- 29 Jul, 2017 3 commits
-
-
Michael Niedermayer authored
Fixes: out of array accesses Found-by: JunDong Xie of Ant-financial Light-Year Security Lab Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: out of array accesses Fixes: crash-9238fa9e8d4fde3beda1f279626f53812cb001cb-SEGV Found-by: JunDong Xie of Ant-financial Light-Year Security Lab Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Kaustubh Raste authored
Signed-off-by: Kaustubh Raste <kaustubh.raste@imgtec.com> Reviewed-by: Manojkumar Bhosale <Manojkumar.Bhosale@imgtec.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
- 28 Jul, 2017 2 commits
-
-
Michael Niedermayer authored
Fixes: runtime error: signed integer overflow: 1073741823 * 4 cannot be represented in type 'int' Fixes: 2729/clusterfuzz-testcase-minimized-5902915464069120 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes multiple integer overflows Fixes: runtime error: signed integer overflow: 1 + 2147483647 cannot be represented in type 'int' Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegReviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
- 27 Jul, 2017 6 commits
-
-
Wan-Teh Chang authored
The patch does not fix the tsan warning it was intended to fix. Reverting the patch moves the av_log() back to the outside of the lock. Signed-off-by: Wan-Teh Chang <wtc@google.com> Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
-
Wan-Teh Chang authored
default_ref[] is unconditionally initialized in h264_initialise_ref_list() (called from ff_h264_build_ref_list(), called from h264_slice_init()). This fixes the following tsan warning when running fate-h264: WARNING: ThreadSanitizer: data race (pid=31070) Write of size 8 at 0x7bbc000082a8 by thread T1 (mutexes: write M1628): #0 memcpy /work/release-test/final/llvm.src/projects/compiler-rt/lib/tsan/../sanitizer_common/sanitizer_common_interceptors.inc:655:5 (ffmpeg+0x10de9d) #1 h264_initialise_ref_list ffmpeg/libavcodec/h264_refs.c:214:29 (ffmpeg+0x1186b3f) #2 ff_h264_build_ref_list ffmpeg/libavcodec/h264_refs.c:306 (ffmpeg+0x1186b3f) #3 h264_slice_init ffmpeg/libavcodec/h264_slice.c:1900:11 (ffmpeg+0x1191149) [..] Previous read of size 8 at 0x7bbc000082a8 by main thread (mutexes: write M1630): #0 memcpy /work/release-test/final/llvm.src/projects/compiler-rt/lib/tsan/../sanitizer_common/sanitizer_common_interceptors.inc:655:5 (ffmpeg+0x10de9d) #1 ff_h264_update_thread_context ffmpeg/libavcodec/h264_slice.c:411:5 (ffmpeg+0x118b7dc) Signed-off-by: Wan-Teh Chang <wtc@google.com> Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
-
James Almer authored
-
Paul B Mahol authored
Signed-off-by: Paul B Mahol <onemda@gmail.com>
-
Tobias Rapp authored
Signed-off-by: Tobias Rapp <t.rapp@noa-archive.com>
-
Michael Niedermayer authored
Fixes: out of array access Fixes: poc.dnxhd Found-by: Bingchang, Liu@VARAS of IIE Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
- 26 Jul, 2017 12 commits
-
-
Rostislav Pehlivanov authored
Fixes CID1412026. Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
-
Michael Niedermayer authored
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
foo86 authored
Use integer position instead of pointer for loop variable. Also only skip header fields after header has been fully validated.
-
foo86 authored
Avoid undefined behavior in skip_input() by checking that enough data is available before incrementing input pointer. Check return values of parse_key() and skip_input() and exit early with error if there is not enough data.
-
foo86 authored
-
foo86 authored
-
Clément Bœsch authored
-
Michael Niedermayer authored
Fixes: 2707/clusterfuzz-testcase-minimized-5179636394754048 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: runtime error: signed integer overflow: -2147483647 - 2 cannot be represented in type 'int' Fixes: 2702/clusterfuzz-testcase-minimized-4511932591636480 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
James Almer authored
Export the raw data as ICC Profile frame side data. Reviwed-by: Rostislav Pehlivanov <atomnuker@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
James Almer authored
Print the name metadata entry and the buffer size. Reviwed-by: Rostislav Pehlivanov <atomnuker@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
James Almer authored
Reviwed-by: Rostislav Pehlivanov <atomnuker@gmail.com> Signed-off-by: James Almer <jamrial@gmail.com>
-
- 25 Jul, 2017 9 commits
-
-
Muhammad Faiz authored
old: 165188 decicycles in rdft, 65536 runs, 0 skips 165865 decicycles in irdft, 65536 runs, 0 skips new: 142487 decicycles in rdft, 65536 runs, 0 skips 141498 decicycles in irdft, 65536 runs, 0 skips Signed-off-by: Muhammad Faiz <mfcc64@gmail.com>
-
Michael Niedermayer authored
Fixes: double free Fixes: clusterfuzz-testcase-minimized-5080550145785856 Found-by: ClusterFuzz Reviewed-by: Nicolas George <george@nsup.org> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Kaustubh Raste authored
Removed memset call and improved performance. Signed-off-by: Kaustubh Raste <kaustubh.raste@imgtec.com> Reviewed-by: Manojkumar Bhosale <Manojkumar.Bhosale@imgtec.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Rostislav Pehlivanov authored
Equivalent. Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
-
Rostislav Pehlivanov authored
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
-
Rostislav Pehlivanov authored
Many image formats support embedding of ICC profiles directly in their bitstreams. Add a new side data type to allow exposing them to API users. Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
-
Nicolas George authored
-
James Almer authored
-
Steven Liu authored
get key file only once time is ok, no need more times. Ticket-id: #6545 Found-by: JohnPi Signed-off-by: Steven Liu <lq@onvideo.cn>
-
- 24 Jul, 2017 7 commits
-
-
Michael Niedermayer authored
Fixes: runtime error: shift exponent 32 is too large for 32-bit type 'unsigned int' Fixes: 2698/clusterfuzz-testcase-minimized-4713541443518464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: avcodec/aacps.c:511:40: runtime error: signed integer overflow: 1509077651 + 758068176 cannot be represented in type 'int' Fixes: 2678/clusterfuzz-testcase-minimized-4702787684270080 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Clément Bœsch authored
See https://github.com/gopro/gpmf-parser for more information on the data stream itself.
-
Steven Liu authored
ticket-id: #6541 when use hls fmp4 muxer, the extention name is not .m4s, this code can fix it. Found-by: JohnPi Signed-off-by: Steven Liu <lq@onvideo.cn>
-
Michael Niedermayer authored
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: 2699/clusterfuzz-testcase-minimized-5631303862976512 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
Michael Niedermayer authored
Fixes: runtime error: shift exponent 64 is too large for 64-bit type 'residual' (aka 'unsigned long') Fixes: 2674/clusterfuzz-testcase-minimized-4999700518273024 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
- 23 Jul, 2017 1 commit
-
-
Muhammad Faiz authored
That line has been written by previous job. Fix tsan warning. Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Muhammad Faiz <mfcc64@gmail.com>
-