- 19 Dec, 2014 1 commit
-
-
Michael Niedermayer authored
Fixes invalid writes with very small image heights. CC: libav-stable@libav.org Bug-ID: CVE-2014-8547 Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Anton Khirnov <anton@khirnov.net>
-
- 03 Oct, 2014 1 commit
-
-
Michael Niedermayer authored
also change it to a loop Fixes out of array access Fixes: asan_heap-oob_ca5410_8_asan_heap-oob_ca5410_97_ID_LSD_Size_Less_Then_Data_Inter_3.gif Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michaelni@gmx.at>
-
- 18 Aug, 2014 1 commit
-
-
Christophe Gisquet authored
Some files seem to have an off-by-one error. In most cases, it appears to be on the image width. Therefore, if the decoded image doesn't fit in the screen: - If it is wider than the screen (and the lzw decoding buffer), reject it; - Otherwise, decode the indicated amount, but only write a truncated amount to the screen. Fixes ticket #3538. Signed-off-by:
Michael Niedermayer <michaelni@gmx.at>
-
- 17 Dec, 2013 1 commit
-
-
Michael Niedermayer authored
Fixes use of uninitialized memory Fixes: msan_uninit-mem_7f084c646637_9261_top_title_green_frog.gif Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michaelni@gmx.at>
-
- 22 Nov, 2013 1 commit
-
-
Michael Niedermayer authored
Signed-off-by:
Michael Niedermayer <michaelni@gmx.at>
-
- 21 Nov, 2013 2 commits
-
-
Anton Khirnov authored
-
Anton Khirnov authored
Also add an error message an return a more suitable error code (INVALIDDATA, not EINVAL); Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind CC:libav-stable@libav.org
-
- 31 Oct, 2013 1 commit
-
-
Anton Khirnov authored
-
- 03 Oct, 2013 1 commit
-
-
Diego Biurrun authored
-
- 15 May, 2013 1 commit
-
-
Diego Biurrun authored
-
- 07 May, 2013 1 commit
-
-
Michael Niedermayer authored
This fixes out of array accesses. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michaelni@gmx.at>
-
- 25 Mar, 2013 1 commit
-
-
Michael Niedermayer authored
It appears gcc forgets to increment the byte stream pointer at -O3 I was not able to spot a reason/excuse for it to do that. It also disappears if the function isnt inlined. This should fix the gif fate failures on open & free bsd See: [FFmpeg-devel] [PATCH] gifdec: workaround old gcc 4.2 mis-compiling code Signed-off-by:
Michael Niedermayer <michaelni@gmx.at>
-
- 13 Mar, 2013 1 commit
-
-
Clément Bœsch authored
Coccinelle profile used: @@ expression r, ctx, f, loglevel, str, flags; @@ -if ((r = ff_get_buffer(ctx, f, flags)) < 0) { - av_log(ctx, loglevel, str); - return r; -} +if ((r = ff_get_buffer(ctx, f, flags)) < 0) + return r; @@ expression r, ctx, f, loglevel, str; @@ -if ((r = ff_reget_buffer(ctx, f)) < 0) { - av_log(ctx, loglevel, str); - return r; -} +if ((r = ff_reget_buffer(ctx, f)) < 0) + return r; @@ expression r, ctx, f, loglevel, str, flags; @@ -if ((r = ff_thread_get_buffer(ctx, f, flags)) < 0) { - av_log(ctx, loglevel, str); - return r; -} +if ((r = ff_thread_get_buffer(ctx, f, flags)) < 0) + return r; ...along with some manual patches for the remaining ones.
-
- 08 Mar, 2013 1 commit
-
-
Anton Khirnov authored
-
- 01 Mar, 2013 1 commit
-
-
Michael Niedermayer authored
Signed-off-by:
Michael Niedermayer <michaelni@gmx.at>
-
- 25 Jan, 2013 6 commits
-
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
Paul B Mahol authored
Now allocation is done only if av_image_check_size() passes. Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
Michael Niedermayer authored
Fixes out of array access Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michaelni@gmx.at>
-
- 24 Jan, 2013 2 commits
-
-
Michael Niedermayer authored
Fixes out of array accesses Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michaelni@gmx.at>
-
Michael Niedermayer authored
Prevents inconsistent state and null pointer dereference Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by:
Michael Niedermayer <michaelni@gmx.at>
-
- 14 Jan, 2013 1 commit
-
-
Anton Khirnov authored
-
- 03 Jan, 2013 1 commit
-
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
- 30 Dec, 2012 1 commit
-
- 27 Dec, 2012 1 commit
-
-
Don Moir authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
- 21 Dec, 2012 2 commits
-
-
Carl Eugen Hoyos authored
It breaks some opaque samples. This reverts commit d4fdaafd.
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
- 20 Dec, 2012 3 commits
-
-
Carl Eugen Hoyos authored
This fixes the colour of the transparent background (as seen with ffplay), and makes the background of some non-keyframes transparent that was incorrectly shown as opaque for some samples.
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
- 08 Dec, 2012 1 commit
-
-
Paul B Mahol authored
While here remove ff_lzw_cur_ptr() as it become obsolete. Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
- 04 Dec, 2012 2 commits
-
-
Anton Khirnov authored
It's got_frame, not data size
-
Anton Khirnov authored
It will be useful in the upcoming transition to refcounted AVFrames.
-
- 02 Dec, 2012 1 commit
-
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
- 01 Dec, 2012 1 commit
-
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
- 30 Nov, 2012 3 commits
-
-
Paul B Mahol authored
Signed-off-by:
Paul B Mahol <onemda@gmail.com>
-
Vitaliy E Sugrobov authored
Share them with upcoming demuxer module. Signed-off-by:
Vitaliy E Sugrobov <vsugrob@hotmail.com>
-
Vitaliy E Sugrobov authored
Check for availability of some required amount of bytes in buffer before reading further. Signed-off-by:
Vitaliy E Sugrobov <vsugrob@hotmail.com>
-