summaryrefslogtreecommitdiff
path: root/libavcodec/mss12.c
Commit message (Collapse)AuthorAge
* avcodec/mss12: Don't apply non-zero offset to null pointerAndreas Rheinhardt2021-04-01
| | | | | | Affected the FATE tests mss2-wmv and mss1-pal. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
* avcodec/mss1: check for overread and forward errorsMichael Niedermayer2019-08-05
| | | | | | | | | Fixes: Timeout (106sec -> 14ms) Fixes: 15576/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MSS1_fuzzer-5688080461201408 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Reviewed-by: Paul B Mahol <onemda@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* Merge commit '15b4f494fc6bddb8178fdb5aed18b420efc75e22'James Almer2017-03-21
|\ | | | | | | | | | | | | * commit '15b4f494fc6bddb8178fdb5aed18b420efc75e22': mss*: Change type of array stride parameters to ptrdiff_t Merged-by: James Almer <jamrial@gmail.com>
| * mss*: Change type of array stride parameters to ptrdiff_tDiego Biurrun2016-09-29
| | | | | | | | ptrdiff_t is the correct type for array strides and similar.
| * mss12: validate display dimensionsAnton Khirnov2016-08-18
| | | | | | | | | | | | | | | | | | | | | | | | | | The code currently reads the coded dimensions from the extradata, but expects the display dimensions to be set by the caller, and does not check that they are compatible (i.e. that the displayed size is smaller than the coded size). Make sure that when the display dimensions are set, they are also valid. Fixes possible invalid memory access. CC: libav-stable@libav.org Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
* | mss2: Fix buffer overflow.Reimar Döffinger2016-02-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reported as https://trac.mplayerhq.hu/ticket/2264 but have not been able to reproduce with FFmpeg-only. I have no idea what coded_height is used for here exactly, so this might not be the best fix. Fixes the following chain of events: ff_mss12_decode_init sets coded_height while not setting height. ff_mpv_decode_init then copies coded_height into MpegEncContext height. This is then used by init_context_frame to allocate the data structures. However the wmv9rects are validated/initialized based on avctx->height, not avctx->coded_height. Thus the decode_wmv9 function will try to decode a larger video that we allocated data structures for, causing out-of-bounds writes. Signed-off-by: Reimar Döffinger <Reimar.Doeffinger@gmx.de>
* | avcodec/mss12: Use av_malloc_array()Michael Niedermayer2015-01-17
| | | | | | | | Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* | Merge commit 'cc8163e1a3601a56f722a4720516e860bf1c6198'Michael Niedermayer2014-03-22
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit 'cc8163e1a3601a56f722a4720516e860bf1c6198': avcodec: more correct printf specifiers Conflicts: libavcodec/4xm.c libavcodec/alsdec.c libavcodec/dfa.c libavcodec/h264_ps.c libavcodec/jpeg2000dec.c libavcodec/lagarith.c libavcodec/mpeg12dec.c libavcodec/rv10.c libavcodec/svq3.c libavcodec/wmaprodec.c libavcodec/xwddec.c Merged-by: Michael Niedermayer <michaelni@gmx.at>
| * avcodec: more correct printf specifiersDiego Biurrun2014-03-22
| |
* | ff_mss12_decode_init: check dimensionsMichael Niedermayer2013-01-24
| | | | | | | | | | | | | | Fixes assertion failure Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* | avoid "0xFF << 24" as it is considered a integer overflow in C99Michael Niedermayer2012-10-14
| | | | | | | | Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
* | Merge remote-tracking branch 'qatar/master'Michael Niedermayer2012-09-04
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * qatar/master: configure: add support for bdver1 and bdver2 CPU types. avio: make avio_close NULL the freed buffer pixdesc: cosmetics proresenc: Don't free a buffer not owned by the codec proresenc: Write the full value in one put_bits call adpcmenc: Calculate the IMA_QT predictor without overflow x86: Add convenience macros to check for CPU extensions and flags x86: h264dsp: drop some unnecessary ifdefs around prototype declarations mss12: merge decode_pixel() and decode_top_left_pixel() mss12: reduce SliceContext size from 1067 to 164 KB mss12: move SliceContexts out of the common context into the codec contexts Conflicts: libavformat/aviobuf.c Merged-by: Michael Niedermayer <michaelni@gmx.at>
| * mss12: merge decode_pixel() and decode_top_left_pixel()Alberto Delmás2012-09-03
| | | | | | | | | | | | No meaningful generated code differences using gcc -O3. Signed-off-by: Kostya Shishkov <kostya.shishkov@gmail.com>
| * mss12: reduce SliceContext size from 1067 to 164 KBAlberto Delmás2012-09-03
| | | | | | | | Signed-off-by: Kostya Shishkov <kostya.shishkov@gmail.com>
| * mss12: move SliceContexts out of the common context into the codec contextsAlberto Delmás2012-09-03
| | | | | | | | Signed-off-by: Kostya Shishkov <kostya.shishkov@gmail.com>
* | Merge remote-tracking branch 'qatar/master'Michael Niedermayer2012-08-31
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * qatar/master: MSS1 and MSS2: set final pixel format after common stuff has been initialised MSS2 decoder configure: handle --disable-asm before check_deps x86: Split inline and external assembly #ifdefs configure: x86: Separate inline from standalone assembler capabilities pktdumper: Use a custom define instead of PATH_MAX for buffers pktdumper: Use av_strlcpy instead of strncpy pktdumper: Use sizeof(variable) instead of the direct buffer length Conflicts: Changelog configure libavcodec/allcodecs.c libavcodec/avcodec.h libavcodec/codec_desc.c libavcodec/dct-test.c libavcodec/imgconvert.c libavcodec/mss12.c libavcodec/version.h libavfilter/x86/gradfun.c libswscale/x86/yuv2rgb.c Merged-by: Michael Niedermayer <michaelni@gmx.at>
| * MSS1 and MSS2: set final pixel format after common stuff has been initialisedAlberto Delmás2012-08-31
| | | | | | | | | | | | | | This way it won't interfere with WMV9 initialisation inside MSS2 decoder and avplay will play it fine. Signed-off-by: Kostya Shishkov <kostya.shishkov@gmail.com>
| * MSS2 decoderAlberto Delmás2012-08-31
| | | | | | | | Signed-off-by: Kostya Shishkov <kostya.shishkov@gmail.com>
* | Merge remote-tracking branch 'qatar/master'Michael Niedermayer2012-08-28
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * qatar/master: vc1: export some functions configure: use HOSTCC_C/O in check_host_cc configure: use AS_O setting in check_as configure: use LD_O setting in check_ld() Revert "dsputil: make {add/put/put_signed}_pixels_clamped() non-static." build: Restore dependency of acelp_filters.o on celp_math.o celp_math: Replace duplicate ff_dot_productf() by ff_scalarproduct_c() celp_math: Move ff_cos() to the only place it is used build: Use portable abstraction for linker/hostcc output file syntax configure: Fix shared library creation for OpenBSD vp56: Don't use DECLARE_ALIGN on a typedef name mss1: move code that will be reused by MSS2 decoder into separate file mss1: merge decode_intra() and decode_inter() avprobe: Get rid of ugly casts in the options table vf_hqdn3d: Remove a duplicate inline declaration Conflicts: Makefile configure ffprobe.c libavcodec/Makefile libavcodec/amrnbdec.c libavcodec/amrwbdec.c libavcodec/celp_math.c libavcodec/celp_math.h libavcodec/dsputil.c libavcodec/lsp.c libavcodec/mss1.c libavcodec/ra288.c libavcodec/vc1dec.c Merged-by: Michael Niedermayer <michaelni@gmx.at>
* mss1: move code that will be reused by MSS2 decoder into separate fileKostya Shishkov2012-08-27
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 03:47:51 +0000