hj kim [Tue, 2 Feb 2021 04:51:32 +0000 (13:51 +0900)]
Check size_bmp more fully
patch from ffmpeg to fix CVE-2018-1999011
Change-Id: Ic1bf9125a7ac885db6ac618a5a19ba17e7b292ab
hj kim [Tue, 2 Feb 2021 04:46:03 +0000 (13:46 +0900)]
Add missing chunksize check
patch from ffmpeg to fix CVE-2018-1999010
Change-Id: Ie5244214c27e4fa7dda1221429459a25971727c9
hj kim [Tue, 2 Feb 2021 04:04:59 +0000 (13:04 +0900)]
fix nb_samples < order case
patch from ffmpeg to fix CVE-2013-0856
Change-Id: I8ea9793b2b7f83a1d871c18a0ffca820f5e170d4
hj kim [Tue, 2 Feb 2021 04:22:33 +0000 (13:22 +0900)]
check block length
patch from ffmpeg to fix CVE-2013-0845
Change-Id: I5d228ff84c1ff9fd2c34b731eb71b76c5560c89c
jiyong.min [Mon, 18 Jan 2021 07:18:18 +0000 (16:18 +0900)]
fix crash issue because of high memory usage
- The memory usage is high because of the invalid 'has_b_frames' value.
The invalid 'has_b_frames' makes the condition in line #1239 false
and 'h264_select_output_frame()' can't set the output frame in line #1241.
So 'avcodec_receive_frame()' return the error(-11) due to no output frame.
'avformat_find_stream_info()' try decode frame repeatly.
As the result, the internal buffer for decoding is raised
in 'avformat_find_stream_info()'.
- We applied the patch from ffmpeg.
Change-Id: I12649d6ff7650454b9fcd5181687f20bddf0b44d
(cherry picked from commit
b96e080a02e9c1d5a69e7755d7f70b94395262eb)
hj kim [Thu, 12 Nov 2020 05:02:14 +0000 (14:02 +0900)]
Bug fix of wrong duration
Change-Id: I97a603a69afa5fd339ef1fd87defef467f2e05b5
jiyong.min [Tue, 13 Oct 2020 02:52:33 +0000 (11:52 +0900)]
Fix invalid duration of AV1
- Problem
The duration of AV1 is always '0'sec.
- Cause
Initializing the duration is needed when fragments are used.
- Solution
Apply patch from FFmpeg.
Change-Id: I7d184cb8562ec874ada0037850e003d6e192fe72
hj kim [Thu, 28 May 2020 07:23:20 +0000 (16:23 +0900)]
Fix asan build error
Change-Id: I9f63e2e3ca06b0eca026f692621baa65c343e972
jiyong.min [Thu, 2 Jan 2020 00:08:07 +0000 (09:08 +0900)]
Fix invalid duration of ts files
[patch from ffmpeg]
avformat/utils: estimate_timings_from_pts - increase retry counter, fixes invalid duration for ts files with hevc codec
Fixes a mpegts file with hevc that fails estimating duration. Increasing number of
retries fixes the issue.
Change-Id: I3356a8e0c444d7a64a3a7e04850fd38d5e3c45ea
chengyj1985 [Mon, 23 Sep 2019 07:22:28 +0000 (15:22 +0800)]
check ptr null before free
Change-Id: If981ed89f6b223ba1e5a9ce61bce934aca97fea7
jiyong.min [Wed, 26 Jun 2019 07:46:00 +0000 (16:46 +0900)]
Apply patch from MCD
[Problem] unallocated pointer is getting freed
[Cause] unallocated pointer is getting freed
[Solution] Merged changes from FFMPEG,
In ff_init_vlc_sparse() function of libav\libavcodec\bitstream.c file,
which will not free unallocated pointer
Change-Id: Ie479987e7bcbfe362b6c0d454cff92de6b4d9a25
jiyong.min [Wed, 26 Jun 2019 07:15:12 +0000 (16:15 +0900)]
Apply patch from MCD
[problem] Duration is different shown in list and player
[cause] Incorrect parsing of libav
[solution] Fix incorrect parsing
Change-Id: I44a44a8d22aed1bf39e4082bdc1c6ab79c35009d
jiyong.min [Wed, 26 Jun 2019 07:00:53 +0000 (16:00 +0900)]
Apply patch from MCD
[Problem] Taking long time to get attributes of avi file
[Cause] trying to get the index of the file even though eof reached
[Solution] Add to returned if eof reached in libav
Change-Id: If0443c727a8ec1deea177e15d5b29af72e2a89a4
Minje Ahn [Thu, 21 Jun 2018 06:26:01 +0000 (15:26 +0900)]
Upgrade to 12.3
Change-Id: Iccf116a4ac487c14145ec8995354d6bd4d60b123
Minje Ahn [Thu, 21 Jun 2018 06:22:22 +0000 (15:22 +0900)]
Imported Upstream version 12.3
hj kim [Fri, 25 May 2018 06:07:20 +0000 (15:07 +0900)]
[CVE-2017-9992] dfa: Disallow odd width/height and add proper bounds check for DDS1 chunks
Change-Id: Ide200fccfcdd74eebd1e6d35843cdfdd1a3d1379
hj kim [Thu, 10 May 2018 08:01:44 +0000 (17:01 +0900)]
add --enable-decoder=mjpeg
Change-Id: I0068751432a6ea1e065c624dfda77ba410f97504
Jiyong Min [Fri, 20 Apr 2018 00:49:20 +0000 (09:49 +0900)]
[CVE-2017-16803] smacker: add sanity check for length in smacker_decode_tree()
Bug-Id: 1098
Cc: libav-stable@libav.org
Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
Change-Id: I2e2236de12a0f6dead47f671907920b4193ff9a0
Jiyong Min [Thu, 19 Apr 2018 23:00:26 +0000 (23:00 +0000)]
Merge "[CVE-2017-17129] vc1: skip motion compensation when data fro last picture is invalid" into tizen
Jiyong Min [Tue, 17 Apr 2018 06:33:11 +0000 (15:33 +0900)]
[CVE-2017-17129] vc1: skip motion compensation when data fro last picture is invalid
Bug-Id: 1101
Cc: libav-stable@libav.org
(cherry picked from commit
5085f25ace1e74846a0de3369bedd0e22d1a1bdc)
Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
Change-Id: I5f13d62d569ac3262a35ff11a3808abb59eff67a
(cherry picked from commit
7be0ce8d7175a1a3dcbd165c303107e294bf8171)
Jiyong Min [Tue, 17 Apr 2018 06:38:07 +0000 (15:38 +0900)]
[CVE-2017-17130] avcodec/vc1dec: fix mby_start for interlaced content
Bug-Id: 1100
Bug-Id: ffmpeg/Ticket2531
Cc: libav-stable@libav.org
(cherry picked from commit
5b6213ef6bf5e0781c83e86926eb0b33a98dc185)
Signed-off-by: Sean McGovern <gseanmcg@gmail.com>
Change-Id: I99bd5ad59140168dd90bc41545432660e3b8537c
Michal Jurkiewicz [Thu, 21 Sep 2017 08:05:37 +0000 (10:05 +0200)]
avutil/buffer: add get_opaque
Ported patch from ffmpeg:
author Xidorn Quan <quanxunzhen@gmail.com>
Fri, 29 Mar 2013 17:15:19 +0200 (23:15 +0800)
committer Michael Niedermayer <michaelni@gmx.at>
Fri, 29 Mar 2013 18:31:16 +0200 (17:31 +0100)
commit
c81d2fa96ddc9f6dab38d61a8803caca7e63bea0
avutil/buffer: add get_opaque
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Change-Id: I456b163a92e2f87c7c4148bfb68f0f610194f3a5
Signed-off-by: Michal Jurkiewicz <m.jurkiewicz@samsung.com>
(cherry picked from commit
40bec43a69561bba5c3914d762813f32a7e1983f)
yujie.cheng [Fri, 9 Feb 2018 02:23:37 +0000 (10:23 +0800)]
Some aiff file use ID3 tag to store artist genre and etc.
Change-Id: Iba8d0eb220b9da8ee9ca031245a5d60975137372
Jiyong Min [Mon, 15 Jan 2018 04:11:48 +0000 (13:11 +0900)]
Apply armoring feature of security and change the product feature
Change-Id: I38c4fd826b2d5e50b7d0bf4e948f6c80555a8658
chen89.chen [Fri, 12 Jan 2018 07:33:07 +0000 (15:33 +0800)]
add support ape format
Change-Id: I3a15089ce832285d483260fad1698aefb2eedf85
Haejeong Kim [Fri, 18 Aug 2017 07:32:25 +0000 (16:32 +0900)]
Update 11.4 -> 12.1 (Merge branch 'upstream' into tizen)
Change-Id: I522175faed67cf54301e77e9353f542a06a1a849
Haejeong Kim [Fri, 18 Aug 2017 06:15:27 +0000 (15:15 +0900)]
Imported Upstream version 12.1
Change-Id: Ic6182be15482901abc5a2884bee1a371fe6ffabc
Jiyong Min [Tue, 24 Jan 2017 06:23:20 +0000 (15:23 +0900)]
Enable VP8 & VP9 decoder and add patch related with VP8 & VP9
[Enable]
--enable-parser=vp8 --enable-decoder=vp8 --enable-decoder=vp9
[Patch]
arm: use a local label instead of the function symbol in ff_prefetch_arm
Avoids a relocation which might end out of range for thumb2.
Reported-By: Ludovic Fauvet <etix@videolan.org>
Bug-Id: https://bugs.webkit.org/show_bug.cgi?id=137022
CC: libav-stable@libav.org
Change-Id: Id4c2acac8f150f81df654fffccde6433d68869ff
Signed-off-by: jiyong.min <jiyong.min@samsung.com>
(cherry picked from commit
cd3ed69efc06591c75a0a3fd62a28092791cd72d)
Haejeong Kim [Fri, 2 Jun 2017 07:49:38 +0000 (16:49 +0900)]
[CVE-2016-8675]m4vdec: Check for non-startcode 00 00 00 sequences in probe
Change-Id: I0d633b26d2d264625456afd3de35e296bc90c781
Jiyong Min [Thu, 1 Jun 2017 22:53:19 +0000 (07:53 +0900)]
[CVE-2016-7393] aac_parser: add required padding for GetBitContext buffer
Fixes stack buffer overflow errors detected by address sanitizer in
various fate tests.
CC: libav-stable@libav.org
Change-Id: I450d920bef284a35fa76f25e607ee0056198ebb3
Signed-off-by: Jiyong Min <jiyong.min@samsung.com>
Haejeong Kim [Tue, 23 May 2017 08:45:44 +0000 (17:45 +0900)]
[
DF170418-00597] Patch for invalid AVI file. data chunk size in idx1 is wrong
Change-Id: I41af3ee4b9840c96ba6f1509ad661c75d6af4930
Jiyong Min [Tue, 11 Apr 2017 06:35:18 +0000 (15:35 +0900)]
Use license macro in spec file
Change-Id: I0fec2ffb4fc01d75b981aa111b71ad6051f9361e
Signed-off-by: Jiyong Min <jiyong.min@samsung.com>
Jiyong Min [Mon, 28 Nov 2016 05:19:02 +0000 (14:19 +0900)]
Fix out of bounds read.
(Apply security patch for CVE-2016-7424)
- Referenced
The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote
attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7424
- Solution
https://git.libav.org/?p=libav.git;a=commit;h=
136f55207521f0b03194ef5b55ba70f1635d6aee
Fix out of bounds read.
Change-Id: I20a5beb71b95b0286f89a66441d07fce7d21de9a
Signed-off-by: Jiyong Min <jiyong.min@samsung.com>
Slava Barinov [Tue, 20 Sep 2016 09:42:22 +0000 (12:42 +0300)]
Switch off inline asm for ASan build
Change-Id: I4b89e401c3923366c0fcf966a1c3841d86575752
Signed-off-by: Slava Barinov <v.barinov@samsung.com>
Minje Ahn [Tue, 20 Sep 2016 08:28:35 +0000 (17:28 +0900)]
Add CVE-2015-5479 patch
Change-Id: Iac970866a602f3d66b1bfc6f6b2a5c050950ff8c
Signed-off-by: Minje Ahn <minje.ahn@samsung.com>
Junghyun Kim [Tue, 30 Aug 2016 10:56:02 +0000 (19:56 +0900)]
Store build_date in .tizen.build-id section to avoid unnecessary rebuilds
- PROBLEM
We use OBS to build packages in Tizen.
There is a mechanism not to rebuild if the result binary is the same.
For example, there is a dependency graph: A->B->C.
If A is modified, B would be built.
If the result RPM of B is not changed, OBS does not trigger a build of C.
To effectively use this mechanism, each packages make sure that
the result binary should be the same if the input source is the same.
This package uses __DATE__ and __TIME__ which make the result binary
is different everytime it is built.
To efficiently utilize OBS build mechanism and to modify the package
as little as possible, I propose to store this macro in .tizen.build-id
section. OBS build-compare tool does not check *.build-id section
in the binary.
Change-Id: Icc1b62f5f56506d64deae3a5fadabb82eca6f1e6
Signed-off-by: Junghyun Kim <jh0822.kim@samsung.com>
Minje Ahn [Mon, 1 Aug 2016 23:57:51 +0000 (08:57 +0900)]
Defense of system crash due to damaged random file. (ffmpeg 2.8.1 patch)
Change-Id: Id0eced23749b7f4dd37b92f095f021f43561e282
Signed-off-by: Minje Ahn <minje.ahn@samsung.com>
Jiyong Min [Thu, 23 Jun 2016 06:21:19 +0000 (15:21 +0900)]
[CVE patch] CVE-2016-2636 in libav version 11.7
- asfenc: fix some possible integer overflows (CVE-2016-2326)
Change-Id: I9904997efff6a91ed4c74d4135611c04a63e637f
Signed-off-by: Jiyong Min <jiyong.min@samsung.com>
Jiyong Min [Wed, 22 Jun 2016 23:29:31 +0000 (08:29 +0900)]
[CVE patch] CVE patch in libav version 11.7
- asfenc: fix some possible integer overflows (CVE-2016-2326)
- mov: Check the entries value when parsing dref boxes (CVE-2016-3062)
Change-Id: I4a21091a20e10ee4b68f27ee4f5f5df6e419eca3
Signed-off-by: Jiyong Min <jiyong.min@samsung.com>
ji.yong.seo [Thu, 21 Jan 2016 04:38:13 +0000 (13:38 +0900)]
dynamic loadding error in libmm-fileinfo when use memory input.
Change-Id: I5365b4a3d06915c3346ec45e3bbb5d96faeeebff
Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
ji.yong.seo [Thu, 21 Jan 2016 04:35:57 +0000 (13:35 +0900)]
add manifest files & add support format.
Change-Id: I3d3d7d76ace5c99d384b54f74ce6b2040cfd4861
Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
ji.yong.seo [Thu, 21 Jan 2016 04:30:39 +0000 (13:30 +0900)]
fix get frame at time fail.
Change-Id: If6b2199e1e55b707a8f61ba61a8429e2514da76a
Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
ji.yong.seo [Thu, 21 Jan 2016 04:26:21 +0000 (13:26 +0900)]
fix get rotate at time fail. (ffmpeg 2.5 merge)
Change-Id: I2484409b69a3398b309d0faecd9f82521af71179
Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
ji.yong.seo [Thu, 21 Jan 2016 04:20:53 +0000 (13:20 +0900)]
add protocol deregister API
Change-Id: I1407f526e68cafef9569fe86c8ac27a07d6ee3fd
Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
ji.yong.seo [Thu, 21 Jan 2016 02:38:10 +0000 (11:38 +0900)]
fix crash issue for invalid file.
Signed-off-by: ji.yong.seo <ji.yong.seo@samsung.com>
Change-Id: Ifaa1b9f3f7cf68050030c48272b8fc1b7eeea235
Haejeong Kim [Tue, 15 Dec 2015 09:19:51 +0000 (18:19 +0900)]
Bump to 11.4
Change-Id: I666cefb159e1949babd7594349773d4ccef60fcd
Haejeong Kim [Tue, 15 Dec 2015 09:13:59 +0000 (18:13 +0900)]
Add missing item after merge v11.4(upstream has VERSION file)
Change-Id: I3d668e6d20457206bab0bc0c6baa30c2ecf07854
Haejeong Kim [Tue, 15 Dec 2015 09:05:49 +0000 (18:05 +0900)]
Merge tag 'v11.4' into tizen
v11.4 release
Change-Id: I922d679faac6f7e054033c9423c2416cc49efa09
Haejeong Kim [Tue, 15 Dec 2015 05:48:47 +0000 (14:48 +0900)]
Update to libav 11.4
Haejeong Kim [Tue, 15 Dec 2015 05:21:59 +0000 (14:21 +0900)]
Remove all useless file after libav v11 tag commit
Change-Id: I4ba315445f56ed8f6005bb0275ef2ca9f188e7e2
Martin Storsjö [Wed, 11 Nov 2015 19:42:02 +0000 (21:42 +0200)]
rtmpcrypt: Do the xtea decryption in little endian mode
The XTEA algorithm operates on 32 bit numbers, not on byte sequences.
The XTEA implementation in libavutil is written assuming big endian
numbers, while the rtmpe signature encryption assumes little endian.
This fixes rtmpe communication with rtmpe servers that use signature
type 8 (XTEA), e.g. crunchyroll.
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
Vicente Olivert Riera [Tue, 29 Sep 2015 16:28:33 +0000 (17:28 +0100)]
configure: address a copy-paste typo
The correct instruction for mips32r1 is addi.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Michael Niedermayer [Sun, 21 Sep 2014 15:16:32 +0000 (16:16 +0100)]
vc1: Use logical instead of bitwise or for twomv
CC: libav-stable@libav.org
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Tim Walker <tdskywalker@gmail.com>
(cherry picked from commit
a97328afef0ccebfc8c3d9f9fdb8e93cbf1058ab)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Vicente Olivert Riera [Fri, 25 Sep 2015 06:56:25 +0000 (08:56 +0200)]
mips: intreadwrite: Only execute that code for mips r1 or r2
MIPS R6 supports unaligned memory access and does not have
the load/store-left/right family of instructions.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera at imgtec.com>
Signed-off-by: Luca Barbato <lu_zero at gentoo.org>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit
d00bb8addccb63fa3feacb06d2a310731dc0113b)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Luca Barbato [Fri, 25 Sep 2015 06:56:25 +0000 (08:56 +0200)]
configure: mips: Support mips r6, r2 and r1
Detect the different MIPS architecture variants.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit
1016a75cf3170648dc9b59fdef170cbfc142f8ad)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Luca Barbato [Fri, 25 Sep 2015 06:56:25 +0000 (08:56 +0200)]
configure: Set the initial ldflags to match the cflags
Some gcc-based toolchain would fail to link if the abi set by the
cpuflags does not match the default.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit
678f788fea3380e5cbbf75baac5cc0ce07a56a42)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Anton Khirnov [Mon, 27 Jul 2015 09:13:53 +0000 (11:13 +0200)]
opusdec: properly handle mismatching configurations in multichannel streams
The substreams can have different resampling delays, so an additional
level of buffering is needed to synchronize them.
Bug-Id: 876
Luca Barbato [Fri, 26 Jun 2015 13:57:16 +0000 (15:57 +0200)]
h263: Always check both dimensions
CC: libav-stable@libav.org
Found-By: ago@gentoo.org
Janne Grunau [Mon, 8 Jun 2015 12:48:54 +0000 (14:48 +0200)]
imc: add required padding for GetBitContext buffer
Fixes stack buffer overflow errors detected by address sanitizer in
fate-imc.
CC: libav-stable@libav.org
Janne Grunau [Mon, 8 Jun 2015 12:48:26 +0000 (14:48 +0200)]
ac3_parser: add required padding for GetBitContext buffer
Fixes stack buffer overflow errors detected by address sanitizer in
various fate tests.
CC: libav-stable@libav.org
Janne Grunau [Mon, 8 Jun 2015 12:45:12 +0000 (14:45 +0200)]
aac_parser: add required padding for GetBitContext buffer
Fixes stack buffer overflow errors detected by address sanitizer in
various fate tests.
CC: libav-stable@libav.org
ji.yong.seo [Tue, 16 Jun 2015 05:38:02 +0000 (14:38 +0900)]
Videos that contain cdis, get duration fail issue. (patch from latest ffmpeg)
Change-Id: I5d9c9c3d0797e7d719019504052bac017b861518
Reinhard Tartler [Sun, 24 May 2015 08:36:42 +0000 (10:36 +0200)]
Update changelog for v11.4
Luca Barbato [Mon, 25 May 2015 20:30:10 +0000 (22:30 +0200)]
h264: Make sure reinit failures mark the context as not initialized
Bug-Id: CVE-2015-3417
CC: libav-stable@libav.org
Luca Barbato [Mon, 25 May 2015 19:53:26 +0000 (21:53 +0200)]
msrle: Use FFABS to determine the frame size in msrle_decode_pal4
As done in msrle_decode_8_16_24_32.
Bug-Id: CVE-2015-3395
CC: libav-stable@libav.org
Michael Niedermayer [Thu, 28 May 2015 10:38:35 +0000 (12:38 +0200)]
x86: cavs: Remove an unneeded scratch buffer
Simplifies the code and makes it build on certain compilers
running out of registers on x86.
CC: libav-stable@libav.org
Reported-By: mudler
(cherry picked from commit
e4610300de6869bd6b3b00e76cfeabb6d7653dcd)
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Mikulas Patocka [Mon, 15 Sep 2014 12:11:21 +0000 (05:11 -0700)]
configure: Disable i686 for i586 and lower CPUs
Shiina Hideaki [Thu, 7 May 2015 00:46:55 +0000 (01:46 +0100)]
mjpegenc: Fix JFIF header byte ordering
The header had a wrong version description.
Bug-Id: 808
Signed-off-by: Shiina Hideaki <shiina@yndrd.com>
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Luca Barbato [Wed, 29 Apr 2015 19:29:49 +0000 (21:29 +0200)]
nut: Make sure to clean up on read_header failure
Based on Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com> work.
CC: libav-stable@libav.org
wm4 [Fri, 8 May 2015 15:01:50 +0000 (17:01 +0200)]
png: Set the color range as full range
The format uses full range for the gray formats.
CC: libav-stable@libav.org
Andreas Cadhalpun [Wed, 6 May 2015 00:26:57 +0000 (02:26 +0200)]
avi: Validate sample_size
And either error out or set it to 0 if it is negative.
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Andreas Cadhalpun [Tue, 28 Apr 2015 18:57:59 +0000 (20:57 +0200)]
nut: Check chapter creation in decode_info_header
This fixes a segmentation fault when accessing the metadata.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
CC: libav-stable@libav.org
Andreas Cadhalpun [Thu, 23 Apr 2015 22:01:43 +0000 (00:01 +0200)]
alac: Reject rice_limit 0 if compression is used
If in compression mode rice_limit = 0 leads to call
`show_bits(gb, k)` in `decode_scalar` with k = 0.
Request a sample in case it is valid and it should be accepted.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
CC: libav-stable@libav.org
Andreas Cadhalpun [Wed, 29 Apr 2015 18:39:22 +0000 (20:39 +0200)]
ape: Support _0000 files with nblock smaller than 64
The decode_array_0000 assumed that 64 is the minimal block size
while it is not.
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Michael Niedermayer [Fri, 1 May 2015 22:55:42 +0000 (23:55 +0100)]
mux: Do not leave stale side data pointers in ff_interleave_add_packet()
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Luca Barbato [Mon, 27 Apr 2015 23:55:10 +0000 (01:55 +0200)]
avresample: Reallocate the internal buffer to the correct size
Fixes the corner case in which the internal buffer size
is larger than input buffer provided and resizing it
before moving the left over samples would make it write
to now unallocated memory.
Bug-Id: 825
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
John Högberg [Tue, 28 Apr 2015 08:20:33 +0000 (10:20 +0200)]
mpegts: Update the PSI/SI table only if the version change
If a PAT is finished while a PMT section filter is opened but
not yet finished, the PMT section filter is closed and all
the received data is discarded.
This is usually not an issue but some multiplexers (With very
quick PAT/PMT repetition settings) consistently emit a PMT
section start, then a PAT, and then the rest of the PMT,
causing the aforementioned behavior to result in no PMT being
finished.
In the most pathologic situation the stream information are lost
and the probe fallback miscategorizes subtitles as mp3 audio.
Avoid the issue through eliminating redundant PSI/SI table
updates by checking their version field, which is required by
the standard to be incremented on every change no matter how
minor.
CC: libav-stable@libav.org
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
Martin Storsjö [Fri, 24 Apr 2015 09:38:09 +0000 (12:38 +0300)]
rtsp: Make sure we don't write too many transport entries into a fixed-size array
CC: libav-stable@libav.org
Signed-off-by: Martin Storsjö <martin@martin.st>
Andrey Utkin [Fri, 10 Apr 2015 21:54:10 +0000 (00:54 +0300)]
rtpenc_jpeg: Handle case of picture dimensions not dividing by 8
This fixes the calculation of the number of needed blocks to make
sure that ALL pixels are represented by the result.
Signed-off-by: Martin Storsjö <martin@martin.st>
Vittorio Giovara [Fri, 13 Mar 2015 19:45:14 +0000 (19:45 +0000)]
mov: Fix little endian audio detection
Set this field to TRUE if the audio component is to operate on
little-endian data, and FALSE otherwise.
However TRUE and FALSE are not defined. Since this flag is just a boolean,
interpret all values except for 0 as little endian.
Sample-Id: 64bit_FLOAT_Little_Endian.mov
Luca Barbato [Mon, 16 Mar 2015 10:26:48 +0000 (11:26 +0100)]
x86: Put COPY3_IF_LT under HAVE_6REGS
It uses 6 registers, unbreaks building on hardened x86 system.
Bug-Id: gentoo/541930
CC: libav-stable@libav.org
Andreas Cadhalpun [Mon, 9 Mar 2015 18:24:09 +0000 (19:24 +0100)]
roqvideoenc: set enc->avctx in roq_encode_init
So far it is only set in roq_encode_frame, but it is used in
roq_encode_end to free the coded_frame. This currently segfaults if
roq_encode_frame is not called between roq_encode_init and
roq_encode_end.
CC:libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Vittorio Giovara [Mon, 9 Mar 2015 23:02:00 +0000 (23:02 +0000)]
mp3: Properly use AVCodecContext API
Rather than having an unitialized context on the stack, allocate it with
defaults and free it when unneeded.
CC: libav-stable@libav.org
Vittorio Giovara [Sun, 8 Mar 2015 21:08:16 +0000 (21:08 +0000)]
libvpx: Fix mixed use of av_malloc() and av_reallocp()
This buffer is resized when vpx_codec_get_cx_data() returns a
VPX_CODEC_STATS_PKT packet.
CC: libav-stable@libav.org
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Anton Khirnov [Sat, 2 May 2015 07:09:52 +0000 (09:09 +0200)]
Revert "lavfi: always check av_expr_parse_and_eval() return value"
This reverts commit
63be97ec403023fb664798432acedaf6e6922527.
All those calls were unchecked on purpose, as explained in the comments
in the code.
(cherry picked from commit
3735b5c616770429572f86aabdaec39c6ebb8818)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Andreas Cadhalpun [Wed, 22 Apr 2015 14:03:41 +0000 (16:03 +0200)]
alsdec: only adapt order for positive max_order
For max_order = 0 the clipping range is invalid. (amin = 2, amax = 1)
CC: libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit
60f1cc4a1ffcbf24acbb543988ceeaec76b70818)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Andreas Cadhalpun [Tue, 21 Apr 2015 17:28:30 +0000 (19:28 +0200)]
alsdec: check sample pointer range in revert_channel_correlation
Also change the type of begin, end and smp to ptrdiff_t to make the
comparison well-defined.
CC: libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit
94bb1ce882a12b6d7a1fa32715a68121b39ee838)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Andreas Cadhalpun [Tue, 21 Apr 2015 16:43:55 +0000 (18:43 +0200)]
aacpsy: correct calculation of minath in psy_3gpp_init
The minimum of the ath(x, ATH_ADD) function depends on ATH_ADD.
This patch uses the first order approximation to determine it.
For ATH_ADD = 4 this results in the value at 3407.06812 (-5.
24241638)
not the one at 3410 (-5.
24237967).
CC: libav-stabl@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit
110f7f35fb615b97d983b1c6c6a714fddd28bcbe)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Andreas Cadhalpun [Sat, 18 Apr 2015 18:29:13 +0000 (20:29 +0200)]
alsdec: limit avctx->bits_per_raw_sample to 32
avctx->bits_per_raw_sample is used in get_sbits_long, which only
supports up to 32 bits.
CC: libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit
e191aaca44b986816695e3b7ecfae64697fd6631)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Andreas Cadhalpun [Thu, 16 Apr 2015 17:12:02 +0000 (19:12 +0200)]
aasc: return correct buffer size from aasc_decode_frame
CC: libav-stable@libav.org
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit
8fc8024ea56e814cd257d5fe27b21a865080782f)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Thomas Guillem [Fri, 10 Apr 2015 17:04:51 +0000 (19:04 +0200)]
matroskadec: fix crash when parsing invalid mkv
CC: libav-stable@libav.org
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit
b8d7f3186e86234f6255f5e8ee9e98573b4d9a6e)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Anton Khirnov [Thu, 2 Apr 2015 04:09:05 +0000 (06:09 +0200)]
avconv: do not overwrite the stream codec context for streamcopy
Since we are not doing encoding, there is no point in ever touching the
separate encoding context. Always use the stream codec context.
Fixes writing attachments.
CC:libav-devel@libav.org
(cherry picked from commit
3892bdab9b652eb003ab95e167f1765e0b0ea035)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Conflicts:
avconv.c
Andreas Cadhalpun [Thu, 5 Mar 2015 21:48:28 +0000 (22:48 +0100)]
webp: ensure that each transform is only used once
According to the WebP Lossless Bitstream Specification
"each transform is allowed to be used only once".
If a transform is more than once this can lead to memory
corruption.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
(cherry picked from commit
30e6abd1a8cc4fd5daf2e23ad2e768862c39e975)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Anton Khirnov [Fri, 20 Mar 2015 20:49:23 +0000 (21:49 +0100)]
h264_ps: properly check cropping parameters against overflow
CC: libav-stable@libav.org
(cherry picked from commit
d8a45d2d49f54fde042b195f9d5859251252493d)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Anton Khirnov [Fri, 20 Mar 2015 20:30:29 +0000 (21:30 +0100)]
hevc: zero the correct variables on invalid crop parameters
It's the output_window that is applied to the output frame, not
pic_conf_win
(cherry picked from commit
5127c00b971b674f72609369b39a9c0f7c36977d)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Anton Khirnov [Fri, 20 Mar 2015 20:28:34 +0000 (21:28 +0100)]
hevc: make the crop sizes unsigned
(cherry picked from commit
c929659bdd7d2d5848ea52e685a3164c7b901bb0)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Reinhard Tartler [Mon, 9 Mar 2015 01:51:11 +0000 (21:51 -0400)]
doc: More changelog updates for v11.3
Michael Niedermayer [Wed, 4 Mar 2015 17:36:14 +0000 (17:36 +0000)]
utvideodec: Handle slice_height being zero
Fixes out of array accesses.
CC: libav-stable@libav.org
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Bug-Id: CVE-2014-9604
Signed-off-by: Vittorio Giovara <vittorio.giovara@gmail.com>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
(cherry picked from commit
0ce3a0f9d9523a9bcad4c6d451ca5bbd7a4f420d)
Andreas Cadhalpun [Thu, 26 Feb 2015 00:06:57 +0000 (01:06 +0100)]
adxdec: set avctx->channels in adx_read_header
It is used in adx_read_packet, which currently depends on the
decoder/parser setting this value between reading the file header and
demuxing the first packet.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
Andreas Cadhalpun [Mon, 2 Mar 2015 15:52:26 +0000 (16:52 +0100)]
rmenc: limit packet size
The chunk size is limited to UINT16_MAX (written by avio_wb16), so make
sure that the packet size is not too large.
Such large frames need to be split into slices smaller than 64 kB, but
that is currently supported neither by the rv10/rv20 encoders nor the rm
muxer.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Anton Khirnov <anton@khirnov.net>
projects / platform / upstream / libav.git / log