platform/upstream/libav.git
6 years ago[CVE-2017-16803] smacker: add sanity check for length in smacker_decode_tree() 29/176529/1
Jiyong Min [Fri, 20 Apr 2018 00:49:20 +0000 (09:49 +0900)]
[CVE-2017-16803] smacker: add sanity check for length in smacker_decode_tree()

Bug-Id: 1098
Cc: libav-stable@libav.org
Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
Change-Id: I2e2236de12a0f6dead47f671907920b4193ff9a0

6 years agoMerge "[CVE-2017-17129] vc1: skip motion compensation when data fro last picture... accepted/tizen/unified/20180420.081908 submit/tizen/20180419.230048
Jiyong Min [Thu, 19 Apr 2018 23:00:26 +0000 (23:00 +0000)]
Merge "[CVE-2017-17129] vc1: skip motion compensation when data fro last picture is invalid" into tizen

6 years ago[CVE-2017-17129] vc1: skip motion compensation when data fro last picture is invalid 48/176448/1
Jiyong Min [Tue, 17 Apr 2018 06:33:11 +0000 (15:33 +0900)]
[CVE-2017-17129] vc1: skip motion compensation when data fro last picture is invalid

Bug-Id: 1101
Cc: libav-stable@libav.org
(cherry picked from commit 5085f25ace1e74846a0de3369bedd0e22d1a1bdc)
Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
Change-Id: I5f13d62d569ac3262a35ff11a3808abb59eff67a
(cherry picked from commit 7be0ce8d7175a1a3dcbd165c303107e294bf8171)

6 years ago[CVE-2017-17130] avcodec/vc1dec: fix mby_start for interlaced content 47/176447/1
Jiyong Min [Tue, 17 Apr 2018 06:38:07 +0000 (15:38 +0900)]
[CVE-2017-17130] avcodec/vc1dec: fix mby_start for interlaced content

Bug-Id: 1100
Bug-Id: ffmpeg/Ticket2531
Cc: libav-stable@libav.org
(cherry picked from commit 5b6213ef6bf5e0781c83e86926eb0b33a98dc185)
Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
Change-Id: I99bd5ad59140168dd90bc41545432660e3b8537c

6 years agoavutil/buffer: add get_opaque 62/171562/1 accepted/tizen/unified/20180306.061333 submit/tizen/20180305.232545
Michal Jurkiewicz [Thu, 21 Sep 2017 08:05:37 +0000 (10:05 +0200)]
avutil/buffer: add get_opaque

Ported patch from ffmpeg:
    author Xidorn Quan <quanxunzhen@gmail.com>
    Fri, 29 Mar 2013 17:15:19 +0200 (23:15 +0800)
    committer Michael Niedermayer <michaelni@gmx.at>
    Fri, 29 Mar 2013 18:31:16 +0200 (17:31 +0100)
    commit c81d2fa96ddc9f6dab38d61a8803caca7e63bea0

    avutil/buffer: add get_opaque

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Change-Id: I456b163a92e2f87c7c4148bfb68f0f610194f3a5
Signed-off-by: Michal Jurkiewicz <m.jurkiewicz@samsung.com>
(cherry picked from commit 40bec43a69561bba5c3914d762813f32a7e1983f)

6 years agoSome aiff file use ID3 tag to store artist genre and etc. 64/169764/3 accepted/tizen/unified/20180212.062418 submit/tizen/20180209.055356
yujie.cheng [Fri, 9 Feb 2018 02:23:37 +0000 (10:23 +0800)]
Some aiff file use ID3 tag to store artist genre and etc.

Change-Id: Iba8d0eb220b9da8ee9ca031245a5d60975137372

6 years agoApply armoring feature of security and change the product feature 10/167010/4 accepted/tizen/unified/20180131.060510 submit/tizen/20180124.234449 submit/tizen/20180130.062218
Jiyong Min [Mon, 15 Jan 2018 04:11:48 +0000 (13:11 +0900)]
Apply armoring feature of security and change the product feature

Change-Id: I38c4fd826b2d5e50b7d0bf4e948f6c80555a8658

6 years agoadd support ape format 57/166857/4 submit/tizen/20180114.234158
chen89.chen [Fri, 12 Jan 2018 07:33:07 +0000 (15:33 +0800)]
add support ape format

Change-Id: I3a15089ce832285d483260fad1698aefb2eedf85

7 years agoUpdate 11.4 -> 12.1 (Merge branch 'upstream' into tizen) 84/144884/2 accepted/tizen/4.0/unified/20170828.222650 accepted/tizen/unified/20170822.113049 submit/tizen/20170822.010353 submit/tizen_4.0/20170828.100006
Haejeong Kim [Fri, 18 Aug 2017 07:32:25 +0000 (16:32 +0900)]
Update 11.4 -> 12.1 (Merge branch 'upstream' into tizen)

Change-Id: I522175faed67cf54301e77e9353f542a06a1a849

7 years agoImported Upstream version 12.1 39/144839/1 upstream/12.1
Haejeong Kim [Fri, 18 Aug 2017 06:15:27 +0000 (15:15 +0900)]
Imported Upstream version 12.1

Change-Id: Ic6182be15482901abc5a2884bee1a371fe6ffabc

7 years agoEnable VP8 & VP9 decoder and add patch related with VP8 & VP9 14/132814/1 accepted/tizen/4.0/unified/20170816.010350 accepted/tizen/unified/20170613.194539 submit/tizen/20170613.070158 submit/tizen_4.0/20170811.094300
Jiyong Min [Tue, 24 Jan 2017 06:23:20 +0000 (15:23 +0900)]
Enable VP8 & VP9 decoder and add patch related with VP8 & VP9

[Enable]
--enable-parser=vp8 --enable-decoder=vp8 --enable-decoder=vp9

[Patch]
arm: use a local label instead of the function symbol in ff_prefetch_arm
Avoids a relocation which might end out of range for thumb2.

Reported-By: Ludovic Fauvet <etix@videolan.org>
Bug-Id: https://bugs.webkit.org/show_bug.cgi?id=137022
CC: libav-stable@libav.org
Change-Id: Id4c2acac8f150f81df654fffccde6433d68869ff
Signed-off-by: jiyong.min <jiyong.min@samsung.com>
(cherry picked from commit cd3ed69efc06591c75a0a3fd62a28092791cd72d)

7 years ago[CVE-2016-8675]m4vdec: Check for non-startcode 00 00 00 sequences in probe 19/132319/1 accepted/tizen/unified/20170605.151426 submit/tizen/20170605.044449
Haejeong Kim [Fri, 2 Jun 2017 07:49:38 +0000 (16:49 +0900)]
[CVE-2016-8675]m4vdec: Check for non-startcode 00 00 00 sequences in probe

Change-Id: I0d633b26d2d264625456afd3de35e296bc90c781

7 years ago[CVE-2016-7393] aac_parser: add required padding for GetBitContext buffer 30/132230/1
Jiyong Min [Thu, 1 Jun 2017 22:53:19 +0000 (07:53 +0900)]
[CVE-2016-7393] aac_parser: add required padding for GetBitContext buffer

 Fixes stack buffer overflow errors detected by address sanitizer in
 various fate tests.

CC: libav-stable@libav.org
Change-Id: I450d920bef284a35fa76f25e607ee0056198ebb3
Signed-off-by: Jiyong Min <jiyong.min@samsung.com>
7 years ago[DF170418-00597] Patch for invalid AVI file. data chunk size in idx1 is wrong 64/130664/2 accepted/tizen/unified/20170531.082457 submit/tizen/20170524.035356
Haejeong Kim [Tue, 23 May 2017 08:45:44 +0000 (17:45 +0900)]
[DF170418-00597] Patch for invalid AVI file. data chunk size in idx1 is wrong

Change-Id: I41af3ee4b9840c96ba6f1509ad661c75d6af4930

7 years agoUse license macro in spec file 21/124321/1 accepted/tizen/unified/20170411.164422 submit/tizen/20170411.070610 tizen_4.0.m1_release
Jiyong Min [Tue, 11 Apr 2017 06:35:18 +0000 (15:35 +0900)]
Use license macro in spec file

Change-Id: I0fec2ffb4fc01d75b981aa111b71ad6051f9361e
Signed-off-by: Jiyong Min <jiyong.min@samsung.com>
8 years agoFix out of bounds read. 02/100402/2 accepted/tizen_common accepted/tizen_ivi accepted/tizen_mobile accepted/tizen_tv accepted/tizen_wearable accepted/tizen/common/20161129.173556 accepted/tizen/ivi/20161130.015423 accepted/tizen/mobile/20161130.015203 accepted/tizen/tv/20161130.015249 accepted/tizen/unified/20170309.035748 accepted/tizen/wearable/20161130.015338 submit/tizen/20161129.052917 submit/tizen_unified/20170308.100413
Jiyong Min [Mon, 28 Nov 2016 05:19:02 +0000 (14:19 +0900)]
Fix out of bounds read.
(Apply security patch for CVE-2016-7424)

 - Referenced

 The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote
 attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file
 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7424

 - Solution

 https://git.libav.org/?p=libav.git;a=commit;h=136f55207521f0b03194ef5b55ba70f1635d6aee
 Fix out of bounds read.

Change-Id: I20a5beb71b95b0286f89a66441d07fce7d21de9a
Signed-off-by: Jiyong Min <jiyong.min@samsung.com>
8 years agoSwitch off inline asm for ASan build 14/88714/1 accepted/tizen/3.0/common/20161114.110931 accepted/tizen/3.0/ivi/20161011.044314 accepted/tizen/3.0/mobile/20161015.033423 accepted/tizen/3.0/tv/20161016.004457 accepted/tizen/3.0/wearable/20161015.083214 accepted/tizen/common/20160928.163932 accepted/tizen/ivi/20160930.040744 accepted/tizen/mobile/20160930.040416 accepted/tizen/tv/20160930.040554 accepted/tizen/wearable/20160930.040653 submit/tizen/20160928.043825 submit/tizen_3.0_common/20161104.104000 submit/tizen_3.0_ivi/20161010.000003 submit/tizen_3.0_mobile/20161015.000003 submit/tizen_3.0_tv/20161015.000002 submit/tizen_3.0_wearable/20161015.000003
Slava Barinov [Tue, 20 Sep 2016 09:42:22 +0000 (12:42 +0300)]
Switch off inline asm for ASan build

Change-Id: I4b89e401c3923366c0fcf966a1c3841d86575752
Signed-off-by: Slava Barinov <v.barinov@samsung.com>
8 years agoAdd CVE-2015-5479 patch 87/88687/1 accepted/tizen/common/20160921.162212 accepted/tizen/ivi/20160922.042621 accepted/tizen/mobile/20160922.042334 accepted/tizen/tv/20160922.042456 accepted/tizen/wearable/20160922.042543 submit/tizen/20160921.041639
Minje Ahn [Tue, 20 Sep 2016 08:28:35 +0000 (17:28 +0900)]
Add CVE-2015-5479 patch

Change-Id: Iac970866a602f3d66b1bfc6f6b2a5c050950ff8c
Signed-off-by: Minje Ahn <minje.ahn@samsung.com>
8 years agoStore build_date in .tizen.build-id section to avoid unnecessary rebuilds 46/86146/1 accepted/tizen/common/20160831.162119 accepted/tizen/ivi/20160901.065307 accepted/tizen/mobile/20160901.065050 accepted/tizen/tv/20160901.065143 accepted/tizen/wearable/20160901.065220 submit/tizen/20160831.052250
Junghyun Kim [Tue, 30 Aug 2016 10:56:02 +0000 (19:56 +0900)]
Store build_date in .tizen.build-id section to avoid unnecessary rebuilds

- PROBLEM
We use OBS to build packages in Tizen.
There is a mechanism not to rebuild if the result binary is the same.
For example, there is a dependency graph: A->B->C.
If A is modified, B would be built.
If the result RPM of B is not changed, OBS does not trigger a build of C.
To effectively use this mechanism, each packages make sure that
the result binary should be the same if the input source is the same.

This package uses __DATE__ and __TIME__ which make the result binary
is different everytime it is built.
To efficiently utilize OBS build mechanism and to modify the package
as little as possible, I propose to store this macro in .tizen.build-id
section. OBS build-compare tool does not check *.build-id section
in the binary.

Change-Id: Icc1b62f5f56506d64deae3a5fadabb82eca6f1e6
Signed-off-by: Junghyun Kim <jh0822.kim@samsung.com>
8 years agoDefense of system crash due to damaged random file. (ffmpeg 2.8.1 patch) 06/82206/1 accepted/tizen/common/20160805.130136 accepted/tizen/ivi/20160808.081142 accepted/tizen/mobile/20160808.080755 accepted/tizen/tv/20160808.080949 accepted/tizen/wearable/20160808.081055 submit/tizen/20160805.054353
Minje Ahn [Mon, 1 Aug 2016 23:57:51 +0000 (08:57 +0900)]
Defense of system crash due to damaged random file. (ffmpeg 2.8.1 patch)

Change-Id: Id0eced23749b7f4dd37b92f095f021f43561e282
Signed-off-by: Minje Ahn <minje.ahn@samsung.com>
8 years ago[CVE patch] CVE-2016-2636 in libav version 11.7 95/76195/1 accepted/tizen/common/20160627.191537 accepted/tizen/common/20160629.222525 accepted/tizen/ivi/20160629.020735 accepted/tizen/mobile/20160629.020842 accepted/tizen/tv/20160629.020755 accepted/tizen/wearable/20160629.020818 submit/tizen/20160623.064645 submit/tizen/20160628.080717
Jiyong Min [Thu, 23 Jun 2016 06:21:19 +0000 (15:21 +0900)]
[CVE patch] CVE-2016-2636 in libav version 11.7

 - asfenc: fix some possible integer overflows (CVE-2016-2326)

Change-Id: I9904997efff6a91ed4c74d4135611c04a63e637f
Signed-off-by: Jiyong Min <jiyong.min@samsung.com>
8 years ago[CVE patch] CVE patch in libav version 11.7 98/76098/3 accepted/tizen/common/20160623.154053 accepted/tizen/ivi/20160623.123157 accepted/tizen/mobile/20160623.123103 accepted/tizen/tv/20160623.123121 accepted/tizen/wearable/20160623.123140 submit/tizen/20160622.235044
Jiyong Min [Wed, 22 Jun 2016 23:29:31 +0000 (08:29 +0900)]
[CVE patch] CVE patch in libav version 11.7

 - asfenc: fix some possible integer overflows (CVE-2016-2326)
 - mov: Check the entries value when parsing dref boxes (CVE-2016-3062)

Change-Id: I4a21091a20e10ee4b68f27ee4f5f5df6e419eca3
Signed-off-by: Jiyong Min <jiyong.min@samsung.com>
8 years agodynamic loadding error in libmm-fileinfo when use memory input. 42/57542/2 accepted/tizen/ivi/20160218.024710 accepted/tizen/mobile/20160128.010228 accepted/tizen/tv/20160128.010249 accepted/tizen/wearable/20160128.010305 submit/tizen/20160127.063514 submit/tizen_common/20160218.142243 submit/tizen_ivi/20160217.000000 submit/tizen_ivi/20160217.000005
ji.yong.seo [Thu, 21 Jan 2016 04:38:13 +0000 (13:38 +0900)]
dynamic loadding error in libmm-fileinfo when use memory input.

Change-Id: I5365b4a3d06915c3346ec45e3bbb5d96faeeebff
Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
8 years agoadd manifest files & add support format. 41/57541/2
ji.yong.seo [Thu, 21 Jan 2016 04:35:57 +0000 (13:35 +0900)]
add manifest files & add support format.

Change-Id: I3d3d7d76ace5c99d384b54f74ce6b2040cfd4861
Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
8 years agofix get frame at time fail. 40/57540/2
ji.yong.seo [Thu, 21 Jan 2016 04:30:39 +0000 (13:30 +0900)]
fix get frame at time fail.

Change-Id: If6b2199e1e55b707a8f61ba61a8429e2514da76a
Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
8 years agofix get rotate at time fail. (ffmpeg 2.5 merge) 39/57539/2
ji.yong.seo [Thu, 21 Jan 2016 04:26:21 +0000 (13:26 +0900)]
fix get rotate at time fail. (ffmpeg 2.5 merge)

Change-Id: I2484409b69a3398b309d0faecd9f82521af71179
Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
8 years agoadd protocol deregister API 38/57538/3
ji.yong.seo [Thu, 21 Jan 2016 04:20:53 +0000 (13:20 +0900)]
add protocol deregister API

Change-Id: I1407f526e68cafef9569fe86c8ac27a07d6ee3fd
Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
8 years agofix crash issue for invalid file. 37/57537/2
ji.yong.seo [Thu, 21 Jan 2016 02:38:10 +0000 (11:38 +0900)]
fix crash issue for invalid file.

Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
Change-Id: Ifaa1b9f3f7cf68050030c48272b8fc1b7eeea235

9 years agoBump to 11.4 53/54453/1 accepted/tizen/mobile/20151215.230558 accepted/tizen/tv/20151215.230616 accepted/tizen/wearable/20151215.230635 submit/tizen/20151215.092340 submit/tizen_common/20151229.142028 submit/tizen_common/20151229.154718
Haejeong Kim [Tue, 15 Dec 2015 09:19:51 +0000 (18:19 +0900)]
Bump to 11.4

Change-Id: I666cefb159e1949babd7594349773d4ccef60fcd

9 years agoAdd missing item after merge v11.4(upstream has VERSION file) 52/54452/1
Haejeong Kim [Tue, 15 Dec 2015 09:13:59 +0000 (18:13 +0900)]
Add missing item after merge v11.4(upstream has VERSION file)

Change-Id: I3d668e6d20457206bab0bc0c6baa30c2ecf07854

9 years agoMerge tag 'v11.4' into tizen 51/54451/1
Haejeong Kim [Tue, 15 Dec 2015 09:05:49 +0000 (18:05 +0900)]
Merge tag 'v11.4' into tizen

v11.4 release

Change-Id: I922d679faac6f7e054033c9423c2416cc49efa09

9 years agoUpdate to libav 11.4
Haejeong Kim [Tue, 15 Dec 2015 05:48:47 +0000 (14:48 +0900)]
Update to libav 11.4

9 years agoRemove all useless file after libav v11 tag commit 75/54375/2
Haejeong Kim [Tue, 15 Dec 2015 05:21:59 +0000 (14:21 +0900)]
Remove all useless file after libav v11 tag commit

Change-Id: I4ba315445f56ed8f6005bb0275ef2ca9f188e7e2

9 years agortmpcrypt: Do the xtea decryption in little endian mode
Martin Storsjö [Wed, 11 Nov 2015 19:42:02 +0000 (21:42 +0200)]
rtmpcrypt: Do the xtea decryption in little endian mode

The XTEA algorithm operates on 32 bit numbers, not on byte sequences.
The XTEA implementation in libavutil is written assuming big endian
numbers, while the rtmpe signature encryption assumes little endian.

This fixes rtmpe communication with rtmpe servers that use signature
type 8 (XTEA), e.g. crunchyroll.

CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
9 years agoconfigure: address a copy-paste typo
Vicente Olivert Riera [Tue, 29 Sep 2015 16:28:33 +0000 (17:28 +0100)]
configure: address a copy-paste typo

The correct instruction for mips32r1 is addi.

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agovc1: Use logical instead of bitwise or for twomv
Michael Niedermayer [Sun, 21 Sep 2014 15:16:32 +0000 (16:16 +0100)]
vc1: Use logical instead of bitwise or for twomv

CC: libav-stable@libav.org
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Tim Walker <tdskywalker@gmail.com>
(cherry picked from commit a97328afef0ccebfc8c3d9f9fdb8e93cbf1058ab)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agomips: intreadwrite: Only execute that code for mips r1 or r2
Vicente Olivert Riera [Fri, 25 Sep 2015 06:56:25 +0000 (08:56 +0200)]
mips: intreadwrite: Only execute that code for mips r1 or r2

MIPS R6 supports unaligned memory access and does not have
the load/store-left/right family of instructions.

Signed-off-by: Vicente Olivert Riera <Vincent.Riera at imgtec.com>
Signed-off-by: Luca Barbato <lu_zero at gentoo.org>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit d00bb8addccb63fa3feacb06d2a310731dc0113b)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agoconfigure: mips: Support mips r6, r2 and r1
Luca Barbato [Fri, 25 Sep 2015 06:56:25 +0000 (08:56 +0200)]
configure: mips: Support mips r6, r2 and r1

Detect the different MIPS architecture variants.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit 1016a75cf3170648dc9b59fdef170cbfc142f8ad)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agoconfigure: Set the initial ldflags to match the cflags
Luca Barbato [Fri, 25 Sep 2015 06:56:25 +0000 (08:56 +0200)]
configure: Set the initial ldflags to match the cflags

Some gcc-based toolchain would fail to link if the abi set by the
cpuflags does not match the default.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit 678f788fea3380e5cbbf75baac5cc0ce07a56a42)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agoopusdec: properly handle mismatching configurations in multichannel streams
Anton Khirnov [Mon, 27 Jul 2015 09:13:53 +0000 (11:13 +0200)]
opusdec: properly handle mismatching configurations in multichannel streams

The substreams can have different resampling delays, so an additional
level of buffering is needed to synchronize them.

Bug-Id: 876

9 years agoh263: Always check both dimensions
Luca Barbato [Fri, 26 Jun 2015 13:57:16 +0000 (15:57 +0200)]
h263: Always check both dimensions

CC: libav-stable@libav.org
Found-By: ago@gentoo.org
9 years agoimc: add required padding for GetBitContext buffer
Janne Grunau [Mon, 8 Jun 2015 12:48:54 +0000 (14:48 +0200)]
imc: add required padding for GetBitContext buffer

Fixes stack buffer overflow errors detected by address sanitizer in
fate-imc.

CC: libav-stable@libav.org
9 years agoac3_parser: add required padding for GetBitContext buffer
Janne Grunau [Mon, 8 Jun 2015 12:48:26 +0000 (14:48 +0200)]
ac3_parser: add required padding for GetBitContext buffer

Fixes stack buffer overflow errors detected by address sanitizer in
various fate tests.

CC: libav-stable@libav.org
9 years agoaac_parser: add required padding for GetBitContext buffer
Janne Grunau [Mon, 8 Jun 2015 12:45:12 +0000 (14:45 +0200)]
aac_parser: add required padding for GetBitContext buffer

Fixes stack buffer overflow errors detected by address sanitizer in
various fate tests.

CC: libav-stable@libav.org
9 years agoVideos that contain cdis, get duration fail issue. (patch from latest ffmpeg) 76/41476/2
ji.yong.seo [Tue, 16 Jun 2015 05:38:02 +0000 (14:38 +0900)]
Videos that contain cdis, get duration fail issue. (patch from latest ffmpeg)

Change-Id: I5d9c9c3d0797e7d719019504052bac017b861518

9 years agoUpdate changelog for v11.4 v11.4
Reinhard Tartler [Sun, 24 May 2015 08:36:42 +0000 (10:36 +0200)]
Update changelog for v11.4

9 years agoh264: Make sure reinit failures mark the context as not initialized
Luca Barbato [Mon, 25 May 2015 20:30:10 +0000 (22:30 +0200)]
h264: Make sure reinit failures mark the context as not initialized

Bug-Id: CVE-2015-3417
CC: libav-stable@libav.org
9 years agomsrle: Use FFABS to determine the frame size in msrle_decode_pal4
Luca Barbato [Mon, 25 May 2015 19:53:26 +0000 (21:53 +0200)]
msrle: Use FFABS to determine the frame size in msrle_decode_pal4

As done in msrle_decode_8_16_24_32.

Bug-Id: CVE-2015-3395
CC: libav-stable@libav.org
9 years agox86: cavs: Remove an unneeded scratch buffer
Michael Niedermayer [Thu, 28 May 2015 10:38:35 +0000 (12:38 +0200)]
x86: cavs: Remove an unneeded scratch buffer

Simplifies the code and makes it build on certain compilers
running out of registers on x86.

CC: libav-stable@libav.org
Reported-By: mudler
(cherry picked from commit e4610300de6869bd6b3b00e76cfeabb6d7653dcd)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agoconfigure: Disable i686 for i586 and lower CPUs
Mikulas Patocka [Mon, 15 Sep 2014 12:11:21 +0000 (05:11 -0700)]
configure: Disable i686 for i586 and lower CPUs

9 years agomjpegenc: Fix JFIF header byte ordering
Shiina Hideaki [Thu, 7 May 2015 00:46:55 +0000 (01:46 +0100)]
mjpegenc: Fix JFIF header byte ordering

The header had a wrong version description.

Bug-Id: 808
Signed-off-by: Shiina Hideaki <shiina@yndrd.com>
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
9 years agonut: Make sure to clean up on read_header failure
Luca Barbato [Wed, 29 Apr 2015 19:29:49 +0000 (21:29 +0200)]
nut: Make sure to clean up on read_header failure

Based on Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> work.

CC: libav-stable@libav.org
9 years agopng: Set the color range as full range
wm4 [Fri, 8 May 2015 15:01:50 +0000 (17:01 +0200)]
png: Set the color range as full range

The format uses full range for the gray formats.

CC: libav-stable@libav.org
9 years agoavi: Validate sample_size
Andreas Cadhalpun [Wed, 6 May 2015 00:26:57 +0000 (02:26 +0200)]
avi: Validate sample_size

And either error out or set it to 0 if it is negative.

CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agonut: Check chapter creation in decode_info_header
Andreas Cadhalpun [Tue, 28 Apr 2015 18:57:59 +0000 (20:57 +0200)]
nut: Check chapter creation in decode_info_header

This fixes a segmentation fault when accessing the metadata.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
CC: libav-stable@libav.org
9 years agoalac: Reject rice_limit 0 if compression is used
Andreas Cadhalpun [Thu, 23 Apr 2015 22:01:43 +0000 (00:01 +0200)]
alac: Reject rice_limit 0 if compression is used

If in compression mode rice_limit = 0 leads to call
`show_bits(gb, k)` in `decode_scalar` with k = 0.

Request a sample in case it is valid and it should be accepted.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
CC: libav-stable@libav.org
9 years agoape: Support _0000 files with nblock smaller than 64
Andreas Cadhalpun [Wed, 29 Apr 2015 18:39:22 +0000 (20:39 +0200)]
ape: Support _0000 files with nblock smaller than 64

The decode_array_0000 assumed that 64 is the minimal block size
while it is not.

CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agomux: Do not leave stale side data pointers in ff_interleave_add_packet()
Michael Niedermayer [Fri, 1 May 2015 22:55:42 +0000 (23:55 +0100)]
mux: Do not leave stale side data pointers in ff_interleave_add_packet()

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
9 years agoavresample: Reallocate the internal buffer to the correct size
Luca Barbato [Mon, 27 Apr 2015 23:55:10 +0000 (01:55 +0200)]
avresample: Reallocate the internal buffer to the correct size

Fixes the corner case in which the internal buffer size
is larger than input buffer provided and resizing it
before moving the left over samples would make it write
to now unallocated memory.

Bug-Id: 825
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agompegts: Update the PSI/SI table only if the version change
John Högberg [Tue, 28 Apr 2015 08:20:33 +0000 (10:20 +0200)]
mpegts: Update the PSI/SI table only if the version change

If a PAT is finished while a PMT section filter is opened but
not yet finished, the PMT section filter is closed and all
the received data is discarded.

This is usually not an issue but some multiplexers (With very
quick PAT/PMT repetition settings) consistently emit a PMT
section start, then a PAT, and then the rest of the PMT,
causing the aforementioned behavior to result in no PMT being
finished.

In the most pathologic situation the stream information are lost
and the probe fallback miscategorizes subtitles as mp3 audio.

Avoid the issue through eliminating redundant PSI/SI table
updates by checking their version field, which is required by
the standard to be incremented on every change no matter how
minor.

CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agortsp: Make sure we don't write too many transport entries into a fixed-size array
Martin Storsjö [Fri, 24 Apr 2015 09:38:09 +0000 (12:38 +0300)]
rtsp: Make sure we don't write too many transport entries into a fixed-size array

CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
9 years agortpenc_jpeg: Handle case of picture dimensions not dividing by 8
Andrey Utkin [Fri, 10 Apr 2015 21:54:10 +0000 (00:54 +0300)]
rtpenc_jpeg: Handle case of picture dimensions not dividing by 8

This fixes the calculation of the number of needed blocks to make
sure that ALL pixels are represented by the result.

Signed-off-by: Martin Storsjö <martin@martin.st>
9 years agomov: Fix little endian audio detection
Vittorio Giovara [Fri, 13 Mar 2015 19:45:14 +0000 (19:45 +0000)]
mov: Fix little endian audio detection

Set this field to TRUE if the audio component is to operate on
little-endian data, and FALSE otherwise.

However TRUE and FALSE are not defined. Since this flag is just a boolean,
interpret all values except for 0 as little endian.

Sample-Id: 64bit_FLOAT_Little_Endian.mov

9 years agox86: Put COPY3_IF_LT under HAVE_6REGS
Luca Barbato [Mon, 16 Mar 2015 10:26:48 +0000 (11:26 +0100)]
x86: Put COPY3_IF_LT under HAVE_6REGS

It uses 6 registers, unbreaks building on hardened x86 system.

Bug-Id: gentoo/541930
CC: libav-stable@libav.org
9 years agoroqvideoenc: set enc->avctx in roq_encode_init
Andreas Cadhalpun [Mon, 9 Mar 2015 18:24:09 +0000 (19:24 +0100)]
roqvideoenc: set enc->avctx in roq_encode_init

So far it is only set in roq_encode_frame, but it is used in
roq_encode_end to free the coded_frame. This currently segfaults if
roq_encode_frame is not called between roq_encode_init and
roq_encode_end.

CC:libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agomp3: Properly use AVCodecContext API
Vittorio Giovara [Mon, 9 Mar 2015 23:02:00 +0000 (23:02 +0000)]
mp3: Properly use AVCodecContext API

Rather than having an unitialized context on the stack, allocate it with
defaults and free it when unneeded.

CC: libav-stable@libav.org
9 years agolibvpx: Fix mixed use of av_malloc() and av_reallocp()
Vittorio Giovara [Sun, 8 Mar 2015 21:08:16 +0000 (21:08 +0000)]
libvpx: Fix mixed use of av_malloc() and av_reallocp()

This buffer is resized when vpx_codec_get_cx_data() returns a
VPX_CODEC_STATS_PKT packet.

CC: libav-stable@libav.org
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
9 years agoRevert "lavfi: always check av_expr_parse_and_eval() return value"
Anton Khirnov [Sat, 2 May 2015 07:09:52 +0000 (09:09 +0200)]
Revert "lavfi: always check av_expr_parse_and_eval() return value"

This reverts commit 63be97ec403023fb664798432acedaf6e6922527.

All those calls were unchecked on purpose, as explained in the comments
in the code.

(cherry picked from commit 3735b5c616770429572f86aabdaec39c6ebb8818)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agoalsdec: only adapt order for positive max_order
Andreas Cadhalpun [Wed, 22 Apr 2015 14:03:41 +0000 (16:03 +0200)]
alsdec: only adapt order for positive max_order

For max_order = 0 the clipping range is invalid. (amin = 2, amax = 1)

CC: libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 60f1cc4a1ffcbf24acbb543988ceeaec76b70818)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agoalsdec: check sample pointer range in revert_channel_correlation
Andreas Cadhalpun [Tue, 21 Apr 2015 17:28:30 +0000 (19:28 +0200)]
alsdec: check sample pointer range in revert_channel_correlation

Also change the type of begin, end and smp to ptrdiff_t to make the
comparison well-defined.

CC: libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 94bb1ce882a12b6d7a1fa32715a68121b39ee838)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agoaacpsy: correct calculation of minath in psy_3gpp_init
Andreas Cadhalpun [Tue, 21 Apr 2015 16:43:55 +0000 (18:43 +0200)]
aacpsy: correct calculation of minath in psy_3gpp_init

The minimum of the ath(x, ATH_ADD) function depends on ATH_ADD.
This patch uses the first order approximation to determine it.

For ATH_ADD = 4 this results in the value at 3407.06812 (-5.24241638)
not the one at 3410 (-5.24237967).

CC: libav-stabl@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 110f7f35fb615b97d983b1c6c6a714fddd28bcbe)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agoalsdec: limit avctx->bits_per_raw_sample to 32
Andreas Cadhalpun [Sat, 18 Apr 2015 18:29:13 +0000 (20:29 +0200)]
alsdec: limit avctx->bits_per_raw_sample to 32

avctx->bits_per_raw_sample is used in get_sbits_long, which only
supports up to 32 bits.

CC: libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit e191aaca44b986816695e3b7ecfae64697fd6631)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agoaasc: return correct buffer size from aasc_decode_frame
Andreas Cadhalpun [Thu, 16 Apr 2015 17:12:02 +0000 (19:12 +0200)]
aasc: return correct buffer size from aasc_decode_frame

CC: libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 8fc8024ea56e814cd257d5fe27b21a865080782f)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agomatroskadec: fix crash when parsing invalid mkv
Thomas Guillem [Fri, 10 Apr 2015 17:04:51 +0000 (19:04 +0200)]
matroskadec: fix crash when parsing invalid mkv

CC: libav-stable@libav.org
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit b8d7f3186e86234f6255f5e8ee9e98573b4d9a6e)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agoavconv: do not overwrite the stream codec context for streamcopy
Anton Khirnov [Thu, 2 Apr 2015 04:09:05 +0000 (06:09 +0200)]
avconv: do not overwrite the stream codec context for streamcopy

Since we are not doing encoding, there is no point in ever touching the
separate encoding context. Always use the stream codec context.

Fixes writing attachments.

CC:libav-devel@libav.org
(cherry picked from commit 3892bdab9b652eb003ab95e167f1765e0b0ea035)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Conflicts:
avconv.c

9 years agowebp: ensure that each transform is only used once
Andreas Cadhalpun [Thu, 5 Mar 2015 21:48:28 +0000 (22:48 +0100)]
webp: ensure that each transform is only used once

According to the WebP Lossless Bitstream Specification
"each transform is allowed to be used only once".

If a transform is more than once this can lead to memory
corruption.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit 30e6abd1a8cc4fd5daf2e23ad2e768862c39e975)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agoh264_ps: properly check cropping parameters against overflow
Anton Khirnov [Fri, 20 Mar 2015 20:49:23 +0000 (21:49 +0100)]
h264_ps: properly check cropping parameters against overflow

CC: libav-stable@libav.org
(cherry picked from commit d8a45d2d49f54fde042b195f9d5859251252493d)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agohevc: zero the correct variables on invalid crop parameters
Anton Khirnov [Fri, 20 Mar 2015 20:30:29 +0000 (21:30 +0100)]
hevc: zero the correct variables on invalid crop parameters

It's the output_window that is applied to the output frame, not
pic_conf_win

(cherry picked from commit 5127c00b971b674f72609369b39a9c0f7c36977d)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agohevc: make the crop sizes unsigned
Anton Khirnov [Fri, 20 Mar 2015 20:28:34 +0000 (21:28 +0100)]
hevc: make the crop sizes unsigned

(cherry picked from commit c929659bdd7d2d5848ea52e685a3164c7b901bb0)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agodoc: More changelog updates for v11.3
Reinhard Tartler [Mon, 9 Mar 2015 01:51:11 +0000 (21:51 -0400)]
doc: More changelog updates for v11.3

9 years agoutvideodec: Handle slice_height being zero
Michael Niedermayer [Wed, 4 Mar 2015 17:36:14 +0000 (17:36 +0000)]
utvideodec: Handle slice_height being zero

Fixes out of array accesses.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Bug-Id: CVE-2014-9604
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit 0ce3a0f9d9523a9bcad4c6d451ca5bbd7a4f420d)

9 years agoadxdec: set avctx->channels in adx_read_header
Andreas Cadhalpun [Thu, 26 Feb 2015 00:06:57 +0000 (01:06 +0100)]
adxdec: set avctx->channels in adx_read_header

It is used in adx_read_packet, which currently depends on the
decoder/parser setting this value between reading the file header and
demuxing the first packet.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agormenc: limit packet size
Andreas Cadhalpun [Mon, 2 Mar 2015 15:52:26 +0000 (16:52 +0100)]
rmenc: limit packet size

The chunk size is limited to UINT16_MAX (written by avio_wb16), so make
sure that the packet size is not too large.

Such large frames need to be split into slices smaller than 64 kB, but
that is currently supported neither by the rv10/rv20 encoders nor the rm
muxer.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agowebp: validate the distance prefix code
Andreas Cadhalpun [Mon, 2 Mar 2015 19:47:57 +0000 (20:47 +0100)]
webp: validate the distance prefix code

According to the WebP Lossless Bitstream Specification the highest
allowed value for a prefix code is 39.

If prefix_code is too large, the calculated extra_bits has an invalid
value and triggers an assertion in get_bits.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agorv10: check size of s->mb_width * s->mb_height
Andreas Cadhalpun [Tue, 3 Mar 2015 20:31:15 +0000 (21:31 +0100)]
rv10: check size of s->mb_width * s->mb_height

If it doesn't fit into 12 bits it triggers an assertion.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
9 years agoeamad: check for out of bounds read
Federico Tomassetti [Wed, 18 Feb 2015 12:11:44 +0000 (12:11 +0000)]
eamad: check for out of bounds read

Bug-Id: CID 1257500
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agomdec: check for out of bounds read
Federico Tomassetti [Wed, 18 Feb 2015 12:11:43 +0000 (12:11 +0000)]
mdec: check for out of bounds read

Bug-Id: CID 1257501
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agoconfigure: Properly fail when libcdio/cdparanoia is not found
Vittorio Giovara [Sun, 22 Feb 2015 19:49:52 +0000 (19:49 +0000)]
configure: Properly fail when libcdio/cdparanoia is not found

9 years agotiff: Check that there is no aliasing in pixel format selection
Anton Khirnov [Sat, 7 Mar 2015 21:06:59 +0000 (22:06 +0100)]
tiff: Check that there is no aliasing in pixel format selection

Fixes possible issues with unexpected bpp/bppcount values.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Bug-Id: CVE-2014-8544
(cherry picked from commit ae5e1f3d663a8c9a532d89e588cbc61f171c9186)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agoaic: Fix decoding files with odd dimensions
Vittorio Giovara [Fri, 27 Feb 2015 19:00:25 +0000 (19:00 +0000)]
aic: Fix decoding files with odd dimensions

Normally the aic decoder finds the proper slice combination (multiple of
some number less than 32) but in case of odd width, it resorts to the
default values, which were actually swapped.
The number of slices is modified to account for such odd width cases.

CC: libav-stable@libav.org
(cherry picked from commit e878ec0d47cd6228c367b2f3128b76d7523f7255)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agovorbis: Check the vlc value in setup_classifs
Luca Barbato [Tue, 3 Mar 2015 10:05:15 +0000 (11:05 +0100)]
vorbis: Check the vlc value in setup_classifs

The valid returned values are always at most 11bit.
Remove the previous check that assumed larger values plausible and
use a signed integer to check get_vlc2 return values.

CC: libav-stable@libav.org
(cherry picked from commit 0025f7408a0fab2cab4a950064e4784a67463994)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agoarm: Suppress tags about used cpu arch and extensions
Martin Storsjö [Thu, 5 Mar 2015 21:38:00 +0000 (23:38 +0200)]
arm: Suppress tags about used cpu arch and extensions

When all the codepaths using manually set .arch/.fpu code is
behind runtime detection, the elf attributes should be suppressed.

This allows tools to know that the final built binary doesn't
strictly require these extensions.

Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit dcae2e32f7d8a1ca5fb8c1e4aa81313be854dd73
and b77e335e441040a40fc6156b8e4a134745d10233)
Signed-off-by: Martin Storsjö <martin@martin.st>
9 years agodoc: Update changelog for v11.3
Reinhard Tartler [Sun, 8 Mar 2015 15:12:14 +0000 (11:12 -0400)]
doc: Update changelog for v11.3

9 years agoPrepare for 11.3 Release
Reinhard Tartler [Sun, 8 Mar 2015 15:06:15 +0000 (11:06 -0400)]
Prepare for 11.3 Release

9 years agoprores: Extend the padding check to 16bit
Luca Barbato [Wed, 25 Feb 2015 14:29:15 +0000 (15:29 +0100)]
prores: Extend the padding check to 16bit

Some files produced by the official encoder have up to 16bit of
padding instead of the expected padding to the byte.

Use a self-explanatory macro instead of a simple number.

CC: libav-stable@libav.org
(cherry picked from commit dbc1163b203b175d246b7454c32ac176f84006d1)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agoicecast: Do not use chunked post
Mark McGough [Sun, 12 Oct 2014 10:24:07 +0000 (18:24 +0800)]
icecast: Do not use chunked post

Icecast uses HTTP 1.0 while Libav uses HTTP 1.1 and enables by
default chunked post.

Icecast actually forwards the HTTP chunk headers to the listener
as part of the media stream (without the chunk encoding HTTP headers)
causing the players to lose sync.

Disabling the option is enough to feed icecast properly.

(cherry picked from commit 76c70e33d2244a688832f03b53862eb5d9ad3b01)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
9 years agoimg2dec: correctly use the parsed value from -start_number
Vittorio Giovara [Tue, 6 Jan 2015 15:47:18 +0000 (16:47 +0100)]
img2dec: correctly use the parsed value from -start_number

Previously the image sequence was always starting from the minimum
number rather than the requested one.

CC: libav-stable@libav.org
9 years agoh264_cabac: Break infinite loops
Michael Niedermayer [Thu, 31 Jan 2013 03:20:24 +0000 (04:20 +0100)]
h264_cabac: Break infinite loops

This fixes out of array reads and/or infinite loops.

30 is the maximum number of bits that can be read into
coeff_abs below.

CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Martin Storsjö <martin@martin.st>
9 years agohevc_deblock: Fix compilation with nasm
Carl Eugen Hoyos [Sun, 22 Feb 2015 17:46:49 +0000 (17:46 +0000)]
hevc_deblock: Fix compilation with nasm

CC: libav-stable@libav.org
Bug-Id: 795
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
9 years agoh264: initialize H264Context.avctx in init_thread_copy
Anton Khirnov [Thu, 12 Feb 2015 12:06:49 +0000 (13:06 +0100)]
h264: initialize H264Context.avctx in init_thread_copy

This prevents using a wrong (first thread's) AVCodecContext if decoding
a frame in the first pass over all threads fails.

(cherry picked from commit a06b0b1295c51d100101e0ca0434e199ad6de6b5)
Signed-off-by: Anton Khirnov <anton@khirnov.net>