That way one doesn't have to free later. In this case (concerning TTA
extradata), this also fixes a memleak when the output samplerate is
invalid.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NJames Almer <jamrial@gmail.com>

Signed-off-by: NJames Almer <jamrial@gmail.com>

Signed-off-by: Nhwren <hwrenx@126.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: Nhwren <hwrenx@126.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: Nhwren <hwrenx@126.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: Nhwren <hwrenx@126.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: NLimin Wang <lance.lmwang@gmail.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Fix a NULL dereference and leaks.
Signed-off-by: NKusanagi Kouichi <slash@ac.auone-net.jp>
Signed-off-by: NMarton Balint <cus@passwd.hu>

This should improve coverage
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

This should increase coverage
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

6144 byte alignment is needed.
Signed-off-by: NMarton Balint <cus@passwd.hu>

Signed-off-by: NMarton Balint <cus@passwd.hu>

Signed-off-by: NMarton Balint <cus@passwd.hu>

Signed-off-by: NMarton Balint <cus@passwd.hu>

This sets the range of the first automatically assigned PMT PID or elementary
stream PID parameters to [0x20, 0x1ffa]. You can still assign manually a PID
for a stream using AVStream->id in the wider [0x10, 0x1ffe] range as specified
by ISO13818-1. But since DVB and ATSC both reserves some PIDs, let's not allow
them to be automatically assigned.

Also make sure that assigned PID numbers are valid and fix the error message
for the previous PID collision checks.
Signed-off-by: NMarton Balint <cus@passwd.hu>

Signed-off-by: Guo, Yejun <yejun.guo@intel.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Introduced since 07793962.
Signed-off-by: NLinjie Fu <linjie.fu@intel.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

The unsharp filter uses an array of arrays of uint32_t, each of which is
separately allocated. These arrays also need to freed separately; but
before doing so, one needs to check whether the array of arrays has
actually been allocated, otherwise one would dereference a NULL pointer.
This fixes #8408.

Furthermore, the array of arrays needs to be zero-initialized so that
no uninitialized pointer will be freed in case an allocation of one of
the individual arrays fails.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Reviewed-by: NPaul B Mahol <onemda@gmail.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: NJames Almer <jamrial@gmail.com>

This fixes marking keyframes in svc samples.
Signed-off-by: NJames Almer <jamrial@gmail.com>

Signed-off-by: NJames Almer <jamrial@gmail.com>

Signed-off-by: NJames Almer <jamrial@gmail.com>

This reverts commit 8174e5c7.

It's no longer needed after the previous commit.
Signed-off-by: NJames Almer <jamrial@gmail.com>

Defined in Section 7.8

This finishes implementing support for frames using
frame_refs_short_signaling.
Signed-off-by: NJames Almer <jamrial@gmail.com>

Fixes: Timeout (80sec -> 33sec)
Fixes: 18668/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5710836719157248

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: NMichael Niedermayer <michael@niedermayer.cc>

This optimizes the code slightly (116 -> 80sec)
Testcase: 18668/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALS_fuzzer-5710836719157248
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

buf_size is not updated as buf is advanced so it is wrong after the first
iteration

Fixes: Timeout (160sec -> 27sec)
Fixes: 18658/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_G729_fuzzer-5729784269373440

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: NMichael Niedermayer <michael@niedermayer.cc>

This will be used in the next commit
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

The 0 case was added with the support for multiple packets. It
appears unintended and causes extra complexity and out of array
accesses (though within padding)

No testcase
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

This combination would assume different block sizes throughout the code so its
better to error out.

Fixes: signed integer overflow: -1082385168 * 2 cannot be represented in type 'int'
Fixes: 19110/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ACELP_KELVIN_fuzzer-5643993950191616
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Fixes: signed integer overflow: -2147483648 * -1 cannot be represented in type 'int'
Fixes: 18643/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ALAC_fuzzer-5672182449700864

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Fixes: Assertion failure
Fixes: 18630/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAPRO_fuzzer-5201588654440448

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Fixes: signed integer overflow: 50176 * 262144 cannot be represented in type 'int'
Fixes: 18629/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5182370286403584

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Fixes: signed integer overflow: 4 * 538976288 cannot be represented in type 'int'
Fixes: 18622/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VMDAUDIO_fuzzer-5092166174507008

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpegSigned-off-by: NMichael Niedermayer <michael@niedermayer.cc>

This avoids problems if the function is called twice
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>

ff_flac_parse_picture() parses a buffer containing a flac metadata
picture block by wrapping it in an AVIOContext and using the AVIOContext
API. Consequently, when not enough data could be read AVERROR(EIO) was
returned although reading didn't really fail: A block that contains a
subfield whose size field indicates that it is so big as to extend
beyond the buffer is just invalid.

This commit changes this by using the bytestream2 API instead;
furthermore, the checks for whether there is enough data left are
performed before allocating a buffer for said data.

Finally, if the length of the picture description is bigger than
INT_MAX, it will now raise an error.
Signed-off-by: NAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: NMichael Niedermayer <michael@niedermayer.cc>