From patchwork Thu Oct  8 17:57:55 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
X-Patchwork-Id: 22759
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
X-Original-To: patchwork@ffaux-bg.ffmpeg.org
Delivered-To: patchwork@ffaux-bg.ffmpeg.org
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by ffaux.localdomain (Postfix) with ESMTP id 492F7449AC1
	for <patchwork@ffaux-bg.ffmpeg.org>; Thu,  8 Oct 2020 20:58:11 +0300 (EEST)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 2656868B91F;
	Thu,  8 Oct 2020 20:58:11 +0300 (EEST)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from mail-wm1-f66.google.com (mail-wm1-f66.google.com
 [209.85.128.66])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 4903568B8C9
 for <ffmpeg-devel@ffmpeg.org>; Thu,  8 Oct 2020 20:58:04 +0300 (EEST)
Received: by mail-wm1-f66.google.com with SMTP id d81so7368125wmc.1
 for <ffmpeg-devel@ffmpeg.org>; Thu, 08 Oct 2020 10:58:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=4QJE77pRvJ4yhw6qdqTk7qBlXp6JdfvVBv3UA3+FBUg=;
 b=t2GNuIYi/iA2psPtJGSTlfASQt/SqGHSaGAhHqc5bEjc/+FIfbT97rcG2EntYu8o1K
 BwiLiNzMLNxIFxpF89HL1jmV4pFR+VwQrGW1vio5yZlSgkrukqL0aVInV01wcr0RjoXp
 ftxBpOzNChQMdWG2O2Mv1ZJo4o6uowh+kZiuPcqWqFKggdaXb77tqDq96yQJ9hDy9pdY
 p1O76EEwbxfTXzlci/EXHI9NU4KxXpC99eLl+kKO3K8ecSuEq8dDwld6NHWidATtBnNn
 PxMdLFSt5e2IoTK67C0x029n8g/lFqXbNc8e1UKNDdVGVVmpp4PrkuPJDHM5hGFZD8nW
 K0CQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=4QJE77pRvJ4yhw6qdqTk7qBlXp6JdfvVBv3UA3+FBUg=;
 b=dL26/KpR4Ih9IlPeFuzOcnCZl5agU/5BfKrTbDyDZHJGPcjGF5DwpYWtn+H/VxbV52
 VuwS9J9yyQ9NRBR696mLY35Nxsbmdl+PYlM1d9cdj2QV638FT845khcQCuVallEaJ89z
 0PRSzUlpSSouSDmkI7iEaJAAwmj4HihDYWrW8m7TD02ejDybaqCH5Vj2DlruummvelKj
 y/zwzzuiEef/Y4aPXF910eSgCviUwZ3rPgEEcDLWR293nuU2aPHYyxlpimzJSz58ChtZ
 IEaQTgeH6mF9o6nKComqXep//Thx1bcml72AjoFvEH1IHDIgS12obVFjSpvT3tvdKJAg
 LTrQ==
X-Gm-Message-State: AOAM532KrxqQbwOlSX4QAohz4/vwG74wgIhikvxpPu1TGzdFklMQNSEO
 WmswxTayzPBf0w9C7cmfFTXcTHLfZyQ=
X-Google-Smtp-Source: 
 ABdhPJwF1BVXdBLEGh7Tvqo3GSqTX27Pdcihv2KoWN9jnG4L6Y09XY34xA/NzUptzaeRzU9Ny9ZGZQ==
X-Received: by 2002:a7b:c2a9:: with SMTP id c9mr10057350wmk.87.1602179883148;
 Thu, 08 Oct 2020 10:58:03 -0700 (PDT)
Received: from sblaptop.fritz.box (ipbcc1aa4b.dynamic.kabel-deutschland.de.
 [188.193.170.75])
 by smtp.gmail.com with ESMTPSA id h206sm8585374wmf.47.2020.10.08.10.58.02
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 08 Oct 2020 10:58:02 -0700 (PDT)
From: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
To: ffmpeg-devel@ffmpeg.org
Date: Thu,  8 Oct 2020 19:57:55 +0200
Message-Id: <20201008175756.290617-1-andreas.rheinhardt@gmail.com>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
Subject: [FFmpeg-devel] [PATCH 1/2] avcodec/mjpegdec: Use correct number of
	codes for VLC tables
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Cc: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>

Commit 1249698e1b424cff8e77e6a83cfdbc9d11e01aa7 made
ff_mjpeg_decode_dht() call build_vlc() with a wrong (too hight)
number of codes. The reason it worked is that the lengths of the extraneous
entries is initialized to zero and ff_init_vlc_sparse() ignores codes
with a length of zero. But using a too high number of codes was
nevertheless bad, because a) the assert in build_vlc() could have been
triggered (namely if the real amount of codes is 256) and b) the loop in
build_vlc() uses initialized data (leading to Valgrind errors [1]).
Furthermore, the old code spend CPU cycles in said loop although the
result won't be used anyway.

[1]: http://fate.ffmpeg.org/report.cgi?slot=x86_64-archlinux-gcc-valgrind&time=20201008025137

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
---
 libavcodec/mjpegdec.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/libavcodec/mjpegdec.c b/libavcodec/mjpegdec.c
index 44bbae010c..4128c47303 100644
--- a/libavcodec/mjpegdec.c
+++ b/libavcodec/mjpegdec.c
@@ -78,7 +78,7 @@ static int build_vlc(VLC *vlc, const uint8_t *bits_table,
 
     build_huffman_codes(huff_size, huff_code, bits_table);
 
-    for (i = 0; i < 256; i++) {
+    for (i = 0; i < nb_codes; i++) {
         huff_sym[i] = val_table[i] + 16 * is_ac;
 
         if (is_ac && !val_table[i])
@@ -295,15 +295,15 @@ int ff_mjpeg_decode_dht(MJpegDecodeContext *s)
         /* build VLC and flush previous vlc if present */
         ff_free_vlc(&s->vlcs[class][index]);
         av_log(s->avctx, AV_LOG_DEBUG, "class=%d index=%d nb_codes=%d\n",
-               class, index, n + 1);
+               class, index, n);
         if ((ret = build_vlc(&s->vlcs[class][index], bits_table, val_table,
-                             n + 1, 0, class > 0)) < 0)
+                             n, 0, class > 0)) < 0)
             return ret;
 
         if (class > 0) {
             ff_free_vlc(&s->vlcs[2][index]);
             if ((ret = build_vlc(&s->vlcs[2][index], bits_table, val_table,
-                                 n + 1, 0, 0)) < 0)
+                                 n, 0, 0)) < 0)
                 return ret;
         }