From patchwork Tue Jul 5 20:09:37 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 36679 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a20:8b27:b0:88:1bbf:7fd2 with SMTP id l39csp3719984pzh; Tue, 5 Jul 2022 13:10:05 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sZhScbJZqbrdXpT++FFC9vbeqVha/gB5YWYnFmE22ZutBn9Ejy89ckj5yaFfFW1ZPCfYiy X-Received: by 2002:a05:6402:3707:b0:437:61f9:57a9 with SMTP id ek7-20020a056402370700b0043761f957a9mr48242407edb.1.1657051805660; Tue, 05 Jul 2022 13:10:05 -0700 (PDT) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id mp28-20020a1709071b1c00b0072ad02a1b20si7735690ejc.72.2022.07.05.13.10.04; Tue, 05 Jul 2022 13:10:05 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@outlook.com header.s=selector1 header.b=IwM7mPZD; arc=fail (body hash mismatch); spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=outlook.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 8386868B8E4; Tue, 5 Jul 2022 23:10:00 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05olkn2086.outbound.protection.outlook.com [40.92.90.86]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 8BF5D68B870 for ; Tue, 5 Jul 2022 23:09:54 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jJ2cr6VSK2yfslB4RMwTVGGWPso6MF6R83eX1S3XPfTrGG6ezMBVpckqbkGhorrjOETXs3LISPN5eIJpshWfdL6zqX9H2mgod7fOX7hlTiyP9Bjf1I1Z5vGHrG6Gtti+KsMXT3QN92PbI5PeBhI1/7ya02AyMZSM8hz6Oa47rZx5KoEoDxAK0aMJoyY55QFAq7EiPsd3pNyL7PGyuU8z1rCKU0cDDu7KUQ1l0pKwjvWeoPacYsmB3zoacwQrYzw2zPotF6PnYjADibd+w2kc2aq1/BeOf4imoGHgPLwTnJYZYWzQvEuMxLWTMwONhDk/oBwGMHhmsNU5cEIorJi9pA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IjT1JbAx3eKLMNce+l6jVXrjfwEvRd9GPpdOFgIc3+c=; b=Lhp9lQtDlrKjOS73s3t+pYLnixEp0Z9VA06RQTLTkrqoEDLo5z/dN6+3sqwGpv+I3Zu0itrMnzD/h23j4xIc3eJay7Dj5XlEx+U9K3QSHltvTqXTq+6a3ajxkLNM5krWKmdMNZ3dWvwfi4AGC4OsdLoC8HOxVYeEafJZ+y5+tc7I2eLgezWDY8q88J+7+FrPUveiWVnV9JA7qDzRV4m1m7FvkrLRONncthVCuHLa3Ad38fgehsoIEzyQQn3rhMa5atjtrSi1lymGYy+HUeNil47JFfZ2XlBN7TulggmMy73io2LtbdLrxqOxuqwhybDYPCsaXYCLpdoZjNEdMxLg3A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IjT1JbAx3eKLMNce+l6jVXrjfwEvRd9GPpdOFgIc3+c=; b=IwM7mPZD1BzzFmbraFRX3mwvbUR1OUdwQ0n2UWBQFV7cr1YN2uUjcIhkKdvhVz9NFZFzJiK/1JyMvlkHdAmo587jL+UoEE5sCdir82bGwMMw95Sl0SDqHVBneffkuMV8/3b9kwUY9f+COFktLY48Nru4zCkx/d+N3yT1iPmLg3vV/XIu/fos5E6yauRtzsTWuHKjLQ++6Gikz6vOaXMJCaOuF1bMjq7ytK7mZ7qyCY4lkNxUPh6hZlm2Z8lCNCaa/4IlYQes6lC5tTM4xjFjiwcMvIJ5s4BnhitonSlyoWZI9CY3kR/zQlR7M4cGrt23WvbouMMPVP+a61Mh4kqWvA== Received: from DB6PR0101MB2214.eurprd01.prod.exchangelabs.com (2603:10a6:4:42::27) by AM7PR01MB6579.eurprd01.prod.exchangelabs.com (2603:10a6:20b:1ab::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5395.15; Tue, 5 Jul 2022 20:09:52 +0000 Received: from DB6PR0101MB2214.eurprd01.prod.exchangelabs.com ([fe80::60b9:9f29:40cc:f01c]) by DB6PR0101MB2214.eurprd01.prod.exchangelabs.com ([fe80::60b9:9f29:40cc:f01c%10]) with mapi id 15.20.5395.021; Tue, 5 Jul 2022 20:09:52 +0000 From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Tue, 5 Jul 2022 22:09:37 +0200 Message-ID: X-Mailer: git-send-email 2.34.1 X-TMN: [ddSfflTIwpDAKqVDC7FVLJQwTUr5+tkv] X-ClientProxiedBy: AS9PR06CA0529.eurprd06.prod.outlook.com (2603:10a6:20b:49d::20) To DB6PR0101MB2214.eurprd01.prod.exchangelabs.com (2603:10a6:4:42::27) X-Microsoft-Original-Message-ID: <20220705200944.750794-1-andreas.rheinhardt@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: b16fbb96-edbc-439c-0032-08da5ec251af X-MS-Exchange-SLBlob-MailProps: +LiGfBxqLEtx48ky6LpRAMOTYXyX1XRT5Vgl9YcaTC0bledOKAI4lKtVWgL+YwAFZ8LRTHsJ5C+e2EmL0xaCxXZM8sdQ27r3fhXouKm1v3iFnGJwQBmYAGw3yG2/cVt2n+iUVIgLHhqSQDxPABoK8rMFw7Zufe8o14J9L/13xNt44DS+vpZgbJ1apisUM2YsB9LuXosscuF6gSy0P7F/a7YU6ca68SG/ue8PxbSlik2JAbS//srrsz4Ra2dzdOk9S4Pyfc24E1WTkeyQp8BeecC9rVf3AJ1xMqgP/OvkWQVMXcB5MGnlAiWL3zNSG5vL7onJ6M4RGRftO1tMbzy/OySi8UPNwCQF310a4vHGlvhCNy347+FDzcFC8sT5GI7DIik/RxutamizWTjxKJy7xoheXA4iu0G9F4yRacEewrHieGpf54HTqWlWbYLZhLTJ/M/IyDtsKIRrvozNZmPhXHbpl2r09oD/nTDIiZKo85362/GALjz5/5guHDeq56NVsRwV4nGVVT8m2QavwNc69YDbspCLDVgs0QRtdtHEX55mvpiRBPHdMCUzIjuso02DZbgkeKiKd4CX7hyHDC4kpZ5wjNNq4h0MRExVBAe2pnSq3d/RZKoQrXTi717z2EAPinX5yPtKyHxyvCtpyWtBGBDjXQQ+ncU64hj34mUTNLtOLPiY9szEvZUuFdhU+/byb9o7aCdGj9E/qC2PhyNz7BbU5hVRjxPsJ8Sr3UACiRmoOK/0H/UZboRGUb81utp9CQGL7joHyV9KHP9Vjfvmlt9QtggYiVGo X-MS-TrafficTypeDiagnostic: AM7PR01MB6579:EE_ X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: m+8Sfku5P+w/1IpO0D8qv4Jnww84e4jReQ8VqM75g6p/yCvnT49D9TCDoY+K+jqUcAd99qHqkeFH97ZW2CkbnBJHEd23CYAFlQnd9Ayk13xM3vfAy6G7OhWuFq99WONGf6bjRpcySMZyv9FJPRHAjihL5uB91fZwwjLnV71EWQyR9EkZVlYR/3nU49fFCbVi7n13rUs80zqxPqqPxrs6Ga6rqu361hhYgHtKAwjJKD/tmJg0GrbdaGCpCsIFfUJ2qg6+2AhmBaISQfUSwd1E4UNEklRb6jS/T36IfTeGag/US3xqJCTXi5xBYOpE0atzTtEvhQQFuO0Nso83erAwgluMXhU373vHWCMhRj7lIMybTHcYdEE+xE8lVnRbgOnwTFk2wjE1PJJvT2P8rwaTxCp6Bcz6KfyePivmwnY4NCeKewoUdx6IZgLdLTe/A2CEZ3VN0LznngJDt4R6fkiJtt3TTQWJTeROW3zhg4PvFyckTPLmY5A0Fv5zpkG9gb6Uc/kuZXMrZRK7ud2cR9/pKpa7OFS4L1ZFoT2J8dJm7y0OW5IzPxOTVtTAmFarayHHo3qb2Dk+NvyDnZJnHtMnO0PeNajlf3g8yVToeLw1J7wFNHapkVGfv/+tHrCkedCp8wU4ll43sFeOiMTxWyv6Bg== X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: +Zo4J8UnKnABXlKVYswjaz6H1/2khHsTzXKK5tvvofXNIGWIbCB4j2+oJ+wP/3S+bxwlumseODJmqmK52Ibe8sjA1nMhnMbj2IToN4dgd1vSFKQr/vNkhgxDY8KAvDU1fS5PLrFUT4x7rmVMaeJmEczlkEQPg+mJtjq8Q8+nHw7dExv5TNkEtiEtDvVjxcJ6bBh7Y0jl2py4TO9AnsYtGXcO9EjcTkUiAk8GMdpRwE1eb1ahJl5NjsVj0kkJh3ESHE5IJIYTKqblrH2a2zcBUF89eVWjYLszpj7uGjL3P6hIkkZQzD59mV0AQ2XcNjmYrF9ISay+MnE63KwSG2CQz+rM52FhvBQRjwmjcFj2W1qgP7DKARrfMrnVSmkEk0V6QqoVArqutPFaEL12o6zQbsSY1eAlc340bgeK/YYHrI4lRc3cbukvsD+hZ8/Hiy7162ReFSIHQSvE5CYbWmTnHd66j2CNz12z1wZkzEpj1FUv1TMgFITXudqC6oJYm/974nCwZIydEW6m4B7rckejewfTWQ7+w+m6GCxPCcwgCmQqWS3WhEmEf4tgddwL0pF7Tdil6wb5qZSluYXjjQidr98iwr33UNt6e5SYkGi19UIb/F5IubRkXAjZzmxO7IVn3+Oi0OiuiX85YuD/vcQ1Y59r7ynKxMDC9YHVu7pTOZ5BNgzIUr3rFwVlQT7ah0TIkA7V4DKyOAP+WK+Ho88Mv2hvRRhYfsLgfNgdo0ksPR2X/erzSZzK8kRCouzkUPimimfjlRJqGodJ9MNaa+5h73PpvQjYXC7nOD8UV85tQC39l4oZ7Hg2LYt/5F+48pi2/KxywajjutzNcwtv0IZLcbsnMKLZLCL1FTPV1xc/owE7SosBLMeaMK3AjBWF1FLQTQ+7MeKYPBUwVWT+O8SEJ0+/4QkLvzE96OG+uF0roB3SocvrK4c6UXmHO6Yc+6lp+Lijkugt6GLwQMh3iFK5jogHYa2Yzj1aG9GeKpWACuln8TieZIhyLEg0c1JDXDtA/xAzIzM72kkgWYOG0nqwFg2OPLlacWzdA53MvCR+i722a8SHSCJRmXW+TLJxBCRbXSVNh1PlPCDa53fgz4wNQEIc2j2MvCj4X2/ipuVcrD2EfkVCbQNmdAs9RxXUXRm0/30fvu82WTk0lWn113zjrtWkZEGx9PM9A/M35eTY5jpLji8sryLCO7TJI75JXRGp4QBKwPBbasYa4CtNWWYSk3bwRX9qVG7Cx6xT88NVM0uTW5X49T/Y8ZqrQHepkOCrJHrzAlWL4ja+5HEYhxRCDJY4CmqJ8nYd8zu8ms/AW4c= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b16fbb96-edbc-439c-0032-08da5ec251af X-MS-Exchange-CrossTenant-AuthSource: DB6PR0101MB2214.eurprd01.prod.exchangelabs.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Jul 2022 20:09:51.9533 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM7PR01MB6579 Subject: [FFmpeg-devel] [PATCH 1/8] avutil/mem: Handle fast allocations near UINT_MAX properly X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: uacdu55aYXcF av_fast_realloc and av_fast_mallocz? store the size of the objects they allocate in an unsigned. Yet they overallocate and currently they can allocate more than UINT_MAX bytes in case a user has requested a size of about UINT_MAX * 16 / 17 or more if SIZE_MAX > UINT_MAX. In this case it is impossible to store the true size of the buffer via the unsigned*; future requests are likely to use the (re)allocation codepath even if the buffer is actually large enough because of the incorrect size. Fix this by ensuring that the actually allocated size always fits into an unsigned. (This entails erroring out in case the user requested more than UINT_MAX.) Signed-off-by: Andreas Rheinhardt --- libavutil/mem.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libavutil/mem.c b/libavutil/mem.c index a0c9a42849..18aff5291f 100644 --- a/libavutil/mem.c +++ b/libavutil/mem.c @@ -510,6 +510,8 @@ void *av_fast_realloc(void *ptr, unsigned int *size, size_t min_size) return ptr; max_size = atomic_load_explicit(&max_alloc_size, memory_order_relaxed); + /* *size is an unsigned, so the real maximum is <= UINT_MAX. */ + max_size = FFMIN(max_size, UINT_MAX); if (min_size > max_size) { *size = 0; @@ -542,6 +544,8 @@ static inline void fast_malloc(void *ptr, unsigned int *size, size_t min_size, i } max_size = atomic_load_explicit(&max_alloc_size, memory_order_relaxed); + /* *size is an unsigned, so the real maximum is <= UINT_MAX. */ + max_size = FFMIN(max_size, UINT_MAX); if (min_size > max_size) { av_freep(ptr);