Commit graph

45091 commits

Author SHA1 Message Date
Michael Niedermayer
3fd58c595a
avcodec/snow: Fix off by 1 error in run_buffer
Fixes: out of array access
Fixes: 70741/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-5703668010647552

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 06f5ed40f8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:54 +01:00
Michael Niedermayer
adc077f06a
avcodec/utils: apply the same alignment to YUV410 as we do to YUV420 for snow
The snow encoder uses block based motion estimation which can read out of array if
insufficient alignment is used

It may be better to only apply this for the encoder, as it would safe a few bytes of memory
for the decoder. Until then, this fixes the issue in a simple way.

Fixes: out of array access
Fixes: 68963/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-4979988435632128
Fixes: 68969/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-6239933667803136.fuzz
Fixed: 70497/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-5751882631413760

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 58fbeb59e7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:48 +01:00
Janne Grunau
7b0213a111 vp9: recon: Use emulated edge to prevent buffer overflows
The arm/aarch64 horizontal filter reads one additional pixel beyond what
the filter uses. This can become an issue if the application does not
allocate larger buffers than what's required for the pixel data. If the
motion vector points to the bottom right edge of the picture this
becomes a read buffer overflow. This triggers segfaults in Firefox for
video resolutions which result in a page aligned picture size like
1280x640.
Prevent this by using emulated edge in this case.

Fixes: https://bugzilla.mozilla.org/show_bug.cgi?id=1881185
Signed-off-by: Janne Grunau <janne-ffmpeg@jannau.net>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit 060464105b)
2025-01-04 07:31:10 -05:00
Janne Grunau
fe955a7d77 arm: vp9mc: Load only 12 pixels in the 4 pixel wide horizontal filter
This reduces the amount the horizontal filters read beyond the filter
width to a consistent 1 pixel. The data is not used so this is usually
not noticeable. It becomes a problem when the application allocates
frame buffers only for the aligned picture size and the end of it is at
a page boundary. This happens for picture sizes which are a multiple of
the page size like 1280x640. The frame buffer allocation is based on
its most likely done via mmap + MAP_ANONYMOUS so start and end of the
buffer are page aligned and the previous and next page are not
necessarily mapped.
This mirrors the aarch64 change.

Signed-off-by: Janne Grunau <janne-ffmpeg@jannau.net>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit f366256215)
2025-01-04 07:31:10 -05:00
Janne Grunau
d3b9fd51b8 aarch64: vp9mc: Load only 12 pixels in the 4 pixel wide horizontal filter
This reduces the amount the horizontal filters read beyond the filter
width to a consistent 1 pixel. The data is not used so this is usually
not noticeable. It becomes a problem when the application allocates
frame buffers only for the aligned picture size and the end of it is at
a page boundary. This happens for picture sizes which are a multiple of
the page size like 1280x640. The frame buffer allocation is based on
its most likely done via mmap + MAP_ANONYMOUS so start and end of the
buffer are page aligned and the previous and next page are not
necessarily mapped.
Under these conditions like seen by Firefox a read beyond the end of the
buffer results in a segfault.
After the over-read is reduced to a single pixel it's reasonable to use
VP9's emulated edge motion compensation for this.

Fixes: https://bugzilla.mozilla.org/show_bug.cgi?id=1881185
Signed-off-by: Janne Grunau <janne-ffmpeg@jannau.net>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit 430c38f698)
2025-01-04 07:31:10 -05:00
Gyan Doshi
283dc2e8eb avcodec/libx265: unbreak build for X265_BUILD >= 213
Earlier, x265 made an API change to support alpha and
other multiple layer pictures. We added guards to accommodate
that in 1f801dfdb5

They have now reverted that API change in
78e5b703b1

Updated our wrapper guards to unbreak build again.
2024-10-06 13:32:28 +02:00
Gyan Doshi
74b14ccd31 lavc/libx265: unbreak build for X265_BUILD >= 210
x265 added support for alpha starting with build 210.
While doing so, x265_encoder_encode() changed its fifth arg to
an array of pointers to x265_picture. This broke building lavc/libx265.c

This patch simply unbreaks the build and maintains existing single-layer
non-alpha encoding support.

Fixes #11130
2024-09-04 13:53:34 +02:00
Ross Burton
1ba2edcbe4 libavcodec/arm/mlpdsp_armv5te: fix label format to work with binutils 2.43
binutils 2.43 has stricter validation for labels[1] and results in errors
when building ffmpeg for armv5:

src/libavcodec/arm/mlpdsp_armv5te.S:232: Error: junk at end of line, first unrecognized character is `0'

Remove the leading zero in the "01" label to resolve this error.

[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=226749d5a6ff0d5c607d6428d6c81e1e7e7a994b

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 654bd47716)
2024-08-16 13:48:50 +03:00
Michael Niedermayer
4a4fe5cb49
avcodec/cfhdenc: Height of 16 is not supported
Fixes: out of array access
Fixes: 68941/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CFHD_fuzzer-5990952685600768

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5dde255abd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 14:28:59 +02:00
Michael Niedermayer
f6f253a47b
avcodec/cfhdenc: Allocate more space
Fixes: Assertion failure
Fixes: 68979/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CFHD_fuzzer-5375874714107904

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a308d79e4d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 14:25:35 +02:00
Michael Niedermayer
c8283c8225
avcodec/vaapi_encode: Check hwctx
Fixes: null pointer dereference
Fixes: 70376/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_H264_VAAPI_fuzzer-4733551250046976

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3cd077e282)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 14:21:46 +02:00
Michael Niedermayer
d53ea7a0bc
avcodec/proresdec: Consider negative bits left
Fixes: 70036/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_fuzzer-6298797647396864
Fixes: shift exponent 40 is too large for 32-bit type 'uint32_t' (aka 'unsigned int')

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 419eee6356)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 14:19:35 +02:00
Michael Niedermayer
75529eed5d
avcodec/hevc/hevcdec: Do not allow slices to depend on failed slices
An alternative would be to leave the context unchanged on failure of hls_slice_header()

Fixes: out of array access
Fixes: NULL pointer dereference
Fixes: 69584/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5931086299856896
Fixes: 69724/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5104066422702080
Fixes: 70422/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-5908731129298944

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5d9544cfb0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-24 01:03:06 +02:00
Michael Niedermayer
ceeb1928da
avcodec/pnmdec: Use 64bit for input size check
Fixes: out of array read
Fixes: poc3

Reported-by: VulDB CNA Team
Found-by: CookedMelon
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3faadbe2a2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-22 01:15:30 +02:00
Michael Niedermayer
6913ebd5b4
avcodec/utvideoenc: Use unsigned shift to build flags
Fixes: left shift of 255 by 24 places cannot be represented in type 'int'
Fixes: 69083/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_UTVIDEO_fuzzer-5608202363273216

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 69e90491f1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-22 01:09:43 +02:00
Michael Niedermayer
47cdc9df8d
avcodec/vc2enc: Fix overflows with storing large values
Fixes: left shift of 1431634944 by 2 places cannot be represented in type 'int'
Fixes: left shift of 1073741824 by 1 places cannot be represented in type 'int'
Fixes: 69061/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC2_fuzzer-6325700826038272

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit af99358353)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-22 01:07:45 +02:00
Michael Niedermayer
a0e7f6ea67
avcodec/mpegvideo_enc: Do not duplicate pictures on shifting
Fixes: out of array access
Fixes: 69098/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG2VIDEO_fuzzer-6107989688778752
Fixes: 69599/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG4_fuzzer-4848626296225792.fuzz

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9c8881cb35)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-22 01:07:04 +02:00
Michael Niedermayer
ff443c8ab0
avcodec/tiff: Check value on positive signed targets
Fixes: CID1604593 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 66d6b8033b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-22 01:05:06 +02:00
Michael Niedermayer
bc5f841688
avcodec/flac_parser: Assert that we do not overrun the link_penalty array
Helps: CID1454676 Out-of-bounds read

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9af348bd1a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 22:20:28 +02:00
Michael Niedermayer
11cdd99585
avcodec/pixlet: Simplify pfx computation
Found by reviewing code related to CID1604365 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0474614e6c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 22:19:16 +02:00
Michael Niedermayer
d636f4a96e
avcodec/motion_est: Fix score squaring overflow
Fixes: CID1604552 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f18b442370)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 22:18:31 +02:00
Michael Niedermayer
3fc4889976
avcodec/loco: Check loco_get_rice() for failure
Fixes: CID1604495 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d553276843)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 22:16:36 +02:00
Michael Niedermayer
aa2ed020e9
avcodec/loco: check get_ur_golomb_jpegls() for failure
Fixes: CID1604400 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b989986641)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 22:16:08 +02:00
Michael Niedermayer
2949adb6fa
avcodec/imm4: check cbphi for error
Fixes: CID1604356 Overflowed constant
Fixes: CID1604573 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6e4c037833)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 22:14:13 +02:00
Michael Niedermayer
7017910d7a
avcodec/iff: Use signed count
This is more a style fix than a bugfix (CID1604392 Overflowed constant)

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cfe66dfebb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 22:12:46 +02:00
Michael Niedermayer
8cd6565353
avcodec/golomb: Assert that k is in the supported range for get_ur/sr_golomb()
Found by code review related to CID1604563 Overflowed return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b2aaeb81f6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 22:11:22 +02:00
Michael Niedermayer
a6fdaba297
avcodec/golomb: Document return for get_ur_golomb_jpegls() and get_sr_golomb_flac()
Found while reviewing code related to CID1604409 Overflowed return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7cf5b83f6f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 21:45:56 +02:00
Michael Niedermayer
26717ad2dc
avcodec/dxv: Fix type in get_opcodes()
Found by code review related to CID1604386 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e5af1c6e91)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 21:45:38 +02:00
Michael Niedermayer
a116ca9b24
avcodec/cri: Check length
Fixes: CID1604394 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 69dcd123f1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 21:45:17 +02:00
Michael Niedermayer
0c24fec67f
avcodec/xsubdec: Check parse_timecode()
Fixes: CID1604490 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 96fd9417e2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 21:44:54 +02:00
Michael Niedermayer
8c240bcc4a
avcodec/proresenc_kostya: use unsigned alpha for rotation
Fixes: left shift of negative value -208
Fixes: 69073/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_KS_fuzzer-4745020002336768

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 93e0265e27)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 21:42:58 +02:00
Mark Thompson
f4882ef9e5
cbs_av1: Reject thirty-two zero bits in uvlc code
The spec allows at least thirty-two zero bits followed by a one to mean
2^32-1, with no constraint on the number of zeroes.  The libaom
reference decoder does not match this, instead reading thirty-two zeroes
but not the following one to mean 2^32-1.  These two interpretations are
incompatible and other implementations may follow one or the other.
Therefore reject thirty-two zeroes because the intended behaviour is not
clear.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7110a36ba0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 20:05:28 +02:00
Michael Niedermayer
3eab16d53e
avcodec/mfenc: check IMFSample_ConvertToContiguousBuffer() for failure
Fixes: CID1591911 Logically dead code

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 86cd7c68bc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 19:57:03 +02:00
Michael Niedermayer
1fb574add8
avcodec/vc1_loopfilter: Factor duplicate code in vc1_b_h_intfi_loop_filter()
Fixes: CID1435168

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 63ecce9ba8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 19:56:44 +02:00
Michael Niedermayer
6dfbb077e9
avcodec/cbs_jpeg: Try to move the read entity to one side in a test
The checked entity should be alone on one side of the check, this avoids
complex considerations of overflows.
This fixes a issue of bad style in our code and a coverity issue.

Fixes: CID1439654 Untrusted pointer read

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 385784a148)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 19:55:13 +02:00
Michael Niedermayer
a40d0a3832
avcodec/targaenc: Allocate space for the palette
Fixes: out of array access
Fixes: 68927/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TARGA_fuzzer-5105665067515904

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4a7220bd5c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:26:54 +02:00
Michael Niedermayer
1d992ac6d7
avcodec/r210enc: Use av_rescale for bitrate
Fixes: signed integer overflow: 281612954574848 * 65344 cannot be represented in type 'long'
Fixes: 68956/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_R210_fuzzer-6459074458746880

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d34d4b6a7c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:25:33 +02:00
Michael Niedermayer
e6d5edb03c
avcodec/jfdctint_template: Fewer integer anomalies
Fixes: signed integer overflow: 105788 * -20995 cannot be represented in type 'int'
Fixes: signed integer overflow: 923211729 + 2073948236 cannot be represented in type 'int'
Fixes: signed integer overflow: 1281179284 + 2073948236 cannot be represented in type 'int'
Fixes: 68975/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_fuzzer-6266769177116672
Fixes: 68997/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_KS_fuzzer-6284237161431040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 228f255b5d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:25:13 +02:00
Michael Niedermayer
71fc1aada6
avcodec/snowenc: MV limits due to mv_penalty table size
Fixes: out of array read
Fixes: 69673/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-5476592894148608

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3a9292aff3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-07-21 17:24:40 +02:00
Michael Niedermayer
ce6a782fda
avcodec/ilbcdec: Remove dead code
Yes the same dead code is in "iLBC Speech Coder ANSI-C Source Code"

Fixes: CID1509370 Logically dead code

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8a64a003b5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-06-15 23:32:58 +02:00
Michael Niedermayer
8831bff756
avcodec/vp8: Check cond init
Fixes: CID1598563 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9b76e49061)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-06-15 23:32:57 +02:00
Michael Niedermayer
4ef3c9ddc9
avcodec/vp8: Check mutex init
Fixes: CID1598556 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4ac7405aaf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-06-15 23:32:57 +02:00
Michael Niedermayer
c4ec63cec2
avcodec/notchlc: Check init_get_bits8() for failure
Fixes: CID1500300 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 19db9636c5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-06-15 23:32:57 +02:00
Michael Niedermayer
653f189b4f
avcodec/tests/dct: Use 64bit in intermediate for error computation
Fixes: CID1500284 Unintentional integer overflow

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 161d0aa2a8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-06-15 23:32:56 +02:00
Michael Niedermayer
2886a355a4
avcodec/scpr3: Check add_dec() for failure
Fixes: CID1441459 Improper use of negative value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d741638042)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-06-15 23:32:56 +02:00
Michael Niedermayer
7260e6dcbe
avcodec/rv34: assert that size is not 0 in rv34_gen_vlc_ext()
Helps: CID1548380 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e5098589b0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-06-15 23:32:56 +02:00
Michael Niedermayer
2f65a02754
avcodec/wavpackenc: Use unsigned for potential 31bit shift
Fixes: CID1465481 Unintentional integer overflow

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6f976db251)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-06-15 23:32:55 +02:00
Michael Niedermayer
7390d83895
avcodec/tests/jpeg2000dwt: Use 64bit in comparission
Found while reviewing: CID1500309 Unintentional integer overflow

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 12391b732f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-06-15 23:32:55 +02:00
Michael Niedermayer
03df999a30
avcodec/tests/jpeg2000dwt: Use 64bit in err2 computation
This issue cannot happen with the current function parameters

Fixes: CID1500309 Unintentional integer overflow

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 847a53f264)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-06-15 23:32:55 +02:00
Michael Niedermayer
413f9b1457
avcodec/sga: Make it clear that the return is intentionally not checked
Related: CID1473496 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 00d029d5c0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2024-06-15 23:32:54 +02:00