_arith: fix integer overflow
Fixes: asan_heap-oob_1078676_9_008.drc
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 39680cacee)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Michael Niedermayer
8e95ddbe82 avcodec/diracdec: Tighter checks on CODEBLOCKS_X/Y
Fixes very long but finite loop
Fixes: asan_heap-oob_107866c_42_041.drc
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 5145d22b88)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Michael Niedermayer
8cba067fe5 avcodec/diracdec: Use 64bit in calculation of codeblock coordinates
Fixes integer overflow
Fixes out of array read
Fixes: asan_heap-oob_107866c_42_041.drc
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 526886e606)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Michael Niedermayer
73c6520c09 avcodec/sgidec: fix count check
Fixes: asan_heap-oob_22b30d4_39_038.sgi
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit a050cf0c45)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Michael Niedermayer
ca47574e16 avcodec/sgidec: fix linesize for 16bit
Fixes: asan_heap-oob_22b30d4_39_038.sgi
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 3b20ed8548)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Michael Niedermayer
045670a6f7 avcodec/hevc_ps: Check default display window bitstream and skip if invalid
Fixes Ticket4035

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 852aaead1f)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:14 +01:00
Christophe Gisquet
30a0622a5d avcodec/tiffenc: properly compute packet size
The bytes per row is a better indication of it.

Helps resolving ticket #3874 by fixing ffmpeg's encoder and transforming
the issue in a issue with non-compliant decoders. ffmpeg's one is ok,
but unfortunately, many others aren't handling correctly unusual chroma
samplings.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 0e8bfd3c93)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:13 +01:00
Christophe Gisquet
f3d34cff76 utvideoenc: properly set slice height/last line
Mimic decoder and obey sampling.

Does not affect fate tests for utvideo.
Fixes ticket #3949.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit cb530dda7d)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:28:13 +01:00
Michael Niedermayer
3b7db9c4f5 Merge commit 'e443165c32' into release/2.4
* commit 'e443165c32':
  imc: fix order of operations in coefficients read

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:21:40 +01:00
Michael Niedermayer
0ddcee172e Merge commit '0b41eeac45' into release/2.4
* commit '0b41eeac45':
  hevc_mvs: make sure to always initialize the temporal MV fully

Conflicts:
	libavcodec/hevc_mvs.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:06:25 +01:00
Michael Niedermayer
13ecdb06f8 Merge commit 'de31f85707' into release/2.4
* commit 'de31f85707':
  hevc_mvs: initialize the temporal MV in case of missing ref

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-11-01 13:05:46 +01:00
Vittorio Giovara
e443165c32 imc: fix order of operations in coefficients read
Reported-by: Ruoyu <liangry@ucweb.com>
2014-10-15 14:51:19 +01:00
Anton Khirnov
0b41eeac45 hevc_mvs: make sure to always initialize the temporal MV fully
The spec requires this.

Fixes uninitialized reads on some samples.

Remove now unnecessary initialization of the whole merge candidate list.
2014-10-08 12:31:08 +01:00
Anton Khirnov
de31f85707 hevc_mvs: initialize the temporal MV in case of missing ref
The caller expects the MV to always be initialized.
2014-10-08 12:30:54 +01:00
Michael Niedermayer
84d26ab6eb avcodec/on2avc: Check number of channels
Fixes out of array access
Fixes: asan_heap-oob_4da4f3_7_asan_heap-oob_4da4f3_173_Xmen_avc_500.vp6

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 550f3e9df3)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
1d99adc953 avcodec/hevc: fix chroma transform_add size
Fixes accessing misaligned address
Fixes: signal_sigsegv_1feb99c_10_signal_sigsegv_2d1d35c_79_cov_691940146_EXT_A_ericsson_3.bit

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit df8394c693)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
67991f3a3e avcodec/h264: Check mode before considering mixed mode intra prediction
Fixes out of array read
Fixes: asan_heap-oob_e476fc_2_asan_heap-oob_1333ec6_61_CAMACI3_Sony_C.jsv

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 9734a7a1de)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
eefc3ca7be avcodec/vorbisdec: Fix off by 1 error in ptns_to_read
Fixes read of uninitialized memory
Fixes: asan_heap-uaf_18dac2b_9_asan_heap-uaf_22eb375_208_beta3_test_small.ogg

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 8c50704ebf)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
506368f563 avcodec/svq3: Dont memcpy AVFrame
This avoids out of array accesses

Fixes: asan_heap-uaf_21f42e4_9_asan_heap-uaf_21f42e4_278_gl2.mov

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 075a165d27)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
c0c24bc9b3 avcodec/smc: fix off by 1 error
Fixes out of array access
Fixes: asan_heap-oob_1685bf0_5_asan_heap-oob_1f35116_430_smc.mov

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit c727401aa9)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
b89f279cd6 avcodec/qpeg: fix off by 1 error in MV bounds check
Fixes out of array access
Fixes: asan_heap-oob_153760f_4_asan_heap-oob_1d7a4cf_164_VWbig6.avi

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit dd3bfe3cc1)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
7f90eef87a avcodec/gifdec: factorize interleave end handling out
also change it to a loop
Fixes out of array access
Fixes: asan_heap-oob_ca5410_8_asan_heap-oob_ca5410_97_ID_LSD_Size_Less_Then_Data_Inter_3.gif

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 8f1457864b)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
71f0a3c4ad avcodec/cinepak: fix integer underflow
Fixes out of array access
Fixes: asan_heap-oob_4da0ba_6_asan_heap-oob_4da0ba_241_cvid_crash.avi

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e7e5114c50)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
d9bef14e41 avcodec/pngdec: Check bits per pixel before setting monoblack pixel format
Fixes out of array accesses
Fixes: asan_heap-oob_14dbfcf_4_asan_heap-oob_1ce5767_179_add_method_small.png

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 3e2b745020)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
4b4ed88e89 avcodec/pngdec: Calculate MPNG bytewidth more defensively
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e830902934)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
f6476944e1 avcodec/tiff: more completely check bpp/bppcount
Fixes pixel format selection
Fixes out of array accesses
Fixes: asan_heap-oob_1766029_6_asan_heap-oob_20aa045_332_cov_1823216757_m2-d1d366d7965db766c19a66c7a2ccbb6b.tif

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e1c0cfaa41)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
03d30d4c2c avcodec/mmvideo: Bounds check 2nd line of HHV Intra blocks
Fixes out of array access
Fixes: asan_heap-oob_4da4f3_8_asan_heap-oob_4da4f3_419_scene1a.mm

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 8b0e96e1f2)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
853a27e345 avcodec/h263dec: Fix decoding messenger.h263
Fixes http://samples.mplayerhq.hu/V-codecs/h263/h263-raw/messenger.h263
Fixes regression since b239f3f6

Found-by: Josh Allmann
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit d225b0f7aa)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:29 +02:00
Michael Niedermayer
f7c0f8355e avcodec/utils: Add case for jv to avcodec_align_dimensions2()
Fixes out of array accesses
Fixes: asan_heap-oob_12304aa_8_asan_heap-oob_4da4f3_300_intro.jv

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 105654e376)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:28 +02:00
Michael Niedermayer
6f5c505109 avcodec/mjpegdec: check bits per pixel for changes similar to dimensions
Fixes out of array accesses
Fixes: asan_heap-oob_16668e9_2_asan_heap-oob_16668e9_346_miss_congeniality_pegasus_mjpg.avi

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 5c378d6a6d)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:28 +02:00
Michael Niedermayer
b29f9897e3 avcodec/jpeglsdec: Check run value more completely in ls_decode_line()
previously it could have been by 1 too large
Fixes out of array access
Fixes: asan_heap-oob_12240f5_1_asan_heap-oob_12240f5_448_t8c1e3.jls
Fixes: asan_heap-oob_12240f5_1_asan_heap-oob_12240f5_448_t8nde0.jls
Fixes: asan_heap-oob_12240fa_1_asan_heap-oob_12240fa_448_t16e3.jls

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 06e7d58410)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:28 +02:00
Michael Niedermayer
a9b9751bc8 avcodec/ac3enc_template: fix out of array read
Found-by: Andreas Cadhalpun
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit d85ebea3f3)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:28 +02:00
Pascal Massimino
ff6d440d10 avcodec/webp: fix default palette color 0xff000000 -> 0x00000000
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e5b3112996)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:28 +02:00
Michael Niedermayer
a88a57cd24 avcodec/asvenc: fix AAN scaling
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit b0f7de3e7c)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:28 +02:00
Bernd Kuhls
0cda7baa8b Fix compile error on arm4/arm5 platform
Since these commits
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=adf8227cf4e7b4fccb2ad88e1e09b6dc00dd00ed
http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=db7f1c7c5a1d37e7f4da64a79a97bea1c4b6e9f8

compilation on arm4/arm5 fails:

libavcodec/libavcodec.so: undefined reference to
`ff_startcode_find_candidate_armv6'

Because libavcodec/arm/Makefile contains
ARMV6-OBJS-$(CONFIG_STARTCODE)         += arm/startcode_armv6.o
function ff_startcode_find_candidate_armv6 is not included for older ARM
archs. The bug was found during automatic buildroot builds:

http://autobuild.buildroot.net/results/ec7/ec71e4f16ee9106747dff5f15999cbd17903e76f//build-end.log
Quote from configure summary:
ARCH                      arm (armv4t)
big-endian                no
runtime cpu detection     yes
ARMv5TE enabled           no
ARMv6 enabled             no
ARMv6T2 enabled           no

http://autobuild.buildroot.net/results/be7/be72eb182eaccf0064a32c9dfc2ac1c0d6555506/build-end.log
ARCH                      arm (armv5te)
big-endian                no
runtime cpu detection     yes
ARMv5TE enabled           yes
ARMv6 enabled             no
ARMv6T2 enabled           no

This patch provides the necessary #if clauses as discussed with Michael:
https://ffmpeg.org/pipermail/ffmpeg-devel/2014-September/163329.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 6b733be755)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:52:28 +02:00
Michael Niedermayer
63660277fd Merge commit '570cefb02b' into release/2.4
* commit '570cefb02b':
  hevc: Initialize mergecand_list to 0

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:20:50 +02:00
Michael Niedermayer
6101187c55 Merge commit 'ce0972ecdd' into release/2.4
* commit 'ce0972ecdd':
  mpeg12: Always invoke the get_format() callback

Conflicts:
	libavcodec/mpeg12dec.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:14:07 +02:00
Michael Niedermayer
91ff803a74 Merge commit '09c848855a' into release/2.4
* commit '09c848855a':
  h264: Always invoke the get_format() callback

Conflicts:
	libavcodec/h264_slice.c

Merged-by: Michael Niedermayer <michaelni@gmx.at>
2014-10-04 23:13:51 +02:00
Michael Niedermayer
ff24824a72 h264: reset ret to avoid propagating minor failures
Unbreak 772d150a6e.

CC: libav-stable@libav.org
Bug-Id: 750 / 905753
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
2014-09-29 12:35:32 +01:00
Luca Barbato
570cefb02b hevc: Initialize mergecand_list to 0
Unbreak cf6090dc62.

CC: libav-stable@libav.org
Sample-Id: hevc-conformance-LTRPSPS_A_Qualcomm_1
2014-09-29 12:35:16 +01:00
Rémi Denis-Courmont
ce0972ecdd mpeg12: Always invoke the get_format() callback
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2014-09-26 22:05:37 +02:00
Rémi Denis-Courmont
09c848855a h264: Always invoke the get_format() callback
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
2014-09-26 22:05:34 +02:00
Gianluigi Tiesi
3b57d7769a avcodec/libilbc: support for latest git of libilbc
in the latest git commits of libilbc developers removed WebRtc_xxx typedefs

This commit uses int types instead,
it's safe to apply also for previous versions since
WebRtc_Word16 was always a typedef of int16_t and
WebRtc_UWord16 a typedef of uint16_t

Reviewed-by: Timothy Gu <timothygu99@gmail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 59af5383c1)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-09-21 17:04:04 +02:00
Pascal Massimino
b7f2719951 libavcodec/webp: treat out-of-bound palette index as translucent black
See https://code.google.com/p/webp/issues/detail?id=206
for a description of the problem/fix.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

This patch makes the decoder follow the recommendation of the spec.
There is some disagreement (see "[FFmpeg-devel] [PATCH]: libavcodec/webp")
about what would be best to be written in the spec, so in case the spec
is changed again, this potentially would need to be amended or reverted
(cherry picked from commit 4fd21d58a7)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
2014-09-19 16:37:10 +02:00