From patchwork Sat May 11 01:22:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 48715 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a21:1706:b0:1af:cdee:28c5 with SMTP id nv6csp930223pzb; Fri, 10 May 2024 18:23:09 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUGOFGitr3wcuCJzWYj2OJxyMic/bCYpXpwAyeOxctBCIwovMconnxkCpj2p1iL+VDBZvTT/ta946iclT9SF/vr0YNIdqayAgCWcQ== X-Google-Smtp-Source: AGHT+IEaS/UtE4LQlgLSj43sIfm7Z5RiHBrFJbH6SY4KnerWYw6qcCarlKO+edyUClZva7l4sqyJ X-Received: by 2002:a17:907:7629:b0:a59:c46b:c52a with SMTP id a640c23a62f3a-a5a2d386b1emr243192466b.0.1715390588965; Fri, 10 May 2024 18:23:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1715390588; cv=none; d=google.com; s=arc-20160816; b=g7Lnl19lR+4EKw3V6WNKOgQUt2731AvQlzpEoCA9y9ibBwf5AqHbos+ULiQ5rc5vRV J2HXZei0ileEaGhtpjatfVUHfTqJCcUGs/OAqUM4iCHaKOU4L1Q9GBcPrbXLDk0vbcX5 pBqnJQd+lqmYCo2Yim6BWBJD7RsLofez2vgqoOaDArbkGLrL6te1kOKcttm5a5APwNiC fBnCQD2dd2Mx1IRKxPyM/ZwhO5t67WJFz5TW4JSSETICiTMODbbRHubrvpRHwcPjNTE4 Qh8RR0Q+CL9po6HX5THoSpxX3D3wwxOO1GlnpjV26/J8PHoaDoEoq2Y6xRaM6DrPLRzg KsiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:message-id:date:to:from :dkim-signature:delivered-to; bh=wEVzYr/TgVwDYohybBwuX52/1NMVDml/nhBEIhd1New=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=hMm6ENmyp0h5blft8seOsRFIAdFaMDGu/xhaBLQiBfIJiFbm/8a0EoJIjKA4XxSmE6 TBAK2wvxnP82KWzUT6qU7v+iXcSZUuzXAxtqdHCUtOTYfWr10AFXYiKw7DPehihU7VCU HMuyocRb5cjdfn5KKlPnv9+7lGc7BCj1IJFdfVZoHLVyTVLovLekQ1TSvHTRh5UKv05h 2Jqtnqk542KdKE9eJiqEEEo0Wabd+2220LzZm4wvPuSzrVf6P/zFbRQe5kE6J+cWCU5E ir7IUAqSraVit0uoHggDcMEDhOmxIPnF82V9FG1lgAGGIt3K51X0eM5MKv+93StQOlYc Sbsg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=F4yxfK7G; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a5a17945f40si260544666b.108.2024.05.10.18.23.07; Fri, 10 May 2024 18:23:08 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=F4yxfK7G; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id EDC3668C21A; Sat, 11 May 2024 04:23:03 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay2-d.mail.gandi.net (relay2-d.mail.gandi.net [217.70.183.194]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id A186968D38C for ; Sat, 11 May 2024 04:22:56 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 4D1A240002 for ; Sat, 11 May 2024 01:22:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1715390575; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=R6s7OmbjklWDSwiBgXr+chaztnQgqMZ4YsdyE06K3eM=; b=F4yxfK7GlXTLi5bl2hd5zvrIaED//Jjx8n4i5rmHaZOQOQt87zVjycLA/Hf5/nL5iBv0CZ jNZiAXyqspnwW2MSPkqd++FCuNBoLGZCnmjyF98JHir3HKsAL9oMYF5Q4LI10Bj/yNYPwp XSF+VfDMOo77PpdbMG0fo7PPTi429Yz1f9mz/EW9/i8qlRwtUirQ6x1fKUHiJkSdtcB3Ue pI30YXbuo35FtUFngfaGTI4q6LUz3/FVEPOYznZWkz7LaZt9KT5Db+gpB6XChKxV1t7tbk LvN8x2dlYN/oi7IUzpocRQ6W9Bw5y9GS/4vAanS0iQbPA1BJ1LKskhaqJzhC3g== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Sat, 11 May 2024 03:22:53 +0200 Message-ID: <20240511012254.1612731-1-michael@niedermayer.cc> X-Mailer: git-send-email 2.43.2 MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 1/2] libavutil/base64: Try not to write over the array end X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: z0EolWrKmoM+ Signed-off-by: Michael Niedermayer --- libavutil/base64.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/libavutil/base64.c b/libavutil/base64.c index 3e66f4fcbe5..69e11e6f5e1 100644 --- a/libavutil/base64.c +++ b/libavutil/base64.c @@ -127,10 +127,12 @@ validity_check: } out3: - *dst++ = v >> 10; + if (end - dst) + *dst++ = v >> 10; v <<= 2; out2: - *dst++ = v >> 4; + if (end - dst) + *dst++ = v >> 4; out1: out0: return bits & 1 ? AVERROR_INVALIDDATA : out ? dst - out : 0; From patchwork Sat May 11 01:22:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 48716 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a05:6a21:1706:b0:1af:cdee:28c5 with SMTP id nv6csp930261pzb; Fri, 10 May 2024 18:23:19 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUSK2RKYDCTUHnB6oluiHkPIkhEnQMDsQFzePOy0w/VQ6d5KQZUfzxIaLtqpOyXiNoCAkCuxp5Q5g+HCs6agL/h4WZW+aIMUXFqDg== X-Google-Smtp-Source: AGHT+IG9uQMEccpyM2EywRJz8OgtDpCl4RU97WluxgkOzn7N5yHTEPLDq7WlLiclOmPbYr9/kAFP X-Received: by 2002:a2e:b179:0:b0:2d4:5370:5e8a with SMTP id 38308e7fff4ca-2e51fd4adeamr34940771fa.22.1715390599494; Fri, 10 May 2024 18:23:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1715390599; cv=none; d=google.com; s=arc-20160816; b=NM3p2rxe7B93k8sdnerI+eJrukH14ueJ/c/uWNcXpTmnml8uVt2dz7qL6CVZonpglj 8Su7N2tawA+r7MDzosPZF81tK5GceOiiI9+FESpwMN2zZyId5tDo49paI5GoaTQaOu1k PLal5dhIc3apOpWoBL+VMuA+8DXWlIodpmRwC7lZXtGfUj+jAqChYa3l+0J/yniqFmwG KlUVUQOPnvY26QD43HM+mbqnY8UzCJczuX34kBHX6zk639FBYmNTizW2p5FYHsgK/cjN vxnSyAqvNjzWVuN2TiKUdOypWBvoPSf5zszaYyMQtRFwE9Ez2Jv1jFJ4MkHXPNcoXBuH 7vTg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=+RAOktDWco2omyv42QHjuqMnG6Xpi++7jX074XAwv8Q=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=O2u8NEjmTZs/uXXzBNEU9rCd891FEaUSltRInfzJgFNG66w6oFx9o2my3Qfv0HoZaB UXzyfcF1t6wGa0EJrzcfn+F76jYbtsrSv82fdNhsxIBwyG2r+BtlmBVNMXBpEyCt/ard a31wNt56xvcoq2B0uhUcEq+2UxTVeGYQwjCEqG2S0Won3hgHc0LP0MwPKGt3Nct3Xk7c 8EP20fWGaNtMKaDkYJogHOyTmZd8IpxbIZe/ISAG8Dz9UzRWheVbICLCg+viR8jYE9cY Oogo+l7OnPXSP9AbOkN+zWfUI4zAYeLAb1QVFfug2cyLcWiDsxLlBsIWI04ZxcpfnOSK acQA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=fHcZkbWb; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 4fb4d7f45d1cf-5733c2d544esi2465687a12.213.2024.05.10.18.23.19; Fri, 10 May 2024 18:23:19 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=fHcZkbWb; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 2804B68D5A6; Sat, 11 May 2024 04:23:05 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay7-d.mail.gandi.net (relay7-d.mail.gandi.net [217.70.183.200]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 87B6568D38C for ; Sat, 11 May 2024 04:22:57 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id BC5C920002 for ; Sat, 11 May 2024 01:22:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1715390576; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=XI6ArNzh5cl1KbYWlLjVR/f6NQ/+UqvzkOhToScZh1M=; b=fHcZkbWbfeKVmLHaiAPeVB0rPXwyhjNM91Ksn4pFbaJpC9ziScMN5qL4QQu31WFnL3dD+v lnI4EDhhK+xdnIRTpZ0sKFs6jABwtN0tVKzlm16TlaEqlFo0h5HNL0gZbUhL8K7OL8wCdD YSa0iKJtUnZPTDf3fMdXZd/kpByJTV5W7bLPA+jspqmS7TyCj8V2Ap6CmAcQ6RwaDUcG/H M/YsxhLkxLIZhrJRsDRTR7nw72XBWKw9Ie8dVn1g0s1i1kIyad7SdyrdEpxB6mthsasGar NDnabH5ByG6y4Mxqn866lKqBXP64c1RpjmLXSrEaX9GcE5JI/Mlnj9dfE9PcNw== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Sat, 11 May 2024 03:22:54 +0200 Message-ID: <20240511012254.1612731-2-michael@niedermayer.cc> X-Mailer: git-send-email 2.43.2 In-Reply-To: <20240511012254.1612731-1-michael@niedermayer.cc> References: <20240511012254.1612731-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 2/2] avutil/tests/base64: Check with too short output array X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: MY5ADbif4Vrg Signed-off-by: Michael Niedermayer --- libavutil/tests/base64.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/libavutil/tests/base64.c b/libavutil/tests/base64.c index 400e01cefe4..66d0fdc1fc8 100644 --- a/libavutil/tests/base64.c +++ b/libavutil/tests/base64.c @@ -64,6 +64,16 @@ static int test_encode_decode(const uint8_t *data, unsigned int data_size, printf("Failed: decode to NULL buffer\n"); return 1; } + if (data_size > 0 && (data2_size = av_base64_decode(data2, encoded, data_size - 1)) != data_size - 1) { + printf("Failed: out of array write\n" + "Encoded:\n%s\n", encoded); + return 1; + } + if (data_size > 1 && (data2_size = av_base64_decode(data2, encoded, data_size - 2)) != data_size - 2) { + printf("Failed: out of array write\n" + "Encoded:\n%s\n", encoded); + return 1; + } if (strlen(encoded)) { char *end = strchr(encoded, '='); if (!end)