From patchwork Wed Jun 12 13:48:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andreas Rheinhardt X-Patchwork-Id: 49869 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:c504:0:b0:460:55fa:d5ed with SMTP id c4csp496194vqq; Wed, 12 Jun 2024 06:57:06 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUHjkJMDsWULlcZRvuHzSOnoI1HVjVXKhmr/fnGMkOqonvdQEJV1dPnycAjN3v0KkNEIRADhOM7LJZKXK6+k7ONU/zKFaX0s2YZZw== X-Google-Smtp-Source: AGHT+IEHrxBz7YusFwnUCFV/blnEBb9ykGEuV41LMcXWk51XfiJqhsLjhfJwhc3p/FDZ7fOYwAt+ X-Received: by 2002:a17:906:c115:b0:a67:907f:e68a with SMTP id a640c23a62f3a-a6f468ab810mr162063566b.27.1718200626654; Wed, 12 Jun 2024 06:57:06 -0700 (PDT) Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a6f0e45065dsi433705566b.477.2024.06.12.06.57.05; Wed, 12 Jun 2024 06:57:06 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@outlook.com header.s=selector1 header.b=Ry2MEngP; arc=fail (body hash mismatch); spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=outlook.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id B153D68DAB1; Wed, 12 Jun 2024 16:56:27 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04olkn2050.outbound.protection.outlook.com [40.92.75.50]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 9DB5E68DAA2 for ; Wed, 12 Jun 2024 16:56:25 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SimTRy5UBupuOhKOjUDYfnWjx6n670WO4ztbpbQMFrxH8s7saN4s1FOflB7FiLKj3nveIxaQAlX9Wxzrw1wFbM5U+7/P/hP1MuGGHOcR1QYlW3emLTOujxu7LFC9oyTwjiwjh2DtVbcwhnSE5vR8nmCcKaegw8MMBTusVslkF2IGr4D/LiLqJCnhm9hDVKJ2ReSuFe6ugyxla8x8Xsv1US9MZdm88wjQh4gGPcLDt0BvfloQ83PaW8JOt8fvT1NND1BaXSh9NATNIEP7RR1PVZ5OnGAAZITmqHtYRvoaviVb9CXfWDFSZZsr65vmefuWKkt4wuNPpNrQbicZ7DWvkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=QOiwb66jK1Y89l7SLOkXMLOKn2f/dMVkTGgFxvF0rRs=; b=Un/4Fm/ZntwarfA2aEBlv2lT8MWkAUouFj44XLXh9gJkHZQQlJb1ej0YNv4hJHE/h21w1fjtnAn6VQToE5/bBzIQKvYEdMzGlEqAlyXtKjVdRtU8YEv3yjok4eEUkoR/eBeOJPC7M8Y1Kl/U9GZr8NPIwYXn9zne8/2FJYURE7U2Jzx6Rmdgh3cjb0ty20H2Y58iEHVmWGXTMIVy4XJ15NIjmRTox98xSagYW8YoDeefZrTLlxNehBI66U58K0pxZ9hr6xAriVfQVc+6B+V21yOOGKnd+3PX2nNEEPSscaSmNfPg7BPd4rzQP8hFXRLo6W61xW5FcRtezmua5/50uw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QOiwb66jK1Y89l7SLOkXMLOKn2f/dMVkTGgFxvF0rRs=; b=Ry2MEngPjvYIoDJNmGYJql8JtoCxQlG/RgdnZpsUb8KtQtkHEo/DoJ5MvJ1cbiVF5JJLShfPI+aUG49Gc77dyB/0ZOpYVrProWFDRFff//oTqOch8GurqG626wwuSptXL+XyLGBznY4PXggwieLFAEuAsNV2szhEE9GNa9Mbm8GGcKmWZSy0+E+/GSZBTChQHApmlciBjhkjQrrmi1esddkwIl8n17cp34nAl28xGlsN4RMfoBFTOQX5SaPCKkXU+jFDz/SyFCfRf7MyUZ8lT7ve6yJ+z4i4v9Lpi+IpIHFs2U22ZzD3SusNSUpJ6JhcJMqbkPlIc+8oFtJZFn+0eg== Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17) by AM8P250MB0232.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:327::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7633.37; Wed, 12 Jun 2024 13:56:24 +0000 Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM ([fe80::d6a1:e3af:a5f1:b614]) by GV1P250MB0737.EURP250.PROD.OUTLOOK.COM ([fe80::d6a1:e3af:a5f1:b614%3]) with mapi id 15.20.7633.036; Wed, 12 Jun 2024 13:56:24 +0000 From: Andreas Rheinhardt To: ffmpeg-devel@ffmpeg.org Date: Wed, 12 Jun 2024 15:48:46 +0200 Message-ID: X-Mailer: git-send-email 2.40.1 In-Reply-To: References: X-TMN: [t5cwWLB2ttCIMosZV0L5v7s0FYby40TW1UCM/lJY6AY=] X-ClientProxiedBy: ZR0P278CA0189.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:44::6) To GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17) X-Microsoft-Original-Message-ID: <20240612134853.2102377-49-andreas.rheinhardt@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: GV1P250MB0737:EE_|AM8P250MB0232:EE_ X-MS-Office365-Filtering-Correlation-Id: 54358aa9-5b89-4ba7-1fc4-08dc8ae77228 X-Microsoft-Antispam: BCL:0; ARA:14566002|461199020|440099020|3412199017|1710799020; X-Microsoft-Antispam-Message-Info: 8Zgjczv+C2HilczGoxzYhN/sql96LitwjbQ6pktwYxT56UvlL6oP0PnYnMFNixlLq5GtDg6LZyeCMThmrHCOJG1DYg/GtPbpBrBiHv5OSO4Lg/yxDYyk4GxiTgjZnC9dB7hsJvaOOu9p5r7CGGd0LmFxAU4Xuz+FsZNswsaMegaI/4qbPiU8yIZkAb2NfVZ6SCPYPAcMi10XXEBfwZbWFnF3c4LzXriUFRsjXl16vvVHB83bfNWuBqs2ALGzyWB9+rg0DLWofaFD9sPUmGm1P6v8ff97FyhCXqNuWucFvbQ3ApUzrttWf7V1XBs89+dP8rj5leLkk9p2RHaNYeNnYZw5c6SIgO1i/iadKsVWFZf4PqFcPTlPz3d1ohdILwJeNStf7Au4EF9iBFrHYSUkgyRH6/fvz72rsE2SGtby78L+zfCxE0v1G0mKqbiM1TPnSMYHUEip3ARgOlLc9emOLICcJ8UnvKfuik8TRariirCBmJ0y0HOb98IhV4dgPlI9qBQCpchLczQKRUvM1iYKY9yt1EKKAO0+zD00RCOpeVW5e08w+fJ8Tr18W8EjmD6EM3nhLPrkMj3O0vKaANhOIkIPp+TsEE7XQavK718787oA+//5uiL2rJD+xRvhCg2D X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: nKT4N8i1IKpXWmPZD7v625Z1OJfNeR4DDvqaNQ83Xcq2DJq5vsxjgqceD+Pb4OjpSx3j3ZjlRM9Ofi6QOtuNtgIeJO1/i6LpG2x9KQ8Z2TechLxhdNzc/pHnKaULk5IRepPoE0RtCX3QPpnJgwJXP4lrzQm+44o463dK1L6A6DvRIlUviZR6dc+kO05GyowOLEv6mUZQRpTE9pfheo9BGLf6pSJV46BKdf+QXucA2aPweJ27hZvzA9QuCukOoAHOvMQChVQE5vcJBR7pUZ0dUoMsEtfrP+I+NCvzy4y5HyjPac2Z4JOW86LpQmPwhEsnanExTPSZNq7duyZ/tdFgvOF77u2tOgRvN67Fq2AcZ+gX2FFJGLCpMYulCA8SsgfjllMmRkIKpfqlvIkJZNcHa+hbMxPX/Q7G3T8/7VteJxC1c3KXsSEz8MFfpf5Momd/4qvLyRXXcxOqcIzYK8ZeFB3HkSjrDbZA1Qtq4YcK8QBlQ4XhSjuOOpklpl6b+mee3K1wweUIt0jV55yv9i8YxMA4Zg8i9c2t3TZrRadRWuQ1gI2yLgaAFKX2D3ir02JyIC238LMtoyQEJOTAiD61n+D5y4g5cAFQXb2LDmVrQ6AugBekjARxf3VVAK5T1SUPvkRsodsYZZGNQs+YLzda5lHpZEx7DlQ/606ag/Kda1DsBDai7TdwboymnJXJYlKbMHf09VTjgbyiHeGR9Evx1Hs9vFdWoWiVfQr3hXFprfhZDLiGUt3of/ktjItBHKH41n6KP9/+xvdNp8ZQH1BMv/AbaIM9R1cIgg4DnHdhyN7nlyQBzPEotggwPAmQqSWLF96tnYeOBBFjjXmFiRxbBxCmfRTDCV2+tMtd1rPHIirOS+osNwRjMr+fE7Ywnoxnjk4FAsVv+3gqH254Lq7rUUUlD6eDK6LFN7iHKs65c8TtvftnLNiec1I2NHSDbNBXo6YA0GOO1R/KvYR7WWmrv7ro/pjrwiry1WNwcs+RzrqW81uJuLIF+ox0M/4LJYXJSp057NEe3tDX86Hcux+1aJxhNJfb/bsXtZbtnILxg+y4Rq9H9dHwzpKG3VLsdc1gWn0KGf1HwFEocSiEJ3ghLZBX4OriMxoU+xkUNJKtlFRg3ptZhKI7wNnmp1ImQyD3Rd7y5Lg7cm+wkXve/2Fa0q2WI8EuCx+SLUlOE14591yr0tJAz3U4ePDX1LeuEEBNWpSahchymF+gaC0u9DGNvQYMd6aOTE1rYhUiy1mh+jVaWN1k0P0R2GqsCuXVuxmcy4Wcq3PYGeuh6IuPAB8ihg== X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 54358aa9-5b89-4ba7-1fc4-08dc8ae77228 X-MS-Exchange-CrossTenant-AuthSource: GV1P250MB0737.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Jun 2024 13:56:24.0153 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8P250MB0232 Subject: [FFmpeg-devel] [PATCH 50/57] avcodec/h261dec: Fix UB NULL + 0, remove broken resync code X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Andreas Rheinhardt Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: Fz01RA05pkQ1 last_resync_gb is never initialized, causing NULL + 0 in align_get_bits(). In addition to that, the loop is never entered. Signed-off-by: Andreas Rheinhardt --- libavcodec/h261dec.c | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) diff --git a/libavcodec/h261dec.c b/libavcodec/h261dec.c index 8671800c3e..2038afc591 100644 --- a/libavcodec/h261dec.c +++ b/libavcodec/h261dec.c @@ -172,7 +172,7 @@ static int h261_decode_gob_header(H261DecContext *h) static int h261_resync(H261DecContext *h) { MpegEncContext *const s = &h->s; - int left, ret; + int ret; if (h->gob_start_code_skipped) { ret = h261_decode_gob_header(h); @@ -185,22 +185,6 @@ static int h261_resync(H261DecContext *h) return 0; } // OK, it is not where it is supposed to be ... - s->gb = s->last_resync_gb; - align_get_bits(&s->gb); - left = get_bits_left(&s->gb); - - for (; left > 15 + 1 + 4 + 5; left -= 8) { - if (show_bits(&s->gb, 15) == 0) { - GetBitContext bak = s->gb; - - ret = h261_decode_gob_header(h); - if (ret >= 0) - return 0; - - s->gb = bak; - } - skip_bits(&s->gb, 8); - } } return -1;