[FFmpeg-devel] [PATCH] avcodec/omx: Check extradata size and nFilledLen (PR #20894)

PR #20894 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20894 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20894.patch No testcase, its unknown if this is a real issue Reported-by: Peter Teoh Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avcodec/exr: Handle axmax like bxmin in 04d7a6d3db56ea1a93908ff2d3d312e3fc40a58c (PR #20879)

PR #20879 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20879 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20879.patch Fixes: out of array access Fixes: 418335931/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_DEC_fuzzer-6718455383654400 Found-by

[FFmpeg-devel] [PATCH] avcodec/rv60dec: Clear blk_info (PR #20878)

PR #20878 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20878 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20878.patch Fixes: use of uninitialized memory Fixes: 418335931/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_RV60_fuzzer-5103986067963904 Found-by

[FFmpeg-devel] [PATCH] avcodec/utvideodec: Set B for the width= 1 case in restore_median_planar_il() (PR #20872)

PR #20872 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20872 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20872.patch Fixes: use of uninitialized memory Fixes: 439878388/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_UTVIDEO_DEC_fuzzer-5635866203848704 Found

[FFmpeg-devel] [PATCH] avcodec/prores_raw: Check get_value() return code (PR #20855)

PR #20855 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20855 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20855.patch >From 5ccb2c9934615db1d55a7a62dda551c4d02c6fd6 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Fri, 7 Nov 2025 01:47:40 +0100 Subj

[FFmpeg-devel] [PATCH] avcodec/exr: use tile dimensions in pxr24 UINT case (PR #20821)

PR #20821 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20821 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20821.patch update the switch statement for EXR_UINT in pxr24_uncompress to correctly use the tile width td->xsize instead of using the full window widt

[FFmpeg-devel] [PATCH] avformat/rtpdec_qdm2: Check block_size (PR #20812)

PR #20812 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20812 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20812.patch Fixes: out of array access no testcase Found-by: Joshua Rogers with ZeroPath Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avfilter/vf_drawtext: Account for bbox text seperator (PR #20811)

PR #20811 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20811 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20811.patch Fixes: out of array access no test case Found-by: Joshua Rogers with ZeroPath Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avcodec/mediacodecdec_common: Check that the input to mediacodec_wrap_sw_audio_buffer() contains channel * sample_size (PR #20810)

PR #20810 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20810 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20810.patch Fixes: out of array access no testcase Found-by: Joshua Rogers with ZeroPath Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avformat/sctp: Check size in sctp_write() (PR #20809)

PR #20809 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20809 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20809.patch Fixes: out of array access No testcase Found-by: Joshua Rogers with ZeroPath Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avformat/whip: Fix rtp_ctx->streams access (PR #20805)

PR #20805 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20805 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20805.patch Fixes: out of array access No testcase Found-by: Joshua Rogers with ZeroPath Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avformat/http: Fix off by 1 error (PR #20804)

PR #20804 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20804 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20804.patch Fixes: out of array access Fixes: zeropath/off-by-one-one-byte Found-by: Joshua Rogers Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avformat/rtpdec_rfc4175: several bug fixes (PR #20803)

PR #20803 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20803 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20803.patch >From ec17f9d7a3ec23b1efafd53978a8d5b2866d2f40 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Fri, 31 Oct 2025 16:17:27 +0100 Subj

[FFmpeg-devel] [PATCH] avformat/rtmpproto: consider command line argument lengths (PR #20796)

PR #20796 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20796 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20796.patch >From 844511d76807d4ad2b248540b20f534bc640540c Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Thu, 30 Oct 2025 23:05:57 +0100 Subj

[FFmpeg-devel] [PATCH] avformat/rtpenc_h264_hevc: Check space for nal_length_size in ff_rtp_send_h264_hevc() (PR #20746)

PR #20746 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20746 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20746.patch Fixes: memcpy with negative size Fixes: momo_trip-poc/input Reported-by: Momoko Shiraishi Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avcodec/g723_1enc: Make min_err 64bit (PR #20658)

PR #20658 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20658 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20658.patch This fixes the case of leaving the struct uninitialized and crashing Untested, as no testcase Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avcodec/vvc/dec: Always clear tab in tl_create() (PR #20670)

PR #20670 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20670 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20670.patch Fixes: use of uninitialized memory Fixes: 449549597/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VVC_fuzzer-5600497089445888 Found-by

[FFmpeg-devel] [PATCH] swscale/output: Fix unsigned cast position in yuv2* (PR #20698)

PR #20698 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20698 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20698.patch >From 93794583405909cfe8e7abffdd84c2454959ff18 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Mon, 13 Oct 2025 14:32:45 +0200 Subj

[FFmpeg-devel] [PATCH] avcodec/vlc: Clear val8/16 in vlc_multi_gen() (PR #20673)

PR #20673 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20673 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20673.patch Fixes: use of uninitialized memory Fixes: 427814450/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_MAGICYUV_DEC_fuzzer-646512196065689 Fixes

[FFmpeg-devel] [PATCH] avcodec/hevc/sei: Do not leave invalid values in HEVCSEITDRDI (PR #20675)

PR #20675 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20675 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20675.patch Fixes: 439711052/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuzzer-4956250308935680 Fixes: out of array access Found-by: continuous

[FFmpeg-devel] [PATCH] Allow the user to limit metadata length and bext coding history (PR #20642)

PR #20642 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20642 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20642.patch >From 42e879d0a91dcb4ee5d21329b58ef93014ea3cb3 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Fri, 3 Oct 2025 00:12:32 +0200 Subj

[FFmpeg-devel] [PATCH] configure: strip non numeric trailer from gcc version (PR #20570)

PR #20570 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20570 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20570.patch Fixes: ../configure: 7820: [: Illegal number: 13-win32 Signed-off-by: Michael Niedermayer >From 45a2307024ce23bbc29a425159f73a77c3b0ac10

[FFmpeg-devel] [PATCH] Animated webp decoder (PR #20568)

PR #20568 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20568 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20568.patch simply updated and rebased to current git master is it ok as is or should we ignore ANMF chunks if strict_std_compliance

[FFmpeg-devel] [PATCH] avformat/dhav: Fix off by length of read element error (PR #20559)

PR #20559 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20559 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20559.patch Fixes: out of array read Fixes: BIGSLEEP-445383648 Fixes: crash_input_1/2/3.dhav Found-by: Google Big Sleep Signed-off-by: Michael Niedermayer

[FFmpeg-devel] [PATCH] avformat/dhav: Factrorize some code in get_duration() (PR #20560)

PR #20560 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20560 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20560.patch Signed-off-by: Michael Niedermayer >From 798c4c50d53a01eb24f172575869738c9e26d93c Mon Sep 17 00:00:00 2001 From: Michael Niedermayer D

[FFmpeg-devel] [PATCH] avcodec/exr: Simple check for available channels (PR #20551)

PR #20551 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20551 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20551.patch The existing is_luma check is fragile as depending on the order of channels it can be set or reset No testcase Signed-off-by: Michael

[FFmpeg-devel] [PATCH] Fix 3 bigsleep issues in exr (PR #20550)

PR #20550 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20550 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20550.patch >From 38d62a1a51a84e220b6dbeaefd961f170d2d5c72 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Thu, 18 Sep 2025 17:32:46 +0200 Subj

[FFmpeg-devel] [PATCH] ff-tmp-exif-clear (PR #20513)

PR #20513 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20513 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20513.patch avcodec/exif: Use av_fast_mallocz() in av_exif_clone_ifd() using fast realloc leaves the entries uninitialized and frees garbage pointers on

[FFmpeg-devel] [PATCH] avcodec/mjpegdec: Explain buf_size/width/height check (PR #20495)

PR #20495 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20495 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20495.patch Suggested-by: Ramiro Signed-off-by: Michael Niedermayer >From 16ba3a971069e4013ff86229df4a9a1d30d12074 Mon Sep 17 00:00:00 2001 From: Mich

[FFmpeg-devel] [PATCH] avcodec/exif: also copy zero termination for AV_TIFF_STRING (PR #20354)

PR #20354 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20354 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20354.patch Fixes: out of array read Fixes: 441131173/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_TIFF_DEC_fuzzer-6700429212975104 Found-by

[FFmpeg-devel] [PATCH] A few new decoders and a parser from almpeg (PR #20325)

PR #20325 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20325 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20325.patch These are taken from before the switch to GPLv3+ If people prefer, we can merge the GPLv3+ switch for these modules too and put them under

[FFmpeg-devel] [PATCH] ff-tmp-sanm-unhack (PR #20306)

PR #20306 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20306 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20306.patch Remove some pointers into freed buffers Fixes BIGSLEEP-440183164 >From fbc1d9dca1aa30ac5e2c63c295652c4b1f54d7be Mon Sep 17 00:00:00 2001 F

[FFmpeg-devel] [PATCH] ff_lxf_uncompress realloc vs av_fast_realloc fix (PR #20280)

PR #20280 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20280 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20280.patch ff_lxf_uncompress() reallocates the array which we allocated with av_fast_realloc(), this patchset fixes this by adding av_fast_realloc

[FFmpeg-devel] [PATCH] avformat/lrcdec: Fix fate-sub-lrc-ms-remux on x86-32 (PR #20277)

PR #20277 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20277 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20277.patch Signed-off-by: Michael Niedermayer >From fddada82fb61a75f207b57d316114a57b97781a0 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer D

[FFmpeg-devel] [PATCH] swscale/swscale_internal: Use more precisse gamma (PR #20274)

PR #20274 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20274 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20274.patch Avoids failure of xyz12 fate tests on mingw and linux x86-32 Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avcodec/sanm: Check w,h,left,top (PR #20268)

PR #20268 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20268 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20268.patch The setup code fow w,h,left,top is complex, the code using it also falls in at least 2 different classes, one using left/top the other not. To

[FFmpeg-devel] [PATCH] aacdec_usac: use RefStruct to track unfinished extension buffers [Lynnes version + 2 bugfixes] (PR #20261)

PR #20261 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20261 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20261.patch Extensions in AAC USAC can be stored across multiple frames (mainly to keep CBR compliance). This means that we need to reallocate a buffer when

[FFmpeg-devel] [PATCH] avcodec/rv60dec: clear pu_info (PR #20249)

PR #20249 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20249 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20249.patch pu_info is read uninitialized on damaged input and at that point the following codepath is dependant on the uninitialized data. In one of these

[FFmpeg-devel] [PATCH] avcodec/utvideodec: Clear plane_start array (PR #20247)

PR #20247 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20247 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20247.patch in pack mode the array is passed into decode_plane() without being initialized or used Fixes: use of uninitialized memory Fixes: 438780119

[FFmpeg-devel] [PATCH] .forgejo/CODEOWNERS: remove reference to secret apparently uncommited code (PR #20242)

PR #20242 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20242 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20242.patch Signed-off-by: Michael Niedermayer >From 7d606ef0ccf2946a4a21ab1ec23486cadc21864b Mon Sep 17 00:00:00 2001 From: Michael Niedermayer D

[FFmpeg-devel] [PATCH] avutil/timecode: Check for integer overflow in av_timecode_init_from_components() (PR #20236)

PR #20236 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20236 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20236.patch Fixes: integer overflow Fixes: testcase that calls av_timecode_init_from_components() with hh set explicitly to INT_MAX Found-by: Youngjae Choi

[FFmpeg-devel] [PATCH] avcodec/aac/aacdec: dont allow ff_aac_output_configure() allocating a new frame if it has no frame (PR #20234)

PR #20234 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20234 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20234.patch Fixes: null pointer dereference Fixes: crash_test.mp4 Found-by: Intel PSIRT Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avformat/aviobuf: Free white/black list in avio_context_free() (PR #20230)

PR #20230 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20230 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20230.patch Signed-off-by: Michael Niedermayer >From e422dc5ff033bc77a1960fdeccc45f22a30377f3 Mon Sep 17 00:00:00 2001 From: Andy Nguyen Date: Wed,

[FFmpeg-devel] [PATCH] fftools/ffmpeg_mux_init: Use 64bit for score computation in map_auto_video() (PR #20229)

PR #20229 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20229 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20229.patch Fixes: signed integer overflow: 10 * 1952737655 cannot be represented in type 'int' Fixes: PoC_avi_demux Found-by: 2ourc3 (Salim LAR

[FFmpeg-devel] [PATCH] bugfix and split of source plugin list (PR #20225)

PR #20225 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20225 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20225.patch >From a489870a2b35bf0e5a6a9a12696bceb211e18a35 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Mon, 11 Aug 2025 20:06:25 +0200 Subj

[FFmpeg-devel] [PATCH] doc/developer: Basic documentation for Source Plugins (PR #20197)

PR #20197 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20197 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20197.patch Signed-off-by: Michael Niedermayer >From 23b2e9eac15db42517c977bcaa7fa9446cb54507 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer D

[FFmpeg-devel] [PATCH] avcodec/jpeg2000dec: Make sure the 4 extra bytes allocated are initialized (PR #20195)

PR #20195 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20195 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20195.patch Fixes: use of uninitialized memory Fixes: 429130590/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_JPEG2000_DEC_fuzzer-5736930522497024

[FFmpeg-devel] [PATCH] avcodec/exr: Check for pixel type consistency in DWA (PR #20194)

PR #20194 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20194 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20194.patch Fixes: out of array access Fixes: BIGSLEEP-436511754/testcase.exr Found-by: Google Big Sleep Signed-off-by: Michael Niedermayer >F

[FFmpeg-devel] [PATCH] avcodec/apv_decode: make apv_format_table consistent with the code and check it (PR #20187)

PR #20187 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20187 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20187.patch Fixes: writing in a null pointer Fixes: 435278398/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APV_fuzzer-4566392923029504 Found-by

[FFmpeg-devel] [PATCH] avcodec/ilbcdec: Clear cbvec when used with create_augmented_vector() (PR #20178)

PR #20178 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20178 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20178.patch Fixes: use of uninitialized memory Fixes: 42538134/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ILBC_fuzzer-6322020827070464 Found-by

[FFmpeg-devel] [PATCH] avcodec/apv_decode: Check that tiles are within the frame (PR #20168)

PR #20168 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20168 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20168.patch Fixes: crash (out of array access) Fixes: 435489659/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_APV_fuzzer-6194885205229568 CC: Mark

[FFmpeg-devel] [PATCH] fix 2 vulnerabilities reported by ossuzz (PR #20163)

PR #20163 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20163 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20163.patch >From 0829dc148e00077acdb448f8f123d61a74202f9c Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Thu, 7 Aug 2025 19:38:30 +0200 Subj

[FFmpeg-devel] [PATCH] Revert "forgejo/lint_commit_msg: add script for commit message linting" (PR #20147)

PR #20147 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20147 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20147.patch This should be done by fate. This script already blocks security fixes (https://code.ffmpeg.org/FFmpeg/FFmpeg/actions/runs/1046/jobs/0) IMHO

[FFmpeg-devel] [PATCH] .forgejo/CODEOWNERS: Add myself for a more libavutil bits which i know well (PR #20146)

PR #20146 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20146 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20146.patch Signed-off-by: Michael Niedermayer >From fb8afa5f018f406250e58d801b84f7af73683480 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer D

[FFmpeg-devel] [PATCH] FFV1 / utvideo / magicyuv uninitilaized memory use (PR #20134)

PR #20134 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20134 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20134.patch >From 74eb5aad285ed8174c70248153fca84f0b4f2248 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Wed, 6 Aug 2025 12:49:49 +0200 Subj

[FFmpeg-devel] [PATCH] fix j2k cdef out of array (PR #20131)

PR #20131 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20131 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20131.patch >From c7c16002ea3f9d6f284b61c7e5d4dc3fc9d1410a Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Tue, 5 Aug 2025 23:18:47 +0200 Subj

[FFmpeg-devel] [PATCH] out of array fixes in exr (PR #20130)

PR #20130 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20130 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20130.patch >From 92a9948ae44ac4cee869c239b2a3667e2d36ac63 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Wed, 6 Aug 2025 10:08:14 +0200 Subj

[FFmpeg-devel] [PATCH] .forgejo/CODEOWNERS: add myself to a few things (PR #20127)

PR #20127 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20127 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20127.patch Signed-off-by: Michael Niedermayer >From 934c1cadb4617d54649fd29062d5d491b33ae6f8 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer D

[FFmpeg-devel] [PATCH] avcodec/motion_est: Remove double protection from init_ref() (PR #20113)

PR #20113 opened by michaelni URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20113 Patch URL: https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/20113.patch Signed-off-by: Michael Niedermayer >From 3fbc67c8a8a29b89d29fbeab5c50318fd25e0a1e Mon Sep 17 00:00:00 2001 From: Michael Niedermayer D