- 09 Feb, 2020 23 commits
-
-
Michael Niedermayer authored
Fixes: out of array read Fixes: 20494/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVDV_fuzzer-5681452423577600 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegReviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Andreas Rheinhardt authored
ff_cbs_insert_unit_data() has two modes of operation: It can insert a unit with a newly created reference to an already existing AVBuffer; or it can take a buffer and create an AVBuffer for it. Said buffer will then become owned by the unit lateron. A potential memleak/double-free exists in the second case, because if creating the AVBuffer fails, the function immediately returns, but when it fails lateron, the supplied buffer will be freed. The caller has no way to distinguish between these two outcomes. The only such caller (cbs_jpeg_split_fragment() in cbs_jpeg.c) opted for a potential double-free. This commit changes this by explicitly stating that a non-refcounted buffer will be freed on error. The aforementioned caller has been brought in line with this. Fixes CID 1452623. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Mark Thompson authored
-
Mark Thompson authored
Fixes CID 1452400, 1452416, 1452550, 1452590, 1452760.
-
Mark Thompson authored
Fixes CID 1452753.
-
Mark Thompson authored
Fixes CID 1413024.
-
Mark Thompson authored
Fixes CID 1442564.
-
Mark Thompson authored
Fixes CID 1452433.
-
Mark Thompson authored
-
Marton Balint authored
Fixes ticket #5398. Signed-off-by: Marton Balint <cus@passwd.hu>
-
Marton Balint authored
To make behavior the same as non-win32 code when the standard error is redirected. Also restructure the code a bit. Signed-off-by: Marton Balint <cus@passwd.hu>
-
Marton Balint authored
A redirected stderr can still have a valid handle. Signed-off-by: Marton Balint <cus@passwd.hu>
-
Marton Balint authored
Signed-off-by: Marton Balint <cus@passwd.hu>
-
Marton Balint authored
Deprecated for more than 9 years now. Signed-off-by: Marton Balint <cus@passwd.hu>
-
Sitan Liu authored
-
Sitan Liu authored
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Paul B Mahol authored
-
- 08 Feb, 2020 10 commits
-
-
Lynne authored
-
Lynne authored
Not even FFTW's output is normalized. This should prevent at least some users from complaining that doing a forward transform followed by an inverse transform has a mismatching output to the original input.
-
Martin Storsjö authored
Signed-off-by: Martin Storsjö <martin@martin.st>
-
Paul B Mahol authored
-
Andreas Rheinhardt authored
apply_palette() would free an AVFrame given to it only via an AVFrame * (and not via AVFrame **) in three of its four exists (namely in the normal path and in two error paths). So upon error the caller has no way to know whether the frame has already been freed or not; load_apply_palette(), the only caller, opted to free the frame in this scenario. This commit changes this by making apply_palette not freeing the frame at all, which is left to load_apply_palette(). Fixes Coverity issue #1452434. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Jai Luthra authored
lsb bits may go beyond 25 bits, so to be safe use get_bits_long Signed-off-by: Jai Luthra <me@jailuthra.in> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Paul B Mahol authored
In case of undefined behaviour.
-
- 07 Feb, 2020 7 commits
-
-
Zane van Iperen authored
Signed-off-by: Zane van Iperen <zane@zanevaniperen.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Paul B Mahol authored
-
Anton Khirnov authored
Log the warning message once per encoder instance instead. Reviewed-by: Kieran Kunhya <kierank@obe.tv> Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: James Almer <jamrial@gmail.com>
-
Paul B Mahol authored
-
Paul B Mahol authored
-