From patchwork Wed Sep 18 03:26:06 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
X-Patchwork-Id: 15133
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
X-Original-To: patchwork@ffaux-bg.ffmpeg.org
Delivered-To: patchwork@ffaux-bg.ffmpeg.org
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by ffaux.localdomain (Postfix) with ESMTP id 441DE449FBC
	for <patchwork@ffaux-bg.ffmpeg.org>;
	Wed, 18 Sep 2019 06:32:45 +0300 (EEST)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 3532768996C;
	Wed, 18 Sep 2019 06:32:45 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from mail-wr1-f68.google.com (mail-wr1-f68.google.com
	[209.85.221.68])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 0F7156898C1
	for <ffmpeg-devel@ffmpeg.org>; Wed, 18 Sep 2019 06:32:37 +0300 (EEST)
Received: by mail-wr1-f68.google.com with SMTP id l11so5230110wrx.5
	for <ffmpeg-devel@ffmpeg.org>; Tue, 17 Sep 2019 20:32:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding;
	bh=FJlHWRFJ2XJr8Fq/i15sbvNrI1b5UKviiyIKr/dUU94=;
	b=m3KYqX188Jy4VpYv3ugA0sogUoMvrG8iXF9oQgzCH/Pf/g+iTAU+ajoi4DbJd4TbtS
	66W0Wnu4Rh1vdRS+6nSMMP0lmSYirmcpwT3DADx9zufxb6ipE4DJaCV5KREjp+ixnPh6
	pc4q5nO6Q3bFEjPPHM6pdXXw/XMJFIJYcniBOU3895I9ZZvFMDby4GNa4ojRSt85fP5/
	gTGwPCM0pE1DrwQf2KHjZXaTPsEI2pbC5/55gXczHiUaj64fFFBUCa5Pdagd4rCVX1FR
	EPqSz5z5FFADL1ViHWHBJI/cJNNwI+f7LpUTE4fIs94LWqWouj+IflyAgCCd3uJG6qF+
	Z8dg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references:mime-version:content-transfer-encoding;
	bh=FJlHWRFJ2XJr8Fq/i15sbvNrI1b5UKviiyIKr/dUU94=;
	b=sBVF8/7niJMKy+IUXm/mvqlknVPUdqCVxA6Il2tmWg3GOv/sja12fDJLvaEn4P0DK9
	NySpYGMqVyyGWdbasQI1rpaU4ELije2fSqAe7yxMXoOp7yQ53OBfr6U6kxBPfO93+JYh
	fuaIdFddFtEl+mJin0cwZsdc09eX7XWHt3iZ1tvdie1VxSnuaIpRNSzurj+mAr4A6/Ni
	k+XacLOSrOyqqS4zgEvuNNR36UYyGjifFO+EZ1+B2Hy4DmGQr9Jx7uerVdBlZxn7j9Fy
	Etx/atpdGR3z6WdzY0fpX7tEZeor+uYiEJOHznlarCSAFf2BUL/RDw3R9sgOK84/Dap6
	MddA==
X-Gm-Message-State: APjAAAVAxQWN1FFbH9XaBGQSjE9rXry1yhPHQZLhApmJCllhPyD/LDtn
	+q2P+58zdAoEE0QCWmvDaoNvdRjdIDs=
X-Google-Smtp-Source: 
 APXvYqwbSbxk43Ed1fbGRPaOG2vXJOOYuATEpJkHHOCZt2KnFv9H21HnF0wU/sfewn3hGg42U6zA2A==
X-Received: by 2002:adf:f88e:: with SMTP id
	u14mr1118732wrp.260.1568777556333;
	Tue, 17 Sep 2019 20:32:36 -0700 (PDT)
Received: from sblaptop.fritz.box (ipbcc0f857.dynamic.kabel-deutschland.de.
	[188.192.248.87]) by smtp.gmail.com with ESMTPSA id
	189sm806891wmz.19.2019.09.17.20.32.35
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Tue, 17 Sep 2019 20:32:35 -0700 (PDT)
From: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
To: ffmpeg-devel@ffmpeg.org
Date: Wed, 18 Sep 2019 05:26:06 +0200
Message-Id: <20190918032607.11774-9-andreas.rheinhardt@gmail.com>
X-Mailer: git-send-email 2.20.1
In-Reply-To: <20190918032607.11774-1-andreas.rheinhardt@gmail.com>
References: <20190918032607.11774-1-andreas.rheinhardt@gmail.com>
MIME-Version: 1.0
Subject: [FFmpeg-devel] [PATCH 09/10] avcodec/opus_rc: Fix currently empty
	checks
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <http://ffmpeg.org/mailman/options/ffmpeg-devel>,
	<mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <http://ffmpeg.org/pipermail/ffmpeg-devel/>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <http://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
	<mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches
	<ffmpeg-devel@ffmpeg.org>
Cc: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

FFMAX(a, 0) is always a if a is an unsigned type. In case of opus_rc, a
is the difference of a signed and an unsigned type and the conversion to
unsigned was surely unintended.

Found via PVS-Studio (see issue #8156).

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
---
Casting is the easy solution to this problem; one could of course use
another type, but then one would need to check whether this would not
lead to undefined or undesired behaviour elsewhere.
Given that a segfault would be the likely result of a wraparound in any
of these subtractions, I'm wondering whether the FFMAX is necessary at
all.
PVS-Studio found more bugs of this kind. Search for "will work as" on
this website: https://trac.ffmpeg.org/attachment/ticket/8156/project2019.tasks 

 libavcodec/opus_rc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavcodec/opus_rc.c b/libavcodec/opus_rc.c
index c432eb90c9..1c5bcefabd 100644
--- a/libavcodec/opus_rc.c
+++ b/libavcodec/opus_rc.c
@@ -391,11 +391,11 @@ void ff_opus_rc_enc_end(OpusRangeCoder *rc, uint8_t *dst, int size)
         uint8_t *rb_src, *rb_dst;
         ff_opus_rc_put_raw(rc, 0, 32 - rc->rb.cachelen);
         rb_src = rc->buf + OPUS_MAX_PACKET_SIZE + 12 - rc->rb.bytes;
-        rb_dst = dst + FFMAX(size - rc->rb.bytes, 0);
+        rb_dst = dst + FFMAX(size - (int)rc->rb.bytes, 0);
         lap = &dst[rng_bytes] - rb_dst;
         for (i = 0; i < lap; i++)
             rb_dst[i] |= rb_src[i];
-        memcpy(&rb_dst[lap], &rb_src[lap], FFMAX(rc->rb.bytes - lap, 0));
+        memcpy(&rb_dst[lap], &rb_src[lap], FFMAX((int)rc->rb.bytes - lap, 0));
     }
 }