[FFmpeg-cvslog] avcodec/tiff: Update pointer only when the result is used

ffmpeg | branch: release/3.1 | Michael Niedermayer | Thu Jun 22 20:21:05 2017 +0200| [62b536690d2777b72eefd5af936e4773058f2fdb] | committer: Michael Niedermayer avcodec/tiff: Update pointer only when the result is used Fixes: runtime error: signed integer overflow: 538976288 * 32 cannot be

[FFmpeg-cvslog] avcodec/wavpack: Fix integer overflow in wv_unpack_stereo()

ffmpeg | branch: release/3.1 | Michael Niedermayer | Sun Jun 25 00:13:53 2017 +0200| [62e942ab1c04d29c8c14257e46bf65f66e0ff792] | committer: Michael Niedermayer avcodec/wavpack: Fix integer overflow in wv_unpack_stereo() Fixes: runtime error: signed integer overflow: 2080374785 + 2080374784

[FFmpeg-cvslog] avcodec/takdec: Fix integer overflow

ffmpeg | branch: release/3.1 | Michael Niedermayer | Thu Jun 22 21:21:56 2017 +0200| [10a085a21f2da353652d67f17292b24fbd9fd67a] | committer: Michael Niedermayer avcodec/takdec: Fix integer overflow Fixes: runtime error: signed integer overflow: 512 + 2147483146 cannot be represented in type

[FFmpeg-cvslog] avcodec/wavpack: Fix integer overflow

ffmpeg | branch: release/3.1 | Michael Niedermayer | Fri Jun 23 01:58:48 2017 +0200| [b3cf49b6f9a2a3459250350fdb2b70ac164116e0] | committer: Michael Niedermayer avcodec/wavpack: Fix integer overflow Fixes: runtime error: signed integer overflow: 227511904 + 1964113935 cannot be represented

[FFmpeg-cvslog] avcodec/jpeg2000dwt: Fix integer overflow in dwt_decode97_int()

ffmpeg | branch: release/3.1 | Michael Niedermayer | Mon Jun 26 15:05:08 2017 +0200| [634e9a696d85fd32456f61aa23ca5f90544788fe] | committer: Michael Niedermayer avcodec/jpeg2000dwt: Fix integer overflow in dwt_decode97_int() Fixes: runtime error: signed integer overflow: -163654656 * 256

[FFmpeg-cvslog] avcodec/mpeg4videodec: Fix GMC with videos of dimension 1

ffmpeg | branch: release/3.1 | Michael Niedermayer | Sat Jun 24 13:45:35 2017 +0200| [f626a479f41245de5d5f666c76833797b94a8b57] | committer: Michael Niedermayer avcodec/mpeg4videodec: Fix GMC with videos of dimension 1 Fixes: runtime error: shift exponent -1 is negative Fixes: 2338

[FFmpeg-cvslog] avcodec/apedec: Fix integer overflow

ffmpeg | branch: release/3.1 | Michael Niedermayer | Sun Jul 16 14:57:20 2017 +0200| [750fec58e175b22ac23ff349c4b0a9b765ea4d0c] | committer: Michael Niedermayer avcodec/apedec: Fix integer overflow Fixes: out of array access Fixes: PoC.ape and others Found-by: Bingchang, Liu@VARAS of IIE

[FFmpeg-cvslog] avcodec/hevc_ps: Fix integer overflow with beta/tc offsets

ffmpeg | branch: release/3.1 | Michael Niedermayer | Fri Jun 30 16:23:32 2017 +0200| [0837678cbd332489cd89700df22d0a8da0e3721c] | committer: Michael Niedermayer avcodec/hevc_ps: Fix integer overflow with beta/tc offsets Fixes: runtime error: signed integer overflow: 2113929216 * 2 cannot be

[FFmpeg-cvslog] avcodec/sbrdsp_fixed: Fix integer overflow in sbr_hf_apply_noise()

ffmpeg | branch: release/3.1 | Michael Niedermayer | Sun Jul 2 03:30:54 2017 +0200| [215d6f897d3ef879dcfcf2a66881e3542881cec2] | committer: Michael Niedermayer avcodec/sbrdsp_fixed: Fix integer overflow in sbr_hf_apply_noise() Fixes: runtime error: signed integer overflow: -2049425300

[FFmpeg-cvslog] avcodec/wavpack: Fix invalid shift

ffmpeg | branch: release/3.1 | Michael Niedermayer | Tue Jun 27 13:47:32 2017 +0200| [be1f146a0f1c1d30d6ec09b93c29615dae7caff6] | committer: Michael Niedermayer avcodec/wavpack: Fix invalid shift Fixes: runtime error: left shift of 1 by 31 places cannot be represented in type 'int&#

[FFmpeg-cvslog] avcodec/h264_slice: Fix signed integer overflow

ffmpeg | branch: release/3.1 | Michael Niedermayer | Wed Jul 5 00:05:11 2017 +0200| [965f15551fb07f1c0be37fd369b0ab4462da0965] | committer: Michael Niedermayer avcodec/h264_slice: Fix signed integer overflow Fixes: runtime error: signed integer overflow: 26 + 2147483644 cannot be

[FFmpeg-cvslog] avcodec/cfhd: Fix invalid left shift of negative value

ffmpeg | branch: release/3.1 | Michael Niedermayer | Wed Jun 28 20:47:59 2017 +0200| [d2452b9e20ec16f241274f9ea836803b0652678e] | committer: Michael Niedermayer avcodec/cfhd: Fix invalid left shift of negative value Fixes: runtime error: left shift of negative value -1 Fixes: 2395/clusterfuzz

[FFmpeg-cvslog] avcodec/vb: Check vertical GMC component before multiply

ffmpeg | branch: release/3.1 | Michael Niedermayer | Wed Jun 28 20:29:02 2017 +0200| [73f42b7b58caea043578f6041be655b15c14fc70] | committer: Michael Niedermayer avcodec/vb: Check vertical GMC component before multiply Fixes: runtime error: signed integer overflow: 8224 * 663584 cannot be

[FFmpeg-cvslog] avcodec/aacps (fixed point): Fix multiple signed integer overflows

ffmpeg | branch: release/3.1 | Michael Niedermayer | Sun Jul 9 15:19:18 2017 +0200| [910878e4d90a0850872336d656b12b77daf15f21] | committer: Michael Niedermayer avcodec/aacps (fixed point): Fix multiple signed integer overflows Fixes: runtime error: signed integer overflow: 1421978265

[FFmpeg-cvslog] avcodec/ylc: Fix vlc of 31 bits

ffmpeg | branch: release/3.1 | Michael Niedermayer | Sat Jul 8 22:51:57 2017 +0200| [51f0580c5f4315cae4788e0fbfb7c26fa191afd3] | committer: Michael Niedermayer avcodec/ylc: Fix vlc of 31 bits Fixes: runtime error: left shift of 1 by 31 places cannot be represented in type 'int' F

[FFmpeg-cvslog] avcodec/mjpegdec: Clip DC also on the negative side.

ffmpeg | branch: release/3.1 | Michael Niedermayer | Wed Jul 12 16:24:18 2017 +0200| [506bbbc09929e1d2778259fb9549743c5bce5fdc] | committer: Michael Niedermayer avcodec/mjpegdec: Clip DC also on the negative side. Fixes: runtime error: signed integer overflow: -16711425 + -2130772346 cannot

[FFmpeg-cvslog] avcodec/aacdec_template (fixed point): Check gain in decode_cce() to avoid undefined shifts later

ffmpeg | branch: release/3.1 | Michael Niedermayer | Sat Jul 15 22:22:52 2017 +0200| [02bec657f37101b70978997f18d3f482dcea0295] | committer: Michael Niedermayer avcodec/aacdec_template (fixed point): Check gain in decode_cce() to avoid undefined shifts later Fixes: runtime error: shift

[FFmpeg-cvslog] avcodec/aacdec_template: Fix undefined integer overflow in apply_tns()

ffmpeg | branch: release/3.1 | Michael Niedermayer | Fri Jul 14 00:45:29 2017 +0200| [a2c3c9bc6038b03af917c7d840ca56d062574ba2] | committer: Michael Niedermayer avcodec/aacdec_template: Fix undefined integer overflow in apply_tns() Fixes: runtime error: signed integer overflow: -2147483648

[FFmpeg-cvslog] avcodec/magicyuv: Check that vlc len is not too large

ffmpeg | branch: release/3.1 | Michael Niedermayer | Wed Jul 12 17:25:16 2017 +0200| [94077cf6735afd1a166848d388c3a59764e7c71c] | committer: Michael Niedermayer avcodec/magicyuv: Check that vlc len is not too large Fixes: runtime error: shift exponent -95 is negative Fixes: 2568/clusterfuzz

[FFmpeg-cvslog] avcodec/aacdec_fixed: fix: left shift of negative value -1

ffmpeg | branch: release/3.1 | Michael Niedermayer | Sun Jul 23 16:52:47 2017 +0200| [918d45ec82ea83c5463339d7e72fb4dcc9a167d4] | committer: Michael Niedermayer avcodec/aacdec_fixed: fix: left shift of negative value -1 Fixes: 2699/clusterfuzz-testcase-minimized-5631303862976512 Found-by

[FFmpeg-cvslog] avcodec/aacps: Fix multiple integer overflow in map_val_34_to_20()

ffmpeg | branch: release/3.1 | Michael Niedermayer | Sat Jul 22 00:44:14 2017 +0200| [2755c73d55b2c92e73698aa03c580f311dc36d6f] | committer: Michael Niedermayer avcodec/aacps: Fix multiple integer overflow in map_val_34_to_20() Fixes: avcodec/aacps.c:511:40: runtime error: signed integer

[FFmpeg-cvslog] avformat/oggparsecelt: Do not re-allocate os->private

ffmpeg | branch: release/3.1 | Michael Niedermayer | Tue Jul 25 03:19:07 2017 +0200| [65304d33a20f0d88bcc526ac01e5299c88cff566] | committer: Michael Niedermayer avformat/oggparsecelt: Do not re-allocate os->private Fixes: double free Fixes: clusterfuzz-testcase-minimized-5080550145785

[FFmpeg-cvslog] avcodec/dnxhddec: Move mb height check out of non hr branch

ffmpeg | branch: release/3.1 | Michael Niedermayer | Wed Jul 26 03:26:59 2017 +0200| [956f2db21ffc1ca7f8dae7a3f44b09a145d9b9fa] | committer: Michael Niedermayer avcodec/dnxhddec: Move mb height check out of non hr branch Fixes: out of array access Fixes: poc.dnxhd Found-by: Bingchang, Liu

[FFmpeg-cvslog] avcodec/diracdec: Fix integer overflow in signed multiplication in UNPACK_ARITH()

ffmpeg | branch: release/3.1 | Michael Niedermayer | Wed Jul 26 20:26:43 2017 +0200| [f4c8449238319d23e2e1bcd151c9af38e36c7eb3] | committer: Michael Niedermayer avcodec/diracdec: Fix integer overflow in signed multiplication in UNPACK_ARITH() Fixes: runtime error: signed integer overflow

[FFmpeg-cvslog] avformat/rtmppkt: Convert ff_amf_tag_size() to bytestream2

ffmpeg | branch: release/3.1 | Michael Niedermayer | Fri Jul 28 13:41:59 2017 +0200| [54a6c1368cdbb13eb0015433edca0d0fc9ea5dfb] | committer: Michael Niedermayer avformat/rtmppkt: Convert ff_amf_tag_size() to bytestream2 Fixes: out of array accesses Fixes: crash

[FFmpeg-cvslog] avcodec/hevc_ps: fix integer overflow in log2_parallel_merge_level_minus2

ffmpeg | branch: release/3.1 | Michael Niedermayer | Mon Jul 24 15:48:37 2017 +0200| [7f3124e08c3084c27ffa1dbd71659844a2c23f32] | committer: Michael Niedermayer avcodec/hevc_ps: fix integer overflow in log2_parallel_merge_level_minus2 Fixes: runtime error: signed integer overflow: -2147483647

[FFmpeg-cvslog] avcodec/ylc: Fix shift overflow

ffmpeg | branch: release/3.1 | Michael Niedermayer | Sat Jul 22 02:57:12 2017 +0200| [a0edd7f583b8f63340a3c46c04d44f2ed5e0d4e7] | committer: Michael Niedermayer avcodec/ylc: Fix shift overflow Fixes: runtime error: shift exponent 32 is too large for 32-bit type 'unsigned int' F

[FFmpeg-cvslog] avcodec/dirac_dwt: Fix multiple integer overflows in COMPOSE_DD97iH0()

ffmpeg | branch: release/3.1 | Michael Niedermayer | Fri Jul 28 03:22:40 2017 +0200| [acedc53186c4c9564d3b6442bb293ffc4d7b7f8b] | committer: Michael Niedermayer avcodec/dirac_dwt: Fix multiple integer overflows in COMPOSE_DD97iH0() Fixes: runtime error: signed integer overflow: 9 * 335544320

[FFmpeg-cvslog] avcodec/diracdec: Fix integer overflow in divide3()

ffmpeg | branch: release/3.1 | Michael Niedermayer | Thu Jul 27 23:49:27 2017 +0200| [6b1c71040d170c66b20d214a17aacefc215cd9c5] | committer: Michael Niedermayer avcodec/diracdec: Fix integer overflow in divide3() Fixes: runtime error: signed integer overflow: -1073746548 * 21845 cannot be

[FFmpeg-cvslog] avcodec/takdec: Fix integer overflow in decode_subframe()

ffmpeg | branch: release/3.1 | Michael Niedermayer | Thu Jul 27 23:49:26 2017 +0200| [6274709c1c110cbb714a2bd0292bb9e96d9d561f] | committer: Michael Niedermayer avcodec/takdec: Fix integer overflow in decode_subframe() Fixes: runtime error: signed integer overflow: -536870912 - 1972191120

[FFmpeg-cvslog] avformat/rtmppkt: Convert ff_amf_get_field_value() to bytestream2

ffmpeg | branch: release/3.1 | Michael Niedermayer | Fri Jul 28 14:37:26 2017 +0200| [06ce68d8a07d6365d67fdd8ed3c1e422f97a43fa] | committer: Michael Niedermayer avformat/rtmppkt: Convert ff_amf_get_field_value() to bytestream2 Fixes: out of array accesses Found-by: JunDong Xie of Ant

[FFmpeg-cvslog] avcodec/diracdec: Check weight_log2denom

ffmpeg | branch: release/3.1 | Michael Niedermayer | Sat Jul 29 15:46:50 2017 +0200| [6d849e2706d04588d16ee65dacea21f24f30d9d4] | committer: Michael Niedermayer avcodec/diracdec: Check weight_log2denom Fixes: runtime error: shift exponent -1 is negative Fixes: 2742/clusterfuzz-testcase

[FFmpeg-cvslog] avcodec/h264idct_template: Fix integer overflow in ff_h264_idct_add()

ffmpeg | branch: master | Michael Niedermayer | Tue Aug 1 19:56:07 2017 +0200| [d1bfa80ec464d475a0de3f513bbb62bcd356099a] | committer: Michael Niedermayer avcodec/h264idct_template: Fix integer overflow in ff_h264_idct_add() Fixes: runtime error: signed integer overflow: 26215360

[FFmpeg-cvslog] avcodec/hevc_cabac: Check for ff_init_cabac_decoder() failure in cabac_reinit()

ffmpeg | branch: master | Michael Niedermayer | Wed Aug 2 00:46:49 2017 +0200| [4ff94558f23a5de43aed4ca3429963dd1d995250] | committer: Michael Niedermayer avcodec/hevc_cabac: Check for ff_init_cabac_decoder() failure in cabac_reinit() Fixes: runtime error: left shift of negative value

[FFmpeg-cvslog] Update for 3.1.10

ffmpeg | branch: release/3.1 | Michael Niedermayer | Fri Aug 4 12:13:51 2017 +0200| [fef71d661b7a251f70f132f1585b7dfa08117423] | committer: Michael Niedermayer Update for 3.1.10 Signed-off-by: Michael Niedermayer > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commi

[FFmpeg-cvslog] RELEASE: Update release number

ffmpeg | branch: release/3.1 | Michael Niedermayer | Fri Aug 4 15:52:22 2017 +0200| [afa34cb36edca0ff809b7e58474bbce12271ecba] | committer: Michael Niedermayer RELEASE: Update release number Signed-off-by: Michael Niedermayer > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commi

[FFmpeg-cvslog] avcodec/aacdec_fixed: fix invalid shift in predict()

ffmpeg | branch: master | Michael Niedermayer | Fri Aug 4 03:26:30 2017 +0200| [1e443051b277f73b94a2f660d3fd31a1a7beab52] | committer: Michael Niedermayer avcodec/aacdec_fixed: fix invalid shift in predict() Fixes: runtime error: shift exponent -2 is negative Fixes: 2818/clusterfuzz-testcase

[FFmpeg-cvslog] avcodec/h264_slice: Fix overflow in slice offset

ffmpeg | branch: master | Michael Niedermayer | Fri Aug 4 02:41:05 2017 +0200| [1f53bde6d817ae13a47748f321adbdfa79e15982] | committer: Michael Niedermayer avcodec/h264_slice: Fix overflow in slice offset Fixes: runtime error: signed integer overflow: 1610612736 * 2 cannot be represented in

[FFmpeg-cvslog] avcodec/dirac_dwt: Fixes integer overflows in COMPOSE_DAUB97*

ffmpeg | branch: master | Michael Niedermayer | Sun Aug 6 05:01:45 2017 +0200| [a5380f9c1c460acccb2edaa8609e4a57c0456088] | committer: Michael Niedermayer avcodec/dirac_dwt: Fixes integer overflows in COMPOSE_DAUB97* Fix multiple: runtime error: signed integer overflow: 6497 * 3409630 cannot

[FFmpeg-cvslog] avcodec/dvenc: Support adjusting the quantizer deadzone

ffmpeg | branch: master | Michael Niedermayer | Mon Aug 7 01:20:55 2017 +0200| [fea7bc9e7b9aea85c404cee58246f8e98e618bbf] | committer: Michael Niedermayer avcodec/dvenc: Support adjusting the quantizer deadzone Signed-off-by: Michael Niedermayer > http://git.videolan.org/gitweb.

[FFmpeg-cvslog] avcodec/dvenc: Change quantizer dead zone default to 7

ffmpeg | branch: master | Michael Niedermayer | Mon Aug 7 01:20:56 2017 +0200| [abaeeb3ce08d49af4127fb14d63ae3ffb11073d8] | committer: Michael Niedermayer avcodec/dvenc: Change quantizer dead zone default to 7 This improves the quality and reduces the "blocking" in flat areas Sig

[FFmpeg-cvslog] avcodec/tests/dct: Add Mean square error test

ffmpeg | branch: master | Michael Niedermayer | Sun Jul 9 03:10:51 2017 +0200| [84786e928f9e54bdc3622f68db0ce35bae43fb46] | committer: Michael Niedermayer avcodec/tests/dct: Add Mean square error test based on quotes of IEEE 1180 / ISO/IEC 23002-1 Signed-off-by: Michael Niedermayer > h

[FFmpeg-cvslog] avformat/avidec: Move packet skip after prefix and related checks

ffmpeg | branch: master | Michael Niedermayer | Tue Aug 8 02:17:16 2017 +0200| [511e10f673a69c05744be0355cc9ce5705407bc2] | committer: Michael Niedermayer avformat/avidec: Move packet skip after prefix and related checks This fixes loosing packets Fixes: big.avi Signed-off-by: Michael

[FFmpeg-cvslog] avcodec/tests/dct: Add peak mean error check

ffmpeg | branch: master | Michael Niedermayer | Sun Jul 9 03:10:51 2017 +0200| [86cbffdc4db268bab0d798dca1e30dc46606dad0] | committer: Michael Niedermayer avcodec/tests/dct: Add peak mean error check based on quotes of IEEE 1180 / ISO/IEC 23002-1 Signed-off-by: Michael Niedermayer > h

[FFmpeg-cvslog] avcodec/mpeg4videodec: Clear mcsel before decoding an image

ffmpeg | branch: master | Michael Niedermayer | Sun Aug 6 13:32:54 2017 +0200| [7735ed29741d985e1e670249ca56e7a1ce18b729] | committer: Michael Niedermayer avcodec/mpeg4videodec: Clear mcsel before decoding an image Fixes: runtime error: signed integer overflow: 2146467840 + 1032192 cannot be

[FFmpeg-cvslog] avcodec/gdv: Check available space before reading palette

ffmpeg | branch: master | Michael Niedermayer | Fri Aug 11 19:27:02 2017 +0200| [0561bd2fc2bff0dbe651d5998e9f129c43d25eb3] | committer: Michael Niedermayer avcodec/gdv: Check available space before reading palette Fixes: Timeout Fixes: 2926/clusterfuzz-testcase-498711001458278 Found-by

[FFmpeg-cvslog] avcodec/ffv1dec_template: Fix undefined shift

ffmpeg | branch: master | Michael Niedermayer | Fri Aug 11 18:20:03 2017 +0200| [62702eebded6c6341d214405812a981f80e46ea2] | committer: Michael Niedermayer avcodec/ffv1dec_template: Fix undefined shift Fixes: runtime error: left shift of negative value -127 Fixes: 2834/clusterfuzz-testcase

[FFmpeg-cvslog] avcodec/lagarith: Detect end of input in lag_decode_line() loop

ffmpeg | branch: master | Michael Niedermayer | Fri Aug 11 21:47:31 2017 +0200| [5859b5b4394d3a0d654b6e821c2ba5e1e7842244] | committer: Michael Niedermayer avcodec/lagarith: Detect end of input in lag_decode_line() loop Fixes: timeout Fixes: 2933/clusterfuzz-testcase-5124990208835584 Found

[FFmpeg-cvslog] avcodec/cavsdec: Check I frame mb decode for errors

ffmpeg | branch: master | Michael Niedermayer | Sun Aug 13 18:42:45 2017 +0200| [426a322aa2bfd8ec28e467743c79dad81c63c108] | committer: Michael Niedermayer avcodec/cavsdec: Check I frame mb decode for errors Fixes: timeout Fixes: 2943/clusterfuzz-testcase-5430257156882432 Found-by

[FFmpeg-cvslog] avcodec/cavsdec: Check P/B frame mb decode which return error codes

ffmpeg | branch: master | Michael Niedermayer | Sun Aug 13 18:44:25 2017 +0200| [b9ce43625c43fe56aa2db726e147929380411790] | committer: Michael Niedermayer avcodec/cavsdec: Check P/B frame mb decode which return error codes Signed-off-by: Michael Niedermayer > http://git.videolan.

[FFmpeg-cvslog] swresample/resample: Fix flush refelction length

ffmpeg | branch: master | Michael Niedermayer | Tue Aug 15 14:58:25 2017 +0200| [0ac8fce2679e76e7caffde091141d6834405dbc1] | committer: Michael Niedermayer swresample/resample: Fix flush refelction length Reviewed-by: atomnuker Signed-off-by: Michael Niedermayer > http://git.videolan.

[FFmpeg-cvslog] avcodec/diracdec: Check perspective_exp and zrs_exp.

ffmpeg | branch: master | Michael Niedermayer | Tue Aug 15 03:32:43 2017 +0200| [1e6cab874512070b36267a5a53fd053f90072fa2] | committer: Michael Niedermayer avcodec/diracdec: Check perspective_exp and zrs_exp. Fixes: undefined shift Fixes: runtime error: shift exponent 264 is too large for 32

[FFmpeg-cvslog] avcodec/diracdec: Fixes integer overflow

ffmpeg | branch: master | Michael Niedermayer | Tue Aug 15 03:32:44 2017 +0200| [92da23093c784b1d9f0db4db51d28ea80a59e759] | committer: Michael Niedermayer avcodec/diracdec: Fixes integer overflow Fixes: runtime error: signed integer overflow: 340018243 * 27 cannot be represented in type

[FFmpeg-cvslog] avcodec/zmbv: Check decomp_size

ffmpeg | branch: master | Michael Niedermayer | Wed Aug 16 16:03:23 2017 +0200| [931c0ac95cebe62f2bdd53a81bf40e3916be6476] | committer: Michael Niedermayer avcodec/zmbv: Check decomp_size Fixes: OOM Fixes: 2710/clusterfuzz-testcase-minimized-4750001420894208 Found-by: continuous fuzzing

[FFmpeg-cvslog] avcodec/ffv1dec: Check for bitstream end in decode_line()

ffmpeg | branch: master | Michael Niedermayer | Mon Aug 14 00:15:55 2017 +0200| [b9f92093a10217b14d923220aaa186f41a0cf555] | committer: Michael Niedermayer avcodec/ffv1dec: Check for bitstream end in decode_line() Fixes: timeout Fixes: 2971/clusterfuzz-testcase-6130678276030464 Found-by

[FFmpeg-cvslog] avcodec/rangecoder: Do not increase the pointer beyond the buffer

ffmpeg | branch: master | Michael Niedermayer | Mon Aug 14 00:15:54 2017 +0200| [c359c51947c9ac925cc4a5d1893ef20ea1d3b4c8] | committer: Michael Niedermayer avcodec/rangecoder: Do not increase the pointer beyond the buffer Fixes: undefined behavior Signed-off-by: Michael Niedermayer > h

[FFmpeg-cvslog] avcodec/pixlet: fixes integer overflow in read_highpass()

ffmpeg | branch: master | Michael Niedermayer | Thu Aug 17 03:54:56 2017 +0200| [cadab5a2a74d715fc16325bd89f8b8091def1083] | committer: Michael Niedermayer avcodec/pixlet: fixes integer overflow in read_highpass() Fixes: runtime error: negation of -2147483648 cannot be represented in type

[FFmpeg-cvslog] avcodec/fic: Fixes signed integer overflow

ffmpeg | branch: master | Michael Niedermayer | Thu Aug 17 18:24:37 2017 +0200| [0c9d5b015c2022e8deebb93367f8ee8a8eb779e8] | committer: Michael Niedermayer avcodec/fic: Fixes signed integer overflow Fixes: runtime error: signed integer overflow: 1037142357 + 1227025305 cannot be represented

[FFmpeg-cvslog] avcodec/cngdec: Check skip_samples

ffmpeg | branch: master | Michael Niedermayer | Thu Aug 17 23:40:45 2017 +0200| [e7b9d136a1ba2d048b1a17df5778e426b825676d] | committer: Michael Niedermayer avcodec/cngdec: Check skip_samples Without this its possible to make the new decode API decode billions of samples out of a empty input

[FFmpeg-cvslog] avcodec/snowdec: Fix off by 1 error

ffmpeg | branch: master | Michael Niedermayer | Thu Aug 17 20:32:03 2017 +0200| [d132683ddd4050d3fe103ca88c73258c3442dc34] | committer: Michael Niedermayer avcodec/snowdec: Fix off by 1 error Fixes: runtime error: index 4 out of bounds for type 'int8_t [4]' Fixes: 3023/clusterfuz

[FFmpeg-cvslog] avcodec/dirac_dwt_template: Fix integer overflow in vertical_compose53iL0()

ffmpeg | branch: master | Michael Niedermayer | Fri Aug 18 16:42:58 2017 +0200| [a165b53daa8a3a526d2328ca72c4aa9e7f163045] | committer: Michael Niedermayer avcodec/dirac_dwt_template: Fix integer overflow in vertical_compose53iL0() Fixes: runtime error: signed integer overflow: 2147483646 + 2

[FFmpeg-cvslog] avcodec/pixlet: Fixes: undefined shift in av_mod_uintp2()

ffmpeg | branch: master | Michael Niedermayer | Fri Aug 18 16:42:59 2017 +0200| [8754ccd3b319fdf4e2beed5657a3e327999c64ce] | committer: Michael Niedermayer avcodec/pixlet: Fixes: undefined shift in av_mod_uintp2() Fixes: runtime error: shift exponent 4294967289 is too large for 32-bit type

[FFmpeg-cvslog] avcodec/me_cmp: Fix crashes on ARM due to misalignment

ffmpeg | branch: master | Michael Niedermayer | Sat Aug 19 23:38:58 2017 +0200| [bc488ec28aec4bc91ba47283c49c9f7f25696eaa] | committer: Michael Niedermayer avcodec/me_cmp: Fix crashes on ARM due to misalignment Adds a diff_pixels_unaligned() Fixes: https://bugs.debian.org/cgi-bin

[FFmpeg-cvslog] avcodec/pngdec: Fix () placement

ffmpeg | branch: master | Michael Niedermayer | Tue Aug 22 18:36:26 2017 +0200| [a2e444d5bb2e3115d3afcc0cca9d1506c90436a2] | committer: Michael Niedermayer avcodec/pngdec: Fix () placement Signed-off-by: Michael Niedermayer > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commi

[FFmpeg-cvslog] avcodec/aacdec_template: Fix running cleanup in decode_ics_info()

ffmpeg | branch: master | Michael Niedermayer | Mon Aug 21 02:15:49 2017 +0200| [6f03ffb47d51368a4bbc87702df8446e4660845d] | committer: Michael Niedermayer avcodec/aacdec_template: Fix running cleanup in decode_ics_info() Fixes: out of array read Fixes: 2873/clusterfuzz-testcase-minimized

[FFmpeg-cvslog] avformat/rtpdec_h264: Fix heap-buffer-overflow

ffmpeg | branch: master | Michael Niedermayer | Wed Aug 23 21:30:37 2017 +0200| [c42a1388a6d1bfd8001bf6a4241d8ca27e49326d] | committer: Michael Niedermayer avformat/rtpdec_h264: Fix heap-buffer-overflow Fixes: rtp_sdp/poc.sdp Found-by: Bingchang Signed-off-by: Michael Niedermayer > h

[FFmpeg-cvslog] avcodec/hevc_ps: Check delta_pocs in ff_hevc_decode_short_term_rps()

ffmpeg | branch: master | Michael Niedermayer | Mon Aug 21 00:18:48 2017 +0200| [2b44dcbc44e99daf9515753e9fd4c2e1ea53a2fa] | committer: Michael Niedermayer avcodec/hevc_ps: Check delta_pocs in ff_hevc_decode_short_term_rps() Fixes: integer overflow Fixes: 2893/clusterfuzz-testcase-minimized

[FFmpeg-cvslog] ffprobe: Fix NULL pointer handling in color parameter printing

ffmpeg | branch: master | Michael Niedermayer | Tue Aug 22 17:27:17 2017 +0200| [351e28f9a799d933dd10c964dca7219fa13b] | committer: Michael Niedermayer ffprobe: Fix NULL pointer handling in color parameter printing Signed-off-by: Michael Niedermayer > http://git.videolan.org/gitweb.

[FFmpeg-cvslog] ffprobe: Fix null pointer dereference with color primaries

ffmpeg | branch: master | Michael Niedermayer | Tue Aug 22 11:02:38 2017 +0200| [837cb4325b712ff1aab531bf41668933f61d75d2] | committer: Michael Niedermayer ffprobe: Fix null pointer dereference with color primaries Found-by: AD-lab of venustech Signed-off-by: Michael Niedermayer > h

[FFmpeg-cvslog] avcodec/pafvideo: Fix assertion failure

ffmpeg | branch: release/2.8 | Michael Niedermayer | Tue Jun 6 16:21:37 2017 +0200| [e3d4321739afcc25569bd462fdb518669b33f32b] | committer: Michael Niedermayer avcodec/pafvideo: Fix assertion failure Fixes: 2100/clusterfuzz-testcase-minimized-4522961547558912 Found-by: continuous fuzzing

[FFmpeg-cvslog] avcodec/mpeg4videodec: Fix runtime error: signed integer overflow: 53098 * 40448 cannot be represented in type 'int'

ffmpeg | branch: release/2.8 | Michael Niedermayer | Tue Jun 6 16:28:57 2017 +0200| [e9c8fdbbcbb4c6d9490ba5231982724ce1c7472a] | committer: Michael Niedermayer avcodec/mpeg4videodec: Fix runtime error: signed integer overflow: 53098 * 40448 cannot be represented in type 'int' F

[FFmpeg-cvslog] avcodec/takdec: Fix multiple runtime error: signed integer overflow: 637072 * 4096 cannot be represented in type 'int'

ffmpeg | branch: release/2.8 | Michael Niedermayer | Tue Jun 6 16:01:16 2017 +0200| [8dc06a1cb151f6162fec554ac5113147eeadd7a5] | committer: Michael Niedermayer avcodec/takdec: Fix multiple runtime error: signed integer overflow: 637072 * 4096 cannot be represented in type 'int' F

[FFmpeg-cvslog] avcodec/ac3dec_fixed: Fix multiple runtime error: signed integer overflow: -39271008 * 59 cannot be represented in type 'int'

ffmpeg | branch: release/2.8 | Michael Niedermayer | Thu Jun 8 13:44:32 2017 +0200| [bcdd5463f35d7d4de07a18cb5f919979465bdeb6] | committer: Michael Niedermayer avcodec/ac3dec_fixed: Fix multiple runtime error: signed integer overflow: -39271008 * 59 cannot be represented in type 'int&#x

[FFmpeg-cvslog] avcodec/indeo4: Check remaining data in Pic hdr extension parsing code

ffmpeg | branch: release/2.8 | Michael Niedermayer | Thu Jun 8 13:58:47 2017 +0200| [f4dae487906aee87897938d79e998060b5a6583d] | committer: Michael Niedermayer avcodec/indeo4: Check remaining data in Pic hdr extension parsing code Fixes: Timeout Fixes: 2115/clusterfuzz-testcase-minimized

[FFmpeg-cvslog] avcodec/ra144: Fix runtime error: signed integer overflow: -2200 * 1033073 cannot be represented in type 'int'

ffmpeg | branch: release/2.8 | Michael Niedermayer | Sun Jun 11 00:45:20 2017 +0200| [e3a75af7080c25f64ce0bda30fe4bc0a39968917] | committer: Michael Niedermayer avcodec/ra144: Fix runtime error: signed integer overflow: -2200 * 1033073 cannot be represented in type 'int' F

[FFmpeg-cvslog] avcodec/aacdec_fixed: Fix runtime error: left shift of negative value -1297616

ffmpeg | branch: release/2.8 | Michael Niedermayer | Sun Jun 11 14:32:35 2017 +0200| [295b24643ecfcdac7ce20d99a50d74d554c73d36] | committer: Michael Niedermayer avcodec/aacdec_fixed: Fix runtime error: left shift of negative value -1297616 Fixes: 2195/clusterfuzz-testcase-minimized

[FFmpeg-cvslog] avcodec/flicvideo: Fix runtime error: signed integer overflow: 4864 * 459296 cannot be represented in type 'int'

ffmpeg | branch: release/2.8 | Michael Niedermayer | Sat Jun 10 19:43:25 2017 +0200| [5dc0393d9663596d8b8670c2ee3605f55fc6b1a0] | committer: Michael Niedermayer avcodec/flicvideo: Fix runtime error: signed integer overflow: 4864 * 459296 cannot be represented in type 'int' F

[FFmpeg-cvslog] avcodec/tiff: Fix leak of geotags[].val

ffmpeg | branch: release/2.8 | Michael Niedermayer | Sun Jun 11 01:05:26 2017 +0200| [f0f9fa21846023d3c9522d6e32e70ea7ecf879d6] | committer: Michael Niedermayer avcodec/tiff: Fix leak of geotags[].val Fixes: 2176/clusterfuzz-testcase-minimized-5908197216878592 Found-by: continuous fuzzing

[FFmpeg-cvslog] avcodec/jpeg2000dwt: Fix runtime error: left shift of negative value -123

ffmpeg | branch: release/2.8 | Michael Niedermayer | Sun Jun 11 20:28:46 2017 +0200| [bc8fe5c4bdb49218c5a0ecbccbea665ac7af3bbb] | committer: Michael Niedermayer avcodec/jpeg2000dwt: Fix runtime error: left shift of negative value -123 Fixes: 2208/clusterfuzz-testcase-minimized

[FFmpeg-cvslog] avcodec/mpeg4videodec: Check sprite delta upshift against overflowing.

ffmpeg | branch: release/2.8 | Michael Niedermayer | Wed Jun 14 23:55:17 2017 +0200| [7bca492cfcc7e17e7d9ea5697c318283bee45984] | committer: Michael Niedermayer avcodec/mpeg4videodec: Check sprite delta upshift against overflowing. Fixes: runtime error: signed integer overflow: -268386304

[FFmpeg-cvslog] avcodec/mpeg4videodec: Fix integer overflow in num_sprite_warping_points=2 case

ffmpeg | branch: release/2.8 | Michael Niedermayer | Wed Jun 14 23:49:23 2017 +0200| [296b444a5caf3e708dde2d92853e11846ae9e60a] | committer: Michael Niedermayer avcodec/mpeg4videodec: Fix integer overflow in num_sprite_warping_points=2 case Fixes: runtime error: signed integer overflow

[FFmpeg-cvslog] avcodec/wavpack: Fix runtime error: signed integer overflow: 1886191616 + 277872640 cannot be represented in type 'int'

ffmpeg | branch: release/2.8 | Michael Niedermayer | Sun Jun 11 20:19:59 2017 +0200| [0dfda74afc8da0cdaa134f0a48b43698714948f0] | committer: Michael Niedermayer avcodec/wavpack: Fix runtime error: signed integer overflow: 1886191616 + 277872640 cannot be represented in type 'int' F

[FFmpeg-cvslog] avcodec/snowdec: Fix runtime error: left shift of negative value -1

ffmpeg | branch: release/2.8 | Michael Niedermayer | Sun Jun 11 14:34:54 2017 +0200| [d182bb21add5466df01dedb274a708d90802cd19] | committer: Michael Niedermayer avcodec/snowdec: Fix runtime error: left shift of negative value -1 Fixes: 2197/clusterfuzz-testcase-minimized-6010716676947968

[FFmpeg-cvslog] avcodec/hevcdec: Check nb_sps

ffmpeg | branch: release/2.8 | Michael Niedermayer | Thu Jun 15 01:28:28 2017 +0200| [c8733c73763ff280cca91be740d11cf3853a9439] | committer: Michael Niedermayer avcodec/hevcdec: Check nb_sps Signed-off-by: Michael Niedermayer (cherry picked from commit

[FFmpeg-cvslog] avcodec/aacsbr_fixed: Check shift in sbr_hf_assemble()

ffmpeg | branch: release/2.8 | Michael Niedermayer | Tue Jun 13 16:25:59 2017 +0200| [fd0da0eef0076732a65d173186081c125e28068f] | committer: Michael Niedermayer avcodec/aacsbr_fixed: Check shift in sbr_hf_assemble() Fixes: runtime error: shift exponent -10 is negative Found-by: continuous

[FFmpeg-cvslog] avcodec/sbrdsp_fixed: Return an error from sbr_hf_apply_noise() if operations are impossible

ffmpeg | branch: release/2.8 | Michael Niedermayer | Tue Jun 13 13:28:23 2017 +0200| [0ac41463891cf0899b72f862c2c7998b67316c8a] | committer: Michael Niedermayer avcodec/sbrdsp_fixed: Return an error from sbr_hf_apply_noise() if operations are impossible Fixes: 1775/clusterfuzz-testcase

[FFmpeg-cvslog] avcodec/hevc_refs: Check nb_refs in add_candidate_ref()

ffmpeg | branch: release/2.8 | Michael Niedermayer | Thu Jun 15 01:26:01 2017 +0200| [c2562f5a8e0cfb80a3050f557bb8f5de830bf358] | committer: Michael Niedermayer avcodec/hevc_refs: Check nb_refs in add_candidate_ref() Fixes: runtime error: index 16 out of bounds for type 'int [16]' F

[FFmpeg-cvslog] avcodec/jpeg2000: Fixes integer overflow in ff_jpeg2000_ceildivpow2()

ffmpeg | branch: release/2.8 | Michael Niedermayer | Thu Jun 15 23:26:18 2017 +0200| [92c5ff0763b80156dcf6d3e0386d2c942c675398] | committer: Michael Niedermayer avcodec/jpeg2000: Fixes integer overflow in ff_jpeg2000_ceildivpow2() Fixes: runtime error: negation of -2147483648 cannot be

[FFmpeg-cvslog] avcodec/hevcpred_template: Fix left shift of negative value

ffmpeg | branch: release/2.8 | Michael Niedermayer | Sat Jun 17 14:54:19 2017 +0200| [ba23d53710ec67c1a5499578a180a2ceb68c8ced] | committer: Michael Niedermayer avcodec/hevcpred_template: Fix left shift of negative value Fixes: runtime error: left shift of negative value -1 Fixes: 2250

[FFmpeg-cvslog] avcodec/jpeg2000dec: Check nonzerobits more completely

ffmpeg | branch: release/2.8 | Michael Niedermayer | Fri Jun 16 19:57:08 2017 +0200| [c436af15596a4c3c4d43a9928f32837c913b25bc] | committer: Michael Niedermayer avcodec/jpeg2000dec: Check nonzerobits more completely Fixes: runtime error: shift exponent 36 is too large for 32-bit type 

[FFmpeg-cvslog] avcodec/hevcdec: Fix signed integer overflow in decode_lt_rps()

ffmpeg | branch: release/2.8 | Michael Niedermayer | Sat Jun 17 00:34:08 2017 +0200| [1ce850f96da266df58a5c5235c0ff1a5e32814dc] | committer: Michael Niedermayer avcodec/hevcdec: Fix signed integer overflow in decode_lt_rps() Fixes: runtime error: signed integer overflow: 2147483647 + 6 cannot

[FFmpeg-cvslog] avcodec/shorten: Sanity check maxnlpc

ffmpeg | branch: release/2.8 | Michael Niedermayer | Fri Jun 9 02:16:54 2017 +0200| [eb38f232b4ed613bafa088fa60b6bd6018303aac] | committer: Michael Niedermayer avcodec/shorten: Sanity check maxnlpc Fixes OOM Fixes: 2131/clusterfuzz-testcase-minimized-4718045157130240 Found-by: continuous

[FFmpeg-cvslog] avcodec/takdec: Fixes: integer overflow in AV_SAMPLE_FMT_U8P output

ffmpeg | branch: release/2.8 | Michael Niedermayer | Sun Jun 18 14:37:19 2017 +0200| [5aa7d228cbad009939f8d4d6739bb456472a0297] | committer: Michael Niedermayer avcodec/takdec: Fixes: integer overflow in AV_SAMPLE_FMT_U8P output Fixes: runtime error: signed integer overflow: 2147483543 + 128

[FFmpeg-cvslog] avcodec/jpeg2000dsp: Reorder operations in ict_int() to avoid 2 integer overflows

ffmpeg | branch: release/2.8 | Michael Niedermayer | Sat Jun 17 15:06:21 2017 +0200| [0aa14c7f67b2483b76a685a5ed16ea44ec921f37] | committer: Michael Niedermayer avcodec/jpeg2000dsp: Reorder operations in ict_int() to avoid 2 integer overflows Fixes: runtime error: signed integer overflow

[FFmpeg-cvslog] avcodec/wavpack: Fix undefined integer negation

ffmpeg | branch: release/2.8 | Michael Niedermayer | Mon Jun 19 14:08:58 2017 +0200| [4afd24805954502d771e39107df245620c7e84af] | committer: Michael Niedermayer avcodec/wavpack: Fix undefined integer negation Fixes: runtime error: negation of -2147483648 cannot be represented in type 

[FFmpeg-cvslog] avcodec/aacdec_fixed: Check s for being too small

ffmpeg | branch: release/2.8 | Michael Niedermayer | Mon Jun 19 14:04:32 2017 +0200| [cbc4f40d137279eac5cea66f21fc99d1d87ccc37] | committer: Michael Niedermayer avcodec/aacdec_fixed: Check s for being too small Fixes: runtime error: shift exponent -8 is negative Fixes: 2286/clusterfuzz

[FFmpeg-cvslog] avcodec/mpeg4videodec: Fix overflow in virtual_ref computation

ffmpeg | branch: release/2.8 | Michael Niedermayer | Tue Jun 20 13:52:06 2017 +0200| [b66e30ca7658b9965843be344ef377802d1d] | committer: Michael Niedermayer avcodec/mpeg4videodec: Fix overflow in virtual_ref computation Fixes: runtime error: signed integer overflow: 262144 * -16120 cannot

[FFmpeg-cvslog] avcodec/hevc_filter: Fix invalid shift

ffmpeg | branch: release/2.8 | Michael Niedermayer | Tue Jun 20 14:38:34 2017 +0200| [5c818b62867dee280e92021cae06450eb1625e51] | committer: Michael Niedermayer avcodec/hevc_filter: Fix invalid shift Fixes: runtime error: left shift of negative value -1 Fixes: 2299/clusterfuzz-testcase

[FFmpeg-cvslog] avcodec/wavpack: Fix integer overflow

ffmpeg | branch: release/2.8 | Michael Niedermayer | Fri Jun 23 01:58:48 2017 +0200| [fe74c2364ee3ac0478abf5c579d3ac27e02fc30c] | committer: Michael Niedermayer avcodec/wavpack: Fix integer overflow Fixes: runtime error: signed integer overflow: 227511904 + 1964113935 cannot be represented

[FFmpeg-cvslog] avcodec/takdec: Fix integer overflow

ffmpeg | branch: release/2.8 | Michael Niedermayer | Thu Jun 22 21:21:56 2017 +0200| [7fadd9625f71fa05d9885e0cee6bbc579c4753db] | committer: Michael Niedermayer avcodec/takdec: Fix integer overflow Fixes: runtime error: signed integer overflow: 512 + 2147483146 cannot be represented in type

<    5   6   7   8   9   10   11   12   13   14   >