Fixes: runtime error: signed integer overflow: 1610612736 * 2 cannot be represented in type 'int'
Fixes: 2817/clusterfuzz-testcase-minimized-5289691240726528
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1f53bde6d8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: signed integer overflow: 26 + 2147483644 cannot be represented in type 'int'
Fixes: 2456/clusterfuzz-testcase-minimized-4822695051001856
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7592d97f10)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: runtime error: index 49 out of bounds for type 'int [48][2][2]'
Fixes: 2159/clusterfuzz-testcase-minimized-5267945972301824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3a1ad368a78b153b63ccc07af864b3611e2a4ac3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
* commit 'b13fc1e344':
h264: do not pass H264Context to h264_slice_header_parse()
Conflicts:
libavcodec/h264dec.h
Did not merge the h264_slice_header_parse() part. We use a few other
members of H264Context for error checking in that function.
Merged-by: Timothy Gu <timothygu99@gmail.com>
* commit 'bc7f426851':
h264: drop tests whether the codec id is AV_CODEC_ID_H264
Conflicts:
libavcodec/h264dec.c
Merged-by: James Almer <jamrial@gmail.com>
* commit 'f638b67e57':
h264: move the parameter set definitions to a new header file
Conflicts:
libavcodec/h264_parse.h
libavcodec/h264_ps.c
libavcodec/h264dec.h
Merged-by: James Almer <jamrial@gmail.com>
* commit '54dd9b1cdd':
h264: set mb_aff_frame in frame_start()
h264: move the block starting a new field out of slice_header_parse()
Both commits are merged at the same time in order to prevent a
regression with Ticket #4440 (see 38660128).
Merged-by: Clément Bœsch <u@pkh.me>
* commit '61f168ae34':
h264: factor out setting the parameter sets for a frame
Michael's changes on top of the merge undo parts of the original diff
that are not factorization:
"The call point is left where it was before. Such a change should be in
a separate commit and has multiple issues, one being null pointer
dereferences the other is that some safety checks would become
conditional.
I tried to split the PPS init between the new and old functions
similarly to the SPS code."
Merged-by: Clément Bœsch <u@pkh.me>
Merged-by: Michael Niedermayer <michael@niedermayer.cc>
* commit '0bad254300':
h264: move initing the implicit pred weight table out of h264_slice_header_parse()
Merged-by: Clément Bœsch <clement@stupeflix.com>
* commit 'ed9a20ebe4':
h264: split reading the ref list modifications and actually building the ref list
ref_modifications.val are read as u32 instead of u8 in FFmpeg.
Merged-by: Clément Bœsch <clement@stupeflix.com>
This should not be needed anymore and simplifies the next merge
Requested-by: Clément Bœsch <u@pkh.me>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This should not be needed anymore and simplifies the next merge
Requested-by: Clément Bœsch <u@pkh.me>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
