From patchwork Fri Nov 17 21:46:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dale Curtis X-Patchwork-Id: 6145 Delivered-To: ffmpegpatchwork@gmail.com Received: by 10.2.161.94 with SMTP id m30csp1132999jah; Fri, 17 Nov 2017 13:47:09 -0800 (PST) X-Google-Smtp-Source: AGs4zMbu6AaajLXHkwzabsI+JIZWiHO0Dm3wY29NUGlwDlVhq8c89TUEgMW/7HVhschXW7K1f9EW X-Received: by 10.28.27.206 with SMTP id b197mr4990994wmb.96.1510955229411; Fri, 17 Nov 2017 13:47:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1510955229; cv=none; d=google.com; s=arc-20160816; b=QPu+pp/W2TQf6lbhGKP7gmne4gI+v6OZ9UVnb659HXNrVwdv4vqSEtdA9X7piS80Rj Q8b3uxNW1mudTRsX0pLoQHch0FO1vRxGtm/QAYOTbuqG032qUh9+c4Zb7gb5sACNi6+z mwI0b0CByBC0Eevh+rx1zVxaw6cR9BVUoYmnvipTEf8b2pLXpr8+5H0aH7Y0+HrqatFG uwkDBtTc7W5RdYtfslrOvr2ws1W3R4VYisuWgzetmGGkwfbjEomeP5xNm9zZXJICGrxg SN91zXVNz4Y6SHDJy0R29AsqB9aE/vIVQnHQlnepYIOdYuqG3kYFrJAYmsu6Kxz+DUoz cZuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:to :message-id:date:from:references:in-reply-to:mime-version :dkim-signature:dkim-signature:delivered-to :arc-authentication-results; bh=OptIABt8TDPYJDqq5XSx/6GGXxsvVNOyEMDwkyHBSTo=; b=BE8UCBpFBW6cw6xjvQNntMtPeYlRX+5DjwCQQ1TqfG2ab1YJ1rJfIR5qp9ry7kwUEH IrSSXIY63/GWL0ZjjHMhsZGENfiZX3juEq5pzt/MeoDSWPHvUubbM4z6/JS0slfjQ9Yu /OUF0APjvSS6lBhK5ZgJZ9/gl3CbfaSXfkj0H71yEdrieeQs4pFa/iOWcvhckSFxa36R 9Nw5dMNJ6c0gNzvZbGABFwJozDwE4rpfSRb7A5xTn+VlNoG6GAvgKHb02mQXtJjx3cv0 kICfRivlBF3Pxp6W5Dhcyn7DiZ+vGpIhIw7W9FVniRbJdVZu5nyNROgo6NH8xUZzIEfB BGAA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@google.com header.s=20161025 header.b=iAZKPpxX; dkim=neutral (body hash did not verify) header.i=@chromium.org header.s=google header.b=VYNz6UzC; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id k124si928672wmb.56.2017.11.17.13.47.08; Fri, 17 Nov 2017 13:47:09 -0800 (PST) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@google.com header.s=20161025 header.b=iAZKPpxX; dkim=neutral (body hash did not verify) header.i=@chromium.org header.s=google header.b=VYNz6UzC; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 8B67F689817; Fri, 17 Nov 2017 23:46:51 +0200 (EET) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from mail-wr0-f171.google.com (mail-wr0-f171.google.com [209.85.128.171]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 7AAF16891E1 for ; Fri, 17 Nov 2017 23:46:45 +0200 (EET) Received: by mail-wr0-f171.google.com with SMTP id a63so3229623wrc.12 for ; Fri, 17 Nov 2017 13:47:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to; bh=E/mXFABS3h8HGRd+2iq7j+Ly0NmmyC1AdFzE1LN0CFQ=; b=iAZKPpxXVjMvlvd/w3DXXlb+xRlk6ziRvAzIAkBygbQoRMioqqvg3XY4IGu+Xs8hoZ murk7KKQQ3z4yDzKSFUKtuxc9NadwO320fSxORN0z4QIe97MOE+D6Xe7Ru2JrRCrMl3c 330Z6q7q7s8RO2PJzAIYNRPWyrtCn2yNaC0AabdS1BN0tH46P+jo3IvhyAFYEKtls1Qk /el0lCucmn96ykGJAnfaTONZfGs90LUfhJSwareOmqwdyDJQFzbeKnwyFdGEfg7C6hsb ZIaj+sL7hDN8Il/4qVm/wzx7IoGb2K1sl+Hs2/x9s1GNFDqptRqNdvGah7Hc5MO/pHX4 gYMA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to; bh=E/mXFABS3h8HGRd+2iq7j+Ly0NmmyC1AdFzE1LN0CFQ=; b=VYNz6UzCRDjCuPykGGClX77/A0O4fSw+mHaFqjOVz3trr0ykmQZr2jisnLosuidGSw rWd5Pplbyw51XN4coTRhXfY6Fn9N4ATABQSezdTwNiYt8mHn8ylXT5BBvlYs5VY/Lj7T LToYTfP/kjDHTbJfBafJqSh2uWqKkZ+J3yGH0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to; bh=E/mXFABS3h8HGRd+2iq7j+Ly0NmmyC1AdFzE1LN0CFQ=; b=EJ+9Yftn6+bkixKbdzsP4wZgex4bLM+tHAWQvnTvmCNFxpEHJZPla4oQEHCaC9ngjF 00vcg3KI07w03NrcwItVN49fsM/Ikkp2miy42zLx5rWZtqQlc9UUWjYr0TyBrFi04Hrj 1WqPxY7FgPHeS4JfXkL6rSaSr/aQMkLKBi2NPZkUME9iDlGDq/xcwHMROevxUZ1FJa4A JSQwi2koLbSwobj49XzYTKyeRkbE7Kxzw86aYRwwnzn5KgggiHmSkZfT6xpMAnIcxEof +B6ponPgrgKf8g43w76dGIgDygsA/TFWmPKLEEkDC4A6gEuA6j48sRUx+5/VoOW5HU3t nAJw== X-Gm-Message-State: AJaThX5t1/ZVuzZRDvEWWzcaDmSQhLdf/iiUNPJ44OA1z3o6/mWgb6Wl OpHUqmxgbecrdJCs5VviAsgMKLXpc1AYZcPEq6XB4Eif X-Received: by 10.223.136.253 with SMTP id g58mr5807910wrg.86.1510955220765; Fri, 17 Nov 2017 13:47:00 -0800 (PST) MIME-Version: 1.0 Received: by 10.28.161.4 with HTTP; Fri, 17 Nov 2017 13:46:39 -0800 (PST) In-Reply-To: References: From: Dale Curtis Date: Fri, 17 Nov 2017 13:46:39 -0800 X-Google-Sender-Auth: yMr6nOctl-ZRzGk9S90quSH0Kmo Message-ID: To: FFmpeg development discussions and patches X-Content-Filtered-By: Mailman/MimeDel 2.1.20 Subject: Re: [FFmpeg-devel] [avformat] Prevent undefined shift with wrap_bits > 63. X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Derp, actually, 2 << 63 doesn't fit in int64_t either, this check should be < 63. Fixed. On Fri, Nov 17, 2017 at 1:38 PM, Dale Curtis wrote: > 2 << (wrap_bits=64 - 1) does not fit in int64_t; apply the check > used in other places that handle wrap bits to ensure the values > are <= 63. > > Signed-off-by: Dale Curtis > > From 4ae4992326487ba0e42fa7fcf2a53fe3d4564780 Mon Sep 17 00:00:00 2001 From: Dale Curtis Date: Fri, 17 Nov 2017 13:35:56 -0800 Subject: [PATCH] [avformat] Prevent undefined shift with wrap_bits >= 63. 2 << (wrap_bits=63 - 1) does not fit in int64_t; apply the check used in other places that handle wrap bits to ensure the values are < 63. Signed-off-by: Dale Curtis --- libavformat/utils.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavformat/utils.c b/libavformat/utils.c index ff5e14df6c..65d111459f 100644 --- a/libavformat/utils.c +++ b/libavformat/utils.c @@ -1738,8 +1738,8 @@ int av_read_frame(AVFormatContext *s, AVPacket *pkt) // current one had no dts, we will set this to AV_NOPTS_VALUE. int64_t last_dts = next_pkt->dts; while (pktl && next_pkt->pts == AV_NOPTS_VALUE) { - if (pktl->pkt.stream_index == next_pkt->stream_index && - (av_compare_mod(next_pkt->dts, pktl->pkt.dts, 2LL << (wrap_bits - 1)) < 0)) { + if (pktl->pkt.stream_index == next_pkt->stream_index && wrap_bits < 63 && + av_compare_mod(next_pkt->dts, pktl->pkt.dts, 2LL << (wrap_bits - 1)) < 0) { if (av_compare_mod(pktl->pkt.pts, pktl->pkt.dts, 2LL << (wrap_bits - 1))) { // not B-frame next_pkt->pts = pktl->pkt.dts; -- 2.15.0.448.gf294e3d99a-goog