git.ffmpeg.org Git - ffmpeg.git/log

swscale/output: Fix integer overflow in yuv2ya16_X_c_template()

Found-by: colod colod <colodcolod7@gmail.com>
Fixes: CVE-2025-63757

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0c6b7f9483a38657c9be824572b4c0c45d4d9fef)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ac4caa33bae5841649c61d4f8a0608dfa59c4fa1)
Signed-off-by: Carlos Henrique Lima Melara <charlesmelara@riseup.net>

libavfilter/af_firequalizer: Add check for av_malloc_array()

Add check for the return value of av_malloc_array() to avoid potential NULL pointer dereference.

Fixes: CVE-2025-10256

Fixes: d3be186ed1 ("avfilter/firequalizer: add dumpfile and dumpscale option")
Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a25462482c02c004d685a8fcf2fa63955aaa0931)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 00b5af29a4203a31574c11b3df892d78d5d862ec)
Signed-off-by: Carlos Henrique Lima Melara <charlesmelara@riseup.net>

avcodec/jpeg2000dec: Make sure the 4 extra bytes allocated are initialized

Fixes: use of uninitialized memory
Fixes: 429130590/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_DEC_fuzzer-5736930522497024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d6fe3786cd8c06437756d407f727ff01cf1774ff)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 39f4a60035085e7b1465fa7159d3ef03114dfe27)
Signed-off-by: Carlos Henrique Lima Melara <charlesmelara@riseup.net>

avcodec/jpeg2000dec: implement cdef remapping during pixel format matching

Fixes: out of array access
Fixes: poc.jp2

Fixes: CVE-2025-9951

Found-by: Andy Nguyen <theflow@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 01a292c7e36545ddeb3c7f79cd02e2611cd37d73)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit eb80096cbe8b11105f7be0eb99233667e8836c1a)
Signed-off-by: Carlos Henrique Lima Melara <charlesmelara@riseup.net>

avcodec/jpeg2000dec: move cdef default check into get_siz()

This way cdef is at its final value earlier

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 104d6846c1be0cb757dc95d5801a416f4d7c687d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit de97cc3892f9655e292af8d7d235f2c1eb77b3b7)
Signed-off-by: Carlos Henrique Lima Melara <charlesmelara@riseup.net>

libavcodec/alsdec.c: Add check for av_malloc_array() and av_calloc()

Add check for the return value of av_malloc_array() and av_calloc()
to avoid potential NULL pointer dereference.

Backport comment: In v5.1 and newer, av_calloc is used, but in v4.3 we
had av_mallocz_array, but it's susceptible to ENOMEM just the same.

Fixes: CVE-2025-7700

Fixes: dcfd24b10c ("avcodec/alsdec: Implement floating point sample data decoding")
Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 35a6de137a39f274d5e01ed0e0e6c4f04d0aaf07)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit aad4b59cfee1f0a3cf02f5e2b1f291ce013bf27e)
Signed-off-by: Carlos Henrique Lima Melara <charlesmelara@riseup.net>

aacenc_tns: clamp filter direction energy measurement

The issue is that:

float en[2];
...
tns->n_filt[w] = is8 ? 1 : order != TNS_MAX_ORDER ? 2 : 3;
for (g = 0; g < tns->n_filt[w]; g++) {
tns->direction[w][g] = slant != 2 ? slant : en[g] < en[!g];

When using the AAC Main profile, n_filt = 3, and slant is by
default 2 (normal long frames), g can go above 1.

en is the evolution of energy in the frequency domain for every
band at the given window. E.g. whether the energy is concentrated
at the top of each band, or the bottom.

For 2-pole filters, its straightforward.
For 3-pole filters, we need more than 2 measurements.

This commit properly implements support for 3-pole filters, by measuring
the band energy across three areas.

Do note that even xHE-AAC caps n_filt to 2, and only AAC Main allows
n_filt == 3.

Fixes https://trac.ffmpeg.org/ticket/11418

Fixes: CVE-2025-1594

(cherry picked from commit ed09aa28ae3b4509f00a24a9ebdeb084ee00736a)
(cherry picked from commit f98f142da571653436596ccad2d09c7e39bfd4fb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 21fe514152a22cc5653fd95f065320adfcf076e9)
Signed-off-by: Carlos Henrique Lima Melara <charlesmelara@riseup.net>

lavc/vp9: Fix regression introduced in 0ba05857

It is possible that ff_progress_frame_await() is called but
ff_progress_frame_report() isn't called when a hardware acceleration
method is used, so a thread for vp9 decoding might get stuck.

Backport comment: in 7.1 there was a switch to ProgressFrames
(7bd3b737163), so there was the need to convert the calls back to
ThreadFrames calls. In this case, it was just moving the progress
report function inside the finish label.

Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Signed-off-by: Haihao Xiang <haihao.xiang@intel.com>
(cherry picked from commit 8c62d77139ca07390414fcfd26b2a4d506fed3b9)
Signed-off-by: Carlos Henrique Lima Melara <charlesmelara@riseup.net>

avcodec/vp9: Fix race when attaching side-data for show-existing frame

When outputting a show-existing frame, the VP9 decoder simply
created a reference to said frame and returned it immediately to
the caller, without waiting for it to have finished decoding.
In case of frame-threading it is possible for the frame to
only be decoded while it was waiting to be output.
This is normally benign.

But there is one case where it is not: If the user wants
video encoding parameters to be exported, said side data
will only be attached to the src AVFrame at the end of
decoding the frame that is actually being shown. Without
synchronisation adding said side data in the decoder thread
and the reads in av_frame_ref() in the output thread
constitute a data race. This happens e.g. when using the
venc_data_dump tool with vp90-2-10-show-existing-frame.webm
from the FATE-suite.

Fix this by actually waiting for the frame to be output.

Backport comment: in 7.1 there was a switch to ProgressFrames
(7bd3b737163), so there was the need to convert the calls back to
ThreadFrames calls.

Fixes: CVE-2024-36615

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
(cherry picked from commit 0ba058579f332b3060d8470a04ddd3fbf305be61)
Signed-off-by: Carlos Henrique Lima Melara <charlesmelara@riseup.net>

avformat/hls: check return value of new_init_section()

Fixes part of ticket #8931.

Fixes: CVE-2023-6603

Signed-off-by: Marton Balint <cus@passwd.hu>
(cherry picked from commit 28c83584e8f3cd747c1476a74cc2841d3d1fa7f3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e3e479d077044175dca0376739eeafde49610573)
Signed-off-by: Carlos Henrique Lima Melara <charlesmelara@riseup.net>

avcodec/aarch64/idct: Add missing stddef

Fixes checkheaders on aarch64.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
(cherry picked from commit 52e911369553e1d2e8c4978172a5a302b91c8202)

avcodec/Makefile: add vaapi_hevc.h to the SKIPHEADERS list

Fixes make checkheaders when vaapi is disabled

Signed-off-by: James Almer <jamrial@gmail.com>

tools/check_arm_indent: skip empty glob

all: apply linter fixes

forgejo: backport CI job names

forgejo: apply needed CI changes for 4.3

forgejo: backport CI to release/4.3

avcodec/x86/pngdsp: add missing emms at the end of add_png_paeth_prediction

Fixes unpredictable behavior with floats.

Signed-off-by: James Almer <jamrial@gmail.com>
(cherry picked from commit 57a29f2e7dd2374a1df27316c6cf7c0225e86758)

Update for 4.3.9

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

configure: update copyright year

On 01/01/2025 19:05, Peter Ross wrote:
> FFmpeg turns 25 this year.

(cherry picked from commit d3aa99a4f436e89773246339d9d363587a1d21df)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/hls: Partially revert "reduce default max reload to 3"

(setting to 100 as a reasonable compromise)

The change has caused regressions for many users and consumers.
Playlist reloads only happen when a playlist doesn't indicate that it
has ended (via #EXT-X-ENDLIST), which means that the addition of future
segments is still expected.
It is well possible that an HLS server is temporarily unable to serve
further segments but resumes after some time, either indicating a
discontinuity or even by fully catching up.
With a segment length of 3s, a max_reload value of 1000 corresponds to
a duration of 50 minutes which appears to be a reasonable default.

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ace9f03a6c0a58b84a02701df1b6e5d5ac1d1b8e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/hls: Fix twitter

Allow mp4 with all mpegts extensions

Fixes: Ticket11435
Reviewed-by: Steven Liu <lingjiujianke@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cef3422b4819e3b6f07086625fa7890eaa8d45e7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

libavformat/hls: Be more restrictive on mpegts extensions

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0113e30806b205111344e266bc69ff9657a3ca02)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/hls: .ts is always ok even if its a mov/mp4

Maybe fixes: 11435

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9e12572933dc1c49e9b35d772ddcae896c2ba8a8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/hls: Print input format in error message

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d8455331302c72cde2f0b72f255004a91189dd93)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/hls: Be more picky on extensions

This blocks disallowed extensions from probing
It also requires all available segments to have matching extensions to the format
mpegts is treated independent of the extension

It is recommended to set the whitelists correctly
instead of depending on extensions, but this should help a bit,
and this is easier to backport

Fixes: CVE-2023-6602 II. HLS Force TTY Demuxer
Fixes: CVE-2023-6602 IV. HLS XBIN Demuxer DoS Amplification

The other parts of CVE-2023-6602 have been fixed by prior commits

Found-by: Harvey Phillips of Amazon Element55 (element55)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 91d96dc8ddaebe0b6cb393f672085e6bfaf15a31)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat: add ff_match_url_ext()

Match url against a list of extensions similar to av_match_ext()

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a7b06bfc5d20b12ff0122702c09517cf359fbb66)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avfilter/bwdif: account for chroma sub-sampling in min size calculation

The current logic for detecting frames that are too small for the
algorithm does not account for chroma sub-sampling, and so a sample
where the luma plane is large enough, but the chroma planes are not
will not be rejected. In that event, a heap overflow will occur.

This change adjusts the logic to consider the chroma planes and makes
the change to all three bwdif implementations.

Fixes #10688

Signed-off-by: Cosmin Stejerean <cosmin@cosmin.at>
Reviewed-by: Thomas Mundt <tmundt75@gmail.com>
Signed-off-by: Philip Langdale <philipl@overt.org>
(cherry picked from commit 737ede405b11a37fdd61d19cf25df296a0cb0b75)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/iff: Check that we have a stream in read_dst_frame()

Fixes: null pointer dereference
Fixes: 385644864/clusterfuzz-testcase-minimized-ffmpeg_dem_IFF_fuzzer-4551049565765632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8668957ef604bd2b99175310638bc5031ae0d991)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/mlvdec: fix size checks

Fixes: heap-buffer-overflow
Fixes: 391962476/clusterfuzz-testcase-minimized-ffmpeg_dem_MLV_fuzzer-5746746587676672

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 251d43aef0df9262f2688c1c848af993bbb67d08)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/mxfdec: Check edit unit for overflow in mxf_set_current_edit_unit()

Fixes: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'long'
Fixes: 392672068/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-6232335892152320

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <git@haerdin.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 8a6ad9eab2f1c37a18c2f30e6660260edd7c0c16)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/h263dec: Check against previous dimensions instead of coded

Fixes: out of array access
Fixes: crash-a41ef3db699013f669b076f02f36942925f5a98c

Found-by: Kacper Michajlow <kasper93@gmail.com>
Reviewed-by: Kacper Michajlow <kasper93@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 0fe33c99a26a06a6875c4abfb96362a65145264b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/mxfdec: Check avio_read() success in mxf_decrypt_triplet()

Fixes: Use of uninitialized memory
Fixes: 71444/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5448597561212928

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6ecc96f4d08d74b0590ab03f39f93f386910c4c0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/huffyuvdec: Initialize whole output for decode_gray_bitstream()

Fixes: use of uninitialized memory
Fixes: 375286238/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HYMT_fuzzer-6352546854141952

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit ef71552cf970876085d99834abdb8e429aea9730)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/ipmovie: Check signature_buffer read

Fixes: use of uninitilaized data
Fixes: 385167047/clusterfuzz-testcase-minimized-ffmpeg_dem_IPMOVIE_fuzzer-5941477505564672

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 788abe0d253b2034af15876d7889265d4746df2b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/wtvdec: Initialize buf

ff_parse_mpeg2_descriptor() reads over what is initialized
Fixes: use of uninitialized memory
Fixes: 383825645/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-5144130618982400

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 17b019c517af26c6d2f0c6266938c60d36db1fa3)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/cbs_vp9: Initialize VP9RawSuperframeIndex

Fixes: use-of-uninitialized-value
Fixes: 70907/clusterfuzz-testcase-minimized-ffmpeg_BSF_VP9_METADATA_fuzzer-6339363208757248

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e81d410242ea604c4f667da4a415836c1575d72f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/vqf: Propagate errors from add_metadata()

Suggested-by: Marton Balint <cus@passwd.hu>
Reviewed-by: Alexander Strasser <eclipse7@gmx.net>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 49fa3f6c5ba6d43cc4b3ade4f8d9dc2fdbc71f0a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/vqf: Check avio_read() in add_metadata()

Fixes: use of uninitialized data
Fixes: 383825642/clusterfuzz-testcase-minimized-ffmpeg_DEMUXER_fuzzer-5380168801124352

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c43dbecbdad152a91eadc7538b545852eee562ae)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/dashdec: Check whitelist

Fixes: CVE-2023-6602, V. DASH Playlist SSRF

Found-by: Harvey Phillips of Amazon Element55 (element55)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4c96d6bf75357ab13808efc9f08c1b41b1bf5bdf)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avutil/avstring: dont mess with NULL pointers in av_match_list()

Fixes: applying zero offset to null pointer

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c6c54943d161812b3c4034116cb14f3f5c05dc43)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/mpegvideo_enc: Check FLV1 resolution limits

Found-by: Elias Myllymäki <elias.myllymaki04p@gmail.com>
Reviewed-by: Alexander Strasser <eclipse7@gmx.net>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 827c073154f4cc17d1bd3777dff3b58370210bcb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/ffv1enc: Fix handling of 32bit unsigned symbols

This may be needed for floats

Sponsored-by: Sovereign Tech Fund
Reviewed-by: Alexander Strasser <eclipse7@gmx.net>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 402824e9e99461f1c9e74a6730ced40894669560)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/vc1dec: Clear block_index in vc1_decode_reset()

Fixes: 377965565/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-4504434689769472
Fixes: out of array access

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 251de1791e645f16e80b09d82999d4a5e24b1ad1)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/aacsbr_template: Clear n_q on error

Fixes: index 5 out of bounds for type 'uint8_t [5]'
Fixes: 377748135/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AAC_LATM_fuzzer-5167109774049280

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3f029bfb7f9ca1c73fecb8d0eacf3c4e0550f771)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

swscale/output: Fix undefined overflow in yuv2rgba64_full_X_c_template()

Fixes: signed integer overflow: -1082982400 + -1195645138 cannot be represented in type 'int'
Fixes: 376136843/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-4791844321427456

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 56faee21c136942c491f30a2e82cfbbfce180beb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avfilter/af_pan: Fix sscanf() use

Fixes: Memory Data Leak

Found-by: Simcha Kosman <simcha.kosman@cyberark.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b5b6391d64807578ab872dc58fb8aa621dcfc38a)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avfilter/vf_addroi: Add missing NULL termination to addroi_var_names[]()

Fixes: out of array read

Found-by: Elias Myllymäki <elias.myllymaki04p@gmail.com>
Reviewed-by: Alexander Strasser <eclipse7@gmx.net>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b72de492959fb19eab37368232e65a4371c367f7)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/rmdec: check that buf if completely filled

Fixes: use of uninitialized value
Fixes: 70988/clusterfuzz-testcase-minimized-ffmpeg_dem_IVR_fuzzer-5298245077630976

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 9578c135d00dd9cc01491b8559d7fad5a387e90d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/hapdec: Clear tex buffer

The code following makes no attempt to initialize all of the buffer

Fixes: use of uninitialized value
Fixes: 70980/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HAP_fuzzer-5329909059223552

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7eeeda703b599847aa89c7c08bb433d0b3da9590)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/mxfdec: Check that key was read sucessfull

Fixes: use of uninitialized value
Fixes: 70932/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4870202133643264

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4c62cbcae2612acbc7ab5e8a7e7815674a6e8df4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/rpl: Fix check for negative values

Fixes: signed integer overflow: 10 * -1923267925333400000 cannot be represented in type 'int64_t' (aka 'long')
Fixes: 378891963/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5714338935013376
Found-by: ossfuzz
Reported-by: Kacper Michajlow <kasper93@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit eab65379bf89c55d8ec4bc6f00e04f15b37d3d85)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/mlvdec: Check avio_read()

Fixes: use-of-uninitialized-value
Fixes: 383170476/clusterfuzz-testcase-minimized-ffmpeg_dem_MLV_fuzzer-4696002884337664

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bb85423142103d694d97bad1967bd3dc55440e71)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/utils: Fix block align overflow for ADPCM_IMA_WAV

Fixes: signed integer overflow: 529008646 * 8 cannot be represented in type 'int'
Fixes: 383379145/clusterfuzz-testcase-minimized-ffmpeg_dem_CAF_fuzzer-6674045107503104

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 93270930798da368d5b1954a73ef7ff9dfa48f73)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/matroskadec: Check pre_ns for overflow

Fixes: signed integer overflow: -3483479120376300096 - 7442323944145700864 cannot be represented in type 'long'
Fixes: 383187489/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-4561470580391936

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 361d24e6d920e4f7e4e5fa1fd6fbb6922bff35f2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/webp: Check ref_x/y

Fixes: 70991/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WEBP_fuzzer-5544067620995072
Fixes: use of uninintailized value

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7c1e732ad2e240af5afe9ffea443c91bb233aa65)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/ilbcdec: Initialize tempbuff2

Fixes: Use of uninitialized value
Fixes: 71350/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ILBC_fuzzer-6322020827070464

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4482218440534804d067de00ee1a4bc493c8b41d)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/dxa: check bpc

Fixes: integer overflow: -2147483648 - 1 cannot be represented in type 'int'
Fixes: 373971762/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-4880491112103936

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7e020f21413269418180eea7933a94ecb6bf2ef8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

swscale/slice: clear allocated memory in alloc_lines()

Fixes: use of uninitialized memory in hScale16To15_c()
Fixes: 373924007/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5841199968092160

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit aeec39f3c1be82863efe64ce95242de58e075e8f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/icodec: fix integer overflow with nb_pal

Fixes: runtime error: signed integer overflow
Fixes: 42536949/clusterfuzz-testcase-minimized-fuzzer_loadfile-6199846684393472
Found-by: ossfuzz
Reported-by: Kacper Michajlow
Tested-by: Kacper Michajlow
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 84569b6c22cb4eda9c682aabeb5f658112126780)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

doc/developer: Document relationship between git accounts and MAINTAINERS

This should have been documented long ago and i thought it was

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7051825b0171bd5d566c5a5cc78852c5f3aa3072)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/vividas: Check avio_read() for failure

Fixes: use of uninitialized value (untested)
Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_loadfile_direct-5505802505355264

Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 96d45c3b212689f82bff2530c3637405df9e9369)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/ilbc: Check avio_read() for failure

Fixes: use of uninitialized value
Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_protocol_memory-6656646223298560-cut

Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e30d957a9bacf7f7307c640aa0bd1e70cb3bbe7e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/nistspheredec: Clear buffer

Fixes: use-of-uninitialized-value
Fixes: 42537627/clusterfuzz-testcase-minimized-fuzzer_protocol_memory-6515855798632448-cut

Found-by: ossfuzz
Reported-by: Kacper Michajlow
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 898f6582eb51bf77b1f88e8f55eab67ee6ee13b8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

INSTALL: explain the circular dependency issue and solution

Sponsored-by: Sovereign Tech Fund
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit df00705e0010cc2c53d17d51944f847c2c852189)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/mpegts: Initialize predefined_SLConfigDescriptor_seen

Fixes: use of uninitialized variable
Fixes: 368729566/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGTS_fuzzer-6044501804646400

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit db7b4fc89fb18d5ff0a1426bd433c234555a3fff)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/mxfdec: Fix overflow in midpoint computation

Fixes: signed integer overflow: 4611686016549392399 + 9223372033098784800 cannot be represented in type 'long long'
Fixes: 368503277/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5928227458056192

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 23088a5ff2b549fa4fc037bb9ed833fffbc89ca0)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

swscale/output: used unsigned for bit accumulation

Fixes: Integer overflow
Fixes: 368725672/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5009093023563776

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 3fe3014405494503a03c2e6eff4743db91a21c00)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/rangecoder: only perform renorm check/loop for callers that need it

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit d147b3d7ecba2bd40cb45284f920238da97a95ee)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/ffv1dec: Fix end computation with ec=2

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 10e5af15bf220d9da128ca12d2d474ff6ab0076e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/ffv1enc: Prevent generation of files with broken slices

Fixes: Ticket5548

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b7ff66a35804275b25c1176cad560540785e8750)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/matroskadec: Check desc_bytes so bits fit in 64bit

Likely a tighter check can be done

Fixes: signed integer overflow: 3305606804154370442 * 8 cannot be represented in type 'long'
Fixes: 70449/clusterfuzz-testcase-minimized-ffmpeg_dem_WEBM_DASH_MANIFEST_fuzzer-4771166007918592

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c4122406f6d2726aea833480a2a8e345833dd881)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/ffv1enc: Correct error message about unsupported version

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 556c767786e9e3c072f7666d60a68a31a3400438)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/ffv1enc: Slice combination is unsupported

We always write minimal slices, the size calculation is wrong in some
corner cases but as its always 1x1 (minus1) we can for now just hard-code it

This helps with ticket 5548

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 7d514655bfa47c6e5cc1b81fbba8e750e368036e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/ffv1enc: 2Pass mode is not possible with golomb coding

"Fixes" Ticket7063

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 417b163c00555ccda201a963e797bfa663a26ff5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/ffv1enc: Fix >8bit context size

Fixes: Ticket5405

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit a9c83e43f2fc9128e20851291b0270add1a6b95f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/xan: Add basic input size check

Fixes: Timeout
Fixes: 71739/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_XAN_WC3_fuzzer-6170301405134848

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpe
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 56bef2fd58d0ed30dbe940083c30ada2b0404491)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/svq3: Check for minimum size input

Fixes: Timeout
Fixes: 71295/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SVQ3_fuzzer-4999941125111808

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 050b5e85cbe61414ba9b78f76a04b2488e816f42)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/eacmv: Check input size for intra frames

Fixes: Timeout
Fixes: 71135/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EACMV_fuzzer-6251879028293632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit c3a1cbbf5d99337b5e99260eb95c84e65c7587f6)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/jfdctint_template: use unsigned z* in row_fdct()

Fixes: signed integer overflow: 856827136 + 2123580416 cannot be represented in type 'int'
Fixes: 70772/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PRORES_KS_fuzzer-5180569961431040

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit f27c8b04d3059fa538db8f2db6503cbb586eb3ad)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/mxfdec: Check timecode for overflow

Fixes: signed integer overflow: 9223372036840103968 + 538976288 cannot be represented in type 'long'
Fixes: 70604/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-4844090340999168

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6be3786c828edfd60d810c98a42a43eeac4f050c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/mxfdec: More offset_temp checks

Fixes: signed integer overflow: 9223372036854775807 - -1927491430256034080 cannot be represented in type 'long'
Fixes: 70607/clusterfuzz-testcase-minimized-ffmpeg_dem_MXF_fuzzer-5282235077951488

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Tomas Härdin <git@haerdin.se>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5a96aa435af0d66bdec52ee115cf4dd971855fcd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

swscale/output: Fix undefined integer overflow in yuv2rgba64_2_c_template()

Fixes: signed integer overflow: -1082982400 + -1083218484 cannot be represented in type 'int'
Fixes: 70657/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-6707819712675840

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit bd80c97391969f9dbb312d6c498211ad85bb67cb)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

swscale/swscale: Use unsigned operation to avoid undefined behavior

I have not checked that the constant is correct, this just fixes the undefined behavior

Fixes: signed integer overflow: -646656 * 3517 cannot be represented in type 'int
Fixes: 70559/clusterfuzz-testcase-minimized-ffmpeg_SWS_fuzzer-5209368631508992

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 44c5641ae82387fcfce94820f5b53ce8e9dcd27f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/vc2enc: basic sanity check on slice_max_bytes

Fixes: left shift of 896021632 by 3 places cannot be represented in type 'int'
Fixes: 70544/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC2_fuzzer-6685593652756480

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 6df9a0292ca6c29ef3b220fbf9b257924cabf035)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/mvdec: Check if name was fully read

Fixes: use of uninitialized value
Fixes: 70901/clusterfuzz-testcase-minimized-ffmpeg_dem_MV_fuzzer-6341913949569024

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4e39795c75e664ef06f17473adec8c75fcf9de6f)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/wmavoice: Do not use uninitialized pitch[0]

Fixes: use of uninitialized value
Fixes: 70850/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_WMAVOICE_fuzzer-4806127362048000

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 53387079301690f1bd38b97fdf31d63194201d17)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/notchlc: Check bytes left before reading

Fixes: Use of uninitialized value
Fixes: 71230/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_NOTCHLC_fuzzer-4624502095413248

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit b9c7f50c7de9b7d8c533eae173c9b77a6719346c)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/vc1_block: propagate error codes

Fixes: use of uninitialized value
Fixes: 71228/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-6188476880453632

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 01910ca6037379804572c5ec9bbd0b94e7e4b83e)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/apetag: Check APETAGEX

Fixes: Use of uninitialized value
Fixes: 71074/clusterfuzz-testcase-minimized-ffmpeg_IO_DEMUXER_fuzzer-5697034877730816

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 796ff2d599449ed798b69ab798ebcbcc0a5853f5)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/avcodec: Warn about data returned from get_buffer*()

Text based on suggestion by: epirat07@gmail.com
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 93444c46fce195e378c4ebb1a20ea662e7f0123b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/aic: Clear slice_data

Fixes: use-of-uninitialized-value
Fixes: 70865/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_AIC_fuzzer-4874102695854080

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit de3f6c8888bcf3df4ca6cb265a83507b95c884cd)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/vc1dec: Clear mb_type_base and ttblk_base

Fixes: two use-of-uninitialized-value
Fixes: 70856/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1IMAGE_fuzzer-5539349918187520

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 50471f96c4a68874575ab21f799c5999ed920838)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/shorten: clear padding

Fixes: use-of-uninitialized-value
Fixes: 70854/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_SHORTEN_fuzzer-5533480570650624

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit e44349ee88418ac16051bbc9231c1bfdc25d3504)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/mpeg: Check an avio_read() for failure

Fixes: use-of-uninitialized-value
Fixes: 70849/clusterfuzz-testcase-minimized-ffmpeg_dem_MPEGPS_fuzzer-4684401009557504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 66ee75d76ce56a3553a99d67e74b8a9970c18f5b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/mvha: Clear remaining space after inflate()

Fixes: use-of-uninitialized-value
Fixes: 70838/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MVHA_fuzzer-4878509466517504

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit cba4e2e40dec1ff2ce534fec87c7e3e8bef7ff9b)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avformat/segafilm: Set keyframe

Fixes: use of uninitialized value
Fixes: 70871/clusterfuzz-testcase-minimized-ffmpeg_dem_SEGAFILM_fuzzer-5883617752973312

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 4dc7dfe65aaa21801a907c66592b92b05da921dc)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/dxva2: initialize hr in ff_dxva2_common_end_frame()

Related: CID1591924 Uninitialized scalar variable
Related: CID1591938 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1d6a2aebae202652feb5964a2d62bdba4e5cc6e4)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/dxva2: initialize validate

Related: CID1591915 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 2232c4cc8c3d64dec4e4399b58e057f5dbb9ff98)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

avcodec/dxva2: Initialize ConfigBitstreamRaw

Related: CID1591894 Uninitialized scalar variable
Related: CID1591906 Uninitialized scalar variable

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 489c05b9c3ea7d856b7a81abce247721b3b3d6e8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>