- 07 Jan, 2012 1 commit
-
-
Janne Grunau authored
Fixes null pointer dereferences in fuzzed files found by Oana Stratulat. Signed-off-by: Janne Grunau <janne-libav@jannau.net>
-
- 06 Jan, 2012 10 commits
-
-
Michael Niedermayer authored
Bug found by: Oana Stratulat Signed-off-by: Janne Grunau <janne-libav@jannau.net>
-
Janne Grunau authored
Prevents division by zero.
-
Laurentiu Ion authored
Prevent invalid reads using bytestream2 functions. Fixes bug #126. Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com>
-
Chris Evans authored
Fixes Bug: #190 Chromium Bug: #100543 Related to CVE-2011-3893 Signed-off-by: Reinhard Tartler <siretart@tauware.de>
-
Paul B Mahol authored
Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
-
Diego Biurrun authored
-
Diego Biurrun authored
Fixes --disable-everything --enable-decoder=h264 --disable-optimizations.
-
Justin Ruggles authored
-
Janne Grunau authored
The mpeg4 video, H264 and VC-1 parser hold (directly or indirectly) a MpegEncContext in their private context. Since they do not call the common mpegvideo init function slice_context_count has explicitly set to 1. Prevents a null pointer dereference in the h264 parser and fixes bug 193.
-
Anssi Hannula authored
Align IEC 61937 length_code for DTS-HD so that (length_code & 0xf) == 0x8. This is reportedly needed with some receivers. Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
-
- 05 Jan, 2012 21 commits
-
-
Janne Grunau authored
Prevents a division by zero.
-
Janne Grunau authored
Prevents null ptr derefence for negative sizes.
-
Martin Storsjö authored
The implicit network initialization is set to be removed in the future, but is kept for compatibility. By not doing the implicit initialization for non-network protocols, we avoid the warning about avformat_network_init() not being called for these, where it really doesn't make much sense. Signed-off-by: Martin Storsjö <martin@martin.st>
-
Martin Storsjö authored
This definition is in two files, since the definitions will move to the private header at the next bump. Signed-off-by: Martin Storsjö <martin@martin.st>
-
Janne Grunau authored
-
Chris Evans authored
matroskadec: Fix a bug where a pointer was cached to an array that might later move due to a realloc() Fixes bug #190 Chromium bug #100492 related to CVE-2011-3893 Signed-off-by: Reinhard Tartler <siretart@tauware.de>
-
Alex Converse authored
-
Alex Converse authored
-
Aneesh Dogra authored
4xm decoder while decoding i2 frames can overread the buffer if proper checks are not made. Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
-
Janne Grunau authored
Check explicitly if enough bits are left to prevent an infinite loop when the bitstream buffer is not followed by zero-padding. Based on patches by Michael Niedermayer <michaelni@gmx.at>.
-
Janne Grunau authored
-
Janne Grunau authored
Fixes a regression introduced in 8b94df0f.
-
Ronald S. Bultje authored
Also document the function somewhat.
-
Diego Biurrun authored
-
Anton Khirnov authored
-
Anton Khirnov authored
-
Oana Stratulat authored
This fixes an infinite loop in the decoder on specially crafted files, and fixes bug 151. Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
-
Ronald S. Bultje authored
This reverts commit 295a7c02. The patch breaks decoding of regular files (e.g. fate-4xm-2).
-
Aneesh Dogra authored
4xm decoder while decoding i2 frames can overread the buffer if proper checks are not made. Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
-
Aneesh Dogra authored
frame_size is the number of bytes left in the packet, so if we are passing buf-4 we can safely read frame_size+4 bytes. Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
-
Aneesh Dogra authored
The current code doesn't work unless width is an exact multiple of 16. Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
-
- 04 Jan, 2012 8 commits
-
-
Shitiz Garg authored
audio_subsegments would be 0 and cause floating point exceptions Fixes bugzilla #144 Signed-off-by: Justin Ruggles <justin.ruggles@gmail.com>
-
Janne Grunau authored
V4L2_FMT_FLAG_EMULATED was added in 2.6.32.
-
Anton Khirnov authored
-
Jean First authored
These can't be used uninitialized in practice, but the compiler doesn't realize it. Signed-off-by: Martin Storsjö <martin@martin.st>
-
Jean First authored
This one won't ever be used uninitialized in practice, but the compiler doesn't realize it. Signed-off-by: Martin Storsjö <martin@martin.st>
-
Ronald S. Bultje authored
-
Diego Biurrun authored
-
Diego Biurrun authored
This fixes compilation failures related to START_TIMER/STOP_TIMER macros and -Werror=declaration-after-statement. START_TIMER declares variables and thus may not be placed after statements outside of a new block.
-