summaryrefslogtreecommitdiff
path: root/libavcodec/mpeg4videodec.c
Commit message (Collapse)AuthorAge
* avcodec/mpeg4videodec: Fix overflow in virtual_ref computationMichael Niedermayer2017-06-21
| | | | | | | | Fixes: runtime error: signed integer overflow: 262144 * -16120 cannot be represented in type 'int' Fixes: 2292/clusterfuzz-testcase-minimized-6156080415506432 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Check sprite delta upshift against overflowing.Michael Niedermayer2017-06-15
| | | | | | | | Fixes: runtime error: signed integer overflow: -268386304 * 16 cannot be represented in type 'int' Fixes: 2204/clusterfuzz-testcase-minimized-5616756909408256 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Fix integer overflow in num_sprite_warping_points=2 caseMichael Niedermayer2017-06-15
| | | | | | | | Fixes: runtime error: signed integer overflow: 131072 + 2147352576 cannot be represented in type 'int' Fixes: 2192/clusterfuzz-testcase-minimized-5370387988742144 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Fix runtime error: signed integer overflow: 53098 * ↵Michael Niedermayer2017-06-06
| | | | | | | | | 40448 cannot be represented in type 'int' Fixes: 2106/clusterfuzz-testcase-minimized-6136503639998464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Check for multiple VOL headersMichael Niedermayer2017-05-21
| | | | | | | | | | Fixes multiple: runtime error: signed integer overflow: 2147115008 + 413696 cannot be represented in type 'int' Fixes: 1723/clusterfuzz-testcase-minimized-5309409372667904 Fixes: 1727/clusterfuzz-testcase-minimized-5900685306494976 Fixes: 1737/clusterfuzz-testcase-minimized-5922321338466304 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Clear sprite wraping on unsupported cases in VOP decodeMichael Niedermayer2017-05-14
| | | | | | | | Fixes: Integer overflow Fixes: 1572/clusterfuzz-testcase-minimized-4578773729017856 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* libavcodec/mpeg4videodec: Convert sprite_offset to 64bitMichael Niedermayer2017-05-04
| | | | | | | | | | This avoids intermediates from overflowing (the final values are checked) Fixes: runtime error: signed integer overflow: -167712 + -2147352576 cannot be represented in type 'int' Fixes: 1298/clusterfuzz-testcase-minimized-5955580877340672 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Fix runtime error: signed integer overflow: ↵Michael Niedermayer2017-03-09
| | | | | | | | | -135088512 * 16 cannot be represented in type 'int' Fixes: 736/clusterfuzz-testcase-5580263943831552 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Fix runtime error: signed integer overflow: 134527392 ↵Michael Niedermayer2017-03-05
| | | | | | | | | | * 16 cannot be represented in type 'int' This checks the sprite delta intermediates for overflow Fixes: 716/clusterfuzz-testcase-4890287480504320 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Improve the overflow checks in ↵Michael Niedermayer2017-03-04
| | | | | | | | | | | mpeg4_decode_sprite_trajectory() Also clear the state on errors Fixes integer overflows in 701/clusterfuzz-testcase-6594719951880192 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Fix runtime error: left shift of negative value -2650Michael Niedermayer2017-02-28
| | | | | | | Fixes: 674/clusterfuzz-testcase-6713275880308736 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Check the other 3 sprite points for intermediate ↵Michael Niedermayer2017-02-24
| | | | | | | | | | | | | overflows This is not necessarily specific to fuzzed files Fixes: Multiple integer overflows Fixes: 656/clusterfuzz-testcase-6463814516080640 Fixes: 658/clusterfuzz-testcase-6691260146384896 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Check sprite_offset in addition to shiftsMichael Niedermayer2017-02-22
| | | | | | | Fixes: 651/clusterfuzz-testcase-5710668915277824 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4video: Fix runtime error: left shift of negative valueMichael Niedermayer2017-02-22
| | | | | | Fixes: 644/clusterfuzz-testcase-4726434209726464 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Fix runtime error: shift exponent -2 is negativeMichael Niedermayer2017-02-19
| | | | | | | Fixes: 612/clusterfuzz-testcase-4707817137111040 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec: Add FF_CODEC_CAP_SKIP_FRAME_FILL_PARAM to most h263 based codecsMichael Niedermayer2017-01-21
| | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Fix undefined shifts in mpeg4_decode_sprite_trajectory()Michael Niedermayer2016-12-09
| | | | | | | Fixes: part of 670190.ogg Found-by: Matt Wolenetz <wolenetz@google.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* avcodec/mpeg4videodec: Workaround interlaced mpeg4 edge MC bugMichael Niedermayer2016-11-17
| | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* lavc/get_bits: add a logging context to check_marker()Clément Bœsch2016-06-22
| | | | Based on d338abb664febbc2c7266af7818aab1f12dbc161
* Merge commit '41ed7ab45fc693f7d7fc35664c0233f4c32d69bb'Clément Bœsch2016-06-21
|\ | | | | | | | | | | | | * commit '41ed7ab45fc693f7d7fc35664c0233f4c32d69bb': cosmetics: Fix spelling mistakes Merged-by: Clément Bœsch <u@pkh.me>
| * cosmetics: Fix spelling mistakesVittorio Giovara2016-05-04
| | | | | | | | Signed-off-by: Diego Biurrun <diego@biurrun.de>
* | avcodec/mpeg4videodec: Fix default low_delay flag value if not codedMichael Niedermayer2016-06-05
| | | | | | | | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | avcodec/mpeg4videodec: Print low_delay value with -debug 1 in ↵Michael Niedermayer2016-06-05
| | | | | | | | | | | | decode_vol_header() Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | mpeg4videodec: silence ubsan warningAndreas Cadhalpun2016-01-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | s->ac_val[0][0] is of type 'int16_t [16]', but points into a larger buffer. Here it is used as base pointer to find the correct position in the larger buffer by adding 's->block_index[n] * 16' and thus as 'int16_t *'. This fixes clang's ubsan runtime error: index out of bounds for type 'int16_t [16]' Fixes: test_case.mp4 Found-by: Tyson Smith <twsmith@mozilla.com> Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
* | Merge commit '2c6811397bdf13d43ca206e48d6d6da9c2cd47c6'Hendrik Leppkes2016-01-01
|\| | | | | | | | | | | | | * commit '2c6811397bdf13d43ca206e48d6d6da9c2cd47c6': lavc: add profiles to AVCodecDescriptor Merged-by: Hendrik Leppkes <h.leppkes@gmail.com>
| * lavc: add profiles to AVCodecDescriptorAnton Khirnov2015-12-12
| | | | | | | | | | The profiles are a property of the codec, so it makes sense to export them through AVCodecDescriptors, not just the codec implementations.
| * lavc: Consistently prefix input buffer definesVittorio Giovara2015-07-27
| | | | | | | | Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
* | avcodec/mpeg4videodec: also for empty partitioned slicesMichael Niedermayer2015-12-19
| | | | | | | | | | | | | | | | Fixes assertion failure Fixes: id_acf3e47f864e1ee4c7b86c0653e0ff31e5bde56e.m4v Found-by: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | avcodec: use AV_OPT_TYPE_BOOL in a bunch of placesClément Bœsch2015-12-04
| |
* | avcodec/mpeg4videodec: Check available data before reading custom matrixMichael Niedermayer2015-11-29
| | | | | | | | | | | | | | | | Fixes: out of array read Fixes: 76c515fc3779d1b838667c61ea13ce92/asan_heap-oob_1fc0d07_8913_794a4629a264ebdb25b58d3a94ed1785.bit Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | avcodec: use HAVE_THREADS header guards to silence -Wunused-functionGanesh Ajjanagadde2015-10-04
| | | | | | | | | | | | | | | | | | | | When compiled with --disable-pthreads, e.g http://fate.ffmpeg.org/report.cgi?time=20150917015044&slot=alpha-debian-qemu-gcc-4.7, a bunch of -Wunused-functions are reported due to missing header guards around threading related functions. This patch should silence such warnings. Signed-off-by: Ganesh Ajjanagadde <gajjanagadde@gmail.com>
* | lavc: move vdpau decoders under FF_API_VDPAU.wm42015-08-18
| | | | | | | | Signed-off-by: Ronald S. Bultje <rsbultje@gmail.com>
* | mpeg4video: use ff_dlog instead of av_log under debug&FF_DEBUG_PTS.Ronald S. Bultje2015-08-18
| | | | | | | | This fixes compilation with FF_API_UNUSED_MEMBERS=0.
* | FF_OPT_TYPE_* -> AV_OPT_TYPE_*.Ronald S. Bultje2015-08-18
| |
* | Merge commit 'def97856de6021965db86c25a732d78689bd6bb0'Michael Niedermayer2015-07-27
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit 'def97856de6021965db86c25a732d78689bd6bb0': lavc: AV-prefix all codec capabilities Conflicts: cmdutils.c ffmpeg.c ffplay.c libavcodec/8svx.c libavcodec/aacenc.c libavcodec/ac3dec.c libavcodec/adpcm.c libavcodec/alac.c libavcodec/atrac3plusdec.c libavcodec/bink.c libavcodec/dnxhddec.c libavcodec/dvdec.c libavcodec/dvenc.c libavcodec/ffv1dec.c libavcodec/ffv1enc.c libavcodec/fic.c libavcodec/flacdec.c libavcodec/flacenc.c libavcodec/flvdec.c libavcodec/fraps.c libavcodec/frwu.c libavcodec/gifdec.c libavcodec/h261dec.c libavcodec/hevc.c libavcodec/iff.c libavcodec/imc.c libavcodec/libopenjpegdec.c libavcodec/libvo-aacenc.c libavcodec/libvorbisenc.c libavcodec/libvpxdec.c libavcodec/libvpxenc.c libavcodec/libx264.c libavcodec/mjpegbdec.c libavcodec/mjpegdec.c libavcodec/mpegaudiodec_float.c libavcodec/msmpeg4dec.c libavcodec/mxpegdec.c libavcodec/nvenc_h264.c libavcodec/nvenc_hevc.c libavcodec/pngdec.c libavcodec/qpeg.c libavcodec/ra288.c libavcodec/rv10.c libavcodec/s302m.c libavcodec/sp5xdec.c libavcodec/takdec.c libavcodec/tiff.c libavcodec/tta.c libavcodec/utils.c libavcodec/v210dec.c libavcodec/vp6.c libavcodec/vp9.c libavcodec/wavpack.c libavcodec/yop.c Merged-by: Michael Niedermayer <michael@niedermayer.cc>
| * lavc: AV-prefix all codec capabilitiesVittorio Giovara2015-07-27
| | | | | | | | | | | | Express bitfields more simply. Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
* | Merge commit '7c6eb0a1b7bf1aac7f033a7ec6d8cacc3b5c2615'Michael Niedermayer2015-07-27
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '7c6eb0a1b7bf1aac7f033a7ec6d8cacc3b5c2615': lavc: AV-prefix all codec flags Conflicts: doc/examples/muxing.c ffmpeg.c ffmpeg_opt.c ffplay.c libavcodec/aacdec.c libavcodec/aacenc.c libavcodec/ac3dec.c libavcodec/ac3enc_float.c libavcodec/atrac1.c libavcodec/atrac3.c libavcodec/atrac3plusdec.c libavcodec/dcadec.c libavcodec/ffv1enc.c libavcodec/h264.c libavcodec/h264_loopfilter.c libavcodec/h264_mb.c libavcodec/imc.c libavcodec/libmp3lame.c libavcodec/libtheoraenc.c libavcodec/libtwolame.c libavcodec/libvpxenc.c libavcodec/libxavs.c libavcodec/libxvid.c libavcodec/mpeg12dec.c libavcodec/mpeg12enc.c libavcodec/mpegaudiodec_template.c libavcodec/mpegvideo.c libavcodec/mpegvideo_enc.c libavcodec/mpegvideo_motion.c libavcodec/nellymoserdec.c libavcodec/nellymoserenc.c libavcodec/nvenc.c libavcodec/on2avc.c libavcodec/options_table.h libavcodec/opus_celt.c libavcodec/pngenc.c libavcodec/ra288.c libavcodec/ratecontrol.c libavcodec/twinvq.c libavcodec/vc1_block.c libavcodec/vc1_loopfilter.c libavcodec/vc1_mc.c libavcodec/vc1dec.c libavcodec/vorbisdec.c libavcodec/vp3.c libavcodec/wma.c libavcodec/wmaprodec.c libavcodec/x86/hpeldsp_init.c libavcodec/x86/me_cmp_init.c Merged-by: Michael Niedermayer <michael@niedermayer.cc>
| * lavc: AV-prefix all codec flagsVittorio Giovara2015-07-27
| | | | | | | | | | | | Convert doxygen to multiline and express bitfields more simply. Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
* | avcodec/mpeg4videodec: Clarify the mpeg4_unpack_bframes reference.Michael Niedermayer2015-07-15
| | | | | | | | | | | | This should avoid misunderstandings like in Ticket4618 Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | avcodec/mpeg4videodec: Check P cbpyMichael Niedermayer2015-07-11
| | | | | | | | | | | | | | | | Fixes undefined behavior Fixes: signal_sigsegv_c3097a_991_xtrem_e2_m64q15_a32sxx.3gp Found-by: Samuel Groß, Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* | avcodec/mpeg4videodec: Mark static table as constMichael Niedermayer2015-06-11
| | | | | | | | Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* | Merge commit '378a00087fdadcc9b34165c05cd10a1a15f3fe61'Michael Niedermayer2015-06-01
|\| | | | | | | | | | | | | * commit '378a00087fdadcc9b34165c05cd10a1a15f3fe61': mpegvideo: Move tables to a separate file Merged-by: Michael Niedermayer <michaelni@gmx.at>
| * mpegvideo: Move tables to a separate fileVittorio Giovara2015-05-31
| |
* | avcodec/mpegvideo: Reset bitstream_buffer_size on allocation failureMichael Niedermayer2015-05-29
| | | | | | | | Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* | Merge commit '6f57375d707de40dcec28d3cef886c364e032c21'Michael Niedermayer2015-05-28
|\| | | | | | | | | | | | | | | | | | | | | | | * commit '6f57375d707de40dcec28d3cef886c364e032c21': rl: Rename ff_*_rl() to ff_rl_*() Conflicts: libavcodec/mpeg4videodec.c libavcodec/rl.c libavcodec/rl.h Merged-by: Michael Niedermayer <michaelni@gmx.at>
| * rl: Rename ff_*_rl() to ff_rl_*()Anton Khirnov2015-05-28
| |
* | Merge commit '9c1db92ad372d4cd69e0490e691c56e4097cb193'Michael Niedermayer2015-05-22
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '9c1db92ad372d4cd69e0490e691c56e4097cb193': mpegvideo: Drop err_recognition Conflicts: libavcodec/h263dec.c libavcodec/ituh263dec.c libavcodec/mpeg4video.h libavcodec/mpeg4videodec.c libavcodec/msmpeg4dec.c Merged-by: Michael Niedermayer <michaelni@gmx.at>
| * mpegvideo: Drop err_recognitionVittorio Giovara2015-05-22
| | | | | | | | It is just a duplicate of an AVCodecContext member so use it instead.
* | Merge commit '848e86f74d3e6e87fa592ee8ba8c184cc5fd9a42'Michael Niedermayer2015-05-22
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '848e86f74d3e6e87fa592ee8ba8c184cc5fd9a42': mpegvideo: Drop flags and flags2 Conflicts: libavcodec/mpeg12dec.c libavcodec/mpeg12enc.c libavcodec/mpegvideo.c libavcodec/mpegvideo_enc.c libavcodec/mpegvideo_motion.c libavcodec/ratecontrol.c libavcodec/vc1_block.c libavcodec/vc1_loopfilter.c libavcodec/vc1_mc.c libavcodec/vc1dec.c Merged-by: Michael Niedermayer <michaelni@gmx.at>
| * mpegvideo: Drop flags and flags2Vittorio Giovara2015-05-22
| | | | | | | | They are just duplicates of AVCodecContext members so use those instead.
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-25 04:18:15 +0000