The existing error concealment makes no sense for the image formats, they
use transformed source images which is different from keyframe + MC+difference
for which the error concealment is designed.
Of course feel free to re-enable this if you have a case where it works and
improves vissual results
Fixes: Timeout
Fixes: 36234/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-6300306743885824
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 643b2d49bf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
Fixes: 35593/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_FIXED_fuzzer-5182217725804544
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8f2856a1da)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: reading over the end
Fixes: 36346/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ARGO_fuzzer-5366943107383296
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c2f5e9ff3c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: -9223372036854775808 * 2 cannot be represented in type 'long long'
Fixes: 36244/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-6090656186499072
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9bc32d7c4b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: floating point division by 0
Fixes: Ticket8218
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 75a099fc73)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Similar to CVE-2013-0868, here return value check for 'init_vlc' is needed.
crafted DNxHD data can cause unspecified impact.
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 7150f95756)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: floating point division by 0
Fixes: Ticket8213
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 70874e024a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1466601 Dereference null return value
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6a6a765fa4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array read
Fixes: 35210/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CPIA_fuzzer-5669199688105984
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cea05864e6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 3530839700044513368 + 8386093932303352321 cannot be represented in type 'long long'
Fixes: 35182/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5398383270428672
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 18b0dd0738)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: left shift of 1 by 31 places cannot be represented in type 'int'
Fixes: 35023/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_CLEARVIDEO_fuzzer-6740166587842560
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 11fac9613e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 486539264 * 14 cannot be represented in type 'int'
Fixes: 35281/clusterfuzz-testcase-minimized-ffmpeg_dem_RSD_fuzzer-6068262742917120
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 00ae9b77ef)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: null pointer passed as argument 1, which is declared to never be null
Fixes: 33791/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_IFF_ILBM_fuzzer-5107575256383488.fuzz
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 216eb60b85)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
If a slice header fails to parse, and the next one uses different Sequence and
Picture parameter sets, certain values may not be read if they are not coded,
resulting in the previous slice values being used.
Signed-off-by: James Almer <jamrial@gmail.com>
Decoders like cuviddec ignore and overwrite all the properties set by the generic
code as derived from AVCodecInternal.last_pkt_props. This flag ensures libavcodec
will not store and potentially queue input packets that ultimately will not be used.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 7b9610ebd8)
Fixes memleaks on decoders that don't call ff_decode_frame_props(), like
libdav1d.
Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit a4fb03563a)
Fixes: signed integer overflow: 104962766 * 32 cannot be represented in type 'int'
Fixes: 33614/clusterfuzz-testcase-minimized-ffmpeg_dem_RSD_fuzzer-6252129036664832
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3447979d08)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array access
Fixes: 34933/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TTA_fuzzer-5629322560929792
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit dbbcfbcc4e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1476303 Bad bit shift operation
Fixes: 34871/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DPX_fuzzer-6331163028357120
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ca9025f374)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Avoids floating point division by 0
Fixes: Ticket8191
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c297f7e57a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: Ticket8011
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 36dead4bc2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Avoids Floating point division by 0
Fixes: Ticket8011
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c520b98691)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: out of array access
Fixes: exr/deneme
Found-by: Burak Çarıkçı <burakcarikci@crypttech.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 26d3c81bc5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
The code uses x/ymax + 1 so the maximum is INT_MAX-1
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
Fixes: 33158/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5545462457303040
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 48342aa075)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: tickets/3933/128.jls
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 011006874c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: signed integer overflow: 44331634 * 65 cannot be represented in type 'int'
Fixes: 32120/clusterfuzz-testcase-minimized-ffmpeg_dem_RSD_fuzzer-5760221223583744
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f40e9b1355)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: shift exponent 251 is too large for 32-bit type 'int'
Fixes: 32147/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_DPX_fuzzer-5519111675314176
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c093eb3031)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is marginally slower, but correct for all input values.
The previous implementation failed with certain input seeds, e.g.
"checkasm --test=hevc_idct 98".
Signed-off-by: Martin Storsjö <martin@martin.st>
(cherry picked from commit f27e3ccf06)
