wrapper/libavc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
libavc/decoder
History
Vaibhav Valvaiker 3916f3eea4 mvcdec: Heap overflow in 'ih264d_read_coeff4x4_cabac' 
In some erroneous fuzzer bistreams, the slice data requires more
parsing than what was implied by the distance between successive
start codes. The primary culprit is the NEXTBITS macro which requires
reading 4 additional bytes of the bitstream buffer. To alleviate
this, 16 bytes per 4x4 TU have been additionally allocated to the
bitstream buffer. Also, chroma bytes are added for 4:2:0/4:2:2.

This is in reference to commit-72315c1, where additional bytes were added to fix similar issue.

Bug = ossfuzz:42538616
Test: mvc_dec_fuzzer
2025-01-30 06:21:06 -08:00
..
arm libavc : Enable support for MacOS 2024-10-04 06:51:30 -07:00
mvc mvcdec: Heap overflow in 'ih264d_read_coeff4x4_cabac' 2025-01-30 06:21:06 -08:00
riscv SVC decoder support 2023-02-08 07:55:47 -08:00
svc svcdec: Handled timeout by returning status of the error 2024-07-19 01:11:00 -07:00
x86 formatting changes 2023-02-08 07:55:47 -08:00
ih264d.h decoder: replace KEEP_THREADS_ACTIVE macro with avc decoder struct variable 2023-07-22 09:51:37 -07:00
ih264d_api.c libavc : Fix mutex initialization index in apv_proc_start_mutex 2024-10-04 06:50:55 -07:00
ih264d_api_utils.h Decoder: MVC decoding support added 2022-08-06 05:51:31 +00:00
ih264d_bitstrm.c fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_bitstrm.h Decoder: Fix heap buffer overflow. 2020-07-29 23:47:11 +00:00
ih264d_cabac.c Decoder: Fix heap buffer overflow. 2020-07-29 23:47:11 +00:00
ih264d_cabac.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_cabac_init_tables.c Multithreading changes and better error resilience 2015-06-03 07:27:36 -07:00
ih264d_compute_bs.c fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_deblocking.c Multithreading changes and better error resilience 2015-06-03 07:27:36 -07:00
ih264d_deblocking.h Multithreading changes and better error resilience 2015-06-03 07:27:36 -07:00
ih264d_debug.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_defs.h Decoder: add support for QP and block_type map export in library 2022-05-17 09:55:20 +05:30
ih264d_dpb_manager.h Decoder: Fix NPD issue in mmco function 2020-09-16 17:07:13 +05:30
ih264d_dpb_mgr.c libavcdec: Fix integer overflow issue in ui_max_frame_num 2024-10-24 08:16:56 -07:00
ih264d_error_handler.h libavc: Add support for FGC SEI message 2023-02-21 12:36:55 -08:00
ih264d_format_conv.c Multithreading changes and better error resilience 2015-06-03 07:27:36 -07:00
ih264d_format_conv.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_function_selector.h Remove an unused and unnecessary function prototype and associated define 2015-06-25 08:25:51 -07:00
ih264d_function_selector_generic.c fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_inter_pred.c Decoder: Fixes for handling errors in multi-slice MB Aff streams 2016-09-22 18:19:55 +00:00
ih264d_inter_pred.h Multithreading changes and better error resilience 2015-06-03 07:27:36 -07:00
ih264d_mb_utils.c Decoder: add support for QP and block_type map export in library 2022-05-17 09:55:20 +05:30
ih264d_mb_utils.h Decoder: add support for QP and block_type map export in library 2022-05-17 09:55:20 +05:30
ih264d_mem_request.h Decoder: Reduced memory requirements 2015-09-23 18:35:27 +00:00
ih264d_mvpred.c fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_mvpred.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_nal.c fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_nal.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_parse_bslice.c cmake: Set C standard to C90 and move few macros to specific targets 2022-08-30 20:00:54 +00:00
ih264d_parse_cabac.c Decoder: Fix integer sanitizer issues in ih264d_parse_cabac 2019-03-28 14:40:27 -07:00
ih264d_parse_cabac.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_parse_cavlc.c Decoder: Fix Integer Sanitizer Issues in ih264d_parse_cavlc 2019-03-28 14:40:34 -07:00
ih264d_parse_cavlc.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_parse_headers.c libavc: Fix dynamic color aspects support 2024-11-11 18:23:04 -08:00
ih264d_parse_headers.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_parse_islice.c cmake: Set C standard to C90 and move few macros to specific targets 2022-08-30 20:00:54 +00:00
ih264d_parse_islice.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_parse_mb_header.c Decoder: Remove unnecssary optimization while setting MV context 2016-11-24 12:20:42 +05:30
ih264d_parse_mb_header.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_parse_pslice.c decoder: replace KEEP_THREADS_ACTIVE macro with avc decoder struct variable 2023-07-22 09:51:37 -07:00
ih264d_parse_slice.c decoder: replace KEEP_THREADS_ACTIVE macro with avc decoder struct variable 2023-07-22 09:51:37 -07:00
ih264d_parse_slice.h Decoder: Delete node from st if lt and st point to same 2019-06-12 09:54:49 +00:00
ih264d_process_bslice.c Decoder: Fix integer overflow when scaling motion vectors 2020-09-18 22:59:16 +05:30
ih264d_process_bslice.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_process_intra_mb.c Decoder: Initialize some array and structure to zero 2018-11-01 14:35:05 -07:00
ih264d_process_intra_mb.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_process_pslice.c Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709) 2020-08-27 10:16:27 -07:00
ih264d_process_pslice.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_quant_scaling.c Added error check while parsing scaling_list 2019-07-22 13:55:21 -07:00
ih264d_quant_scaling.h Added error check while parsing scaling_list 2019-07-22 13:55:21 -07:00
ih264d_sei.c mvcdec: Heap overflow in 'ih264d_parse_fgc' 2024-01-21 21:40:27 -08:00
ih264d_sei.h Fix formatting in FGC commit 2023-02-21 12:36:55 -08:00
ih264d_structs.h libavcdec: Fix integer overflow issue in ui_max_frame_num 2024-10-24 08:16:56 -07:00
ih264d_tables.c Decoder: Padded gau1_ih264d_top_left_mb_part_indx_mod to avoid an out of bound read 2017-01-17 16:12:12 -08:00
ih264d_tables.h Multithreading changes and better error resilience 2015-06-03 07:27:36 -07:00
ih264d_thread_compute_bs.c decoder: replace KEEP_THREADS_ACTIVE macro with avc decoder struct variable 2023-07-22 09:51:37 -07:00
ih264d_thread_compute_bs.h Multithreading changes and better error resilience 2015-06-03 07:27:36 -07:00
ih264d_thread_parse_decode.c decoder: replace KEEP_THREADS_ACTIVE macro with avc decoder struct variable 2023-07-22 09:51:37 -07:00
ih264d_thread_parse_decode.h Multithreading changes and better error resilience 2015-06-03 07:27:36 -07:00
ih264d_transfer_address.h fix file permissions 2015-05-05 17:51:34 +00:00
ih264d_utils.c libavc: Fix poc counts for idr slice 2024-08-07 05:53:55 -07:00
ih264d_utils.h Decoder: Reduced memory requirements 2015-09-23 18:35:27 +00:00
ih264d_vui.c Decoder: Return error for invalid vui parameter 2018-04-19 10:38:25 -07:00
ih264d_vui.h VUI header file changes 2023-02-08 07:55:47 -08:00
iv.h Decoder: Reduced memory requirements 2015-09-23 18:35:27 +00:00
ivd.h Updates to Android.bp and some formatting fixes 2023-03-08 20:27:18 -08:00
libavcdec.cmake libavc : Enable support for MacOS 2024-10-04 06:51:30 -07:00