The 2 links are the clearest i found.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 959cb2e2e36cad50b88d45c1201c2c3d64d4e48c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1500312 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 034054b3706bea8524cf8846813e17636ca5ab33)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Maybe Closes: CID1452496 Uninitialized scalar variable
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 019fce18bb0628ac8bc47a81d647a23d604b6123)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1453457 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0263b6a48caaff839e4c28df15b299b89c7da92d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This changes the behavior and makes it behave how it probably was intended.
Either way this is unlikely to result in any user visible change
Fixes: CID1494637 Missing break in switch
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5712f36dd0ee0144b92edd2147e24b3724d7ec89)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1494636 Missing break in switch
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7d04c6016b0971fecb890d3a0afe4e6706a1a68e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This also makes the code more robust
Fixes: CID1512414 Uninitialized pointer read
Sponsored-by: Sovereign Tech Fund
Reviewed-by: Pierre-Anthony Lemieux <pal@sandflow.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f10493f6fc2a79f706138d90420a4369b9655a47)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Alot more input checking can be performed, this is only checking the obvious missing case
Fixes: CID1598562 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 78d6d13babc62fa14727ee590e5a9661f23a0d9f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
issue found while reviewing CID1452612 Free of array-typed value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d9b9fc4be26014eb7221d9bbc297a5323d5ad40b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found by reviewing code related to CID1500301 String not null terminated
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5b82852519e92a2b94de0f22da1a81df5b3e0412)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Yes the same dead code is in "iLBC Speech Coder ANSI-C Source Code"
Fixes: CID1509370 Logically dead code
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8a64a003b5d567354e82af679e056615c8464a6f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1598563 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9b76e49061a321467df23f7b1c8e8e715c8dec71)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1598556 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4ac7405aafb8e66dff2ac926f33b7ff755f224cf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
If its not replaced we would have a negative index used in an array potentially
Helps: CID1440385 Negative array index read
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6106177ad66ab28f44520534f386239d2405eeab)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
It seems nothing prevents such overflow even though odd
Fixes: CID1441934 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 160b81ce2a87b0835125da7c72ab7ed8c0918c45)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1500300 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 19db9636c52c040d364fe9af94ddeeb1ecfd2c2a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1500284 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 161d0aa2a8d18f1f8a01cbc4c1061eadcbe592e5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1441459 Improper use of negative value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d741638042d827aed994b819857d6587121627ab)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Helps: CID1548380 Uninitialized scalar variable
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e5098589b0ca74b3f52e09bae277306a1fc0cd43)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1465481 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6f976db251864ad698c935130370774783bf12f4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Found while reviewing: CID1500309 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 12391b732f811fc6e868be2f08dc188e508d2567)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This issue cannot happen with the current function parameters
Fixes: CID1500309 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 847a53f264db0b22dcc5a23ca9ade71a627f1c6c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1460758 Operands don't affect result
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 348c3a7ffe0c3aecf35f1a26a9f321a4e608dab7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Related: CID1473496 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 00d029d5c0b7029720265d579389a348220decfb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1500342 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 70b499476213a198ac0f39450cddaea4b34662f5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1467435 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d9d1f65308d40502015272a3d1cc9f805c77e075)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1505963 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a2b8d03347930c051358fcbbdc557e57e157d9c9)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1538298 Untrusted loop bound
Fixes: undefined behavior
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2f04cb673cb394b6e1cda160af8faa733b62bae2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1503075 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6f52b64bcc345842a88a40ddf3873559f1160e34)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1544630 Resource leak
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 62d7106c36037d1bedd5a2e216540740f8f735eb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Helps: CID1441939 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a287f17db22c0c85f0445a1d31139cc70e73205e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Helps: CID1441167 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8814cedb079d5827e07a92e9424c2314bd0a6047)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This will not error but the API allows errors so we should check it
Fixes: CID1489999 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6df8bd64ffa5ea3864a433c5e78b8d8f642c1305)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This will not overflow for normal values
Fixes: CID1500280 Unintentional integer overflow
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bfc22f364d31d8f2dc2acae1bd03d5894a00b8c5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
related: CID1497114 Missing break in switch
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3f9daf1c18c2f0fb9e6d0b94af8e92cafc0cf010)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
This is test code after all so it should test things
Fixes: CID1518990 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e3481730ed9b3b781a0d85370826bcc57d601958)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Failure is possible due to strdup()
Fixes: CID1516764 Dereference null return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e8a1e1899d9ededd78f8ec4722fe80c345bbf8f7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c4004605b2fa6e2ecbd1cfc2a1da382e4f5237a5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes: CID1473512 Unused value
Fixes: CID1529228 Unused value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 33da5f4e2717cc947cf44ad9a52668694ea4ee82)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Helps: CID1518967 Unchecked return value
Helps: CID1518968 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e7775973f037724f26676015a364134fd728babf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Helps: CID1524598 Improper use of negative value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b6fa2ed77e57e82f3155b83ca4f4b3be8da5ff5c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
Fixes an issue in 6.1 when reading a corrupted file with -xerror would
exit with success. This specific issue is not present in master, but
this should generally be a more robust behaviour.
Reported-by: Andrej Peterka
(cherry picked from commit d1fa39d08d3bce9c268cd02cb3c45a76e63b6ff4)
Signed-off-by: Anton Khirnov <anton@khirnov.net>
If the sBIT chunk size is invalid, we should print a more informative
error message rather than return an error and print nothing.
Signed-off-by: Leo Izen <leo.izen@gmail.com>
Indexed color images use three colors for sBIT, but the function
ff_png_get_nb_channels returns 1 in this case. We should avoid erroring
out on valid files in this scenario.
Regression since 84b454935fae2633a8a5dd075e22393f3e8f932f.
Signed-off-by: Leo Izen <leo.izen@gmail.com>
Reported-by: Ramiro Polla <ramiro.polla@gmail.com>
Reviewed-by: Marton Balint <cus@passwd.hu>
In intra-only mode, frameIntervalP is 0, which means the frame
data array is smaller than the number of surfaces.
Together with using the wrong size on deallocation of the
frame_data_array, this lead to a crash.
Signed-off-by: Timo Rothenpieler <timo@rothenpieler.org>
(cherry picked from commit c9151ea50715c4ce47ad1c8df519781565db01f6)
Signed-off-by: Brad Smith <brad@comstyle.com>
(cherry picked from commit 41190da9e11f536cb590df45ce9839974e5e6777)
Signed-off-by: Brad Smith <brad@comstyle.com>
Fixes: The warnings from CID1598553 Uninitialized scalar variable
Passing partly initialized structs is ugly and asking for hard to rieproduce bugs,
The uninitialized fields where not used
Reviewed-by: "Xiang, Haihao" <haihao.xiang-at-intel.com@ffmpeg.org>
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c841cb45e81ebece26768c820c459b085668a37a)
