root
/
FFmpeg
mirror of https://github.com/FFmpeg/FFmpeg.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
76,901 Commits 38 Branches 415 Tags 533 MiB
Commit Graph

21 Commits

Author SHA1 Message Date
Michael Niedermayer 7593a9aa21
avformat/asfdec_f: Use 64bit for packet start time 
Fixes: signed integer overflow: 2147483647 + 32 cannot be represented in type 'int'
Fixes: 49014/clusterfuzz-testcase-minimized-ffmpeg_dem_ASF_fuzzer-6314973315334144

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8ed78486fc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-10-28 21:04:04 +02:00
Michael Niedermayer cc277f46ae
avformat/asfdec_f: Check packet_frag_timestamp 
Fixes: signed integer overflow: -9223372036854775808 - 4607 cannot be represented in type 'long'
Fixes: 45685/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5280102802391040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ffc8772150)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2022-10-28 21:04:04 +02:00
Michael Niedermayer 0257623b2d avformat/asfdec_f: Check for negative ext_len 
Fixes: Infinite loop
Fixes: 26376/clusterfuzz-testcase-minimized-ffmpeg_dem_PCM_U32LE_fuzzer-6050518830678016
Fixes: 26377/clusterfuzz-testcase-minimized-ffmpeg_dem_TY_fuzzer-4838195726123008
Fixes: 26384/clusterfuzz-testcase-minimized-ffmpeg_dem_G729_fuzzer-5173450337157120
Fixes: 26396/clusterfuzz-testcase-minimized-ffmpeg_dem_PCM_S24BE_fuzzer-5071092206796800

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 209b9ff5c3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-17 21:34:53 +02:00
Michael Niedermayer dd427b159e avformat/asfdec_f: Check name_len for overflow 
Fixes: signed integer overflow: -1172299744 * 2 cannot be represented in type 'int'
Fixes: 26258/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5672758488596480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0d088a47ca)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-17 21:34:53 +02:00
Michael Niedermayer be04f6dfa3 avformat/asfdec_f: Change order or operations slightly 
Fixes: signed integer overflow: 20 * 5184056935931942919 cannot be represented in type 'long'
Fixes: 25466/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-4798660247552000

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 686f015190)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2021-10-17 21:34:53 +02:00
Michael Niedermayer e1430e1e2b avformat/asfdec_f: Fix overflow check in get_tag() 
Fixes: signed integer overflow: 2 * 1210064928 cannot be represented in type 'int'
Fixes: 20873/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5761116909338624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Anton Khirnov <anton@khirnov.net>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c8140fe732)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2020-04-23 21:29:01 +02:00
Michael Niedermayer fa65598309 avformat/asfdec: Fix DoS in asf_build_simple_index() 
Fixes: Missing EOF check in loop
No testcase

Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit afc9c683ed)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2018-01-31 22:56:14 +01:00
孙浩 and 张洪亮(望初) 6904464301 avformat/asfdec: Fix DoS due to lack of eof check 
Fixes: loop.asf

Found-by: Xiaohei and Wangchu from Alibaba Security Team
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7f9ec5593e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2017-08-28 01:42:00 +02:00
Michael Niedermayer 29d147c94d Merge commit '059a934806d61f7af9ab3fd9f74994b838ea5eba' 
* commit '059a934806d61f7af9ab3fd9f74994b838ea5eba':
  lavc: Consistently prefix input buffer defines

Conflicts:
	doc/examples/decoding_encoding.c
	libavcodec/4xm.c
	libavcodec/aac_adtstoasc_bsf.c
	libavcodec/aacdec.c
	libavcodec/aacenc.c
	libavcodec/ac3dec.h
	libavcodec/asvenc.c
	libavcodec/avcodec.h
	libavcodec/avpacket.c
	libavcodec/dvdec.c
	libavcodec/ffv1enc.c
	libavcodec/g2meet.c
	libavcodec/gif.c
	libavcodec/h264.c
	libavcodec/h264_mp4toannexb_bsf.c
	libavcodec/huffyuvdec.c
	libavcodec/huffyuvenc.c
	libavcodec/jpeglsenc.c
	libavcodec/libxvid.c
	libavcodec/mdec.c
	libavcodec/motionpixels.c
	libavcodec/mpeg4videodec.c
	libavcodec/mpegvideo.c
	libavcodec/noise_bsf.c
	libavcodec/nuv.c
	libavcodec/nvenc.c
	libavcodec/options.c
	libavcodec/parser.c
	libavcodec/pngenc.c
	libavcodec/proresenc_kostya.c
	libavcodec/qsvdec.c
	libavcodec/svq1enc.c
	libavcodec/tiffenc.c
	libavcodec/truemotion2.c
	libavcodec/utils.c
	libavcodec/utvideoenc.c
	libavcodec/vc1dec.c
	libavcodec/wmalosslessdec.c
	libavformat/adxdec.c
	libavformat/aiffdec.c
	libavformat/apc.c
	libavformat/apetag.c
	libavformat/avidec.c
	libavformat/bink.c
	libavformat/cafdec.c
	libavformat/flvdec.c
	libavformat/id3v2.c
	libavformat/isom.c
	libavformat/matroskadec.c
	libavformat/mov.c
	libavformat/mpc.c
	libavformat/mpc8.c
	libavformat/mpegts.c
	libavformat/mvi.c
	libavformat/mxfdec.c
	libavformat/mxg.c
	libavformat/nutdec.c
	libavformat/oggdec.c
	libavformat/oggparsecelt.c
	libavformat/oggparseflac.c
	libavformat/oggparseopus.c
	libavformat/oggparsespeex.c
	libavformat/omadec.c
	libavformat/rawdec.c
	libavformat/riffdec.c
	libavformat/rl2.c
	libavformat/rmdec.c
	libavformat/rtpdec_latm.c
	libavformat/rtpdec_mpeg4.c
	libavformat/rtpdec_qdm2.c
	libavformat/rtpdec_svq3.c
	libavformat/sierravmd.c
	libavformat/smacker.c
	libavformat/smush.c
	libavformat/spdifenc.c
	libavformat/takdec.c
	libavformat/tta.c
	libavformat/utils.c
	libavformat/vqf.c
	libavformat/westwood_vqa.c
	libavformat/xmv.c
	libavformat/xwma.c
	libavformat/yop.c

Merged-by: Michael Niedermayer <michael@niedermayer.cc>
 2015-07-27 23:15:19 +02:00
Michael Niedermayer 9837d3b068 avformat/asfdec_f: Parse ECC byte according to spec 
This should not change anything as the spec requires specific values
for the fields, which where handled previously.

Ask for samples when these values do not match

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2015-07-22 14:11:48 +02:00
Michael Niedermayer 0671dc5c53 avformat/asfdec_f: Improve packet resync heuristic 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2015-07-22 01:30:02 +02:00
Michael Niedermayer 5d79a07316 avformat/asfdec_f: Do not print errors if packets do not start with ECC 
There is nothing wrong with such packets, the spec allows this

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2015-07-22 01:21:17 +02:00
Michael Niedermayer 385eb066ce avformat/asfdec_f: Increase the amount of information provided in cases of errors 
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
 2015-07-22 01:08:34 +02:00
Michael Niedermayer ba77fb61f7 Merge commit 'd80811c94e068085aab797f9ba35790529126f85' 
* commit 'd80811c94e068085aab797f9ba35790529126f85':
  riff: Use the correct logging context

Conflicts:
	libavformat/asfdec_o.c
	libavformat/avidec.c
	libavformat/dxa.c
	libavformat/matroskadec.c
	libavformat/mov.c
	libavformat/riff.h
	libavformat/riffdec.c
	libavformat/wavdec.c
	libavformat/wtvdec.c
	libavformat/xwma.c

Merged-by: Michael Niedermayer <michael@niedermayer.cc>
 2015-07-12 15:22:37 +02:00
Michael Niedermayer 1f69b7baa1 avformat/asfdec_f: Fix memleak 
Found-by: jamrial
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-07-02 09:42:33 +02:00
John Adlum 72cad80016 avformat/asfdec_f: Add ASFDataType, use named types for metadata 
This is based on asfdec_o.c, but uses a proper type instead of defines

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-07-02 04:58:27 +02:00
John Adlum 59fffefdb4 avformat/asfdec_f: Use dynamic allocation in asf_read_metadata() instead of a fixed size buffer 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-07-02 04:58:23 +02:00
John Adlum c8eca438a9 avformat/asfdec_f: factor error checking out of main header parsing loop 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-07-02 04:58:18 +02:00
John Adlum 811008b8ee avformat/asfdec_f: Assert that packet positions match in asf_read_pts() 
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-07-01 18:47:59 +02:00
John Adlum 28206b75e8 avformat/asfdec_f: Correct skip to key code 
Fixes Ticket3978

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-07-01 18:47:54 +02:00
Michael Niedermayer 8f9c39b3e8 avformat: rename asfdec.c to asfdec_f.c 
leaving it as asfdec.c confuses git

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
 2015-06-30 12:23:12 +02:00