From patchwork Fri Jul 5 00:21:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50344 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4000082vqv; Thu, 4 Jul 2024 17:22:10 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCW+oIHbGSyYlVfqJhOwKigRByBRmsUiWuKACIHdzH3FMi5RLZJ5gnNbGBXlskoZ41P7S5EdcH33U7nJqhYHVBWYVSI9cC7j0okXYA== X-Google-Smtp-Source: AGHT+IEgA/P36rGEShwzQxlJGQSJSJU31QFJnrjN7y80eD0QVj5x+0rVOIh9geIk6XagBPpRh3Zg X-Received: by 2002:ac2:5f47:0:b0:52c:df55:e11a with SMTP id 2adb3069b0e04-52ea0619e69mr2159279e87.9.1720138930095; Thu, 04 Jul 2024 17:22:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720138930; cv=none; d=google.com; s=arc-20160816; b=dSsuw8xYLTJhV7sAWXbkJtI7PiWzTmaMBsshuXhBdqVdHr/tjvrAJy8CiwEZrJOfHh MMxXF4PY7Zl8Fw8NTAD39j2pmIHG3EZrbqsRQzY2Wryoqlrq4jfMrCvYGQK/eaKMdyyD WhKHrPnU0fJhLq4Rm7d8/Agn7VmocTBZogH8MP6FlqVqMzsYNxDmhA8ymX4RQz5SvsqI WOca/Vhlps54I6bzLwD+KA83pAeJ0MGz3KJ5OeG9PN4HLjE82RFz1z3RLr3nWCx5mh8f N8BmF4DsHiVtcMfkiojOEWj3n4Hwn+kMBe8LaX7NJnF8Wm3vt69GpAqE7hIk2Lb4d6Af ewCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:message-id:date:to:from :dkim-signature:delivered-to; bh=kCYRrVIvu42/9/cU6s3G3i7te+b5bEOeYNkjMj70g+Y=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=WeCRTXtwiI5Iv3YJhGL2Q1AWfpWjtI3LeEJ3AWtj96X5jxO2qHgTVzoQAoatshZe2e /yJcGcpwxohCziI7gC4/5B5E9xf9DUTVWYEJ2zNVNb+S8ZlGm+YRlHfA4WGg0Vief52G yiBnvVl2Am++0Hi/e/MN4LAWWKztiBiqqQDqqlExFt08MLuLREB9irnjmixyZwfknwaZ IBsfl6rwTSdWxiJqpA2iEblHR6kp0OgWfGCM0cyeyMUZDo59/ny8MHSlXK0gnhAmNzud h8o1lp08JtQasoCo8D9XTi2VJZZxC6buCa1chq9ICdqflX8Htd7tC4ap3cCexoJ7XfjY GaLA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=NLj4PSus; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 2adb3069b0e04-52ea28cf46fsi469246e87.615.2024.07.04.17.22.09; Thu, 04 Jul 2024 17:22:10 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=NLj4PSus; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 99DF868D9FF; Fri, 5 Jul 2024 03:22:06 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay9-d.mail.gandi.net (relay9-d.mail.gandi.net [217.70.183.199]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 10EBD68D91A for ; Fri, 5 Jul 2024 03:21:58 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id C38FBFF803 for ; Fri, 5 Jul 2024 00:21:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138916; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=bdk6nQTiKuI/h26IdJjpk0v7p4mR+h3dFmAiuc/7tuQ=; b=NLj4PSusg0nb6wXObpuqoak932d7xHRFnp83CwUZMIlbDQIMLFz+lO0jpZLFayyPh7G05u qZJxQ7ixEew6sEYPZt5Yx0Tx82TYFwHfWSiXvsGrl5eUBgah3Ytv/ZqwHFEb2epqUXK+gH 9mJ51i4jL/m11TqbhI8l3ZhdEWhNkLpFN9kjQd0IqlVz+ZkbHVlF8+6sSJdb6W3XQXRRMO roIGqhodgMT+F+5mJpglrqk4gWNXR4Outfs/B7ju0TJeOD/d4BgSpzCgNNI4KCYaoq9lJV 2+1x9f5aiChNIHqVdBNABJnTJajz3uLMtjZc/Pre+q2nOgDGuok/XZBKn6leZg== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:42 +0200 Message-ID: <20240705002156.1964272-1-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 01/15] avcodec/xsubdec: Check parse_timecode() X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: 10/zYuefDLzG Fixes: CID1604490 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/xsubdec.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/libavcodec/xsubdec.c b/libavcodec/xsubdec.c index db7873593c8..6be4c18b0b5 100644 --- a/libavcodec/xsubdec.c +++ b/libavcodec/xsubdec.c @@ -60,6 +60,7 @@ static int decode_frame(AVCodecContext *avctx, AVSubtitle *sub, int64_t packet_time = 0; GetBitContext gb; int has_alpha = avctx->codec_tag == MKTAG('D','X','S','A'); + int64_t start_display_time, end_display_time; // check that at least header fits if (buf_size < 27 + 7 * 2 + 4 * (3 + has_alpha)) { @@ -74,8 +75,14 @@ static int decode_frame(AVCodecContext *avctx, AVSubtitle *sub, } if (avpkt->pts != AV_NOPTS_VALUE) packet_time = av_rescale_q(avpkt->pts, AV_TIME_BASE_Q, (AVRational){1, 1000}); - sub->start_display_time = parse_timecode(buf + 1, packet_time); - sub->end_display_time = parse_timecode(buf + 14, packet_time); + + sub->start_display_time = start_display_time = parse_timecode(buf + 1, packet_time); + sub->end_display_time = end_display_time = parse_timecode(buf + 14, packet_time); + if (sub->start_display_time != start_display_time || + sub-> end_display_time != end_display_time) { + av_log(avctx, AV_LOG_ERROR, "time code not representable in 32bit\n"); + return -1; + } buf += 27; // read header From patchwork Fri Jul 5 00:21:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50345 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4000136vqv; Thu, 4 Jul 2024 17:22:19 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCW2GdtpIMlDRmGaZqUQHMiMdX3ehFDlRFwhUnsmsC/ByEGoiK6KcI2ohPxiAxVwveivghxqwgnRXihMb8gtTLsCckQHD9brGvh15w== X-Google-Smtp-Source: AGHT+IHGLuCo4bw7rVI6JRiZ7JzaP3+q2MUSulRsx7sx2NDq743SOBllt2KH5dgJskxmbc/bG1q9 X-Received: by 2002:a2e:7e07:0:b0:2ee:4cd8:94b6 with SMTP id 38308e7fff4ca-2ee8ed90e17mr23876041fa.15.1720138939058; Thu, 04 Jul 2024 17:22:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720138939; cv=none; d=google.com; s=arc-20160816; b=tSLTRY76jWAPA6wLdIwlNtVWrWdJ+74yR0a4Mus8BDcZbpw25wTa/IlUBTYvfCiVlR Zu7kxojTO9a+WlP0vwnNEEaUclR9PlaF+vf8V5lmGeEGnwBut/CWA0tYjaIKCj7iEWEW O3GxvR+6wgB4eXKarvEYPdRBsRYJ0Z7yq1FSZ07iuCrsxAEj6Wj29B3kgP3z5Dlkhe66 zKvtJ/exg5hYHbuSnbTztaYJwcdIAg5rqlQX3t/m4W/19kpRS8aWrL3MI09VZA+H6FsS T3m6digkHFuxaNvbxgbgvA2HwO/N3E55XOFuPX0btbjkiCzZT1CzrF0ifIbYtXfxEuMC BVZg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=38R18HIX4bgpihM+wenDM8YN3L9qtP35mIKykScxuck=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=FnQelgkog145BDcxLSjGrD7aZ2V8e2J5W6sK1fUggLw2Dj40awMTy1lAawv6W3fhDo WygzDOba+OMVUydeTOtVrRMdaa5QiZ/1d72uEl6ArA8d2ROQQUkmRqcJwZIQ6zSiIxpX 4folO+TQWwXVoNVzFgElGqBqKwc47K00hxmccpjhcEvfyIyIS+hQVW3d+OWnLrC+xrwl jcYyv98E1b3T285olwNjSkd90Pw1LhBvywrvojcW8ujkLxXjOozf4YNSVBBX0aEWed6S XimMn6m+KDd3uWD3LxaMHq5iRder48VP4VuqggjaWDomHS9FlzO61DBa6WGIym//7XiQ aBuw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=XFLtcZmm; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a72ab04a256si712113366b.308.2024.07.04.17.22.18; Thu, 04 Jul 2024 17:22:19 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=XFLtcZmm; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id ED42F68DADD; Fri, 5 Jul 2024 03:22:11 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay3-d.mail.gandi.net (relay3-d.mail.gandi.net [217.70.183.195]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id B440568D9AB for ; Fri, 5 Jul 2024 03:21:58 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id EEFB660003 for ; Fri, 5 Jul 2024 00:21:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138918; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=6LFf/YW9VLpk/ezXGnNq/Qbxda721ynxRMb5A0H4mLg=; b=XFLtcZmmSSj4vbTIvwmlPsxmpd633buYL6pzol2cXy3GGpDZq+o9z82Wlt1uxXOt6PRcU9 b0xKOVzSljMp2AxlsDlDI3Tc+7FrAwBUYTw8kL07IZWCr2TRFY1+qjnLs4F6dNJLBQQ7eb 6zHtH9GOfhVI5hYcsB66Drpw2wC5UfXha9FA29zLMWSHlI9nUPV74t+wx4IgkIXaCYkVEB ZDGqeFFGgxzZEb/588ja3aAcBMarrYs/JOcDpFuxykNntY3x5zXAwBk/XfQI9Kk1MXf0yF 3s67FNZk3pI0VO5utWDgnjSmzowJCetV9uv9z0b31PLNT5XdQdDRBlNQRk253Q== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:43 +0200 Message-ID: <20240705002156.1964272-2-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 02/15] avcodec/cri: Check length X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: vKKx4BhrOeey Fixes: CID1604394 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/cri.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libavcodec/cri.c b/libavcodec/cri.c index 7b9a350967a..6932bb67456 100644 --- a/libavcodec/cri.c +++ b/libavcodec/cri.c @@ -234,10 +234,14 @@ static int cri_decode_frame(AVCodecContext *avctx, AVFrame *p, s->data_size = length; goto skip; case 105: + if (length <= 0) + return AVERROR_INVALIDDATA; hflip = bytestream2_get_byte(gb) != 0; length--; goto skip; case 106: + if (length <= 0) + return AVERROR_INVALIDDATA; vflip = bytestream2_get_byte(gb) != 0; length--; goto skip; From patchwork Fri Jul 5 00:21:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50346 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4000184vqv; Thu, 4 Jul 2024 17:22:29 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWB1IdztRpHAPALWaLQybf4MRbEKDVfHsjAKltYIZBKdE+yOy6ZPDnqE8gqok42iyDObVroCP5KgWth73QoFLyYBeVRGV+OevjJHA== X-Google-Smtp-Source: AGHT+IGvpsHu6jgzUKihEWwgESX1QG2h0mxymc0L7tIProBdxvWBm7KwpR7rjmfAHf22/yL6dt/U X-Received: by 2002:ac2:57c7:0:b0:52c:9e82:a971 with SMTP id 2adb3069b0e04-52ea061ae2dmr1885024e87.7.1720138948921; Thu, 04 Jul 2024 17:22:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720138948; cv=none; d=google.com; s=arc-20160816; b=UzoM5UeK1olhJJ+7CaQIWC5/9BtQtWGMDkjAho20BMc/th3B+dm4QBRscbb+naXSs5 KsPToJ+7buz4jO+kHRMJEwC8SILfmzMFWx6WVV2fRckFMMOrjME6QU0R6Pr1KXf0SNa9 sMmgmZt3+IlgJx3pZjPax2sQSqGO3sy86lihuSr2QMRsIBWx6AIjJ55P50GrBfQy095d n9YtlJfpDN0YZUylX8w5DS58eYCYclR5rKWjLC48KM/Tp7TwHaa1w5rBAYyFQ1aiIlK0 JAu6k+AOSsBxOSJnKTI/Y5KZ3jeKRQGal628HMIAF8k9jqziYFU3iJXcdIao+YrnCdlf Rd9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=rp7ZSbNALQacs/3K084kAIIxptN49IGchsJF36C8AhE=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=P4+S59MLzr5EFXshpFEUihsQxyLNzNHV2mFGotqo7vb/RUtaIiVqHZRtdnec/BzkPp 5QRvo0ePTRcx2ytXxvZq8xs4k5W176MvKBmYmqwLpB0rvDdrmePfasVNTZ4OI5DMOfTT 3DBqzojVsgBxdWT4KBC9A5USTw3Qta2Pgq/T1VgbCWj+HYV+BRZAetDljVOWWCXqCPhm C68T5VZU8UMFHf3s1zg/7WpVo8LlQC/JuX2QMLSTWH90EAHEoUEe6dGzkSDihOSvYhGM 27Jgchano6DsKw95m5SruUkKjSRV1u6BAFeKTVMWnCf7bCx6/qplfWgzqTTSvZwSd3Ek WlMw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=aWz6zBfX; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a7515f92f1dsi577879366b.452.2024.07.04.17.22.28; Thu, 04 Jul 2024 17:22:28 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=aWz6zBfX; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id A908168DAD8; Fri, 5 Jul 2024 03:22:13 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay7-d.mail.gandi.net (relay7-d.mail.gandi.net [217.70.183.200]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id C91AC68D9FF for ; Fri, 5 Jul 2024 03:21:59 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 0B21920002 for ; Fri, 5 Jul 2024 00:21:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138919; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=X9zEg64CZP4nGui7XB9yZzOrYNuyBTBnWKXtKr48f8k=; b=aWz6zBfXPEUXc+2qlF5YSkMg0oaManCamqhPKv2QyMh1LBjPi9Qe48hmYKZswkAbELGZEH 4YSRMPqcLlv5RZHEo2J684wvc8gFJU1Mj7ZYEQsxgOmKTUQT+vw16nXjEvnSTsmSJSdFsH XrDCr0i57azS/KMAczwu07s2g0oepRk4F2jV/g9JzIrbG9cpU1TpCOm6Ho4pNuEC1zNxcH BhEPjkN5ihj2wunXH0Rv9/eJeZ3QVLdwR5n7VAx7AbqQJl2mF1xWZg+bkMHwtbQp6aMiny OV+cSfgDj6+VhPXkn1StBhIM/Gwb+kDTEUX4mj2Hi/Xj8i1vGLfHuww6MPhT+w== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:44 +0200 Message-ID: <20240705002156.1964272-3-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 03/15] avcodec/dxv: Fix type in get_opcodes() X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: ixe3Jxyl8cDr Found by code review related to CID1604386 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/dxv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/dxv.c b/libavcodec/dxv.c index 7c873a3e922..ba23222727f 100644 --- a/libavcodec/dxv.c +++ b/libavcodec/dxv.c @@ -240,7 +240,7 @@ static int get_opcodes(GetByteContext *gb, uint32_t *table, uint8_t *dst, int op size_in_bits = bytestream2_get_le32(gb); endoffset = ((size_in_bits + 7) >> 3) - 4; - if (endoffset <= 0 || bytestream2_get_bytes_left(gb) < endoffset) + if ((int)endoffset <= 0 || bytestream2_get_bytes_left(gb) < endoffset) return AVERROR_INVALIDDATA; offset = endoffset; From patchwork Fri Jul 5 00:21:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50347 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4000246vqv; Thu, 4 Jul 2024 17:22:38 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXlT33aEccN2gN1GXIXUYxkSFXVclhsQKxGV5Tu2Voq5AuVAU9fXXhSBcRKb1Np/GMjjUOOAl5N8qy1+hsSzq1vKLhwTYHX+6zeKg== X-Google-Smtp-Source: AGHT+IHUOCszsFktxS8UXMROPBzFd82laN5zOtwaYA7NmMAwb4BRJQEayP96/lWRT7xQfEBDZ84o X-Received: by 2002:a17:907:969e:b0:a77:ab40:6d7f with SMTP id a640c23a62f3a-a77ba482a47mr257842166b.43.1720138958365; Thu, 04 Jul 2024 17:22:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720138958; cv=none; d=google.com; s=arc-20160816; b=tW25F8miWQVoHeUh5tH62sK2bn6OKas28BNbduvqHaTrUW1Mrx3IXyV/wZWxng6jYU ZzoDsDf/+iLQrWKmIsVtuIvNIMqfEGzuh/evSDRBdvy/i2ZSMLaib2LDFTzNLS+vrBby 0KuNdCtMh82ry0AXWegGUJTPZadA5evNctuxK6Tg0yd+NJO3DLI2UJk0IceIdXnr8HbZ 4XeZt8jnwHeMAxzFWYzHgKznKfWk2Ki1PN1PSV6EDm3pwEEREeWiNueMSyMKdB/f8NU5 ag39cMSlA7f4E+rrPYoHvFv40GQJeJiBbTMN2eQT+hq8ggRzrfdu1EOfKCMzwiNaYSCb nz7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=ZrA+skl0emfKA1w6FYPKQ3CtT5Eszfy+r4owSS5LPuU=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=AVMvhtDlJvBFQgQpK/T9J/Fy/zL3eYcXwve7kjVAFoH84qA0d2t/m3SLnhbZUWNzF6 yAJOkIRIzPC0QNe8KWTz6+EnlU0aiQj7c2knlO5WbMWScy3bbmPIetz2kBRf11K7GXdy 7or785UHYViWAD1cu3nL+eMR8A0Zqy9uydWwvurrtYbtCZSmsWFL9OFllmRfgJFNs6Of 93g3cZb/yTmGn+xrUJPVRIUwqh0c2T0gQwRQuxGNFVfuJ7W5KYcI3Gwu8GJ/VQkUFMtM Grluqg980MYDbe9X6DTtLK97f2qxiyCvIWNDdJNr3b1/XktgFTmcVTYbU4WHEGXb5ybZ Dvug==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=ey924W2z; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a72ab04a09bsi747261966b.429.2024.07.04.17.22.38; Thu, 04 Jul 2024 17:22:38 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=ey924W2z; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 3BC6168DAEF; Fri, 5 Jul 2024 03:22:15 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay7-d.mail.gandi.net (relay7-d.mail.gandi.net [217.70.183.200]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 575E168D9FF for ; Fri, 5 Jul 2024 03:22:00 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id B48C420003 for ; Fri, 5 Jul 2024 00:21:59 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138919; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=a1tYX33PBCguPFmcykFTk3PAjYim9KA9MitjsSFqGFE=; b=ey924W2zbL/tvjfF8m/EroUpAectwPzS+nqdg384UWkC5kVQ3At5rmNFyxlTxQkDr2klWy Xt7RjuSo/OQQYu4V75SATfv3aWb3dnPs2vL4XLsBT08KjYI71W3aTuEJ6dsPO/0cWury+I Lh+Vev9KZa8XWuhfq3lJ1gNPcXrSI6U7opZJHHFxaMWyF9iTB2J9V232ZidqsV9XycKedQ HFuRIIoY80Wn/g6pToR3vOSE2KMLfdoiSn2O/TWgl5IRUMLLYZUeMG5yWaB2JW/zdoPdnw XEFqJlYDvN6k5bKe3pNoFEwN1Phpaq+ly8ujIufr0XcrsMq9m3+qx1ggXSXLwQ== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:45 +0200 Message-ID: <20240705002156.1964272-4-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 04/15] avcodec/golomb: Document return for get_ur_golomb_jpegls() and get_sr_golomb_flac() X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: UifG2eY3Ne8K Found while reviewing code related to CID1604409 Overflowed return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/golomb.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libavcodec/golomb.h b/libavcodec/golomb.h index 164c2583b6c..9f60fe03976 100644 --- a/libavcodec/golomb.h +++ b/libavcodec/golomb.h @@ -424,6 +424,8 @@ static inline int get_ur_golomb(GetBitContext *gb, int k, int limit, /** * read unsigned golomb rice code (jpegls). + * + * @returns -1 on error */ static inline int get_ur_golomb_jpegls(GetBitContext *gb, int k, int limit, int esc_len) @@ -535,6 +537,8 @@ static inline int get_sr_golomb(GetBitContext *gb, int k, int limit, /** * read signed golomb rice code (flac). + * + * @returns INT_MIN on error */ static inline int get_sr_golomb_flac(GetBitContext *gb, int k, int limit, int esc_len) From patchwork Fri Jul 5 00:21:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50349 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4003623vqv; Thu, 4 Jul 2024 17:34:07 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCU2H8yEtF2pdIJ7ji5zBCSC27blfMtSaJ/vbuS+EilNelQ06+Afisac1YxK07FLWnYrJjAW5HjtecWVS1uSMW9qz0+v6rpdd8jevA== X-Google-Smtp-Source: AGHT+IEtVvkYojBDYTXhFK+ivfZscbuqA0HaZhBLgm4yVJGZJAPoboZAjLCzP1rYOTu2IXY+DTxJ X-Received: by 2002:a2e:8681:0:b0:2ee:7d3c:670 with SMTP id 38308e7fff4ca-2ee8ed42c87mr21180491fa.19.1720139647029; Thu, 04 Jul 2024 17:34:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720139647; cv=none; d=google.com; s=arc-20160816; b=gyFZzYq+GNfJVbx+ORP7M284xWKYJpzefB0++ODPFpCoZ8y4qFFXQ8vfATNX8OphIx LP9BLt34G5SweiiSivVxstwtMDpa2CnngX3o6KmN92AmlamgX76ya1C3mCNjLPEO51dw V2RVPpvyaz+7eYoUAz0GvMcv7rGJt89ptWKzfB0Haxt4tIerbD6K1ghpXcy1Q+HUTKVP FbIa0YyJ72DVtvnkDWYqLhIEw5QMSJQ9FkwNZFrtVpXsyzRimWMLEq5ZRmtu/VEkE0g7 xD+ES7/yHnXLAifnI1u7VOIOAQYMECabrHarQEhV5l82OY7wYW92NE+qLhHyIIjmAtQt buyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=EMcHF0w8wjmnSXTzqRafBTQvs3ux3JlaAehLbV39e2I=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=qKhnEkfVcZZyF82Qtbohe5E+jvjHU+3bHVc5kgO++11qQC1D08vDARtv8m5DhTWbhX o5M3yOCv6KhSC6V8HMrFuro7hlyAr21mJeyky7Z8BTHV7v31MpDgCmYfUzlr/PXrr4bu ksTb8LmbXcLeZ3J+S/qj6i4WJ8EeRMuZrtL7CAmQ/NnstIxbNSJpeCgn3cXThyz8C4Qo 7GjhbJjXlKYRE4dVLDB4Dbg98WazKQaHbh5tt6eUFbp66g+/2liwktjI/vowplm2DXg/ NIHkVIRkV7lX1bhUdNMRyqfGQ9AvsKixNg94piQ+79vmAtVjAjN3/uHWZHICOWMl+HWJ Xj0w==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=VSOoN6hi; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 38308e7fff4ca-2ee92902262si2828911fa.418.2024.07.04.17.34.06; Thu, 04 Jul 2024 17:34:07 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=VSOoN6hi; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 511C268D91A; Fri, 5 Jul 2024 03:22:17 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay2-d.mail.gandi.net (relay2-d.mail.gandi.net [217.70.183.194]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 469FC68D9FF for ; Fri, 5 Jul 2024 03:22:01 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 8535C40002 for ; Fri, 5 Jul 2024 00:22:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138920; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=F3vdqrVaD4mtno25xXlzQ+1kt0JflLe7X1a1OwjpQA8=; b=VSOoN6hiPFhhTC47U8yAGqa4uxYPD26EfVwwhikFJ0jM2QakRPqiUioI3OOQefGhu5HOJ8 QfKoN/wjCA9XD/oyLFXRnCDSrx6V0tME2n5KdJPBEg+yvLf7DzO5pIQ8PR58VFXWc0dANw Pm/cPCC2P3Tbmb9UVaCt/FKNSNscwFkI5hsUVYJieuE7+BYs77z8L5BU29slK1kxsYDpqO vNKVwR16sP9IlKnZ6GQxgcJddSL6fzqfW9A0g3UQo1QhGq5o2URnpkTYZqH3ILymhQtBEa hoDE7HypcW0NxxiSItEvJIUBNcbAu/8aXL2WShdqEWyqH7iHsyt2p+EfGvXxwQ== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:46 +0200 Message-ID: <20240705002156.1964272-5-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 05/15] avcodec/golomb: Assert that k is in the supported range for get_ur/sr_golomb() X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: chrHGDwR0L2d Found by code review related to CID1604563 Overflowed return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/golomb.h | 1 + 1 file changed, 1 insertion(+) diff --git a/libavcodec/golomb.h b/libavcodec/golomb.h index 9f60fe03976..742334978d5 100644 --- a/libavcodec/golomb.h +++ b/libavcodec/golomb.h @@ -402,6 +402,7 @@ static inline int get_ur_golomb(GetBitContext *gb, int k, int limit, log = av_log2(buf); if (log > 31 - limit) { + av_assert2(log >= k); buf >>= log - k; buf += (30U - log) << k; LAST_SKIP_BITS(re, gb, 32 + k - log); From patchwork Fri Jul 5 00:21:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50353 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4006736vqv; Thu, 4 Jul 2024 17:44:10 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCV5ldMvt83ljAf9eX1GwqQ1Y9CaubejJ6hbjU6oYSmSMBg7QjWamqwB5/cqkZ9qq+qm/TTgvAg7hDymAMxLQzWyNHo90lnYWmnyNA== X-Google-Smtp-Source: AGHT+IEjWip7xcLXM4w3jZyxSFcRcJ8vlm9PAHkVebwV3CA8gFFTX5teWdkfuvEeWGNTII0WFsJQ X-Received: by 2002:ac2:554f:0:b0:52e:98f6:c21f with SMTP id 2adb3069b0e04-52ea064b29cmr2027611e87.16.1720140250731; Thu, 04 Jul 2024 17:44:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720140250; cv=none; d=google.com; s=arc-20160816; b=qujgczAlgqpbzT1IvK+3YK9vj0IA4kyiE1HUmwG3j+2ZgLmL4MVIiimd6PO9FIwLg7 Dh3F9nPi3KL1YpiVXwpwLUeSbb0WSJ6yElQzrpAu9us9ilTs6C+xLHD2xKRK2vSOxoxP WbOkJgq5/YJYVGEYvuZz0dXYO/E6jyXb7uBYctHlaA6GmqwxzFyGNbd6BDKO2hSkiI0d 9poyq9OAL1dD6Fd4ZyzQ/Z3Mz98YQbcW7wP+31q2KbriI+1+iVCl6BOC1goZ7VgiKq30 GHI7o/FJGKEpYd43r1aLLw/k90GGTztjaIeR3mPiLth4++/6V1lo36DGHvsDZwGxoNt9 twLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=ZjbeWTZEQayAtxhlBazVS5f1GufoW3HW7dRixzsmlNc=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=NgD7ptmnqbfnKszjnEo5QSKrFRZf6dr0CmGrcnmWJ+Lg1WgO+1Pgv0wiTxrnEMdN0C iU9et9IX2pChDBtFiQPdOR0ZtocgA9qAUDNhTZTBSqAmxTbw7ps0+IENxrsk/ObosijP QqUpyRIqCzlRnOlImOdGpQ8GRq/wAznG+SA5IQudyvSmmjnP5Rd+k+KHAX6FQXmJ3iNo 2u3HVea5W+/+HGIrN2wByOpNnLHWdnabfNEd6Glc9DgDluQiU+k9ThB+GTphSpvrqg5u USaXngkZGfeFGbRRd4/JhAf6UTQd6B90TTBW+oroN75bFFNTTK1Y4czAe2pa9/TsHJTG b7nQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b="CT/UKiut"; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a72ab096abcsi712846166b.810.2024.07.04.17.44.10; Thu, 04 Jul 2024 17:44:10 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b="CT/UKiut"; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id C59C168DB01; Fri, 5 Jul 2024 03:22:20 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay9-d.mail.gandi.net (relay9-d.mail.gandi.net [217.70.183.199]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id E16BA68DAD1 for ; Fri, 5 Jul 2024 03:22:01 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 496D7FF804 for ; Fri, 5 Jul 2024 00:22:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138921; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=2ruXtfqzpnmwdBotLpBRhcE6u2pEu1FAWDBvjrVNYgM=; b=CT/UKiutzE10yagoX/JJy7WAYrqr2p0Wcl88Y4Shd/H0fBom1xocUPJQe0/CczMLyFA0ak CMW+bYymgI8xxxAUc5Rq59EUQCKceJ/o5LSqPRIMp9sTHmxWUEoLZIPolQCDhiVWDtVU5i S5mNSRfAIWFuF6hFjTNoAuFw3TiaBK0EBBNZDWodmvhEd0JQRCn2IP+qRHqg07UC+UpjKT UjLAdn192HyMbTa2NPvTLghyXGBfoXdm+3QNkUAjoy88SyWYB5Lgs/eSC5336t0hf8kNzU cowAaK3LbTcarZXDfb4BZG4Uar86TcbjMaPnZKNYpltHY864NwSg5Kj+HtyE5g== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:47 +0200 Message-ID: <20240705002156.1964272-6-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 06/15] avcodec/hw_base_encode: Simplify EOF check X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: rYNMRvmeAZ86 Found while reviewing CID1608712 Explicit null dereferenced Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/hw_base_encode.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/libavcodec/hw_base_encode.c b/libavcodec/hw_base_encode.c index ecb4be6aa43..6d5632c2988 100644 --- a/libavcodec/hw_base_encode.c +++ b/libavcodec/hw_base_encode.c @@ -546,11 +546,10 @@ start: } err = ff_encode_get_frame(avctx, frame); - if (err < 0 && err != AVERROR_EOF) - return err; - - if (err == AVERROR_EOF) + if (err == AVERROR_EOF) { frame = NULL; + } else if (err < 0) + return err; err = hw_base_encode_send_frame(avctx, ctx, frame); if (err < 0) From patchwork Fri Jul 5 00:21:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50350 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4006709vqv; Thu, 4 Jul 2024 17:44:07 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCV8+ladmQUrUQ7NWdruOdOwUcLI6rCRzr5toITMDFMRRtrZl5Nd1+FSU1vdMfUBZc7X4ou7tKynLJpmjZJoyURrvYSNU2bluBjqLw== X-Google-Smtp-Source: AGHT+IFNQ3NTXRbRBH/LRqfkU6NXstwWaVVGISjUYPVJRUuUtkrFS7VYAj7OOeIVBN+utdaWhymA X-Received: by 2002:a19:4309:0:b0:52c:d5ac:d42 with SMTP id 2adb3069b0e04-52ea060d2d3mr2526429e87.9.1720140246953; Thu, 04 Jul 2024 17:44:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720140246; cv=none; d=google.com; s=arc-20160816; b=GEhQ6DKfI/4XHegf5pjTIF8PwNkRSOTBBC+hL79gBpluDVOdyxohgjgxz7zqMkRrJB ewgA+Rf3oAOVpWWptyYytSH/g45KtKiaKnI9ngXDoEfz9iXWARTu/Jhj76l2MsgVg8c5 1nzI3TOMaZAYkwV6V1KZ3wHp5kvaHZ3wwpY85tc7TDuoyDhY0fwA/8KuNV+2qIqEB5PU SUpVbXedQELa+jq/uRmAokkreWmhfJXclES34c45nwbxdmBe+FW8uGfPfdnLzkAsTf8J IZHmBkgFTQ5fd9iuYaAjWZWG78Jt3ZdXGfuLY/fBGEz1Pxr8cDbOSMYSTWNUMMZxD8P6 XVbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=PWb21M8+NROrAGJlSy7HOfLkromc1BBVFv+MoMhln4w=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=mmISRgYuxCxc6FTl6CmRCJ4kXwMOL3qWzHruo6Ob4a6FWrgPCp9aXec1fF5uul5EgG 9V3pNKNVVBMWYrOS/9RwrxwnhEiZ9qx9958m4xDnGVX+wL6v3JgQquBuDz9z2AdX4SD/ MrOPipT0oYFTmIBNSB9g4kNDQJbE11qEKcAiSscnWUnPluOUukRzC+7d+ioejU6tSDmL vmP+md8lj7OoLVnbgEVcEKMsDau+Uke+GNeQ5zgvsaAexNzTA99RKzkS6hGh58EM5Q5A Z/Z72fRK9/r5rWXzk9ooCCyJx9ebWavcWxexuDvaYrq7ZT1nsJvs2T50mSoAhwYJ3ePt c/qQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=lAMPI1Td; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a77c343cac3si75789166b.788.2024.07.04.17.44.06; Thu, 04 Jul 2024 17:44:06 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=lAMPI1Td; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 9F31068DB10; Fri, 5 Jul 2024 03:22:26 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay5-d.mail.gandi.net (relay5-d.mail.gandi.net [217.70.183.197]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 25AA068DAD6 for ; Fri, 5 Jul 2024 03:22:03 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 6B52A1C0003 for ; Fri, 5 Jul 2024 00:22:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138922; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=NUSUn3xL6Q7FO+1EuyXIqkd5UO3/pBbtPrnazgB73Pg=; b=lAMPI1TdAe/UNgsIvYGuFcP45IeBorg06zRmMeEqt5iDyFfV2yBY/5yc4ZNZYyrPWZpWvi 4Igv47tQM1lsTzmfsKUZgpDRsZXYzSpsdodjJG/rWcLt29nl3gxw47nfPjN1ReIEt/ek90 FisOhxqmeSwakP6pBqiM0OEVlq+SFVJOVodPEcYbU1BvXka2p3ZxfWLmOMNt2B6OEZAIuc Kcy2xg+8yDvMdCpqz2dE2LxTetz7Xvk9dLf2moyArThP+5HH+FswkkZ9to6jfVMu6AjGKJ axuaOBcozEET8xuXkvDiZ7y62DgGVF/4vBo3FzLaJTygS4//Dks1YaSeiVNNmA== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:48 +0200 Message-ID: <20240705002156.1964272-7-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 07/15] avcodec/iff: Use signed count X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: lX8zqZpi/0Vj This is more a style fix than a bugfix (CID1604392 Overflowed constant) Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/iff.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/iff.c b/libavcodec/iff.c index 4b3e8e0c21e..13010b451ef 100644 --- a/libavcodec/iff.c +++ b/libavcodec/iff.c @@ -523,7 +523,7 @@ static int decode_byterun2(uint8_t *dst, int height, int line_size, GetByteContext *gb) { GetByteContext cmds; - unsigned count; + int count; int i, y_pos = 0, x_pos = 0; if (bytestream2_get_be32(gb) != MKBETAG('V', 'D', 'A', 'T')) @@ -531,7 +531,7 @@ static int decode_byterun2(uint8_t *dst, int height, int line_size, bytestream2_skip(gb, 4); count = bytestream2_get_be16(gb) - 2; - if (bytestream2_get_bytes_left(gb) < count) + if (count < 0 || bytestream2_get_bytes_left(gb) < count) return 0; bytestream2_init(&cmds, gb->buffer, count); From patchwork Fri Jul 5 00:21:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50355 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4006748vqv; Thu, 4 Jul 2024 17:44:11 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCUqwMEteps/+yufxdl/pzLkmlrBGoZSotWEZPfdLV8eOk7f1yrCzjA5sWZcF1OLTn6VCCYtQOXkTiYlOiH5f+dBDH7m7ILhWSNSRA== X-Google-Smtp-Source: AGHT+IHYmCUOgsKHD/ny509DHL296SXLieHzqbOFkAbv7ovX95gzZuImiS2dFThkYVGcb6FRShCb X-Received: by 2002:ac2:4568:0:b0:52e:710e:e4d2 with SMTP id 2adb3069b0e04-52ea06327b8mr2371931e87.33.1720140251618; Thu, 04 Jul 2024 17:44:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720140251; cv=none; d=google.com; s=arc-20160816; b=SHZs5yoFB8uTvlish+C1DsbDEumkFQn0fCigRzfznCdFEV/B0cBfuVkZeL+kBJhTfN yfKA0qnew3c8XgD5A97OLIfjm9TL6LVEiaHHg45uKy0qDMw6PTnwhKTZwfmfdKqacX4u b2rVbxII3ooRLmeyMbOXcsHUxkRaleeBxxYN3snRcmpxX0fKbVlziaZYopoQc2t+T8Nr XjyRnQAv75nDYiKApZp3TdnJfgRNcqc5YX1h+3CZU41qlQYguCMPejs1NoPuf1Dl9VWQ f4LmQxT+K7RV0ltqEDj5/esvuaUXCb0JoKlECQuy2t2us5WVnR/WJ/vqQMo8Zr2xrkck 4Aig== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=T6LQ+MC3nf1VVSElNeGSdOZC4C75+OAfEy91guixyOQ=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=GrAfxucVezICuORImNFIfpI3x//rjQtqGXz/4PNEGVyjLZNGRsXYuvXrnonmhZYb2T JdeOD4Uo1xVJNuNc9KJ/8CHrljZ3M5c0hfRXOiMXD8NP6hzCN4/96OSVBEv2JWLmDtsP FuSnjs0nk3vXKjIOWhoMSsSCcvUoEQL59lFnbBMurUAnxgHS/dcjd/YLysjVrQPdnhWz gZ93lt9JM9Z8ZJwEucs8jP0AkZRhEB9xp2TjBSjWOPNGXEusmNbwrvJYDA5nyW29msmQ JzMQ69AO3tVKNDOokY4R+mi0gVSZwFCeV/Ej//qABqDqvxa8tw6dhjPxAWHXvlP5r1YV sSWg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=lPWDeZnz; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 2adb3069b0e04-52e7ab29f0esi4798263e87.397.2024.07.04.17.44.11; Thu, 04 Jul 2024 17:44:11 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=lPWDeZnz; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 4CF1E68DB1C; Fri, 5 Jul 2024 03:22:31 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay1-d.mail.gandi.net (relay1-d.mail.gandi.net [217.70.183.193]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 3134968DAD1 for ; Fri, 5 Jul 2024 03:22:04 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 6C4EC240005 for ; Fri, 5 Jul 2024 00:22:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138923; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=HYlIgFXivJjrpsNJ8ueFPpy6JcOktybHu8sLaEGkC0U=; b=lPWDeZnzA3lrNyCKGJmPkjRKwzUP1iyyarA/db23NmrJsYvgqdXU4kxJ93iFO//OPZA1DV CmtlURIIX9wqDhkwLqqWQEsGI0c5Gah3OLxNpYZH+Sncf2JFFydnh4xOWs+oVLQhtgBquZ 6VVQdjdPN7AnDurXWS/xdYIafKHVfUltLz6Pz/gSzs8lgAS7Sw8gkuLLqTRIsQ8VR7Isg+ Gj2TdZeQfik8baP5gsPD8vK5qjW4oiRzbnSqV6au0fGZNtMd/bIRr/QuLlELb+AbqdSW5f hmhp+VoxTqCejYGs5D2Vs4Fet0Fw++s0qbrYmKudbvgwjpTTgl/IONfynczdmw== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:49 +0200 Message-ID: <20240705002156.1964272-8-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 08/15] avcodec/imm4: check cbphi for error X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: K4ymkwvQYvkh Fixes: CID1604356 Overflowed constant Fixes: CID1604573 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/imm4.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/libavcodec/imm4.c b/libavcodec/imm4.c index 3a4ad8616f5..a6da8fcf95b 100644 --- a/libavcodec/imm4.c +++ b/libavcodec/imm4.c @@ -220,12 +220,15 @@ static int decode_intra(AVCodecContext *avctx, GetBitContext *gb, AVFrame *frame for (y = 0; y < avctx->height; y += 16) { for (x = 0; x < avctx->width; x += 16) { - unsigned flag, cbphi, cbplo; + unsigned flag, cbplo; + int cbphi; cbplo = get_vlc2(gb, cbplo_tab, CBPLO_VLC_BITS, 1); flag = get_bits1(gb); cbphi = get_cbphi(gb, 1); + if (cbphi < 0) + return cbphi; ret = decode_blocks(avctx, gb, cbplo | (cbphi << 2), 0, offset, flag); if (ret < 0) @@ -273,7 +276,8 @@ static int decode_inter(AVCodecContext *avctx, GetBitContext *gb, for (y = 0; y < avctx->height; y += 16) { for (x = 0; x < avctx->width; x += 16) { int reverse, intra_block, value; - unsigned cbphi, cbplo, flag2 = 0; + unsigned cbplo, flag2 = 0; + int cbphi; if (get_bits1(gb)) { copy_block16(frame->data[0] + y * frame->linesize[0] + x, @@ -299,6 +303,9 @@ static int decode_inter(AVCodecContext *avctx, GetBitContext *gb, cbplo = value >> 4; cbphi = get_cbphi(gb, reverse); + if (cbphi < 0) + return cbphi; + if (intra_block) { ret = decode_blocks(avctx, gb, cbplo | (cbphi << 2), 0, offset, flag2); if (ret < 0) From patchwork Fri Jul 5 00:21:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50356 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4015757vqv; Thu, 4 Jul 2024 18:14:06 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCW6m0T9kDS3tkM53SrecpIWrn6RKBDN6BNuunCNMuVkoGkMoC08h5Zz+t4clo8iGTCvSRFGTl9/Klx/3NzFcYNVHe4hB9Zq61mPYQ== X-Google-Smtp-Source: AGHT+IFzYOkuBaI4rotbLT+7n3A2vIGq2EJdReG6RcYUUJ56AL2pQJuYHZYfkZTWuqgCh/4vsA6V X-Received: by 2002:a05:6512:3ef:b0:52c:e728:cca1 with SMTP id 2adb3069b0e04-52ea063ab43mr2021020e87.39.1720142045971; Thu, 04 Jul 2024 18:14:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720142045; cv=none; d=google.com; s=arc-20160816; b=HOZixOgKg80FvRx0GfIRUZ5givoEh74bW/sq6RM63BbkgWCsiL0KUR1BAOOBpP+PF9 RlFrv84Gsli9YcFNgUIVKV246/O6qKNlblSBkmLhzWK0gLi15+E7fuyhs4Nt5/CHkw+h tYVotx6F1uCtHz7Mc8KxDNujI9pGfjFEfPAwt9GJszoOlUKE2Yq825L+L+Yly8L89c6f PjkYA2ugEQupIdWr1FIZHGTjuV8bbNMvt6KVdq7u+WWr55GqGEwUxshkDxfX1gYpE/x0 yNLsKP5wBu1SUhBATvkzBP2EaFvMPRfvixgEEWxb2P/IrLb11cCtpifNaGIoG2hOf5wD SKfQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=gV3FaQD7U7qA+7KiT0kTwD4pDTm/6bcmgQRex8pM2fk=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=JGu0jBAg2qeL6X1AnPXKHn8n7YTU736VDmK/EGj1B0XuZNp9j6QjvQormq5+gNEUNA jAFbBi65UiLEQhXbF6zIZVy90y2hilSwImjTbLDui0mHQuarsSPLQmgj/ekI1xIfirX7 8phzngytzN/g7oYvB9h0iLOrtfesiW/MTsslvSkDYbZAECbtb6JptXHAxiYS55oHb8/v pqChmpfAi2dt8CV/xFvZbYtCoaUPw6Uzcgq7nqAJ0C3yEZv3SBJNs7Vi9zyP+SkkFKxs Gvz8Y4TQPDyBK+WQLrxIUv2MO7zPcOicc77JdGcY4xi6+QNAeWlNSajs4zCnXqSLuJ8E RBPw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=fAR2oG77; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 2adb3069b0e04-52ea168c6d2si711198e87.593.2024.07.04.18.14.05; Thu, 04 Jul 2024 18:14:05 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=fAR2oG77; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 917A168DB26; Fri, 5 Jul 2024 03:22:34 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay1-d.mail.gandi.net (relay1-d.mail.gandi.net [217.70.183.193]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id B1ACD68D9AB for ; Fri, 5 Jul 2024 03:22:04 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 1DBB1240003 for ; Fri, 5 Jul 2024 00:22:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138924; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=SsrgdTjONhfblDrPkf8HG8qTP1E1Pguxn240/rj2eNg=; b=fAR2oG77u087R04LEu5h+gcs/Q9rq7qxZIKAc5EvoZi3zdEexbI2/pNiwgHxlI3s0h6lQy NOjo/MOhyUI/XaaXlfDkGWQ+usdVl0T/X+QQIdO73fT3jjH7EHhA21Ou2wr8RrHwGHm2BA mULluBpQLYFi9KJWnCVKJC6cSQzX0QChwuqZEZVPVhHR2urjbpJsR4Ch1/E365OzCYJ7Jd 1RDu333jEifDn/vTds1rk79WWkxhDDGC5vQnzQOj2DEeiBCp2X0sYec9xy7NjMgdWAy6z/ Y5L69i7ba4WfqwFsL5OKSfjjITPGMmyWMFcm4einIop/nSCYm/yki65o/9jKrg== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:50 +0200 Message-ID: <20240705002156.1964272-9-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 09/15] avcodec/leaddec: Check init_get_bits8() for failure X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: XNts2LPRJmku Fixes: CID1604416 Unchecked return value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/leaddec.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libavcodec/leaddec.c b/libavcodec/leaddec.c index 947c7275bec..2f5152c2261 100644 --- a/libavcodec/leaddec.c +++ b/libavcodec/leaddec.c @@ -194,7 +194,9 @@ static int lead_decode_frame(AVCodecContext *avctx, AVFrame * frame, i++; } - init_get_bits8(&gb, s->bitstream_buf, size); + ret = init_get_bits8(&gb, s->bitstream_buf, size); + if (ret < 0) + return ret; if (avctx->pix_fmt == AV_PIX_FMT_YUV420P && zero) { for (int mb_y = 0; mb_y < avctx->height / 8; mb_y++) From patchwork Fri Jul 5 00:21:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50358 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4017125vqv; Thu, 4 Jul 2024 18:19:08 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVd8BGBYeD4fFvLsxYkgyGqOZaiPTnLZ+FsXW31l+V8o3AH0sa79k4vyJcN/f8afw8Eejb76Z/Crj3aFtADcjZbhB1FhLkfzGskRA== X-Google-Smtp-Source: AGHT+IHl26Ll94Rls2eZWS+WmZ3TKbx5DFuc3Di3YzPWjCnZ8iUIxbCTiFP6deiQa3DuKBylhx5q X-Received: by 2002:a05:6402:2803:b0:58e:450b:da08 with SMTP id 4fb4d7f45d1cf-58e5b4aefdfmr2422656a12.31.1720142348362; Thu, 04 Jul 2024 18:19:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720142348; cv=none; d=google.com; s=arc-20160816; b=yhOKYJmmicyXloSOmu4DalBUmPLvoTFzYyW4aIRwYCLNV7dDW3RD6W8PPS0qKpF3PV JJZao2AjMJbQarGtgTxy0o0MeFqjU4PDHgoY674fUuMTJnidDLpP+LwmPIYCKcp7fuaV QEg57e9RKeNLfHFPSKLZ2uKbTJ55ENAEg7JVolPtyCEWdVyRQOc3Np7sd9h/45fMJ+JU u8gOtkSvZ8aEdCQ0X+KBSJ6bmfAY6F8kDB5KggozKR69xwy1frtzDTyOaFqIcuSUbLJL w7aF0AQzS01OSp2M71I0B+SHs8mFG4Tz27x0zuuD3ZeipJsE8Q8exb1iLwCaBWhV1Qqs rPLA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=ft48663jeem9IDrUG/xRlC77fzNMHg5DsDG4TAaA1LU=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=gjvwZ60FqVam8fPMHqwc9Wq/mGp4j5yPBD1qmMl5SHuxnsPgwEgWXJXcQTveRHOKE4 FYd2iCgoExnViv9RJAVUpL6kbs9jBrMoKpihWg7GZlxVCuAnd9bkFtl0i5MLJY2C4vTv xWHqP0Xu6FXwdGdAVFu6CgaWECCOGuT3OlDdj4g6zBDFZrWsT5BsTnQfx4iSTiCJz6Hx irWu35YWBLqHt6uTX9MxQINNeEXjxwIFB2PZ2DphxCu0F4KlzwVDvEPrDwGNQsko1KkC crDgIl+oysyHwLbEbwCP6RET/5xtKEAB34X1w8UPM3n538MQye6DmtfzFr9C6I9OX1sC raYQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=lyD3YAiC; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 4fb4d7f45d1cf-58d81acec1esi1951756a12.259.2024.07.04.18.19.07; Thu, 04 Jul 2024 18:19:08 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=lyD3YAiC; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id E168568DB2C; Fri, 5 Jul 2024 03:22:38 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay5-d.mail.gandi.net (relay5-d.mail.gandi.net [217.70.183.197]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 6CF8F68DADD for ; Fri, 5 Jul 2024 03:22:05 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id CBB1D1C0004 for ; Fri, 5 Jul 2024 00:22:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138925; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3kf+HhtBJh1w4b0jHnY1D4/KEBJUfl+B/c8gSDUAxp4=; b=lyD3YAiCOX0vQ2dQURWBz/y/TakWCRTa0pRvHQkuKU3QILiDk2YEvXncKVOzyC0OjPxS1K P5jKxfcMTGJeXTpP3hOHNB3RfkYoz4eeQv7YY/e/Gc+uZCiAjiIUgBR/EXR/ATlq6TDeQ7 jUBGuaYwukWIJpJy5lA46PL6486XpCgxbgz6JnASBQokN/Kg5IP0eH7jcr7e1D7pTU6isF tAb74NoVZ6X4Y2lLunCzDduxhTdXq1ESuTuJsHUhuZJOo9yZPaIMYdb4pZRWLDgVjer8XE Bxk8f8UgfpPu2yKju9PEdUONt45gdW/YZjxtFoQYnJn9Fx0TNXyqDlgh+Xamnw== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:51 +0200 Message-ID: <20240705002156.1964272-10-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 10/15] avcodec/loco: check get_ur_golomb_jpegls() for failure X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: aqkzghGINtX8 Fixes: CID1604400 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/loco.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/libavcodec/loco.c b/libavcodec/loco.c index b1294a97980..4aba1eb9c52 100644 --- a/libavcodec/loco.c +++ b/libavcodec/loco.c @@ -92,10 +92,15 @@ static inline int loco_get_rice(RICEContext *r) if (get_bits_left(&r->gb) < 1) return INT_MIN; v = get_ur_golomb_jpegls(&r->gb, loco_get_rice_param(r), INT_MAX, 0); + if (v == -1) + return INT_MIN; loco_update_rice_param(r, (v + 1) >> 1); if (!v) { if (r->save >= 0) { - r->run = get_ur_golomb_jpegls(&r->gb, 2, INT_MAX, 0); + int run = get_ur_golomb_jpegls(&r->gb, 2, INT_MAX, 0); + if (run == -1) + return INT_MIN; + r->run = run; if (r->run > 1) r->save += r->run + 1; else From patchwork Fri Jul 5 00:21:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50348 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4000357vqv; Thu, 4 Jul 2024 17:22:56 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCU4rj6FFgqT3jJspFSb1GGSzNja6CAU2BMFMyqOtJsoOEMu35gHQ2oN2dTqrs9Ib/nzTEz48M+4Fc8O/CNhfoXjRHN6JWskGvMZ5A== X-Google-Smtp-Source: AGHT+IHWBeZO8xXAXmI3HkRAnwgTDZPfEddTBBdJFp4DYwhHYsdzEOCb+CeANq7zkegddhpLDH6N X-Received: by 2002:a17:906:4685:b0:a6f:20e0:1d1a with SMTP id a640c23a62f3a-a77bdadffb9mr244235166b.33.1720138975938; Thu, 04 Jul 2024 17:22:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720138975; cv=none; d=google.com; s=arc-20160816; b=CcYGq+lRvSm+LvE2Rbeggxu02wTqxYWp0vutTAce5FerA66Ud/+5xk/AHER0W3FFQZ oTcrbfi9VhqmfigA0j3jESN3uVMwXQwv30F/8bV9ihBdnaW9A9CbunoXHF3idTQ5aDRH DV/Bu2dcPh1QgBC2bKcV4Ohx5JRUK6Wo1fhVcKMoOQQZm4hyx8Kbjq85bTOURLBW5Oyk 0P7X9TtTLl0fmpRkOkMoB0AfZWV2w1GIv0WYAS7/XlC1jPmprb/5s9vaP5jd61hz5lC+ RcXQ4xDVvUYYs01PLXfAQBXxxlNjlyaLSaTG0Abw064tJ3HBf3zmX+wSuufFq71Aq9OP l+4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=A0o2aUkzu0fCaiztL+T34Ovmep1j2Qe6xcqmuD4dhyc=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=qH7dQyc2qCCXyl+4iiA0r/Ac9blhqkvMj6QrROnh9hDZQQ6ONruwC0NZn16a7ZsS9W WJn07QeJeTCZSr8fczqieCsJhpxvjHYOauAjCIYaQ8WPK1IbnT3Hrn24zLy5S3BE8TAV LFUl7WzCZuGy6liCCj165dgKknHF7KCFGBPjKR/FW7LFRtnb91dpDJg7aCNZlWHXkbhA +9RBdFW9uLBRgZoXoxwIXHpvCUNmSVICDjzX9Rbg+98OFXvLbSWWCAIbk3XH1kpmXMSN SJ1ySqeYw50bYkx++broBppR4Z92XMOrLsEacx48ZukojDPUFyhT6YsRDOj7QBrZUZS7 IZyQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=n0EK0qRh; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a77ccee526csi11774066b.576.2024.07.04.17.22.55; Thu, 04 Jul 2024 17:22:55 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=n0EK0qRh; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 3AA1068DAFA; Fri, 5 Jul 2024 03:22:19 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay8-d.mail.gandi.net (relay8-d.mail.gandi.net [217.70.183.201]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id B96F868DAD0 for ; Fri, 5 Jul 2024 03:22:06 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id B0DB61BF203 for ; Fri, 5 Jul 2024 00:22:05 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138925; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ECFDe30C8eVCWEPcS4mSGgnFGCuE4UUyT3wS6DRRcYs=; b=n0EK0qRh8TeRj3uiWNHoaqyFpFq1QOwK6W6W7qVjxU1dW8BveSFHA5oNFMrb4DhcDKRAPc axTQG3DJ7gubQ2+trDl1bb3F/a/5eV3Riy/cYeDkR22MdgYAgcyHubmMy1FEqthiTqrP7X 4y0juc6f0j3SuP//SLfXlNEwEupFR6v1pfbxxw2IfUxp8xaaV2qN1IrKs+00maPb+omLjg W5k9ne2lq+8JOB0hcZYwo0HKV5vdcB5B+V62AKRtg/UFeckNtABHgrK3wvndioarGy9vMV 0Nt56YRMzyUMInRQUKHqvanx+0JZ6rXopPV+YXwAg56Y/kttJc9GZ5vV/Gu8+A== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:52 +0200 Message-ID: <20240705002156.1964272-11-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 11/15] avcodec/loco: Check loco_get_rice() for failure X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: PHUGt0gtlN3M Fixes: CID1604495 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/loco.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libavcodec/loco.c b/libavcodec/loco.c index 4aba1eb9c52..d73d8fa88bb 100644 --- a/libavcodec/loco.c +++ b/libavcodec/loco.c @@ -157,6 +157,8 @@ static int loco_decode_plane(LOCOContext *l, uint8_t *data, int width, int heigh /* restore top left pixel */ val = loco_get_rice(&rc); + if (val == INT_MIN) + return AVERROR_INVALIDDATA; data[0] = 128 + val; /* restore top line */ for (i = 1; i < width; i++) { From patchwork Fri Jul 5 00:21:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50354 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4006745vqv; Thu, 4 Jul 2024 17:44:11 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXqIs0uq2iDB56bcE587cyxeFKV3ZVmzWe8EYBGKBA7XwYo0PvrOfpbtri5QtwNEercuJrCq1Ukc5HABxcUZqbux3OSaCAckA8Hkw== X-Google-Smtp-Source: AGHT+IEVoU3d9eFNEuyzHM5UsAkeTO8DkwyZBpc4LCNYrCrUSzPJ3EnOoUb4syp+LVI6FpoCeVte X-Received: by 2002:a50:d495:0:b0:58b:5da7:4851 with SMTP id 4fb4d7f45d1cf-58e5c828267mr1990576a12.2.1720140251425; Thu, 04 Jul 2024 17:44:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720140251; cv=none; d=google.com; s=arc-20160816; b=DzakpXNcWaqdQCsfzxEEntpLOak2P1cZ1s+DVNGtt3EisRLsLyRFRMwKcwH1qs1iWw xFwcU/nSgWfqeH1IOhk7VXPG306lh2/vDOTs3f7P910oOMEn4X/3xVE2vCn473SUmcGC dgYggH+wFbNeZNmfreeWUgp9g6caNIKUQBfDfwRwRkE9DBe9Q/IbEvIPiUtDd19Q1i6J FsQQ0iQOOwtEQ010HXzExYPaMgEUSPOGuScdgcKeFauEb9aJpRvwa70RCjD36FX0Kh8O 4zpLefim2e06TmjingJoakWEKXJu1pZ5E4sfWp/gJ56/rwyAHeS3qIoA4q9HXWaTX9cl lhBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=0IHxXUV5oFRQx1YYmcNKIhQJ1WKwcUEtIzwSvsceQJg=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=IhSqz/25JsTqVYH5ufV+JribOg/K63FGSeUZIzemI7f4Voxw7hyZL6FSFpJFqc4vnl nnyxsCC5OvPhpoTHh+5kY4PtUIKdWMZbUVxoblSaqWa4KSOTqrAK+6m7dZioqpoBOUmN zmB5ZHDwuaeN0LeXUI3pa7/WlySdR+wybS1sM3Cey6xM2oZSyqyKT3xxHvji7Nk1hibh sZmuy22ETmv92SuFkYVUgAK9gtaX1wmragLSam/MCzWk8PAPqUHfz/54pqHAQBHBt2JK CBygq85aorWh7Sd07VdxpS8z2t+e9e6+qfWZhCrn0fzw7uwcVB859Xcad7mGls3Q8xnK 9KSg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b="oBmX/HoI"; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 4fb4d7f45d1cf-58f6e2c50e4si351927a12.185.2024.07.04.17.44.11; Thu, 04 Jul 2024 17:44:11 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b="oBmX/HoI"; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 48B4168D9B9; Fri, 5 Jul 2024 03:22:22 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay9-d.mail.gandi.net (relay9-d.mail.gandi.net [217.70.183.199]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 423F368DAC1 for ; Fri, 5 Jul 2024 03:22:07 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 7A52BFF805 for ; Fri, 5 Jul 2024 00:22:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138926; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=RivaORMlTknVRy9SU+AeShy2ESFcTlDTA+/aTtt160A=; b=oBmX/HoIqFm5zGQCvVEzOaPKNyvFX4+ZiGqIj03TwPWT9tKJN+WWYTxs4B2DjJY87Mi/Bv ef9c5xanA9shRKIUxW6VGW3zdBdVwmPKLnIaXFIRKwUJCr1rKVEoeMtZ7PYv7oGG3I30FA mDv+iyLxsIPhogbto4wC65vrVK4vXtszTVcFuUA4LEOpLEwoDdQaKmG1VDBm+IezvSDwTH A4ZoRoe6itIMwpyzubL/dXP2tHDEiIv5xiIa4NAog2xmhAb6ybIVoo0wdHjaT70bGwuQSv 6deofU+mCm7uutLTbe8rnwZoByFeTsT2aN0aBtY3F6k0fDdGx4tjoPcms2OlYA== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:53 +0200 Message-ID: <20240705002156.1964272-12-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 12/15] avcodec/me_cmp: Fix type check X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: 5kZTdXBIkKfF Fixes: CID1604375 Out-of-bounds read Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/me_cmp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/me_cmp.c b/libavcodec/me_cmp.c index 592ee760840..f3e2f2482ef 100644 --- a/libavcodec/me_cmp.c +++ b/libavcodec/me_cmp.c @@ -517,7 +517,7 @@ av_cold int ff_set_cmp(const MECmpContext *c, me_cmp_func *cmp, int type, int mp cmp[i] = zero_cmp; return 0; } - if (type > FF_ARRAY_ELEMS(cmp_func_list) || + if (type >= FF_ARRAY_ELEMS(cmp_func_list) || !cmp_func_list[type].available || !mpvenc && cmp_func_list[type].mpv_only) { av_log(NULL, AV_LOG_ERROR, From patchwork Fri Jul 5 00:21:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50357 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4017122vqv; Thu, 4 Jul 2024 18:19:07 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWfRbju4aln/iZPSerJ5p12EdXhJuXUN2sOxAVzDCyfq3hAxDAjGtpJW6B9jJN1+I5c4iV3mYajkkLeVtxJoL7hIUP8CvW5k593cA== X-Google-Smtp-Source: AGHT+IHMbj/sY+6LAQsI033RZ4tfWqM4CcA8olcPd8azHcMuweb00Z8dy43/j2RfK0Z9QBTZn5lW X-Received: by 2002:ac2:44d9:0:b0:52e:751a:a172 with SMTP id 2adb3069b0e04-52ea06a70f5mr2859814e87.49.1720142347466; Thu, 04 Jul 2024 18:19:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720142347; cv=none; d=google.com; s=arc-20160816; b=yMuodGqtz0LmfQSiIPr99+BTo5u8YSsEi6OGE2EHxMW9D+ay+7dqdT26uFKzwxgzuq 6DjEfq7yWwTBU6rQxY0IV1yMqVDxThST5h9ldaZYfxGMimvew8QmETO8T68Gv8dDP4Kw DAyRJyYcUw9vugQOfSWr4DZJHLMFR/2FH95Xj2v0RJ3poxLm2AOzKtmGY8Xup9KoZ8r7 8rGBSlapJopMh5beuTNQG2xEN40iM/kwfENxg/0gvCUZHLyVacVBoLCJD2+itL9kWBsy xaiJMeLSYJDA6LwfRpWvnuesTFiuQUCNGu3Q+BL2B8O/HofGPkgk6lJxWs6SpBkXbLMY eW3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=8WVhci6XfNotYI9371xiZCdLFMj7T6Lie8jiK1vwOdQ=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=dO2dcJwaePk6PVWLElBkrpJ3RynXLRQeFNYI5e0WVx7pdF/z6yJG2Ns0VSb7IZ9chm Xx6yLtdu3ZMlQv2JADtZVZmzdhKjDLIY4jF+UoAd+xTGYIvq3eYiQqAeNjk17+CHnTG1 aCkXWnpXEP4UqAI2Nqs61PPQR9qjYzI3flVo3tk43QRYK0mc4w0rpBRKTMvpopWfr7nd rPH4qMem+75EledgCQEyhvp84ns8qt9FQDa2n3FRWzZe47n/29FOH7FQE5Q4WDyvSjtg i4xJzzjGade8xpyfrDMHenp6xKIwOmFsb2UWOeDD1F9ja2dtIMjz+E8/5jXuQgrOf8Bu 4I/w==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=E7Ua8qiu; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a72ab0674acsi706258566b.498.2024.07.04.18.19.06; Thu, 04 Jul 2024 18:19:07 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=E7Ua8qiu; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 16ABD68DB0B; Fri, 5 Jul 2024 03:22:25 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay8-d.mail.gandi.net (relay8-d.mail.gandi.net [217.70.183.201]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 05EB368DA9B for ; Fri, 5 Jul 2024 03:22:07 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 3A9661BF203 for ; Fri, 5 Jul 2024 00:22:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138927; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vn0NNsk4RmqyH0BfAVtDhSAVV2Q27wSfSzagq5l8F3I=; b=E7Ua8qiuyQihLQoTrmh/1UYC9C3EKqCLnkQR8hpu7vlw1OujgSVZp5Pn4juLASvwm0KxeZ gpfQ/69KQ5pl7izKMlqfnhpvxDA5qNLYXqYQR2YcogkRu5xn2kM4MJX2Pr2Y9nhs3DVlId M2uOOeBGdgLmvNJ/AB/3hznmMmlfHCML+dQJl4W2il8xYD/fjuoxI37LdyG0DZcx7cRIuE 5p0BOi/SXWLuuY/kI2Dwew2uEUJn2Y5lE8sZTJh5ezbRaKkBAD/dyIVM/lOd7M9UuOyu8+ OyfVKka1EJC+ZEoDfJ26CgMQsi4++2Nsed8sWeEMi7ItjvV0rEAHfSW/MXDkEg== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:54 +0200 Message-ID: <20240705002156.1964272-13-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 13/15] avcodec/mlpenc: Use 64 for ml, mr X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: dgTrWwtT3Upm Fixes: CID1604429 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/mlpenc.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/libavcodec/mlpenc.c b/libavcodec/mlpenc.c index 67e0e109aa0..06670de456e 100644 --- a/libavcodec/mlpenc.c +++ b/libavcodec/mlpenc.c @@ -1414,7 +1414,8 @@ static int estimate_coeff(MLPEncodeContext *ctx, MLPSubstream *s, int32_t maxl = INT32_MIN, maxr = INT32_MIN, minl = INT32_MAX, minr = INT32_MAX; int64_t summ = 0, sums = 0, suml = 0, sumr = 0, enl = 0, enr = 0; const int shift = 14 - ctx->rematrix_precision; - int32_t cf0, cf1, e[4], d[4], ml, mr; + int32_t cf0, cf1, e[4], d[4]; + int64_t ml, mr; int i, count = 0; for (int j = 0; j <= ctx->cur_restart_interval; j++) { @@ -1447,8 +1448,8 @@ static int estimate_coeff(MLPEncodeContext *ctx, MLPSubstream *s, summ -= FFABS(suml + sumr); sums -= FFABS(suml - sumr); - ml = maxl - minl; - mr = maxr - minr; + ml = maxl - (int64_t)minl; + mr = maxr - (int64_t)minr; if (!summ && !sums) return 0; From patchwork Fri Jul 5 00:21:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50351 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4006714vqv; Thu, 4 Jul 2024 17:44:08 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWkBtuXDfjiUXXLrgKZG3KqmYriTBM358dIXsmm7v/Jqy2rWuqvOxfu5lRxBTGEXuBZv4wJpn78tt1Say2eiH2P10vwdiooTVd4RQ== X-Google-Smtp-Source: AGHT+IEtsIHjUdmG8t0w2IwXQwnyx2khub+KNDzZYhlcBZKb+4XZjb7EuvbwcNAXbDzzfR7cikOU X-Received: by 2002:a17:906:58f:b0:a77:aa6d:e0c7 with SMTP id a640c23a62f3a-a77ba4789efmr204054266b.30.1720140247693; Thu, 04 Jul 2024 17:44:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720140247; cv=none; d=google.com; s=arc-20160816; b=w0DwSqZv7baww4ax1dsXphr/LRqMMb/ebF9V9sbT8axkERjlThyXVDmmU3KdSmlLY1 EYSfYUHTuia0ls+LvmuzOSwgJJwq0bC9CO+U4TCYqGLXSghqgGzORpJ9V8Ie0FEnB7Gs xHkbzuANEwk4XeNKgnt7tB3yyDV6XO+g0QvmivujLurwXoKiZHQoK9ckLpMWQptdgq5I QT9RP8gLaq9ajAJTXnBrjYipV23LWj5zZgzk8rPfPQb/ipO1E6HOVHkCnT3uK91X8O/c LPdxqGVghAi8VQZBSrPdWb/7q496pbBKmRkws0bzU6nscFofV733XEhkp8FVp/ySoqGb St4w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=Ofdk+ij4/fBOHV6wPvTob1MckHEx99F1nUxxm5M+fCI=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=s8+M/aN0h+pKxMIMzk1MT67wt75nda5z2JfFrrHXLk5MHgtNiFrJ9jroXCKmg1ngM+ A/Z1GebVdglzLISxGLLajz0LY9PehuFxCqVqb5T7k4bFhsydl7T/XgA0ja2Y2l9eV6go f89QlWCisgy7AZSlWzWJaPgBskjSh85UQR5ZL1uQQOfrIxfPPUN85iEf2W1fjX8BVsMY P4hZp8RT2jB6SHuYwTscejWK8AmISX4OoNFWhnaCjXvid+j6SeEJD4AnKqCzIVb4TXBX R6XdeLtfMOSJKod11cxi9anK1obJywW3D/Lr7mOfvI/3c1PuKR8tNdcYQZv7Wl7MiLf1 FDbA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b="ME6ND/xg"; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a72ae7d7b73si712677766b.409.2024.07.04.17.44.07; Thu, 04 Jul 2024 17:44:07 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b="ME6ND/xg"; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 95A9068DB15; Fri, 5 Jul 2024 03:22:27 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay3-d.mail.gandi.net (relay3-d.mail.gandi.net [217.70.183.195]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id B1B3C68DACA for ; Fri, 5 Jul 2024 03:22:08 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id EECC260002 for ; Fri, 5 Jul 2024 00:22:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138928; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=JWWz5hevY8M+lk5CqkcOeKuUU6oRV1l7qu8zWW5MVKE=; b=ME6ND/xgE7YmVT/CH98CnE7YwhFJim8yJqqb0ZiE2mKSjz4enplrbeHpXJDO3/cuRYyl0g fLyGxNv+pBCoD5oXlbnJ4Hb84/r0iKyK8+3AsbPOA2p6tGdhrTh5c5QljOz+jBi70Tss0S kF/BuFZL3uYbbutJJTwP1J5f/NQoZBdrs8XTxKuYKV2K2ckQQSYa9b6dYx3sg6aGKDQw4Y eiLy5eb0898lEhp4/UHVod/zFZe8ErAQd6IyGo7lC3la14EDOIV6wCwPqSlmg+v5nkZHfG kMUvaNoY/YriaJTjFZVSYqpe4FVcwjoqdKVwcTy3O0tnVUYQwPSEhz62KSgQNg== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:55 +0200 Message-ID: <20240705002156.1964272-14-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 14/15] avcodec/motion_est: Fix score squaring overflow X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: FZRcFmbc90Sk Fixes: CID1604552 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/motion_est.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/motion_est.c b/libavcodec/motion_est.c index 554fc9780e2..e4f17fb2d86 100644 --- a/libavcodec/motion_est.c +++ b/libavcodec/motion_est.c @@ -1454,7 +1454,7 @@ static inline int direct_search(MpegEncContext * s, int mb_x, int mb_y) s->b_direct_mv_table[mot_xy][0]= 0; s->b_direct_mv_table[mot_xy][1]= 0; - return 256*256*256*64; + return 256*256*256*64-1; } c->xmin= xmin; From patchwork Fri Jul 5 00:21:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Niedermayer X-Patchwork-Id: 50352 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a59:cc64:0:b0:482:c625:d099 with SMTP id k4csp4006723vqv; Thu, 4 Jul 2024 17:44:08 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXVlXIST2ePOhHj/q63nEPtda1R4x+fOCd2pAnQcuy3S3I4DWCWNfLBzP1WdIHjlf8WnsYvHPXPqYj7/ZvQwczqAZEHEyt5KbtRgQ== X-Google-Smtp-Source: AGHT+IE3tUtZTgBmbWgwbnLC4ioUi0o1AkqX32lhKOfjevPOY3cp4wN89BGJjvvczISER5EYPBRV X-Received: by 2002:a19:e013:0:b0:52e:716a:1898 with SMTP id 2adb3069b0e04-52ea06c75c6mr2302578e87.58.1720140248692; Thu, 04 Jul 2024 17:44:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1720140248; cv=none; d=google.com; s=arc-20160816; b=Yi/cnS4z061fhkKjjkVIkB9Oyg5rCPJSRzS0C3GqdidSCeWrcoopj9OthItQ/3koaL RzFLRWQKeqtFBQLCBYgQa8g7EDnS2n9D9kVdm0orqGG3XcJQKS6Zz7UA0uJPNztVrB3p RWhouR4hPhAxDQ3awSg6fq9G3Z74k3u//oxm6q3dxqZXCKl9wpEfg7k6S9GIcXusOeaR UOv6IndP/VHCuDjxbG+u6VFBIxDJm6KF0t6dcgTYwiMoQ239XqOFcqwgsGkJd2dbluuH ynCf4FWDow7vKqVhiLuQvVOVl4bbHehkQlI244NFRHGWswxezSBxSvuuU7Yf6kVnPR5X C4Eg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:reply-to:list-subscribe :list-help:list-post:list-archive:list-unsubscribe:list-id :precedence:subject:mime-version:references:in-reply-to:message-id :date:to:from:dkim-signature:delivered-to; bh=dXvNK9Ah6IEKsTho3w7mkwwIERXeOnAlDFkn0Ns1D30=; fh=e5zN9xSzcxLA6bGo3lF+CqTbY/oLwzApV03EO/RBfgQ=; b=gvLPWGKHVPkpGkUaZ2wPc4B6ZaQniNHJvBX+8mOU79bWB/WYiWrjV4UO2ddUA8I21i wkmtVRPp7BavRLjkxppGbeFjSzdCAqXlvpTtuLOig+agoCg4EY1xi482X0Y3r81kGDMB elTQE28tvlSE5A4Le0Qt09dO0iHTTOYqf5dh1Bb2WGLEpBi//YCf6nIvIMOiw+2BRBBF VWxjmePXP8uYiogclpe5M2NmM67Wh2IrpMNEyrrSVoLfoiQ4OfBtZSHNvjnyJY+JH/Ep sXt81GKBTZ9rbYFXSer7tzjxehF4ZhS57qm4Jt3CQnnZN9qHGFqlI1k6TCTvSRND5rpB VnPw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=YpNxfs6L; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id a640c23a62f3a-a72ab06785asi726188166b.531.2024.07.04.17.44.08; Thu, 04 Jul 2024 17:44:08 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@niedermayer.cc header.s=gm1 header.b=YpNxfs6L; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id A231268DB21; Fri, 5 Jul 2024 03:22:33 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from relay1-d.mail.gandi.net (relay1-d.mail.gandi.net [217.70.183.193]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 7601168D9AB for ; Fri, 5 Jul 2024 03:22:09 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id B1B54240006 for ; Fri, 5 Jul 2024 00:22:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1720138928; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=mDAmKIfhw2Gl94NS4spahAMdXzu72d+moyVRqnN0Mq0=; b=YpNxfs6L4lpn7wNeQc142t/zkoTrKmIcevJIal9UL2qdrNTUU4ewAMxdzfS9bYfUFfovSn d9JSDbCl66XrwcoIqr3UFMtPWVfZxR09f6VAZu/npfQLgc2RqgGIQoXrxB6aOkNtbtk0C0 19xAnOeb6UmCh/61jZ+fEIbTzasmMaPDH9Uqc+c46VeqGsyhIYbX8WNnyO9XA8XTsRB0u7 L4xa6RK53n5JwYrC1iWpq5lUt5C9UnXNtGihNXi6Iksbu1Kyh9g37FIPbQlcvT/+EyjSB3 XagD9xruKGHBzpTJB+aQDyuQp339jk43NbVGnuPQkXm+oReH4WFlfLvFgJ3w5Q== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 5 Jul 2024 02:21:56 +0200 Message-ID: <20240705002156.1964272-15-michael@niedermayer.cc> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240705002156.1964272-1-michael@niedermayer.cc> References: <20240705002156.1964272-1-michael@niedermayer.cc> MIME-Version: 1.0 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 15/15] avcodec/pixlet: Simplify pfx computation X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: szLQnpRHD9F+ Found by reviewing code related to CID1604365 Overflowed constant Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer --- libavcodec/pixlet.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/pixlet.c b/libavcodec/pixlet.c index 6b6e39f2757..e9c561d70d9 100644 --- a/libavcodec/pixlet.c +++ b/libavcodec/pixlet.c @@ -231,8 +231,8 @@ static int read_high_coeffs(AVCodecContext *avctx, const uint8_t *src, int16_t * if (cnt1 >= length) { cnt1 = get_bits(bc, nbits); } else { - pfx = 14 + ((((uint64_t)(value - 14)) >> 32) & (value - 14)); - if (pfx < 1 || pfx > 25) + pfx = FFMIN(value, 14); + if (pfx < 1) return AVERROR_INVALIDDATA; cnt1 *= (1 << pfx) - 1; shbits = show_bits(bc, pfx);