From: Dale Curtis
Signed-off-by: Dale Curtis
---
libavformat/matroskadec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c
index bf67253..86ff477 100644
--- a/libavformat/matroskadec.c
+++ b/libavformat/matroskadec.c
@@ -
From: Ronald Bultje
Signed-off-by: Dale Curtis
---
libavcodec/vp3.c | 18 +-
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/libavcodec/vp3.c b/libavcodec/vp3.c
index 6e85b90..bdd4289 100644
--- a/libavcodec/vp3.c
+++ b/libavcodec/vp3.c
@@ -281,15 +281,15 @@ static
From: Dale Curtis
Anonymous typedef structs prevent forward declaration, this
change gives the AVIOContext and AVIOInterruptCB structures
a name. These structures are now in line with other common
structures such as AVFormatContext and AVCodecContext.
Signed-off-by: Dale Curtis
---
libavforma
From: Dale Curtis
Fixes duration calculation with this file:
http://ie.microsoft.com/testdrive/Performance/FishBowl/Audio/Background.mp3
>From here:
http://ie.microsoft.com/testdrive/Performance/FishBowl/Default.html
Not sure if this is correct, but uploading to get discussion started.
This re
From: Dale Curtis
The new incremental parser doesn't always clear prev_pkt,
however the packet queue is cleared when seeking. Which leads
to a use-after-free.
Verified using Valgrind.
Signed-off-by: Dale Curtis
---
libavformat/matroskadec.c |1 +
1 files changed, 1 insertions(+), 0 deleti
1408
Reproducible using FATE and the following sample program and test case:
http://commondatastorage.googleapis.com/dalecurtis-shared/ogg-test.tar.bz2
Signed-off-by: Dale Curtis
---
libavformat/oggdec.c| 28
tests/ref/seek/lavf_ogg | 24
2
From: Dale Curtis
Reduces the amount of upfront data required for cluster parsing
thus decreasing latency on seek and startup.
The change in the seek-lavf_mkv FATE test is due to incremental
parsing no longer reading as much data as the old parser and
thus not having that additional data to gene
From: Dale Curtis
Reduces the amount of upfront data required for cluster parsing
thus decreasing latency on seek and startup.
The change in the seek-lavf_mkv FATE test is due to incremental
parsing no longer reading as much data as the old parser and
thus not having that additional data to gene
From: Dale Curtis
Prevents an OOB write of size 4 when ogg_read_seek is called with
a stream_index >= ogg->nstreams.
In this case s->nb_streams == 3, yet ogg->nstreams == 1 and
stream_index == 1; causing os->keyframe_seek = 1 to write OOB.
Test case available on request.
Signed-off-by: Dale Cu
From: Dale Curtis
Convert key_off initialize to use the same sc->keyframe_count as
used elsewhere in the function.
Signed-off-by: Dale Curtis
---
libavformat/mov.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/libavformat/mov.c b/libavformat/mov.c
index b4ff1df..ce6
From: Dale Curtis
Instead of allocating over the original, free first. MOVStreamContext
is zero initialized so no double free will occur. Same style as other
fixes for the same problem in this file.
Signed-off-by: Dale Curtis
---
libavformat/mov.c |1 +
1 files changed, 1 insertions(+), 0
From: Dale Curtis
If mov_read_header exits under error, the memory allocated is
not freed.
Signed-off-by: Dale Curtis
---
libavformat/mov.c | 74 +---
1 files changed, 41 insertions(+), 33 deletions(-)
diff --git a/libavformat/mov.c b/libavfor
From: Dale Curtis
This commit introduced a regression in the amount of upfront
data required to identify and parse a webm container. Most
visible under constrained networks: http://goo.gl/isfLc
This reverts commit c98c1f434eed06390f4990dd23f7ec15dbe53703.
---
libavformat/matroskadec.c |4 +
From: Dale Curtis
During error conditions matroska_parse_block may exit without
freeing the memory allocated for laces.
Found via valgrind: http://pastebin.com/E54k8QFU
Signed-off-by: Dale Curtis
---
libavformat/matroskadec.c |3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff
From: Dale Curtis
Reproducible with test case and ffplay -threads 2. Stack trace:
http://pastebin.com/PexZ4Uc0
Test case:
http://commondatastorage.googleapis.com/dalecurtis-shared/crash.ogm
Signed-off-by: Dale Curtis
---
libavcodec/pthread.c |5 +++--
1 files changed, 3 insertions(+), 2
From: Dale Curtis
Reproducible with test case and ffplay -threads 2. Stack trace:
http://pastebin.com/PexZ4Uc0
Test case:
http://commondatastorage.googleapis.com/dalecurtis-shared/crash.ogm
Signed-off-by: Dale Curtis
---
libavcodec/pthread.c |2 +-
1 files changed, 1 insertions(+), 1
From: Dale Curtis
Signed-off-by: Dale Curtis
---
libavcodec/vp3.c |1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/libavcodec/vp3.c b/libavcodec/vp3.c
index e94264e..e146593 100644
--- a/libavcodec/vp3.c
+++ b/libavcodec/vp3.c
@@ -396,6 +396,7 @@ static void init_loop_fi
From: Dale Curtis
It's possible this is due to an incorrect calculation elsewhere,
but my expertise ran out.
Signed-off-by: Dale Curtis
---
libavcodec/vp8.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/libavcodec/vp8.c b/libavcodec/vp8.c
index 07e5b61..5635bb3 1006
From: Dale Curtis
On corrupt or malicious files, filter_limit can be >= 128 leading
to an out of bounds write.
Signed-off-by: Dale Curtis
---
libavcodec/vp3.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/libavcodec/vp3.c b/libavcodec/vp3.c
index e94264e..be64978 10
From: Dale Curtis
The ogg decoder wasn't padding the input buffer with the appropriate
FF_INPUT_BUFFER_PADDING_SIZE bytes. Which led to uninitialized reads in
various pieces of parsing code when they thought they had more data than
they actually did.
Signed-off-by: Dale Curtis
---
libavformat/
From: Dale Curtis
The ogg decoder wasn't padding the input buffer with the appropriate
FF_INPUT_BUFFER_PADDING_SIZE bytes. Which led to uninitialized reads in
various pieces of parsing code when they thought they had more data than
they actually did.
Signed-off-by: Dale Curtis
---
libavformat/
21 matches
Mail list logo