Fixes: out of array access Fixes: 1434/clusterfuzz-testcase-minimized-6314998085189632 Fixes: 1435/clusterfuzz-testcase-minimized-6483783723253760 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Reviewed-by: "Ronald S. Bultje" <rsbultje@gmail.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
James Almer [Sat, 6 May 2017 23:31:45 +0000 (20:31 -0300)]
avcodec/hevc_sei: fix amount of bits skipped when reading picture timing SEI message
The code was skipping the entire reported SEI message size regardless of
the amount of bits read.
While in theory safe for NALU where the picture timing SEI message is alone
or at the end as we're using the checked bitstream reader, it isn't in any
other situation, where every SEI message in the NALU after the picture
timing one would potentially fail to parse.
Change the function name to one more in line with the rest of file, and
remove the bogus "Skipped SEI" debug message while at it.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc> Signed-off-by: James Almer <jamrial@gmail.com>
Fixes: runtime error: signed integer overflow: 251 + 2147483647 cannot be represented in type 'int' Fixes: 1438/clusterfuzz-testcase-minimized-4917542646710272 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/y41pdec: Fix width in input buffer size check
Fixes: out of array read Fixes: 1437/clusterfuzz-testcase-minimized-4569970002362368 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
erankor [Wed, 3 May 2017 08:50:15 +0000 (11:50 +0300)]
ffmpeg: add enc_time_base option
add a per-stream option for setting the encoder timebase.
the following values are allowed:
0 - for video, use 1/frame_rate, for audio use 1/sample_rate (this is
the default)
-1 - match the input timebase (when possible)
>0 - set the timebase to provided number
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Simon Thelen [Sat, 8 Apr 2017 12:21:28 +0000 (14:21 +0200)]
libavformat/tcp: fix return code for tcp_accept
ff_accept can return AVERROR(ETIMEDOUT) and errno will be 0 (or
undefined), return ret instead and return ff_neterror() in
ff_poll_interrupt instead of AVERROR(errno) to parse WSAGetLastError on
Windows.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: left shift of 1610706944 by 1 places cannot be represented in type 'int' Fixes: 1421/clusterfuzz-testcase-minimized-6239947507892224 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
compat/cuda: update cuvid/nvdec headers to Video Codec SDK 8.0.14
This raises the required minimum NVIDIA display driver versions:
NVIDIA Linux display driver 378.13 or newer
NVIDIA Windows display driver 378.66 or newer
compat/nvenc: bump nvEncodeAPI.h to Video Codec SDK 8.0.14
This raises the required minimum NVIDIA display driver versions:
NVIDIA Linux display driver 378.13 or newer
NVIDIA Windows display driver 378.66 or newer
Fixes: out of array read Fixes: 1419/clusterfuzz-testcase-minimized-6108700873850880 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Aaron Levinson [Sat, 6 May 2017 01:16:03 +0000 (18:16 -0700)]
configure: Added require alternative for libmfx to support alternate installation options
Purpose: Added require alternative for libmfx in the case that pkg-config
cannot find libmfx. On Linux, most people likely get libmfx via
https://github.com/lu-zero/mfx_dispatch , but on Windows, the most
well-known way to get libmfx is via the Intel Media SDK, which
provides a static build of libmfx.lib and also provides the source
code for building libmfx yourself. If built this way, there are no
pkg-config files to be found.
Comments:
-- configure: Altered enabled libmfx step to use use_pkg_config()
instead of require_pkg_config(), and, if use_pkg_config() fails, it
falls back to require(). Also added explanatory comment. Note
that the reason that require() is passed -llibmfx as the last
argument, instead of -lmfx, is the file name for the library
produced from the Intel Media SDK starts with "libmfx".
Apparently, the filename for the library produced via
https://github.com/lu-zero/mfx_dispatch starts with "mfx".
Signed-off-by: Aaron Levinson <alevinsn@aracnet.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Aaron Levinson [Sat, 6 May 2017 01:49:57 +0000 (18:49 -0700)]
qsvenc: Use MFXVideoENCODE_Query() to update the parameters
Purpose: Fill out the default/unset parameters with ones actually in use.
Note: Matches the current MediaSDK example code. This code used to be
present in ffmpeg and was eliminated in revision 1f26a23 on Oct. 31,
2016 (qsv: Merge libav implementation, at
https://github.com/FFmpeg/FFmpeg/commit/1f26a231bb065276cd80ce02957c759f3197edfa#diff-7d84a34d58597bb7aa4b8239dca1f9f8).
Already applied to libav.
Reviewed-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit b22094d74901fb3ac203c8322f8d84aded470bfb) Signed-off-by: Mark Thompson <sw@jkqxz.net> Signed-off-by: Aaron Levinson <alevinsn@aracnet.com> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 1258291200 * 2 cannot be represented in type 'int' Fixes: 1413/clusterfuzz-testcase-minimized-5923451770503168 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Aaron Levinson [Sat, 6 May 2017 00:59:21 +0000 (17:59 -0700)]
avdevice/decklink: fix MSVC build issues
Purpose: Made minor changes to get the decklink avdevice code to build
using Visual C++.
Notes: Made changes to configure per Hendrik Leppkes's review of first
and second versions of patch. Also made slight alterations per Marton
Balint's reviews.
Comments:
-- configure: Added if enabled decklink section and setting
decklink_indev_extralibs and decklink_outdev_extralibs here for
both mingw and Windows. Also eliminated the setting of these
variables in the mingw section earlier in the file.
-- libavdevice/decklink_common.cpp: Switched the order of the include
of libavformat/internal.h to workaround build issues with Visual
C++. See comment in file for more details.
-- libavdevice/decklink_dec.cpp:
a) Rearranged the include of libavformat/internal.h (for reasons as
described above).
b) Made slight alteration to an argument for call to av_rescale_q() to
workaround a compiler error with Visual C++. This appears to only
be an issue when building C++ files with Visual C++. See comment
in code for more details.
-- libavdevice/decklink_enc.cpp: Rearranged the include of
libavformat/internal.h (for reasons as described above).
avcodec/htmlsubtitles: Check for string truncation and return error
Fixes out of array access Fixes: 1354/clusterfuzz-testcase-minimized-5520132195483648 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: 25984 * 130560 cannot be represented in type 'int' Fixes: 1404/clusterfuzz-testcase-minimized-5000441286885376 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array access Fixes: 1427/clusterfuzz-testcase-minimized-5020737339392000 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes runtime error: left shift of 1912602815 by 8 places cannot be represented in type 'int' Fixes: 1403/clusterfuzz-testcase-minimized-4724820484816896 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes out of array access Fixes: 1399/clusterfuzz-testcase-minimized-4866094172995584 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
avcodec/aacdec_template: Do not decode 2nd PCE if it will lead to failure
Fixes: out of array read Fixes: 1072/clusterfuzz-testcase-6456688074817536 Fixes: 1398/clusterfuzz-testcase-minimized-4576913622302720 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes out of array access Fixes: 1376/clusterfuzz-testcase-minimized-6361794975105024 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>