Commit graph

102589 commits

Author SHA1 Message Date
Michael Niedermayer
4d166d3758
avcodec/eacmv: Check input size for intra frames
Fixes: Timeout
Fixes: 71135/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EACMV_fuzzer-6251879028293632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c3a1cbbf5d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:06 +01:00
Michael Niedermayer
b18ca50c9a
avcodec/jfdctint_template: use unsigned z* in row_fdct()
Fixes: signed integer overflow: 856827136 + 2123580416 cannot be represented in type 'int'
Fixes: 70772/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_KS_fuzzer-5180569961431040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f27c8b04d3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:05 +01:00
Michael Niedermayer
42b7b6df99
avformat/mxfdec: Check timecode for overflow
Fixes: signed integer overflow: 9223372036840103968 + 538976288 cannot be represented in type 'long'
Fixes: 70604/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4844090340999168

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6be3786c82)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:05 +01:00
Michael Niedermayer
2a7a511546
avformat/mxfdec: More offset_temp checks
Fixes: signed integer overflow: 9223372036854775807 - -1927491430256034080 cannot be represented in type 'long'
Fixes: 70607/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5282235077951488

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <git@haerdin.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5a96aa435a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:05 +01:00
Michael Niedermayer
84a2bf6971
swscale/output: Fix undefined integer overflow in yuv2rgba64_2_c_template()
Fixes: signed integer overflow: -1082982400 + -1083218484 cannot be represented in type 'int'
Fixes: 70657/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-6707819712675840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bd80c97391)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:04 +01:00
Michael Niedermayer
11d9a58cc9
swscale/swscale: Use unsigned operation to avoid undefined behavior
I have not checked that the constant is correct, this just fixes the undefined behavior

Fixes: signed integer overflow: -646656 * 3517 cannot be represented in type 'int
Fixes: 70559/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5209368631508992

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 44c5641ae8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:04 +01:00
Michael Niedermayer
940dd450d0
avcodec/vc2enc: basic sanity check on slice_max_bytes
Fixes: left shift of 896021632 by 3 places cannot be represented in type 'int'
Fixes: 70544/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC2_fuzzer-6685593652756480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6df9a0292c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:04 +01:00
Michael Niedermayer
a92471dc3d
avformat/mvdec: Check if name was fully read
Fixes: use of uninitialized value
Fixes: 70901/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-6341913949569024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4e39795c75)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:03 +01:00
Michael Niedermayer
5665329af3
avcodec/wmavoice: Do not use uninitialized pitch[0]
Fixes: use of uninitialized value
Fixes: 70850/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-4806127362048000

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5338707930)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:03 +01:00
Michael Niedermayer
a5a970e3ca
avformat/argo_brp: Check that ASF chunk header is completely read
Fixes: Use of uninitialized value
Fixes: 71280/clusterfuzz-testcase-minimized-ffmpeg_dem_ARGO_BRP_fuzzer-4692991866896384

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 815d008681)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:03 +01:00
Michael Niedermayer
0f6510a1a5
avcodec/notchlc: Check bytes left before reading
Fixes: Use of uninitialized value
Fixes: 71230/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NOTCHLC_fuzzer-4624502095413248

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b9c7f50c7d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:02 +01:00
Michael Niedermayer
25d921123d
avcodec/vc1_block: propagate error codes
Fixes: use of uninitialized value
Fixes: 71228/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-6188476880453632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 01910ca603)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:02 +01:00
Michael Niedermayer
bdda29b4c4
avformat/apetag: Check APETAGEX
Fixes: Use of uninitialized value
Fixes: 71074/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5697034877730816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 796ff2d599)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:02 +01:00
Michael Niedermayer
50740973ec
avcodec/avcodec: Warn about data returned from get_buffer*()
Text based on suggestion by: epirat07@gmail.com
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 93444c46fce195e378c4ebb1a20ea662e7f0123b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:01 +01:00
Michael Niedermayer
e2403b6b45
avcodec/aic: Clear slice_data
Fixes: use-of-uninitialized-value
Fixes: 70865/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AIC_fuzzer-4874102695854080

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit de3f6c8888)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:01 +01:00
Michael Niedermayer
f5dea77598
avcodec/vc1dec: Clear mb_type_base and ttblk_base
Fixes: two use-of-uninitialized-value
Fixes: 70856/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5539349918187520

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 50471f96c4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:01 +01:00
Michael Niedermayer
b2c676a02f
avcodec/shorten: clear padding
Fixes: use-of-uninitialized-value
Fixes: 70854/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5533480570650624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e44349ee88)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:00 +01:00
Michael Niedermayer
bf22df9aa9
avformat/mpeg: Check an avio_read() for failure
Fixes: use-of-uninitialized-value
Fixes: 70849/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGPS_fuzzer-4684401009557504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 66ee75d76c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:00 +01:00
Michael Niedermayer
7ab9c9a6e2
avcodec/mvha: Clear remaining space after inflate()
Fixes: use-of-uninitialized-value
Fixes: 70838/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVHA_fuzzer-4878509466517504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cba4e2e40d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:12:00 +01:00
Michael Niedermayer
3aabb889f4
avformat/segafilm: Set keyframe
Fixes: use of uninitialized value
Fixes: 70871/clusterfuzz-testcase-minimized-ffmpeg_dem_SEGAFILM_fuzzer-5883617752973312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4dc7dfe65a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:59 +01:00
Michael Niedermayer
1bb8e0dd58
avcodec/sga: av_assert1 check init_get_bits8()
Related: CID1473562 Unchecked return value
Related: CID1473592 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0f4524f07a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:59 +01:00
Michael Niedermayer
37ed38d621
avcodec/dxva2: initialize hr in ff_dxva2_common_end_frame()
Related: CID1591924 Uninitialized scalar variable
Related: CID1591938 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1d6a2aebae)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:59 +01:00
Michael Niedermayer
68de9bff92
avcodec/dxva2: initialize validate
Related: CID1591915 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2232c4cc8c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:58 +01:00
Michael Niedermayer
7e3fb26f91
avcodec/dxva2: Initialize ConfigBitstreamRaw
Related: CID1591894 Uninitialized scalar variable
Related: CID1591906 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 489c05b9c3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:58 +01:00
Michael Niedermayer
496c4403f8
avcodec/dxva2: Initialize dxva_size and check it
Related: CID1591878 Uninitialized scalar variable
Related: CID1591928 Uninitialized pointer read

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c8c59e9929)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:58 +01:00
Michael Niedermayer
6214f7ee12
avfilter/vf_xfade: Compute w2, h2 with float
Fixes: CID1458148 Result is not floating-point
Fixes: CID1458149 Result is not floating-point
Fixes: CID1458150 Result is not floating-point
Fixes: CID1458151 Result is not floating-point
Fixes: CID1458152 Result is not floating-point
Fixes: CID1458154 Result is not floating-point
Fixes: CID1458155 Result is not floating-point
Fixes: CID1458156 Result is not floating-point

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b98125e5a5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:57 +01:00
Michael Niedermayer
4781eff8d1
avfilter/vf_v360: Assert that vf was initialized
Maybe helps: CID1504571 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f802d65de0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:57 +01:00
Michael Niedermayer
7796205464
avfilter/vf_tonemap_opencl: Dereference after NULL check
Fixes: CID1437472 Dereference before null check

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e5c0f56ca0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:57 +01:00
Michael Niedermayer
aee520fe79
avfilter/vf_xfade_opencl: Check ff_inlink_consume_frame() for failure
Fixes: CID1458127 Unchecked return value

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 43b62b7e0c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:56 +01:00
Michael Niedermayer
629f3f395f
avformat/lmlm4: Eliminate some AVERROR(EIO)
Found by code review related to CID732224 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 191a685010)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:56 +01:00
Michael Niedermayer
849f4423a9
avformat/wtvdec: Check length of read mpeg2_descriptor
Fixes: Use of uninitialized value
Fixes: 70900/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-6286909377150976

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c390234da2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:56 +01:00
Michael Niedermayer
9c369ece3a
avformat/wtvdec: clear sectors
The code can leave uninitialized holes in the array.
Fixes: use of uninitialized values
Fixes: 70883/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-6698694567591936

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c95ea03104)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:55 +01:00
Kacper Michajłow
7475b2df34
avcodec/parser: ensure input padding is zeroed
Fixes use of uninitialized value, reported by MSAN.

Found by OSS-Fuzz.

Signed-off-by: Kacper Michajłow <kasper93@gmail.com>

Fixes: 70852/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5179190066872320
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5dfc0cc841)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:55 +01:00
Michael Niedermayer
fd1b4e5b09
avformat/img2dec: Clear padding data after EOF
Fixes: use-of-uninitialized-value
Fixes: 70852/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5179190066872320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Kacper Michajlow <kasper93@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3978e81809)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:54 +01:00
Michael Niedermayer
1bc4393853
avformat/wavdec: Check if there are 16 bytes before testing them
Fixes: use-of-uninitialized-value
Fixes: 70839/clusterfuzz-testcase-minimized-ffmpeg_dem_W64_fuzzer-5212907590189056

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 79a1cf30d1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:54 +01:00
Michael Niedermayer
3fd58c595a
avcodec/snow: Fix off by 1 error in run_buffer
Fixes: out of array access
Fixes: 70741/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-5703668010647552

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 06f5ed40f8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:54 +01:00
Michael Niedermayer
adc077f06a
avcodec/utils: apply the same alignment to YUV410 as we do to YUV420 for snow
The snow encoder uses block based motion estimation which can read out of array if
insufficient alignment is used

It may be better to only apply this for the encoder, as it would safe a few bytes of memory
for the decoder. Until then, this fixes the issue in a simple way.

Fixes: out of array access
Fixes: 68963/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-4979988435632128
Fixes: 68969/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-6239933667803136.fuzz
Fixed: 70497/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SNOW_fuzzer-5751882631413760

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 58fbeb59e7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
2025-03-16 22:11:48 +01:00
Brad Smith
2d18c6b8ab lsws/ppc/yuv2rgb_altivec: Fix build in non-VSX environments with Clang v2
v2: test for function if AltiVec is enabled instead of with AltiVec and without VSX

(cherry picked from commit 49c8f33262)
Signed-off-by: Brad Smith <brad@comstyle.com>
2025-03-16 00:48:16 -04:00
Brad Smith
793a472df5 lsws/ppc/yuv2rgb_altivec: Fix build in non-VSX environments with Clang
Add a check for the existence of the vec_xl() function. Clang provides
the function even with VSX not enabled.

(cherry picked from commit 30a8641465)
Signed-off-by: Brad Smith <brad@comstyle.com>
2025-03-16 00:48:09 -04:00
Pavel Koshevoy
e60da7024c avformat/mov: (v4) fix get_eia608_packet
The problem is reproducible with "Test for Quicktime 608 CC file.mov"
from https://samples.ffmpeg.org/MPEG2/subcc/

ffmpeg -i "Test for Quicktime 608 CC file.mov" -map 0 -c copy -y remuxed.mov

See https://trac.ffmpeg.org/ticket/11470
2025-02-26 16:07:25 -07:00
Martin Storsjö
1469515021 configure: Improve the check for the rsync --contimeout option
Traditionally, macOS has shipped an old version of rsync that lacked
support for this option, hence this check (added in
a8b3f0c5cf).

However, in macOS 15.x, Apple have switched to providing rsync as a
different tool, openrsync. The version of openrsync in at least
macOS 15.2 does include "[--contimeout]" (note the lack of "=" after
the option), in the output of "rsync --help", but when used, the tool
errors out with "rsync: --contimeout=60: unknown option". So apparently
the tool erroenously lists the option as supported, while it really
isn't.

The original rsync tool (with a new enough version) prints
"--contimeout=SECONDS" in the output of "rsync --help".

It is unclear which version of openrsync Apple are shipping; the latest
upstream openrsync from OpenBSD does support the option and includes
"[--contimeout=seconds]" in the output of "--help", and older versions
don't seem to include the option as listed at all.

Therefore, check for "--conntimeout=" with the "=", this should
properly detect both new enough rsync and openrsync.

This fixes running "fate-rsync" on macOS 15.x.

Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 3cd4e8470a)
2025-02-11 10:38:32 +02:00
Martin Storsjö
061d8afce1 rtmpproto: Avoid rare crashes in the fail: codepath in rtmp_open
When running the cleanup in rtmp_close on failures in rtmp_open,
we can in rare cases end up using rt->playpath, assuming that it
is still set.

The crash could happen if we hit the fail codepath in rtmp_open
while publishing (rt->is_input == 0) with rt->state set to
a value > STATE_FCPUBLISH.

This would normally not happen while publishing; either we have
an error (and rt->state <= STATE_FCPUBLISH) or we reach
rt->state = STATE_PUBLISHING, and then we also return successfully
from rtmp_open.

The unexpected combination of states could happen if the server
responds with e.g. "NetStream.Play.Stop" while expecting
"NetStream.Publish.Start"; this sets rt->state to STATE_STOPPED,
which also fulfills the condition "> STATE_FCPUBLISH".

We don't need to free the rt->playpath/tcurl/flashver strings here;
they're handled via AVOption, and thus are freed automatically when
the protocol instance is freed (that's why they aren't freed
manually within the rtmp_close function either).

We also don't need to free the AVDictionary with options; it's
owned by the caller.

A smaller fix would be to just call rtmp_close before freeing
the strings and dictionary, but as we don't need to free them
at all, let's remove that redundant code.

Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit 8f4819ce01)
2025-02-11 10:37:58 +02:00
Janne Grunau
7b0213a111 vp9: recon: Use emulated edge to prevent buffer overflows
The arm/aarch64 horizontal filter reads one additional pixel beyond what
the filter uses. This can become an issue if the application does not
allocate larger buffers than what's required for the pixel data. If the
motion vector points to the bottom right edge of the picture this
becomes a read buffer overflow. This triggers segfaults in Firefox for
video resolutions which result in a page aligned picture size like
1280x640.
Prevent this by using emulated edge in this case.

Fixes: https://bugzilla.mozilla.org/show_bug.cgi?id=1881185
Signed-off-by: Janne Grunau <janne-ffmpeg@jannau.net>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit 060464105b)
2025-01-04 07:31:10 -05:00
Janne Grunau
fe955a7d77 arm: vp9mc: Load only 12 pixels in the 4 pixel wide horizontal filter
This reduces the amount the horizontal filters read beyond the filter
width to a consistent 1 pixel. The data is not used so this is usually
not noticeable. It becomes a problem when the application allocates
frame buffers only for the aligned picture size and the end of it is at
a page boundary. This happens for picture sizes which are a multiple of
the page size like 1280x640. The frame buffer allocation is based on
its most likely done via mmap + MAP_ANONYMOUS so start and end of the
buffer are page aligned and the previous and next page are not
necessarily mapped.
This mirrors the aarch64 change.

Signed-off-by: Janne Grunau <janne-ffmpeg@jannau.net>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit f366256215)
2025-01-04 07:31:10 -05:00
Janne Grunau
d3b9fd51b8 aarch64: vp9mc: Load only 12 pixels in the 4 pixel wide horizontal filter
This reduces the amount the horizontal filters read beyond the filter
width to a consistent 1 pixel. The data is not used so this is usually
not noticeable. It becomes a problem when the application allocates
frame buffers only for the aligned picture size and the end of it is at
a page boundary. This happens for picture sizes which are a multiple of
the page size like 1280x640. The frame buffer allocation is based on
its most likely done via mmap + MAP_ANONYMOUS so start and end of the
buffer are page aligned and the previous and next page are not
necessarily mapped.
Under these conditions like seen by Firefox a read beyond the end of the
buffer results in a segfault.
After the over-read is reduced to a single pixel it's reasonable to use
VP9's emulated edge motion compensation for this.

Fixes: https://bugzilla.mozilla.org/show_bug.cgi?id=1881185
Signed-off-by: Janne Grunau <janne-ffmpeg@jannau.net>
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
(cherry picked from commit 430c38f698)
2025-01-04 07:31:10 -05:00
Gyan Doshi
283dc2e8eb avcodec/libx265: unbreak build for X265_BUILD >= 213
Earlier, x265 made an API change to support alpha and
other multiple layer pictures. We added guards to accommodate
that in 1f801dfdb5

They have now reverted that API change in
78e5b703b1

Updated our wrapper guards to unbreak build again.
2024-10-06 13:32:28 +02:00
Gyan Doshi
74b14ccd31 lavc/libx265: unbreak build for X265_BUILD >= 210
x265 added support for alpha starting with build 210.
While doing so, x265_encoder_encode() changed its fifth arg to
an array of pointers to x265_picture. This broke building lavc/libx265.c

This patch simply unbreaks the build and maintains existing single-layer
non-alpha encoding support.

Fixes #11130
2024-09-04 13:53:34 +02:00
Marton Balint
bd1619da10 avformat/libzmq: fix check for zmq protocol prefix
Fixes ticket #11134.

Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit a87a96105e)
2024-09-02 23:34:45 +02:00
Ramiro Polla
af17f55202 configure: improve check for POSIX ioctl
Instead of relying on system #ifdefs which may or may not be correct,
detect the POSIX ioctl signature at configure time.

(cherry picked from commit 00b64fca55)
Signed-off-by: Brad Smith <brad@comstyle.com>
2024-09-01 19:57:19 -04:00
Ramiro Polla
d0aec196bb configure: restore autodetection of v4l2 and fbdev
The detection logic for v4l2 and fbdev was accidentally modified to
depend on v4l2-m2m in 43b3412.

(cherry picked from commit 7405f1ad53)
Signed-off-by: Brad Smith <brad@comstyle.com>
2024-09-01 19:56:11 -04:00