From patchwork Thu Nov 16 22:35:58 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Reed Weichler <rweichler@gmail.com>
X-Patchwork-Id: 44689
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a20:2a20:b0:181:818d:5e7f with SMTP id e32csp204536pzh;
        Thu, 16 Nov 2023 14:36:49 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IH2+i4IXvVFfBUKnZ+vuxw5dPE59p1HfDwwxLuw/N8pu1zDyvY/6UpjOf7FVZ44axl892gx
X-Received: by 2002:a17:906:d8d2:b0:9da:ef1a:958c with SMTP id
 re18-20020a170906d8d200b009daef1a958cmr13929035ejb.40.1700174209010;
        Thu, 16 Nov 2023 14:36:49 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1700174208; cv=none;
        d=google.com; s=arc-20160816;
        b=L6YfmWTY43MkBeFJs8i7fw8UYFct5yymrl9on8rdLHa3vSZaKjGHOqxOl7EYG2bvME
         JOsYAVJGnPsvs//SU6FIHtRWGpk7c/SOfRkqkMEsuCr03+Tysu7w3G1m8RgeZy71kbIm
         4hvbModIFt7kXvxe3MQCuDOt+EbfyQNKNxB8/V6+H1VPDRIurgY26OuTD4nTlc5iZt7j
         DrV9Gm09T5FEuXw3nw8sHgpzLCvZwBAoScHbmfQ9puN3bjwS2KTGHDBWKccegroSWClR
         hAGD8rHAyJQ4N+HVqm7LCQ5bvJSnZmeScTJGnujXIx4aJEdnRKV6uJXEiH9BxqlO7g8P
         x7vA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe
         :list-help:list-post:list-archive:list-unsubscribe:list-id
         :precedence:subject:to:message-id:date:from:mime-version
         :dkim-signature:delivered-to;
        bh=06VUp5LI6Qq8b/N2hdpZvoUfJuKyK2wyF3WsEWmFV0E=;
        fh=YOA8vD9MJZuwZ71F/05pj6KdCjf6jQRmzLS+CATXUQk=;
        b=ACrfcwH++usk1BursTURWCBzMVCHWUa4TGIej9A/9Tdfslu38l9eJLebIKrsbhOLny
         JMu0XiiatnlW1BEmfGmxM/jYwNW1XLRicVJnktRnYRerjKe7N3Z6chJwF7kU5bm4iqWE
         uNRyq+7hNnpECn228qPTQuOZm1KLEJq69jic7HEGNiBoMtsf2OR+GcPuOJWRIDH9Q/Nt
         YLBiUldJEDEVEYB/PZ21FR2LIQ0l4sj5XURz2TXOV6/nu/eI4CPMNU+lu5L8b1wDgncl
         zmVh0MDAQEK2GKraPoEzGeHhtxt/dfVX/0CBoSHBnF7XvSVOkpWMqRm18iFWSQCGNBUS
         nWjg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@gmail.com
 header.s=20230601 header.b=VtG8emQF;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 e27-20020a170906375b00b009adb805000bsi133004ejc.442.2023.11.16.14.36.24;
        Thu, 16 Nov 2023 14:36:48 -0800 (PST)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@gmail.com
 header.s=20230601 header.b=VtG8emQF;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org;
       dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 8BA7668CD5C;
	Fri, 17 Nov 2023 00:36:22 +0200 (EET)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from mail-oa1-f45.google.com (mail-oa1-f45.google.com
 [209.85.160.45])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 60C8968CBAB
 for <ffmpeg-devel@ffmpeg.org>; Fri, 17 Nov 2023 00:36:16 +0200 (EET)
Received: by mail-oa1-f45.google.com with SMTP id
 586e51a60fabf-1f00b95dc43so699295fac.3
 for <ffmpeg-devel@ffmpeg.org>; Thu, 16 Nov 2023 14:36:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1700174174; x=1700778974; darn=ffmpeg.org;
 h=to:subject:message-id:date:from:reply-to:mime-version:from:to:cc
 :subject:date:message-id:reply-to;
 bh=01tiUAhs79OfkYKYxsi+HigKv5u3UG7382K7zznHWaQ=;
 b=VtG8emQF7fbnGSmiEyIYMJvyXN8dJH7WbK9MPFhQ5tcxSDZfLvtluil2sIZiMJWh+X
 ofWblHqj62UCf15qY7R2Bv9Uw/4hTbWAh/1hreipEhNPHoE5eV8bmA/8f8KYiEMy5a/y
 KvEFj+1CmesVzHeL0Kbnsov/erHDTH76064beH5ISTDZFRy4gi14bi8nHALQVV2CoUPC
 SnHO7WA9lW7XaO+9FUaXKiYzlWvaVHwquTdgfIY73/pkfK0IWk98fekKQusbNeVzbbaE
 kDuKk+12gYr+6zZFqdphsHyEb5Sc7JRKlP5/kKjrzvCMG3Ibs/CCw0w3ZcNbC3CQdiwv
 dIww==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1700174174; x=1700778974;
 h=to:subject:message-id:date:from:reply-to:mime-version
 :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=01tiUAhs79OfkYKYxsi+HigKv5u3UG7382K7zznHWaQ=;
 b=Sz61SNC3ruxFEKJkbvm2j7yAbmhegy/gf2Qx31aur0o7PwxH2ggPvA31gErIKinnlN
 TisTsK2OmlrFZxcgEu+N2cZG7ttfG/RanqFRxrxPLsbeunGX82DLme5ViMD85zv5426t
 B8J8ACKsz1V/8OIV/kbZG9EGSeYQ34G292bPsFSviOqYQXQRelaMciKjfMMbv4gBOjva
 VKqXq621+qUqIR2H6r8z2PExS2MPszB9e4L8eGpGfFIamRT2bmHH6FKXoT7knzQdbbHQ
 sUakaTGyU7Y1KNCCS9/BAnOgxUCprotQ1cmHzgBj9zPt0LN9Y3BiAhKwmr5odLUgU81e
 oToQ==
X-Gm-Message-State: AOJu0Yx+Dz4U3At2+llYyS/QxpG7w/a0Kj9T2r+izseVQr7CJZi/1Jwc
 JG6BFxreVFfMh5bTMkT8D37sq+owDUOHFYlHLxa0UbJuy1Y3
X-Received: by 2002:a05:6870:538f:b0:1f0:656b:5b99 with SMTP id
 h15-20020a056870538f00b001f0656b5b99mr18437363oan.11.1700174174578; Thu, 16
 Nov 2023 14:36:14 -0800 (PST)
MIME-Version: 1.0
From: Reed Weichler <rweichler@gmail.com>
Date: Thu, 16 Nov 2023 14:35:58 -0800
Message-ID: 
 <CAFPj7D25ct5PyyiRc4j0fjPs7z0p_LEwrmxeA8SvtpAP=25dEw@mail.gmail.com>
To: ffmpeg-devel@ffmpeg.org
Subject: [FFmpeg-devel] [PATCH] cherrypick ab7926341 into 4.2
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: JH2+tkvY8OX2

pretty self-explanatory.
i guess they forgot to cherrypick it when it was first committed.
here is my code to repro: https://pastebin.com/raw/yQr3WWvX
it needs a FLAC file as input.
it hit an EXC_BAD_ACCESS here:
https://github.com/FFmpeg/FFmpeg/blob/c6c36aa97a/libavformat/utils.c#L2227
index was equal to -1, so that code shouldnt even run, usually means UB.
---
 libavformat/utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

     int64_t ret;
--
2.42.1

diff --git a/libavformat/utils.c b/libavformat/utils.c
index 4067d55fa1..2143d9fb59 100644
--- a/libavformat/utils.c
+++ b/libavformat/utils.c
@@ -2183,7 +2183,7 @@ int ff_seek_frame_binary(AVFormatContext *s, int
stream_index,
                          int64_t target_ts, int flags)
 {
     const AVInputFormat *avif = s->iformat;
-    int64_t av_uninit(pos_min), av_uninit(pos_max), pos, pos_limit;
+    int64_t pos_min = 0, pos_max = 0, pos, pos_limit;
     int64_t ts_min, ts_max, ts;
     int index;