Fixes: runtime error: shift exponent 66 is too large for 64-bit type 'long long'
Fixes: 3642/clusterfuzz-testcase-minimized-5443853801750528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 981e99ab99)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 3642/clusterfuzz-testcase-minimized-5443853801750528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7d1dec4668)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e34fe61bf4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: -503316480 + -2013265038 cannot be represented in type 'int'
Fixes: 3805/clusterfuzz-testcase-minimized-6578427831255040
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e131b8cedb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: left shift of 255 by 24 places cannot be represented in type 'int'
Fixes: 3787/clusterfuzz-testcase-minimized-5728764920070144
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 66f0c958bf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Avoid a use after free in avformat_find_stream_info.
(cherry picked from commit 9e4a5eb51b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: 924846844 + 1457520640 cannot be represented in type 'int'
Fixes: 3416/clusterfuzz-testcase-minimized-6125587682820096
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2b739e1cb8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: 623487 * 536870912 cannot be represented in type 'int'
Fixes: 3594/clusterfuzz-testcase-minimized-4650622935629824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 41d96af2a7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: -2110708110 + -82837504 cannot be represented in type 'int'
Fixes: 3547/clusterfuzz-testcase-minimized-6009386439802880
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0976752420)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: 1773/clusterfuzz-testcase-minimized-4832523987189760
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit fe533628b9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 431eccd61e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Code suggested by ubitux
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 617f0c65e1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Prevents out of array accesses. Adressess ticket #6873
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 9d464dc3fc)
This leads to signed integer overflow.
Signed-off-by: Dale Curtis <dalecurtis@chromium.org>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit c5fd57f483)
When a channel formula ends with a subtraction, the next formula will
otherwise have its first coefficient negated.
(cherry picked from commit 4f4e19914d)
It allows us to specify what kind of audio parameter changes are allowed.
Should fix ticket #6721.
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit d68a557df4)
Typically only a small subset of the SDL texture formats are supported directly
by the SDL renderer drivers, the rest is software emulated. It's better if
libswscale does the format conversion to a hardware-accelerated texture format
instead of SDL.
This should fix video render slowdowns with some texture formats after
3bd2228d05.
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit 415038f2bd)
Otherwise the frame size of the codec is not set in the buffersink.
Fixes ticket #6603 and the following simpler case:
ffmpeg -c aac -filter_complex "sine=d=0.1,asetnsamples=1025" out.aac
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit f4090940bd)
Since non-Haar wavelets need to look into pixels outside the frame, we
need to pad the buffer. The old factor of two seemed to be a workaround
that fact and only padded to the left and bottom. This correctly pads
by the slice size and as such reduces memory usage and potential
exploits.
Reported by Liu Bingchang.
Ideally, there should be no temporary buffer but the encoder is designed
to deinterleave the coefficients into the classical wavelet structure
with the lower frequency values in the top left corner.
Signed-off-by: Rostislav Pehlivanov <atomnuker@gmail.com>
(cherry picked from commit 3228ac730c)
This was missed in e754c8e8 / e2710e790c since those functions
weren't exercised by checkasm.
Fixes ticket #6766.
(cherry picked from commit f1fd12ef85)
Fixes: runtime error: signed integer overflow: 2 * -1094995530 cannot be represented in type 'int'
Fixes: 3512/clusterfuzz-testcase-minimized-4812747210489856
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 393d6fc739)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is required for FLV files, for which duration_pts comes out to be zero.
Signed-off-by: Sasi Inguva <isasi@google.com>
Reviewed-by: Thomas Mundt <tmundt75@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2b006ccf83)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
In the past XvMC forced simple_idct since
it was using FF_IDCT_PERM_NONE.
However now we have SIMD variants of simple_idct that
are using FF_IDCT_PERM_TRANSPOSE and if they are selected
XvMC would get coefficients in the wrong order.
The patch creates new FF_IDCT_NONE that
is used only for this kind of hardware decoding
and that fallbacks to the old C only simple idct.
Signed-off-by: Ivan Kalvachev <ikalvachev@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9054439bad)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Should prevent some options from being added to cflags when they
don't exist and the compiler only warns about it.
Reviewd-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit ad56e8057d)
The public functions av_alloc_vdpaucontext() and
av_vdpau_alloc_context() are allocating AVVDPAUContext
structure that is supposed to be placed in avctx->hwaccel_context.
However the rest of libavcodec/vdpau.c uses avctx->hwaccel_context
as struct VDPAUHWContext, that is bigger and does contain
AVVDPAUContext as first member.
The usage includes write to the new variables in the bigger stuct,
without checking for block size.
Fix by always allocating the bigger structure.
Signed-off-by: Ivan Kalvachev <ikalvachev@gmail.com>
(cherry picked from commit 3a6ded7cfc)
We are not using dynamic loading for libndi.
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit 58143b15ad)
Name suggestion was from Helmut K. C. Tessarek
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 07e7ebf52d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Michael Niedermayer
Luca Barbato
James Almer
Jacob Trimble
Dale Curtis
Michael Roitzsch
Steven Liu
Timo Rothenpieler
Marton Balint
Rostislav Pehlivanov
Martin Storsjö
Mark Thompson
Sasi Inguva
Ivan Kalvachev