From patchwork Wed Apr 22 04:34:19 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vitaly Buka X-Patchwork-Id: 19142 Return-Path: X-Original-To: patchwork@ffaux-bg.ffmpeg.org Delivered-To: patchwork@ffaux-bg.ffmpeg.org Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by ffaux.localdomain (Postfix) with ESMTP id AB58D448D53 for ; Wed, 22 Apr 2020 07:34:31 +0300 (EEST) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 863CE68BAF5; Wed, 22 Apr 2020 07:34:31 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 0460168B691 for ; Wed, 22 Apr 2020 07:34:25 +0300 (EEST) Received: by mail-pf1-f202.google.com with SMTP id u137so1082458pfc.1 for ; Tue, 21 Apr 2020 21:34:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:message-id:mime-version:subject:from:to:cc; bh=+H+ns6TwVdq3q7Sob1n7vVopLs24S97eH8+zOgGx8CA=; b=EZq+MEWT/NKtNoyWoT81HopBQga9hOySOuNoa/LP6vaCt4on+c/Xm/3sPOWXJc64Vg Ayht3I/F9OjaOHX1wrrOqlZt0zj0PJ3hJ8/NX4Z8nv6v0LBPFPK8oyNvocbRKJYPc5uZ Zx/bTv9MQWOpHZPmlTLI3Rr2CJ6rGLOiRSelaWlVOxmd+07TiNAmYNHSEXTQTfJvZlo3 c4fXfs+p5M7K084BiwEVcgGNOzwaIAr20/UjnqlJEDsdHMPtbKvJKyzkj1qEOfKhuF8W KH85Qq+PxaESovD4IWQrl+h9rOoWGcnQfgjIKpenPeR0Yw5yq59wjxd4oU6QCmT5q4lh anGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=+H+ns6TwVdq3q7Sob1n7vVopLs24S97eH8+zOgGx8CA=; b=ZT6e58lL+t5Qw9EHAIT0WvcXPlzwR1c8hSfU+8jnH6D1Aaaaapr6xtRWN0VTY8etgf EwHLVhBbAoVdIch53gwwkGm5+LjUFV4VL0un/GiQ4ixn3tH4dDmVQ4LqMCd7laInFWMy xj6aMiP8Cc2bP+cqu4q0qbBy1zzMR4ix9gzh9huJITqxBEvcCRbrIIwp3zATkSvA/3i7 WRjWog05Df9Pz+hz9ELH6wEqghrBd0vLgZRHLESsERxe1mypz5y2sfBLc1OdiSSVinbG NfZ6i2art9S+xxK/LVocATGCXuorxL9dg2I97+gWRnSX5utB4V5u8uCO/Uh8BoeiCupF ikpw== X-Gm-Message-State: AGi0PuZybXz+mAsIEICplWHkB4SGmccsFtybCZepdLt6fJztaz/OXo4+ zXWq43pSO8CXGEW455yvneNlhOYgYpOIYJuf221RyY8rBk7qLmJT2pfFPyx5pXXY0XvtMNbetV4 72V2gH3GAspf+lccPKZKIzg0EcLkW0fUawphGIdjjLy4yJeIajo+okDWuYBqADwSAynDvpfYKvA == X-Google-Smtp-Source: APiQypK+kk7dBh2FDoba8Kf20CrWZTiY8meeR5NFPM6R8ncWS/Y3sOVYy4CNQkWa4FEw9LqmT5Z2oCHJL/ggdwRl X-Received: by 2002:a17:90a:3ea7:: with SMTP id k36mr9364166pjc.125.1587530063010; Tue, 21 Apr 2020 21:34:23 -0700 (PDT) Date: Tue, 21 Apr 2020 21:34:19 -0700 Message-Id: <20200422043419.71842-1-vitalybuka@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.26.2.303.gf8c07b1a785-goog From: Vitaly Buka To: ffmpeg-devel@ffmpeg.org Subject: [FFmpeg-devel] [PATCH] mpeg4videoenc: Don't crash with -fsanitize=bounds X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Vitaly Buka Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Also the patch makes this code consistent with mpeg4videodec.c --- libavcodec/mpeg4videoenc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/mpeg4videoenc.c b/libavcodec/mpeg4videoenc.c index f6a5992df7..2cd5a8c015 100644 --- a/libavcodec/mpeg4videoenc.c +++ b/libavcodec/mpeg4videoenc.c @@ -104,7 +104,7 @@ static inline void restore_ac_coeffs(MpegEncContext *s, int16_t block[6][64], memcpy(s->block_last_index, zigzag_last_index, sizeof(int) * 6); for (n = 0; n < 6; n++) { - int16_t *ac_val = s->ac_val[0][0] + s->block_index[n] * 16; + int16_t *ac_val = &s->ac_val[0][0][0] + s->block_index[n] * 16; st[n] = s->intra_scantable.permutated; if (dir[n]) { @@ -143,7 +143,7 @@ static inline int decide_ac_pred(MpegEncContext *s, int16_t block[6][64], score -= get_block_rate(s, block[n], s->block_last_index[n], s->intra_scantable.permutated); - ac_val = s->ac_val[0][0] + s->block_index[n] * 16; + ac_val = &s->ac_val[0][0][0] + s->block_index[n] * 16; ac_val1 = ac_val; if (dir[n]) { const int xy = s->mb_x + s->mb_y * s->mb_stride - s->mb_stride;