From patchwork Mon Feb 26 23:27:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 46558 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a20:c51b:b0:19e:cdac:8cce with SMTP id gm27csp1671585pzb; Mon, 26 Feb 2024 15:25:27 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCUIBjLgBgDwkBSUtzKZZ8tNhaQYUuR2NKjVdGtUYbPLQhslVrJ5Q4JaZz00S/roZXMeH2PNfGZfDZihyIYZ/wPdHJMou448UbFXRg== X-Google-Smtp-Source: AGHT+IHRkHSgBMA+P9S2oA4CeWiXDFhuNH9WYYFMAvEugUwiUuAXeNS/exNu0WwT/Ai7guaCjkZD X-Received: by 2002:a05:6512:114f:b0:512:f317:f5c0 with SMTP id m15-20020a056512114f00b00512f317f5c0mr5752217lfg.42.1708989927679; Mon, 26 Feb 2024 15:25:27 -0800 (PST) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id ah18-20020a1709069ad200b00a4309fb085esi171379ejc.281.2024.02.26.15.25.27; Mon, 26 Feb 2024 15:25:27 -0800 (PST) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@outlook.com header.s=selector1 header.b=NQYqtZVq; arc=fail (body hash mismatch); spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=outlook.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 215B468C9DC; Tue, 27 Feb 2024 01:25:24 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05olkn2031.outbound.protection.outlook.com [40.92.91.31]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id B899F68BC86 for ; Tue, 27 Feb 2024 01:25:16 +0200 (EET) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BZb66klPzBfGLY24Cluk7bNf98IgKKPf9hUJ+ewfoCGB2A9xTinprAiCQ9d13u5dBx0dlHIvwXPOuxGHS154HSaQqSwgef7DY+sow4LLCAqy3cEhCHBTB4UNPXzdvmf/h4In3tT4SNVEVoWrCiUYQOGIHyYGAdLEN3ajaBh4asvkHKjHIcNpn/PgESIHoTJokSIhYkESrEyeWr64AQuxbgr5aapDi98Qx1+/SwoTm7uMUjdaTVjZVjYCwaDym71kR4L5hiuJ9dmpjkq5rm1t6OKjZQSxbg7V7b7BJYKxv9iTRZX/U23CQ2G3q8mHHVUhFXoZgmRHx6n0PCEYOLsl2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=y2QKCrJrtLSV9Pgf9TSTebFzlD60ewNqhwpja4Xey7o=; b=ec7wjbR6/SgSDUgXqQuLwKwf30fCSTevUDRh/z33PgQdo06Tsobtv7aIGccJR1CiZ6Xe279gjYFOrOlGTknw9SoSqasRPHKFXbt490q3HH3XICae4acMFCWUM7rbQpPXGgC9lGiDps3fceQujfNQ5qRjxL2Xjhv/42HolN4tgLsOxOnlWj79Czmd2UZ+e7dIxcUJKZ896CvgVvJaHxzmat0bc2M1pESnBxiVdgzkT0LzUKzZaKjFttQWvk6QC2e7/HaAzvmDnOGoT7WSL1XefNNkZi4ori4KdRZI3DZTE6lt7Ppm3lSD/ZHPhmkcVEmdGjIZQJv0geLqmxMw3tzwVQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=y2QKCrJrtLSV9Pgf9TSTebFzlD60ewNqhwpja4Xey7o=; b=NQYqtZVq7Ottvmz3k8F4InJbOWDhq8D/R9/4hO+7zpr+RumLpR/tn1gAqM2eUfHi/bGvWGRZLwUaFIaMJh2vmW0AgJE4N3isCLjYbHIcgyppwsyYPAVaXY10V0YGfacTxEDYLOb7gH5mu21pDCOUVaQTmEG5JlgsddisFkdW6o7mT9hadNJQT5y/hQyidRgpfz/YnjPN5fMk1k4CnXK9cl2F3aK9eOkaLxESZbVMGI/AAEQIgZTP2XBC/ATR19VXZLpWLuTeRDv8pWK1/9O3sa/hBfb3il5515C3T98B2/hkcCWT3AcFXP2EnJ4iVq89lECtJnuZ+76sWiGLAuOTxQ== Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) by PR3P250MB0289.EURP250.PROD.OUTLOOK.COM (2603:10a6:102:17c::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.34; Mon, 26 Feb 2024 23:25:14 +0000 Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::65aa:deb0:a18e:d48d]) by AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::65aa:deb0:a18e:d48d%5]) with mapi id 15.20.7316.023; Mon, 26 Feb 2024 23:25:14 +0000 From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Tue, 27 Feb 2024 00:27:08 +0100 Message-ID: X-Mailer: git-send-email 2.40.1 X-TMN: [kktSrsxuy0pTYASmfmNnryNjR1Rxoxp76SPNzDo+7W0=] X-ClientProxiedBy: ZRAP278CA0011.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:10::21) To AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) X-Microsoft-Original-Message-ID: <20240226232708.1292963-1-andreas.rheinhardt@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS8P250MB0744:EE_|PR3P250MB0289:EE_ X-MS-Office365-Filtering-Correlation-Id: da8734b4-4011-42cf-1d7e-08dc37222f62 X-MS-Exchange-SLBlob-MailProps: Cq7lScuPrnoQWGgFdnk/XrL0kWZR7YPnEezqglOIf910ZIqMCFWQH9S69GfcUIhGrimPjKfW29cMl6gok7r8Pew12UM7kBlZ69NFtOFGiabn6p51DjUZFmu780xjob+x4cUw/yQCoBFcd3W4wjp6Q7+LiEdDfhSsChR6N8cDa1sqXnteeI3xq7PjswOVCoCDQkNM4Ws3cMFxhQlCjjIt0oH64fqvVv6KDIJIi2PE5a69AoUsJermoIciIKQyY0S3E/Ai780INhmxEIbi+m6Q0LxwT8YEEBvrKjrPU0OM5SsaRr4ThCFdnyrgi3uana90i2z/bOxby+4qyA2ib72Gf+7/dcECqzpvimj6yqJkLGurtVKS+V+XcOqw3TX35WCr+ULtSzOfRn9GvqQQPGS/dg4CjXvpEB4LbsJ9NFUB8Iics9tNXd0I/QrI4Y0XgLZE+8C2eml1DzmBOkmet0JzYf5rDC8Dp4NtdImJfnDiogEI63C40Xx7da4TrPRDKOPAMZdCHoDA1URX/DEAM5c1Ikgslr+zm/H9HdkfV8UGl9HekKJV0Q+G+OnnPXaab6vml3Ta8UTkrj7lKDcyY79Djan/5jtyCcR5pgcR+aTyR4hkdqpBrg40IHq4TNUz/L4pgmgoMU+dAMwZA6VoVejb0gTA0mcELmXDXEA75rQ7ZiSrlo6AHqatXlac38akwJdB66pF4b+cxAeggQ3GMF5kb/DL2yBKo+2QOu1usOuFynMW+IFGBUdS9oHfJBhHkRb6xYmACdX6EbE= X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: r3m8tB3VHwwg6CSUiJwY0sC5oyPqtpH8oM59Ivp7zPPI0BJXjs6v3NAaXhQTwxezZN1tQ1f9bDUpHrGdGdWgWWmJdBJs7StYBn6nTKWtD6cz3e3FxCTBvcW/eMtyypW6vMUFmkq/Vk0zVGyTqO5u5vfzSLgSYs4UFtTif1lMFwrtgyAGi6LsCGUZWuCtq6Qbihi25tfMEp/qsaCpeZ4GoyJwQqaBoiZe+m/B000T/1lMtL134AQefQ9fX7giIapXkDCU3YxURzrq4vpfyeudjb6FR6QWprloohOo7ocNWz+JYu3Tptza7O4jFZ+DYwlPIJd2aG93obiakKhA6J/ANil0Ev3KLeY10Z6dWemVBU59BJaF24pfNhRCkTH3vX8SBOpwZNImyXy38ULQ4URX7KCVnWO7nhWhqSh/ovL4ioB/u+WlllN5tx/A705qaJ6CWJUPSjhgtlGTRf8ZyKTegr0RH9ZNZt2FAAIX1Xv/09whNRonw/fZNTL+6d33WYdPcMWxb06kITPsmTobI/vAl5tMhP24EZdEKAOUrD6ZF3QRZxsUiiL6/Bxbp5py+T5VYcS7i8EJM45GHoGYIBhshZHVpgTMS9o38x4Mf7eZrDQb18/SlkhtJdwdRyykxXdL X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: CUtqLSejg50Ffth5lQTXOnz+UsUpUbqFZuJsiOn24Rb/XKAvqtO+SyBF2s82xRF7TkIIw4HnHDvI36INHynv3PMaZowpAMe5IUAiIAhU1e05jtU4SXeTnioDLAmEjd5FAn+JAS6Dvguxf+4pmMfAMIl8ysozupzdlo4gl/C049Fw/grlkGrKSXYUZpCbajU82VkykokoSRCIOCFa+jr2YmKImFKFB/3qDYuhATN/sNuq4gC8Tm/aRnkEdlf+BOFvoJCnPE9gVvOWrM+gNLooyobWO9PDtb90So+9d0E2uqHbVNI7wt0EBv803SJn6gTfjrUbsgSi9oY0/EvaaXUK4to9KA0h8yuUG2FPU6rFnlw23TVIGl05EKdtrieHnVrgP1T7o0cri5TWMTkV73VPrSM7i+F/ycDaEX7uTaFXVlntwm6tjv/yR6CqgDa5tkK0ET6hMO1cm0ByDLLsdI5zNaFWPaLLz4jjWlY04fHLrQqfP614eaHBHA9EOj1npRGBtKji+zJPsBxIHhZchR/SBm9f+3wCMvlk2KAoX0uSO22pVFXifKgIxVcsQWTKU1EUssU+2hiSXZ4nv92UQdUT5rXSiv+hZJI5Mwhkp+C0PQjzIrDuZoygw9PQam8khz7IzlQ7Dofqz3gc6+dSnT1yRQwnywj3IQFYqRF53ZZhk66yr20pdXvSE3DcN/sqq7i3MK98yGClSMIbQLO+9RI8DYznhvwGsuptQ6HB/E/lVaf2Lnw5RL+mYcjyhepc7kQWJ9ouX96LIribwinZXWNpDz092Er9ZaeQEiOwsezo2Cr65NumGULU9iXlk6vdp+B3UtiYx/VVWethV3E6fSzGoP2Goc0jU6vYm86lOvE36ENb3hJo+mMI6ZIJi0Wna53jlLN9UMVoqtTxmbciw9WWmrmJplDJLhTpvA9ipMGfdJHyhv+o1eaPC5bKijDJFGRe56OWJDRaoNPoBw+rpsUj2zF51bkJqwyQzvh07R2sjldbAtXuSdreIKYpJT8WifuiC9rMMYsNIytvf6X5GohcWTv7lGEmTk6unJnBBZjw7vAMXp7s12TCiPnIlhlPWKbU9EKV3INEqSUwExa4yY3FrTaSMKI+JoiBhLJ3bt4DZ71t9okf3U1jOUX9k3e/98wY/5iHDL7xHmxbWn33H1F9RGmiu61f+6ktZlR3IYLJ/SXLZ4tfNdLDKtDOZAykTSXwoUglGwzu7mzVbpjXTLcWfhTqBhNoHTpe/3piR/tE7rcwiSSHbCVxzLs7zsNoPDWYar+3pl3D9ULeEy0BEJeNbQ== X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: da8734b4-4011-42cf-1d7e-08dc37222f62 X-MS-Exchange-CrossTenant-AuthSource: AS8P250MB0744.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Feb 2024 23:25:14.5165 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3P250MB0289 Subject: [FFmpeg-devel] [PATCH v3] avformat/mov: Don't use entry[-1] in pointer arithmetic X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: wm2aWPxYz7wo It is undefined behaviour. Fixes many failed tests with UBSan and GCC 13 like "src/libavformat/mov.c:4229:44: runtime error: store to address 0x5572abe20f80 with insufficient space for an object of type 'struct MOVIndexRange'" (The line number does not refer to the line where &entry[-1] is assigned.) Signed-off-by: Andreas Rheinhardt --- libavformat/mov.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/libavformat/mov.c b/libavformat/mov.c index 71e8f7ae8f..97caaa7723 100644 --- a/libavformat/mov.c +++ b/libavformat/mov.c @@ -4022,7 +4022,7 @@ static void mov_fix_index(MOVContext *mov, AVStream *st) int num_discarded_begin = 0; int first_non_zero_audio_edit = -1; int packet_skip_samples = 0; - MOVIndexRange *current_index_range; + MOVIndexRange *current_index_range = NULL; int found_keyframe_after_edit = 0; int found_non_empty_edit = 0; @@ -4038,7 +4038,6 @@ static void mov_fix_index(MOVContext *mov, AVStream *st) return; } msc->current_index_range = msc->index_ranges; - current_index_range = msc->index_ranges - 1; // Clean AVStream from traces of old index sti->index_entries = NULL; @@ -4225,8 +4224,9 @@ static void mov_fix_index(MOVContext *mov, AVStream *st) } // Update the index ranges array - if (current_index_range < msc->index_ranges || index != current_index_range->end) { - current_index_range++; + if (!current_index_range || index != current_index_range->end) { + current_index_range = current_index_range ? current_index_range + 1 + : msc->index_ranges; current_index_range->start = index; } current_index_range->end = index + 1; @@ -4289,7 +4289,8 @@ static void mov_fix_index(MOVContext *mov, AVStream *st) av_freep(&frame_duration_buffer); // Null terminate the index ranges array - current_index_range++; + current_index_range = current_index_range ? current_index_range + 1 + : msc->index_ranges; current_index_range->start = 0; current_index_range->end = 0; msc->current_index = msc->index_ranges[0].start;