- 22 Oct, 2019 4 commits
-
-
Andreas Rheinhardt authored
Contains renaming of variables (e.g. mkv_write_cues() contained variables called tracknum that actually contain the index of a track in s->streams and not the track number (which can differ in case an explicit dash track number is set)). Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
Andreas Rheinhardt authored
mkv_start_new_cluster() actually didn't start a new cluster, but ended the old one instead and emitted a debug message that it had started a new cluster. This has been changed: The debug message has been moved to the place that really starts a new cluster and the function has been renamed to mkv_end_cluster(). Furthermore, without this debug message the function can be used for flushing. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
Andreas Rheinhardt authored
The Matroska muxer groups index entries with the same pts together in order to save a few bytes. Because of Matroska's variable-length length fields, mkv_write_cues() does this by first finding out how many index entries will be grouped together before actually writing them. Currently, it is asserted at both of these stages that the stream index of the list of designated index entries is valid. But the second assert is redundant, because the very same index entries have already been checked. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
Andreas Rheinhardt authored
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
- 21 Oct, 2019 21 commits
-
-
Andreas Rheinhardt authored
instead of replicating its behaviour. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
Andreas Rheinhardt authored
The Matroska muxer up until now leaked memory in two scenarios: 1. If an error happened during writing the trailer, as mkv_write_trailer() returned early without cleaning up. 2. If mkv_write_header() indicated success despite an error in the underlying AVIOContext. In this case avformat_write_header() returned the IO error and according to the API the caller is not allowed to call av_write_trailer(), so that no cleanup happened for the allocations made in mkv_write_header(). This has been fixed by using a dedicated deinit function. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
Limin Wang authored
Signed-off-by: Limin Wang <lance.lmwang@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: null pointer dereference Fixes: 18341/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ATRAC9_fuzzer-5681203490848768 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegReviewed-by: Lynne <dev@lynne.ee> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Limin Wang authored
Signed-off-by: Limin Wang <lance.lmwang@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Limin Wang authored
Signed-off-by: Limin Wang <lance.lmwang@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
James Almer authored
If the trailer is never writen, there could be buffered pages that would leak. Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
James Almer authored
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
James Almer authored
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
James Almer authored
Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
James Almer authored
Fixes ticket #8302 Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
James Almer authored
Despite the doxy stating that it's called when the muxer is destroyed, this was not true in practice. It's only called by av_write_trailer() and on init() failure. An AVFormatContext may be closed without writing the trailer if errors ocurred while muxing packets, so in order to prevent memory leaks, it should effectively be called when freeing the muxer. Signed-off-by: James Almer <jamrial@gmail.com>
-
James Almer authored
Signed-off-by: James Almer <jamrial@gmail.com>
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Paul B Mahol authored
Allocation of input frames is independent from allocation of new input pads.
-
Limin Wang authored
Signed-off-by: Limin Wang <lance.lmwang@gmail.com> Reviewed-by: Gyan Doshi <ffmpeg@gyani.pro>
-
Limin Wang authored
Reviewed-by: Moritz Barsnick <barsnick@gmx.net> Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
-
Paul B Mahol authored
Signed-off-by: Paul B Mahol <onemda@gmail.com>
-
Paul B Mahol authored
Instead of rounding toward zero and thus producing darker output.
-
Limin Wang authored
Reviewed-by: Moritz Barsnick <barsnick@gmx.net> Signed-off-by: Limin Wang <lance.lmwang@gmail.com>
-
- 20 Oct, 2019 15 commits
-
-
Michael Niedermayer authored
Fixes: Timeout (21sec -> 8sec) Fixes: 17832/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5737092172218368 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: signed integer overflow: -3 - 9223372036854775807 cannot be represented in type 'long' Fixes: 17828/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5645915116797952 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: Timeout (14sec - 120ms) Fixes: 17824/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AGM_fuzzer-5639825457152000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: Timeout (19sec -> 44ms) Fixes: 17816/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PTX_fuzzer-5704459950227456 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: signed integer overflow: 2147483628 + 128 cannot be represented in type 'int' Fixes: 17783/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5146470595952640 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: signed integer overflow: -2147481503 + -32732 cannot be represented in type 'int' Fixes: 17782/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SMACKAUD_fuzzer-5769672225456128 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: Timeout (15sec -> 72ms) Fixes: 17774/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALIAS_PIX_fuzzer-5193929107963904 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: signed integer overflow: -1795675744 + -1926578528 cannot be represented in type 'int' Fixes: 17741/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFWAVESYNTH_fuzzer-5131336402075648 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: signed integer overflow: 62220 * 262144 cannot be represented in type 'int' Fixes: 17145/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5667394743173120 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: TImeout (20sec -> 4sec) Fixes: 17735/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DXV_fuzzer-5723368317255680 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: NULL pointer dereference Fixes: 18331/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMALOSSLESS_fuzzer-5652847445671936 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegReviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Paul B Mahol authored
Fixes #8313
-
Paul B Mahol authored
-
Paul B Mahol authored
-
James Almer authored
avformat_free_context() expects AVFormatContext->internal to not be NULL. Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-