Fixes: signed integer overflow: 1073741842 + 1784008138 cannot be represented in type 'int'
Fixes: 6792/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5677589835284480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

Fixes: shift exponent 33 is too large for 32-bit type 'int'
Fixes: 6743/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G723_1_fuzzer-5823772687859712

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

Fixes truncation
Fixes Assertion n <= 31 && value < (1U << n) failed at libavcodec/put_bits.h:169
Fixes: ffmpeg_crash_2.avi

Found-by: Thuan Pham <thuanpv@comp.nus.edu.sg>, Marcel Böhme, Andrew Santosa and Alexandru RazvanCaciulescu with AFLSmart
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

Fixes ticket #7227.

Reviewed-by: Mark Thompson

fixes ticket7209
Tested-by: Jim DeLaHunt <from.ffmpeg-dev@jdlh.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

Add missing libraries needed when linking with a static build of MbedTLS.
Signed-off-by: James Almer <jamrial@gmail.com>

FFmbc uses this.
bmx uses this.
XAVC MXF Mapping and Operating Points prefers this.
Basic rounding rules also yields these numbers.
Signed-off-by: Marton Balint <cus@passwd.hu>

ticket #5522 output of given samples significantly improved

Fixes: inconsistency
Fixes:runtime error: index 8 out of bounds for type 'int32_t [8]'
Fixes: 6686/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TRUEHD_fuzzer-5191383498358784

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

This avoids inconsistent value combinations.
Alternatively it would be possible to add more checks and careful use of
temporary variables, but my try of this quickly seemed to become
a rather large change.
The disadvantage of this, is that the struct is copied back and forth.

Fixes: index 6 out of bounds for type 'const uint16_t [5][16]'
Fixes: 6557/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_INDEO4_fuzzer-4787296550256640

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

Fixes: Infinite loop
Fixes: 7669/clusterfuzz-testcase-ffmpeg_AV_CODEC_ID_AC3_FIXED_fuzzer-4689042185650176
Fixes: 7670/clusterfuzz-testcase-ffmpeg_AV_CODEC_ID_AC3_fuzzer-4706306762997760
Fixes: 7672/clusterfuzz-testcase-ffmpeg_AV_CODEC_ID_EAC3_fuzzer-4702108499574784

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>

Fixes ticket #7228.
The option was disabled since 4a62f477 and removed in 6e69525e.

fix ticket: 7160
Signed-off-by: Steven Liu <lq@chinaffmpeg.org>

simplify the code to check common init section

Add NULL pointer check for init_section

This was broken by bed670a1, which added
an assert that always failed.

Fixes: #7165
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/bintext: Reduce detection for random .bin files as it more likely is not a multimedia related file
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

Signed-off-by: James Almer <jamrial@gmail.com>

The libvpx doxy says that a value of 0 for the g_threads field is
equivalent to a value of 1, whereas for avctx->thread_count it means
the maximum amount of threads possible for the host system.

Use av_cpu_count() to get the correct thread count when auto threads
is requested.
Reviewed-by: James Zern <jzern@google.com>
Signed-off-by: James Almer <jamrial@gmail.com>

This uses any devices it can find on the host system - on a system with no
hardware device support or in builds with no support included it will do
nothing and pass.

Signed-off-by: Aman Gupta <aman@tmm1.net>

Signed-off-by: Aman Gupta <aman@tmm1.net>

Both stream_id and stream_identifier are used in this file,
and have different meanings. The latter comes from the
stream_identifier_descriptor.
Signed-off-by: Aman Gupta <aman@tmm1.net>

Fixes regression with playback of GF9720Repeal20the20Eighth20with20Helen20Linehan.m4a
See: crbug 822666
Found-by: "Mattias Wadman <mattias.wadman@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

Without this some operations might overflow (undefined behavior)
even though the index adding loop would never execute

No testcase known
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

If v->fieldtx_is_raw is not reset to zero, it may spill over from a previous
interlaced frame I/BI picture.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

This eliminates several low score detections of non mp3 files
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

This corrects several misdetections of large files
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

This massively reduces the detection of random data as low score mp3
It may improve security by making it harder to read non multimedia data
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

Only for the last slice of the first field is the last line of the slice
equal to the height of the field.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

DIRECTBIT was decoded before the intra/inter MB branching when decoding
interlace frame B pictures. Resulting in mistakenly also decoding it for intra
MBs where this syntax element is not present.
Signed-off-by: Jerome Borsboom <jerome.borsboom@carpalis.nl>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>