* [FFmpeg-devel] [PATCH 1/4] avfilter/avf_showwaves: Check history_nb_samples
@ 2023-12-30 2:49 Michael Niedermayer
2023-12-30 2:49 ` [FFmpeg-devel] [PATCH 2/4] avfilter/vf_minterpolate: Check pts before division Michael Niedermayer
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Michael Niedermayer @ 2023-12-30 2:49 UTC (permalink / raw)
To: FFmpeg development discussions and patches
Fixes: out of array access
Fixes: tickets/10756/poc18ffmpeg
Discovered by Zeng Yunxiang
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
libavfilter/avf_showwaves.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavfilter/avf_showwaves.c b/libavfilter/avf_showwaves.c
index 329753c8c86..e19b93a2077 100644
--- a/libavfilter/avf_showwaves.c
+++ b/libavfilter/avf_showwaves.c
@@ -440,6 +440,8 @@ static int config_output(AVFilterLink *outlink)
showwaves->history_nb_samples = av_rescale(showwaves->w * nb_channels * 2,
showwaves->n.num, showwaves->n.den);
+ if (showwaves->history_nb_samples <= 0)
+ return AVERROR(EINVAL);
showwaves->history = av_calloc(showwaves->history_nb_samples,
sizeof(*showwaves->history));
if (!showwaves->history)
--
2.17.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 5+ messages in thread
* [FFmpeg-devel] [PATCH 2/4] avfilter/vf_minterpolate: Check pts before division
2023-12-30 2:49 [FFmpeg-devel] [PATCH 1/4] avfilter/avf_showwaves: Check history_nb_samples Michael Niedermayer
@ 2023-12-30 2:49 ` Michael Niedermayer
2023-12-30 2:49 ` [FFmpeg-devel] [PATCH 3/4] avcodec/mpegvideo_enc: Dont copy beyond the image Michael Niedermayer
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Michael Niedermayer @ 2023-12-30 2:49 UTC (permalink / raw)
To: FFmpeg development discussions and patches
Fixes: FPE
Fixes: tickets/10758/poc20ffmpeg
Discovered by Zeng Yunxiang
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
libavfilter/vf_minterpolate.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/libavfilter/vf_minterpolate.c b/libavfilter/vf_minterpolate.c
index 9920210eced..c7b6f325f8d 100644
--- a/libavfilter/vf_minterpolate.c
+++ b/libavfilter/vf_minterpolate.c
@@ -1075,8 +1075,13 @@ static void interpolate(AVFilterLink *inlink, AVFrame *avf_out)
pts = av_rescale(avf_out->pts, (int64_t) ALPHA_MAX * outlink->time_base.num * inlink->time_base.den,
(int64_t) outlink->time_base.den * inlink->time_base.num);
- alpha = (pts - mi_ctx->frames[1].avf->pts * ALPHA_MAX) / (mi_ctx->frames[2].avf->pts - mi_ctx->frames[1].avf->pts);
- alpha = av_clip(alpha, 0, ALPHA_MAX);
+ if (mi_ctx->frames[2].avf->pts > mi_ctx->frames[1].avf->pts) {
+ alpha = (pts - mi_ctx->frames[1].avf->pts * ALPHA_MAX) / (mi_ctx->frames[2].avf->pts - mi_ctx->frames[1].avf->pts);
+ alpha = av_clip(alpha, 0, ALPHA_MAX);
+ } else {
+ av_log(ctx, AV_LOG_DEBUG, "duplciate input PTS detected\n");
+ alpha = 0;
+ }
if (alpha == 0 || alpha == ALPHA_MAX) {
av_frame_copy(avf_out, alpha ? mi_ctx->frames[2].avf : mi_ctx->frames[1].avf);
--
2.17.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 5+ messages in thread
* [FFmpeg-devel] [PATCH 3/4] avcodec/mpegvideo_enc: Dont copy beyond the image
2023-12-30 2:49 [FFmpeg-devel] [PATCH 1/4] avfilter/avf_showwaves: Check history_nb_samples Michael Niedermayer
2023-12-30 2:49 ` [FFmpeg-devel] [PATCH 2/4] avfilter/vf_minterpolate: Check pts before division Michael Niedermayer
@ 2023-12-30 2:49 ` Michael Niedermayer
2023-12-30 2:49 ` [FFmpeg-devel] [PATCH 4/4] avcodec/mpegvideo_enc: Use ptrdiff_t for stride Michael Niedermayer
2023-12-30 20:46 ` [FFmpeg-devel] [PATCH 1/4] avfilter/avf_showwaves: Check history_nb_samples Michael Niedermayer
3 siblings, 0 replies; 5+ messages in thread
From: Michael Niedermayer @ 2023-12-30 2:49 UTC (permalink / raw)
To: FFmpeg development discussions and patches
Fixes: out of array access
Fixes: tickets/10754/poc17ffmpeg
Discovered by Zeng Yunxiang.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
libavcodec/mpegvideo_enc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/mpegvideo_enc.c b/libavcodec/mpegvideo_enc.c
index dcbf4c0429c..b369c3c735d 100644
--- a/libavcodec/mpegvideo_enc.c
+++ b/libavcodec/mpegvideo_enc.c
@@ -1212,7 +1212,7 @@ static int load_input_picture(MpegEncContext *s, const AVFrame *pic_arg)
dst += INPLACE_OFFSET;
if (src_stride == dst_stride)
- memcpy(dst, src, src_stride * h);
+ memcpy(dst, src, src_stride * h - src_stride + w);
else {
int h2 = h;
uint8_t *dst2 = dst;
--
2.17.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 5+ messages in thread
* [FFmpeg-devel] [PATCH 4/4] avcodec/mpegvideo_enc: Use ptrdiff_t for stride
2023-12-30 2:49 [FFmpeg-devel] [PATCH 1/4] avfilter/avf_showwaves: Check history_nb_samples Michael Niedermayer
2023-12-30 2:49 ` [FFmpeg-devel] [PATCH 2/4] avfilter/vf_minterpolate: Check pts before division Michael Niedermayer
2023-12-30 2:49 ` [FFmpeg-devel] [PATCH 3/4] avcodec/mpegvideo_enc: Dont copy beyond the image Michael Niedermayer
@ 2023-12-30 2:49 ` Michael Niedermayer
2023-12-30 20:46 ` [FFmpeg-devel] [PATCH 1/4] avfilter/avf_showwaves: Check history_nb_samples Michael Niedermayer
3 siblings, 0 replies; 5+ messages in thread
From: Michael Niedermayer @ 2023-12-30 2:49 UTC (permalink / raw)
To: FFmpeg development discussions and patches
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
libavcodec/mpegvideo_enc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/mpegvideo_enc.c b/libavcodec/mpegvideo_enc.c
index b369c3c735d..c192be6ca40 100644
--- a/libavcodec/mpegvideo_enc.c
+++ b/libavcodec/mpegvideo_enc.c
@@ -1193,8 +1193,8 @@ static int load_input_picture(MpegEncContext *s, const AVFrame *pic_arg)
}
for (int i = 0; i < 3; i++) {
- int src_stride = pic_arg->linesize[i];
- int dst_stride = i ? s->uvlinesize : s->linesize;
+ ptrdiff_t src_stride = pic_arg->linesize[i];
+ ptrdiff_t dst_stride = i ? s->uvlinesize : s->linesize;
int h_shift = i ? s->chroma_x_shift : 0;
int v_shift = i ? s->chroma_y_shift : 0;
int w = s->width >> h_shift;
--
2.17.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [FFmpeg-devel] [PATCH 1/4] avfilter/avf_showwaves: Check history_nb_samples
2023-12-30 2:49 [FFmpeg-devel] [PATCH 1/4] avfilter/avf_showwaves: Check history_nb_samples Michael Niedermayer
` (2 preceding siblings ...)
2023-12-30 2:49 ` [FFmpeg-devel] [PATCH 4/4] avcodec/mpegvideo_enc: Use ptrdiff_t for stride Michael Niedermayer
@ 2023-12-30 20:46 ` Michael Niedermayer
3 siblings, 0 replies; 5+ messages in thread
From: Michael Niedermayer @ 2023-12-30 20:46 UTC (permalink / raw)
To: FFmpeg development discussions and patches
[-- Attachment #1.1: Type: text/plain, Size: 656 bytes --]
On Sat, Dec 30, 2023 at 03:49:02AM +0100, Michael Niedermayer wrote:
> Fixes: out of array access
> Fixes: tickets/10756/poc18ffmpeg
>
> Discovered by Zeng Yunxiang
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
> libavfilter/avf_showwaves.c | 2 ++
> 1 file changed, 2 insertions(+)
will apply patchset, so the fixes can go in 6.1.1
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
The real ebay dictionary, page 2
"100% positive feedback" - "All either got their money back or didnt complain"
"Best seller ever, very honest" - "Seller refunded buyer after failed scam"
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
[-- Attachment #2: Type: text/plain, Size: 251 bytes --]
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2023-12-30 20:47 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-12-30 2:49 [FFmpeg-devel] [PATCH 1/4] avfilter/avf_showwaves: Check history_nb_samples Michael Niedermayer
2023-12-30 2:49 ` [FFmpeg-devel] [PATCH 2/4] avfilter/vf_minterpolate: Check pts before division Michael Niedermayer
2023-12-30 2:49 ` [FFmpeg-devel] [PATCH 3/4] avcodec/mpegvideo_enc: Dont copy beyond the image Michael Niedermayer
2023-12-30 2:49 ` [FFmpeg-devel] [PATCH 4/4] avcodec/mpegvideo_enc: Use ptrdiff_t for stride Michael Niedermayer
2023-12-30 20:46 ` [FFmpeg-devel] [PATCH 1/4] avfilter/avf_showwaves: Check history_nb_samples Michael Niedermayer
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git