Message ID | 20240707184729.3525852-2-michael@niedermayer.cc |
---|---|
State | New |
Headers | show |
Series | [FFmpeg-devel,1/6] avcodec/tiff: Check value on positive signed targets | expand |
Context | Check | Description |
---|---|---|
yinshiyou/make_loongarch64 | success | Make finished |
yinshiyou/make_fate_loongarch64 | fail | Make fate failed |
andriy/make_x86 | success | Make finished |
andriy/make_fate_x86 | success | Make fate finished |
On So, 2024-07-07 at 20:47 +0200, Michael Niedermayer wrote: > I am not sure this is possible (thus this requires review) > > Fixes: CID1604570 Overflowed constant > > Sponsored-by: Sovereign Tech Fund > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/vaapi_h264.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/libavcodec/vaapi_h264.c b/libavcodec/vaapi_h264.c > index 398e92568c2..77819a64a4e 100644 > --- a/libavcodec/vaapi_h264.c > +++ b/libavcodec/vaapi_h264.c > @@ -342,6 +342,10 @@ static int vaapi_h264_decode_slice(AVCodecContext *avctx, > const H264SliceContext *sl = &h->slice_ctx[0]; > VASliceParameterBufferH264 slice_param; > int err; > + int slice_type = ff_h264_get_slice_type(sl); > + > + if (slice_type < 0) > + return slice_type; sl->slice_type should be one of AV_PICTURE_TYPE_P, AV_PICTURE_TYPE_B, AV_PICTURE_TYPE_I, AV_PICTURE_TYPE_SP and AV_PICTURE_TYPE_SI when this callback function is called, I don't think the if statement is required. Thanks Haihao > > slice_param = (VASliceParameterBufferH264) { > .slice_data_size = size, > @@ -349,7 +353,7 @@ static int vaapi_h264_decode_slice(AVCodecContext *avctx, > .slice_data_flag = VA_SLICE_DATA_FLAG_ALL, > .slice_data_bit_offset = get_bits_count(&sl->gb), > .first_mb_in_slice = (sl->mb_y >> > FIELD_OR_MBAFF_PICTURE(h)) * h->mb_width + sl->mb_x, > - .slice_type = ff_h264_get_slice_type(sl), > + .slice_type = slice_type, > .direct_spatial_mv_pred_flag = sl->slice_type == AV_PICTURE_TYPE_B > ? sl->direct_spatial_mv_pred : 0, > .num_ref_idx_l0_active_minus1 = sl->list_count > 0 ? sl- > >ref_count[0] - 1 : 0, > .num_ref_idx_l1_active_minus1 = sl->list_count > 1 ? sl- > >ref_count[1] - 1 : 0,
On Tue, Jul 09, 2024 at 06:11:54AM +0000, Xiang, Haihao wrote: > On So, 2024-07-07 at 20:47 +0200, Michael Niedermayer wrote: > > I am not sure this is possible (thus this requires review) > > > > Fixes: CID1604570 Overflowed constant > > > > Sponsored-by: Sovereign Tech Fund > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavcodec/vaapi_h264.c | 6 +++++- > > 1 file changed, 5 insertions(+), 1 deletion(-) > > > > diff --git a/libavcodec/vaapi_h264.c b/libavcodec/vaapi_h264.c > > index 398e92568c2..77819a64a4e 100644 > > --- a/libavcodec/vaapi_h264.c > > +++ b/libavcodec/vaapi_h264.c > > @@ -342,6 +342,10 @@ static int vaapi_h264_decode_slice(AVCodecContext *avctx, > > const H264SliceContext *sl = &h->slice_ctx[0]; > > VASliceParameterBufferH264 slice_param; > > int err; > > + int slice_type = ff_h264_get_slice_type(sl); > > + > > + if (slice_type < 0) > > + return slice_type; > > sl->slice_type should be one of AV_PICTURE_TYPE_P, AV_PICTURE_TYPE_B, > AV_PICTURE_TYPE_I, AV_PICTURE_TYPE_SP and AV_PICTURE_TYPE_SI when this callback > function is called, I don't think the if statement is required. patch dropped, i will mark this as false positive thanks [...]
diff --git a/libavcodec/vaapi_h264.c b/libavcodec/vaapi_h264.c index 398e92568c2..77819a64a4e 100644 --- a/libavcodec/vaapi_h264.c +++ b/libavcodec/vaapi_h264.c @@ -342,6 +342,10 @@ static int vaapi_h264_decode_slice(AVCodecContext *avctx, const H264SliceContext *sl = &h->slice_ctx[0]; VASliceParameterBufferH264 slice_param; int err; + int slice_type = ff_h264_get_slice_type(sl); + + if (slice_type < 0) + return slice_type; slice_param = (VASliceParameterBufferH264) { .slice_data_size = size, @@ -349,7 +353,7 @@ static int vaapi_h264_decode_slice(AVCodecContext *avctx, .slice_data_flag = VA_SLICE_DATA_FLAG_ALL, .slice_data_bit_offset = get_bits_count(&sl->gb), .first_mb_in_slice = (sl->mb_y >> FIELD_OR_MBAFF_PICTURE(h)) * h->mb_width + sl->mb_x, - .slice_type = ff_h264_get_slice_type(sl), + .slice_type = slice_type, .direct_spatial_mv_pred_flag = sl->slice_type == AV_PICTURE_TYPE_B ? sl->direct_spatial_mv_pred : 0, .num_ref_idx_l0_active_minus1 = sl->list_count > 0 ? sl->ref_count[0] - 1 : 0, .num_ref_idx_l1_active_minus1 = sl->list_count > 1 ? sl->ref_count[1] - 1 : 0,
I am not sure this is possible (thus this requires review) Fixes: CID1604570 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/vaapi_h264.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)