| Message ID | 20210914111919.42032-1-lq@chinaffmpeg.org |
|---|---|
| State | New |
| Headers | show |
| Series | [FFmpeg-devel] avutil/imgutils: use INT64_MAX for alloc buffer check and image size check | expand |
| Context | Check | Description |
|---|---|---|
| andriy/make_x86 | success | Make finished |
| andriy/make_fate_x86 | fail | Make fate failed |
| andriy/make_ppc | success | Make finished |
| andriy/make_fate_ppc | fail | Make fate failed |
| andriy/makeppc | warning | New warnings during build |
On 9/14/2021 8:19 AM, Steven Liu wrote: > check alloc buffer size limit from INT_MAX to INT64_MAX > check stride and stride*(uint64_t)(h+128) > look into the Picture size condition using INT_MAX is smaller, > so make it to INT64_MAX maybe large enough for Picture. > > Signed-off-by: Steven Liu <lq@chinaffmpeg.org> > --- > libavutil/imgutils.c | 2 +- > libavutil/imgutils.h | 2 +- > libavutil/mem.c | 2 +- > 3 files changed, 3 insertions(+), 3 deletions(-) > > diff --git a/libavutil/imgutils.c b/libavutil/imgutils.c > index 9ab5757cf6..03abf1cece 100644 > --- a/libavutil/imgutils.c > +++ b/libavutil/imgutils.c > @@ -298,7 +298,7 @@ int av_image_check_size2(unsigned int w, unsigned int h, int64_t max_pixels, enu > stride = 8LL*w; > stride += 128*8; > > - if ((int)w<=0 || (int)h<=0 || stride >= INT_MAX || stride*(uint64_t)(h+128) >= INT_MAX) { > + if ((int)w<=0 || (int)h<=0 || stride >= INT64_MAX || stride*(uint64_t)(h+128) >= INT64_MAX) { Linesizes are int everywhere, so this is obviously not ok. > av_log(&imgutils, AV_LOG_ERROR, "Picture size %ux%u is invalid\n", w, h); > return AVERROR(EINVAL); > } > diff --git a/libavutil/imgutils.h b/libavutil/imgutils.h > index cb2d74728e..5f1cac7579 100644 > --- a/libavutil/imgutils.h > +++ b/libavutil/imgutils.h > @@ -248,7 +248,7 @@ int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void *lo > /** > * Check if the given dimension of an image is valid, meaning that all > * bytes of a plane of an image with the specified pix_fmt can be addressed > - * with a signed int. > + * with a int64. > * > * @param w the width of the picture > * @param h the height of the picture > diff --git a/libavutil/mem.c b/libavutil/mem.c > index dcc75945d4..10f4328164 100644 > --- a/libavutil/mem.c > +++ b/libavutil/mem.c > @@ -68,7 +68,7 @@ void free(void *ptr); > * dynamic libraries and remove -Wl,-Bsymbolic from the linker flags. > * Note that this will cost performance. */ > > -static atomic_size_t max_alloc_size = ATOMIC_VAR_INIT(INT_MAX); > +static atomic_size_t max_alloc_size = ATOMIC_VAR_INIT(INT64_MAX); INT64_MAX may not fit in a size_t. Also, av_max_alloc() exists for the purpose of changing this value at runtime. > > void av_max_alloc(size_t max){ > atomic_store_explicit(&max_alloc_size, max, memory_order_relaxed); >
diff --git a/libavutil/imgutils.c b/libavutil/imgutils.c index 9ab5757cf6..03abf1cece 100644 --- a/libavutil/imgutils.c +++ b/libavutil/imgutils.c @@ -298,7 +298,7 @@ int av_image_check_size2(unsigned int w, unsigned int h, int64_t max_pixels, enu stride = 8LL*w; stride += 128*8; - if ((int)w<=0 || (int)h<=0 || stride >= INT_MAX || stride*(uint64_t)(h+128) >= INT_MAX) { + if ((int)w<=0 || (int)h<=0 || stride >= INT64_MAX || stride*(uint64_t)(h+128) >= INT64_MAX) { av_log(&imgutils, AV_LOG_ERROR, "Picture size %ux%u is invalid\n", w, h); return AVERROR(EINVAL); } diff --git a/libavutil/imgutils.h b/libavutil/imgutils.h index cb2d74728e..5f1cac7579 100644 --- a/libavutil/imgutils.h +++ b/libavutil/imgutils.h @@ -248,7 +248,7 @@ int av_image_check_size(unsigned int w, unsigned int h, int log_offset, void *lo /** * Check if the given dimension of an image is valid, meaning that all * bytes of a plane of an image with the specified pix_fmt can be addressed - * with a signed int. + * with a int64. * * @param w the width of the picture * @param h the height of the picture diff --git a/libavutil/mem.c b/libavutil/mem.c index dcc75945d4..10f4328164 100644 --- a/libavutil/mem.c +++ b/libavutil/mem.c @@ -68,7 +68,7 @@ void free(void *ptr); * dynamic libraries and remove -Wl,-Bsymbolic from the linker flags. * Note that this will cost performance. */ -static atomic_size_t max_alloc_size = ATOMIC_VAR_INIT(INT_MAX); +static atomic_size_t max_alloc_size = ATOMIC_VAR_INIT(INT64_MAX); void av_max_alloc(size_t max){ atomic_store_explicit(&max_alloc_size, max, memory_order_relaxed);
check alloc buffer size limit from INT_MAX to INT64_MAX check stride and stride*(uint64_t)(h+128) look into the Picture size condition using INT_MAX is smaller, so make it to INT64_MAX maybe large enough for Picture. Signed-off-by: Steven Liu <lq@chinaffmpeg.org> --- libavutil/imgutils.c | 2 +- libavutil/imgutils.h | 2 +- libavutil/mem.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-)