From patchwork Mon Oct 2 10:52:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 44092 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a20:1204:b0:15d:8365:d4b8 with SMTP id v4csp1315468pzf; Mon, 2 Oct 2023 03:51:13 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFn3DOiB9s9tgxRr/3wAewcMHrRrsTwvZiTMs7gfIH5G2su9n6KWVrUlK5w37pmY4t73pdn X-Received: by 2002:a17:906:3116:b0:9a1:d087:e0bd with SMTP id 22-20020a170906311600b009a1d087e0bdmr9892242ejx.6.1696243873579; Mon, 02 Oct 2023 03:51:13 -0700 (PDT) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id l23-20020a17090612d700b009930740da67si19515134ejb.380.2023.10.02.03.51.13; Mon, 02 Oct 2023 03:51:13 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@outlook.com header.s=selector1 header.b=scCg93Ef; arc=fail (body hash mismatch); spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=outlook.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 4DC7568CAD3; Mon, 2 Oct 2023 13:51:07 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01olkn2102.outbound.protection.outlook.com [40.92.65.102]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 094CE68CD78 for ; Mon, 2 Oct 2023 13:51:01 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bUIDFUQQAiPmDATjVCoDvku4GMoq3+ydA9XO6hYs2S8U0YBTTXSo97S9QoU3g2Cm8Qr+KTa9moBss8DxXbwEe7uTJa3nTOonXW7ob0NgRLvj3GsbBZoQLO1Iy8duxA4IygjFY1sU4vGSqnF0oPog6tz+u9qKX75GHN0Uuade3T14fQeXoSjuGtQ+PNIgDcAh1s30e0FKHSyEmDqvEhb1Uj53K0KyXsnbjboKPx0M1Lsu5OHBgjxEbq+XWCGfI5jFYUU9P44V342R9cmmcca7VPouNN0O3/bYX7MqdwabLicYHQmabWjnsAE3OWMvmhZ4sWErDArX2jHM+MpW+h56wA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=182HFyZUVMfmj3xLnqcFfa9hMXWVUwnX9XieX23RYig=; b=cxLOH6QJupFFc3Uq4wXE5ctD1M6FvQaCk3kbb2XlM3TUm9SvWROw07zeVJGohZXjF37QIUQImFj7jn7EDMGdaazQyzAhsbNazMgEdvV0FtB3SFWPH7Rm/LBLKTwJCI5Qvuahyd+b4OXeT9RSOZ4nut5+/z+Jj2gk5hgG6N/oZnk4Ft0+vw0gtU6TMGvkYHjubQm7g9SPWi/i7XYBY6RnNJwPSSL4+1RgPO0vkClErIOoNQ5k5TYs0hXaW/+1x/W37iLCYB9mWOxNjshkRqYGZQNi37YW/dSe0hmP3vGliLxIhS8w/VePEurkVOrjceg99H4cU1T6zwkQPi9habAgng== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=182HFyZUVMfmj3xLnqcFfa9hMXWVUwnX9XieX23RYig=; b=scCg93EfQSpnVrlPzFT6XuZZrXW8x+14PnzQZPvmJBM6f4MVnNtVo0853NPApVJ3jydOUI5Dnn38dyh5Kqiyw/XtRLtbmVZWt2BBKEEMllvwy6JOCh50nPNXmXGk7pfX5GDAHwrwcn/U3oMeZa4DYdlHPFXWAB+VOw27d4AJFOc9c94ibTqvv3iHzHjvKCNf7BZ3ZOY4b+gD2tvFUieV6YqIYTpKlTTT9uLhT+BpyQIDppxgrvAAd5w1+VgeOGKSQA4LSTcEjeWzZroDBEpfTgEh79nHx/MJmroLzOe/8G3bRRam3v0SLKb0b/ksL5IoliSIEltOPfLz6LLn8V7Njg== Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) by AS8P250MB0203.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:37a::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.30; Mon, 2 Oct 2023 10:50:57 +0000 Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::5e01:aea5:d3a8:cafa]) by AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::5e01:aea5:d3a8:cafa%3]) with mapi id 15.20.6792.026; Mon, 2 Oct 2023 10:50:57 +0000 From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Mon, 2 Oct 2023 12:52:00 +0200 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: X-TMN: [jSX9XYGqV3yYhAVSwcZ/YmQzC+Z1tGm/] X-ClientProxiedBy: ZR2P278CA0015.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:50::19) To AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) X-Microsoft-Original-Message-ID: <20231002105202.835642-2-andreas.rheinhardt@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS8P250MB0744:EE_|AS8P250MB0203:EE_ X-MS-Office365-Filtering-Correlation-Id: 33ddb37c-c0e4-44e3-5d05-08dbc3357544 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 0QBb0MqjlQ8qdYthqgqsaxBiNRhDgXzlIxFMTXBNK7v/lIWdiRx5kWq44pus6l8fMXFM7Pwx/2BRaZO2zVoqtuZwYj6ztC/P5FvdvdGW9V3rdMrQxcxxjCrU/UlkBdA0tC+1zVbhrA4MNSEsCBawLI0Ko2u8tLnPezRERMfK4GN+euoLofIzQTDI9jTj+pdgHNFYecPhStMQX49lNa0ZOMxsi0izSZHd9ulKmXCclvxY1U7ueFv8pJaD6LxekzmOKhZrmPjfYf1yE3i+T+GbvEfwVQ2Rky2UQ6pktnREaBolju/x9ZteLiCKx02vs38TFN9VK6vNJfUbVZovvV+VosUClkgMVvSflwBl2Avjq35/F41jTDj4cxmo4XWwxERHJTNhg+qOHTIOAmwrpc4m9RzdGRbQqvrwfQqU8IdOYIBPTIsaxHfIJC4n9vkm7dxUG5UfnGaBKl0LV/GMgOZikh/JSt1pFX9pgYmARxAR/GjuLMqQNBJ5aRWf6vbEQ6rNV9Z8UkUBEf95lkFQdxEkeJf48yITvog40znrvsiJLE99BKlo/xLfbJnxt9foJmvTDPw7Xc0AHqhbkGbv1JyjMBVJW7SCJ1+UdyvKsjB1L+w5WVWOZCAbQhYQ34alvHSZ X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: m3Ji4KUJYNd+ZDI2Xg9mGHqUUHEehAkVzKOWWKUpW54Fv6gU3c88iRuB/EEZnjR0S+3ZK/tjcgoqOUVPop3CzHVqCK6C45GjZ2XbdoB94PSE5p82a7d+vcM/gIeqvzh/RZGDz7QR+q9cJNxOSEDAI3JQ43a0kcvR6AyaDR5lww9IOjaq+ytrpV1GWYHNWOZ/f2k8dn3kviLsKyt/KKislLuC+TIcVmI3bThw8dDSguq818BJTFVVPikxCKB4hMGHTMQXxZngO3SNPOwGhq6N8hoE3ITkygeKcbxwZsQEop6vs8ab59kIdhMdA+V8LpkWKZqsxN/wIGZIa+KvwF1U24cv7ZDF45dxMQS9+8N2G9w1lgQBIRgaObBVFVGjGIeNZpQC5ujfnxmzkNDz6v/InmJemMybwr0M08QDNACH6//HWG0Vhaozei9Vu2w5/R719O9Fs91mmUcUh3lGWJnueehxK8BPfAJfNbR8ZJWIxAUSRZYhDQOeJPBV8Px+3klRBzLAjWXP0E0mUi7jawBnuvgRJ97UPFcsw2q5NY0ZeAipDUo7cYzRqoDFu1C16MQiwgKW1DPv8TTLCfktpOLnNliCTvoKYIjDXzQ0v6UYU4aoErMDyhs8MZH/E5QV8E4PpAXCAoIk/O4MO1UJ9/5ljJWsvsxaZtylLbtMK1GddSdGYnL4aM8iKd1jxAqQR9WR0T6qrkxxYlQwisqVXf3C4VFvYjT9gPi9N+IuBhyl6s74dmkfx9GkGHmywzBF1kVnIJ4HmxNl10/0FWSfNPM5LmtXvk0JrMBTSatPemK7HeXnhkDS/i+qzpMWFqSeNu0TgyR308bC/RAJig0W72GUJdVt7eS/fCeE6wdoEqnbd0ua/7kCH/LO6leZXV2/HmAI5ADKH9Jfo+ranAfgR50Q51FLmLyvbQkYCNt/NhZjddpCjB3CA4oP9I242EuBO6HsKFTSSMMV1yEAIvRW5b3hyObVQYSRH+qbBB7m+uq19FSgD1ktAfKPV5pJjOkAjsG9ea+Iqhe5yp93wAFMv38oHV8tAiH4nVawlGy9c6fwdV7dMc4p0mr1ydH9/JhK0hmHygc0S/C1glNcMZegmdQQ8RGQQQ4GJa2FdL/2qVEGYdB2wWSQ58tU/epiPjxGXNEf+HX1YHwrkH3puRG8ceJOjj7hd6t9JHqJ44z9qX8QNBdpSyvaVwjHAuBU3oY6Z/SP4JW66Q3qQuppMuGsDYlCkO2FMvTGjZkAiy5ZgEJwDGrmlD4HdWE7hs2O0kEALqOn X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 33ddb37c-c0e4-44e3-5d05-08dbc3357544 X-MS-Exchange-CrossTenant-AuthSource: AS8P250MB0744.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Oct 2023 10:50:57.4824 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8P250MB0203 Subject: [FFmpeg-devel] [PATCH 6/8] avcodec/mpegvideo_dec: Don't zero context on init failure X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: vP3rBozHzmZ+ Up until now, ff_mpeg_update_thread_context() zeroes the context to initialize on initialization failure. This has been added in e1d7d4bd13cdd8856a3611d1ea387ac733a7aebf. Just as now, ff_mpeg_update_thread_context() simply copied the src MpegEncContext over the dst MpegEncContext to initialize it, but clear_context() was only added in b160fc290cf49b516c5b6ee0730fd9da7fc623b1, so that cleaning up on init failure was a minefield if performed. It was not always performed, namely not before the first allocation needed to be freed. In the fuzzer sample that led to e1d7d4bd13cdd8856a3611d1ea387ac733a7aebf, the call to av_image_check_size() failed and before said commit, the context contained lots of pointers from the src context, leading to assert violations lateron. Of course, the proper fix for this is resetting the pointers (or even better, not copying them in the first place), so this zeroing is unnecessary since commit b160fc290cf49b516c5b6ee0730fd9da7fc623b1. It is also harmful, because it makes initializing something only once during init more complicated; See the h264chroma handling in the diff for an example. Therefore it is removed. Signed-off-by: Andreas Rheinhardt --- libavcodec/mpegvideo_dec.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/libavcodec/mpegvideo_dec.c b/libavcodec/mpegvideo_dec.c index f9fccff518..3f173a9feb 100644 --- a/libavcodec/mpegvideo_dec.c +++ b/libavcodec/mpegvideo_dec.c @@ -83,13 +83,8 @@ int ff_mpeg_update_thread_context(AVCodecContext *dst, if (s1->context_initialized) { ff_mpv_idct_init(s); - if ((err = ff_mpv_common_init(s)) < 0) { - memset(s, 0, sizeof(*s)); - s->avctx = dst; - s->private_ctx = private_ctx; - memcpy(&s->h264chroma, &s1->h264chroma, sizeof(s->h264chroma)); + if ((err = ff_mpv_common_init(s)) < 0) return err; - } } }