Message ID | 20191019203950.11689-4-michael@niedermayer.cc |
---|---|
State | New |
Headers | show |
On 10/19/2019 5:39 PM, Michael Niedermayer wrote: > Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' > Fixes: 18333/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_COMFORTNOISE_fuzzer-5668481831272448 > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavutil/lfg.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libavutil/lfg.h b/libavutil/lfg.h > index 03f779ad8a..8b18df2cea 100644 > --- a/libavutil/lfg.h > +++ b/libavutil/lfg.h > @@ -26,7 +26,7 @@ > > typedef struct AVLFG { > unsigned int state[64]; > - int index; > + unsigned index; > } AVLFG; Wouldn't this be considered an API change? > > void av_lfg_init(AVLFG *c, unsigned int seed); >
On Sat, Oct 19, 2019 at 05:45:04PM -0300, James Almer wrote: > On 10/19/2019 5:39 PM, Michael Niedermayer wrote: > > Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' > > Fixes: 18333/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_COMFORTNOISE_fuzzer-5668481831272448 > > > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavutil/lfg.h | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/libavutil/lfg.h b/libavutil/lfg.h > > index 03f779ad8a..8b18df2cea 100644 > > --- a/libavutil/lfg.h > > +++ b/libavutil/lfg.h > > @@ -26,7 +26,7 @@ > > > > typedef struct AVLFG { > > unsigned int state[64]; > > - int index; > > + unsigned index; > > } AVLFG; > > Wouldn't this be considered an API change? is index public API ? anyway i can fix this without changing the struct maybe thats safer will do that thanks [...]
On 10/19/2019 6:15 PM, Michael Niedermayer wrote: > On Sat, Oct 19, 2019 at 05:45:04PM -0300, James Almer wrote: >> On 10/19/2019 5:39 PM, Michael Niedermayer wrote: >>> Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' >>> Fixes: 18333/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_COMFORTNOISE_fuzzer-5668481831272448 >>> >>> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg >>> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> >>> --- >>> libavutil/lfg.h | 2 +- >>> 1 file changed, 1 insertion(+), 1 deletion(-) >>> >>> diff --git a/libavutil/lfg.h b/libavutil/lfg.h >>> index 03f779ad8a..8b18df2cea 100644 >>> --- a/libavutil/lfg.h >>> +++ b/libavutil/lfg.h >>> @@ -26,7 +26,7 @@ >>> >>> typedef struct AVLFG { >>> unsigned int state[64]; >>> - int index; >>> + unsigned index; >>> } AVLFG; >> >> Wouldn't this be considered an API change? > > is index public API ? lfg.h is an installed header, and nothing in the doxy for the struct or field says anything about it not being considered public. I know you're not really supposed to access it manually to being with, but i don't know if it's safe to change it just like that. > anyway i can fix this without changing the struct > maybe thats safer > > will do that > > thanks > > [...] > > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". >
diff --git a/libavutil/lfg.h b/libavutil/lfg.h index 03f779ad8a..8b18df2cea 100644 --- a/libavutil/lfg.h +++ b/libavutil/lfg.h @@ -26,7 +26,7 @@ typedef struct AVLFG { unsigned int state[64]; - int index; + unsigned index; } AVLFG; void av_lfg_init(AVLFG *c, unsigned int seed);
Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int' Fixes: 18333/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_COMFORTNOISE_fuzzer-5668481831272448 Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavutil/lfg.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)