- 10 Feb, 2020 7 commits
-
-
Andreas Rheinhardt authored
Since bae8844e the packet will always be unreferenced when a demuxer returns an error, so that a lot of calls to av_packet_unref() in lots of demuxers are now redundant and can be removed. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: Marton Balint <cus@passwd.hu>
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Ting Fu authored
Tested using this command: /ffmpeg -pix_fmt yuv420p -s 1920*1080 -i ArashRawYuv420.yuv \ -vcodec rawvideo -s 1920*1080 -pix_fmt rgb24 -f null /dev/null The fps increase from 389 to 640 on Intel(R) Core(TM) i7-8700K CPU @ 3.70GHz Signed-off-by: Ting Fu <ting.fu@intel.com>
-
Paul B Mahol authored
-
Paul B Mahol authored
-
- 09 Feb, 2020 33 commits
-
-
Andreas Rheinhardt authored
This is possible because the size of a scan header is always a multiple of a byte. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
-
Andreas Rheinhardt authored
They are spec-incompliant. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: signed integer overflow: -2147479324 + -32568 cannot be represented in type 'int' Fixes: 20103/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_GREMLIN_DPCM_fuzzer-5667667579240448 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: signed integer overflow: -53716100 * 256 cannot be represented in type 'int' Fixes: 20143/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5716604000403456 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array read Fixes: 20059/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5691776237305856 No testcase except the fuzzed one. Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: timeout (252sec -> 170msec) Fixes: 20023/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVHA_fuzzer-5681192565473280 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array access Fixes: 19892/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AGM_fuzzer-5707525924323328 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Gautam Ramakrishnan authored
Bug #8255 points out a double free error in libwscale/utils.c file. The double free is because the pointer to cascaded_context of an sw_context is not set to NULL after freeing it. When the sw_context is later freed, sws_freeContext is called on the cascaded_context, causing a double free. Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: Timeout (270sec -> 25ms) Fixes: 20485/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AGM_fuzzer-5636954207289344 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegReviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: division by zero Fixes: 20436/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5763229752229888 Fixes: 20503/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-4841641154445312 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegReviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array read Fixes: 20495/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVHA_fuzzer-5711179129552896 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegReviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array read Fixes: 20494/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVDV_fuzzer-5681452423577600 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegReviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Andreas Rheinhardt authored
ff_cbs_insert_unit_data() has two modes of operation: It can insert a unit with a newly created reference to an already existing AVBuffer; or it can take a buffer and create an AVBuffer for it. Said buffer will then become owned by the unit lateron. A potential memleak/double-free exists in the second case, because if creating the AVBuffer fails, the function immediately returns, but when it fails lateron, the supplied buffer will be freed. The caller has no way to distinguish between these two outcomes. The only such caller (cbs_jpeg_split_fragment() in cbs_jpeg.c) opted for a potential double-free. This commit changes this by explicitly stating that a non-refcounted buffer will be freed on error. The aforementioned caller has been brought in line with this. Fixes CID 1452623. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Mark Thompson authored
-
Mark Thompson authored
Fixes CID 1452400, 1452416, 1452550, 1452590, 1452760.
-
Mark Thompson authored
Fixes CID 1452753.
-
Mark Thompson authored
Fixes CID 1413024.
-
Mark Thompson authored
Fixes CID 1442564.
-
Mark Thompson authored
Fixes CID 1452433.
-
Mark Thompson authored
-
Marton Balint authored
Fixes ticket #5398. Signed-off-by: Marton Balint <cus@passwd.hu>
-
Marton Balint authored
To make behavior the same as non-win32 code when the standard error is redirected. Also restructure the code a bit. Signed-off-by: Marton Balint <cus@passwd.hu>
-
Marton Balint authored
A redirected stderr can still have a valid handle. Signed-off-by: Marton Balint <cus@passwd.hu>
-
Marton Balint authored
Signed-off-by: Marton Balint <cus@passwd.hu>
-
Marton Balint authored
Deprecated for more than 9 years now. Signed-off-by: Marton Balint <cus@passwd.hu>
-
Sitan Liu authored
-
Sitan Liu authored
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Paul B Mahol authored
-