- 06 Oct, 2021 13 commits
-
-
Michael Niedermayer authored
-
Michael Niedermayer authored
Reviewed-by:
Paul B Mahol <onemda@gmail.com> Signed-off-by:
Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit 06d67265 ) Signed-off-by:
-
Michael Niedermayer authored
Fixes: Fixes NULL pointer dereference Fixes: 36610/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-6052641783283712 Fixes: 37907/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-4725170850365440 Fixes: 37904/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-6367889262247936 Fixes: 38085/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MXPEG_fuzzer-5175270823297024 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: Timeout Fixes: 37795/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FLIC_fuzzer-4846536543043584 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: index 128 out of bounds for type 'uint16_t [128]' Fixes: 38651/clusterfuzz-testcase-minimized-ffmpeg_BSF_HEVC_METADATA_fuzzer-6296416058736640 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by:
James Almer <jamrial@gmail.com> Signed-off-by:
-
Michael Niedermayer authored
Fixes: invalid shift Fixes: 37018/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MPEG2VIDEO_fuzzer-5290280902328320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: error: 1.66789e+11 is outside the range of representable values of type 'int' Fixes: Ticket8201 Signed-off-by:
-
Michael Niedermayer authored
Fixes: signed integer overflow: 559334865 * 4 cannot be represented in type 'int' Fixes: 37929/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6751932295806976 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: signed integer overflow: -682581959642593728 * 16 cannot be represented in type 'long' Fixes: 37883/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-5311691517198336 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by:
Peter Ross <pross@xvid.org> Signed-off-by:
-
Michael Niedermayer authored
Fixes: runtime error: signed integer overflow: 65312 * 65535 cannot be represented in type 'int' Fixes: 32832/clusterfuzz-testcase-minimized-ffmpeg_dem_RM_fuzzer-4817710040088576 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: memleak Fixes: 35261/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-4869656287510528 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself Fixes: 34651/clusterfuzz-testcase-minimized-ffmpeg_dem_JACOSUB_fuzzer-5157941012463616 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: Out of array access Fixes: 37030/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5387719147651072 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by:
Tomas Härdin <tjoppen@acc.umu.se> Signed-off-by:
-
- 13 Sep, 2021 16 commits
-
-
Paul B Mahol authored
Fixes #8261 (cherry picked from commit 8c3166e1 ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8262 (cherry picked from commit 0749082e ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8236 (cherry picked from commit 1331e001 ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8275 (cherry picked from commit de598f82 ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8243 (cherry picked from commit 0e68e8c9 ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8276 (cherry picked from commit e1b89c76 ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8250 (cherry picked from commit a7fd1279 ) Signed-off-by:
-
Paul B Mahol authored
Monowhite pixel format is not supported, and it does not make sense to add support for it. Fixes #7989 (cherry picked from commit 5d9f44da ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8309 (cherry picked from commit d4d6b7b0 ) Signed-off-by:
-
Paul B Mahol authored
Also fix use of uninitialized values. Fixes #8239 (cherry picked from commit ce5274c1 ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8264 (cherry picked from commit 07050d7b ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8244 (cherry picked from commit 0b567238 ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8260 (cherry picked from commit ccf4ab8c ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8317 (cherry picked from commit 58bb9d3a ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8242 (cherry picked from commit e787f8fd ) Signed-off-by:
-
Paul B Mahol authored
Fixes #8274 (cherry picked from commit f069a9c2 ) Signed-off-by:
-
- 10 Sep, 2021 1 commit
-
-
Michael Niedermayer authored
The code this fixes is not in release/4.1 Found-by: <mkver> This reverts commit b81d1379.
-
- 09 Sep, 2021 10 commits
-
-
Michael Niedermayer authored
Signed-off-by: -
James Almer authored
In some extrme cases, like with adpcm_ms samples with an extremely high channel count, get_audio_frame_duration() may return a negative frame duration value. Don't propagate it, and instead return 0, signaling that a duration could not be determined. Fixes ticket #9312 Signed-off-by:
-
Michael Niedermayer authored
Fixes: Infinite loop Fixes: 36666/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5912760671141888 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by:
-
Michael Niedermayer authored
Fixes: signed integer overflow: 1683879955 - -466265224 cannot be represented in type 'int' Fixes: 37419/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APE_fuzzer-6074294407921664 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by:
-
Michael Niedermayer authored
Fixes: Timeout Fixes: 37035/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XPM_fuzzer-5142718576721920 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by:
-
Martin Storsjö authored
This fixes compilation with old mingw.org toolchains, which has got much fewer errno.h entries. Signed-off-by:
Martin Storsjö <martin@martin.st> (cherry picked from commit 6569e950 ) Signed-off-by:
-
Michael Niedermayer authored
Fixes: signed integer overflow: 1179337772 + 1392508928 cannot be represented in type 'int' Fixes: 34088/clusterfuzz-testcase-minimized-ffmpeg_dem_AVI_fuzzer-5846945303232512 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
Michael Niedermayer authored
Fixes: Timeout Fixes: 36262/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEGLS_fuzzer-4969052454912000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
maryam ebrahimzadeh authored
As the second argument for init_get_bits (buf) can be crafted, a return value check for this function call is necessary. 'buf' is part of 'AVPacket pkt'. replace init_get_bits with init_get_bits8. Signed-off-by:
-
Michael Niedermayer authored
Fixes: Timeout Fixes: 35401/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WEBP_fuzzer-5714401821851648 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by:
-
