From patchwork Tue Sep 21 09:14:07 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Zhao Zhili X-Patchwork-Id: 30422 Delivered-To: ffmpegpatchwork2@gmail.com Received: by 2002:a6b:6506:0:0:0:0:0 with SMTP id z6csp2234729iob; Tue, 21 Sep 2021 02:14:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzPO46EszqHYuOaQ9+At3AlltfIfNDvySuZ8YPXe3Xt6BxEeRR4vo4XgOmcHqIJxSwJlTzY X-Received: by 2002:a17:906:1146:: with SMTP id i6mr34324302eja.12.1632215669521; Tue, 21 Sep 2021 02:14:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1632215669; cv=none; d=google.com; s=arc-20160816; b=NHzr/AXR+6uAyjbCIHFHS9lIxOKgPAzVniT4YBR6qEUjId6aq/BULjkj0h4kvPicq3 6+k2coSKkBPyHliBufG1rIkpAd8APAgqeKrPqDpP1WpQoB/+vj50pXVejvNy7b560X+8 rsR8fjFWHc9SUP1FbwAehDShyDBXW19dH7F6RMXmmXXiMQ2S24dPdxfHY6NozyDXUu9i tqxu1H5/UHvVCa3s2nPMeDM0oWj77zlZx0+PsrICYWjQfDhWJBoRnJ0SEy8qNcwQwkfM lziHi9LW55ujS8SoSSyOaLiwiZ9k12b1XNlFlX/QdG8PbWhRA8XxvZGHHMXmDNte0xzo WdtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:cc:reply-to :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:mime-version:date:to:from:message-id :dkim-signature:delivered-to; bh=xLyqqwxcOJJZL7C4G4qlcO4cVUqJDvSyUVZDCliRYTA=; b=Vaa8EXFsW8R+tIylmJLR/TKqGocExEKg8D5B2WHVc0n4+YnczI0u37CqtW5cYp3v0b eYTQcywDGIUOrnS9Tb0o0zW9kv7j+ScVEtQVoRuoGn2eVejRJfVuxD6720ab/navDE0s 6utsZ+EeLn4LiRZoSdGqDgLKqvutQL2Ctkf8PRCBFNQPrWsFUpm7H1bsslr6MptdqCUc SqbQgHYDsX25LHYEuO4UElHUYUeymqSaOrJpxLB+7BExiBLiq/QjVueZJHyepDOSKCaJ EarV+V3ZX8LW84uHT4lJEhUU8axe0MINrXUHZLtW9LQuulCmxsPMQLHdFWasvhvwwoWE ccMA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@foxmail.com header.s=s201512 header.b="WwIHxKd/"; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=foxmail.com Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100]) by mx.google.com with ESMTP id 6si14033757ejq.52.2021.09.21.02.14.28; Tue, 21 Sep 2021 02:14:29 -0700 (PDT) Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@foxmail.com header.s=s201512 header.b="WwIHxKd/"; spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org designates 79.124.17.100 as permitted sender) smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=foxmail.com Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 3A57268B1A1; Tue, 21 Sep 2021 12:14:24 +0300 (EEST) X-Original-To: ffmpeg-devel@ffmpeg.org Delivered-To: ffmpeg-devel@ffmpeg.org Received: from out203-205-221-210.mail.qq.com (out203-205-221-210.mail.qq.com [203.205.221.210]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 01B0668A8FD for ; Tue, 21 Sep 2021 12:14:16 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foxmail.com; s=s201512; t=1632215651; bh=bpnew0ae6Fvt5PRh+H/vuHBiHI8xEIbVDIB4vaTCK1w=; h=From:To:Cc:Subject:Date; b=WwIHxKd/SniVJVqVnTbwxFUAEaIzhdbpEqb0D31kXLpScPQ6qx2NPDxkGEG4TOeH9 IAG4FSPdPNlXpispYSgj/IyAjwjGB1Q3R2nI6cr1RTr++PsdDgv9p/z3J20Y0+hRAh Nh/cC5ta3eu/eHkk1v/vsE+YZGu6wf6FpOJcwhrI= Received: from ZHILIZHAO-MB2.tencent.com ([119.123.73.141]) by newxmesmtplogicsvrsza23.qq.com (NewEsmtp) with SMTP id 389BFCBB; Tue, 21 Sep 2021 17:14:09 +0800 X-QQ-mid: xmsmtpt1632215649thc5x8fyx Message-ID: X-QQ-XMAILINFO: NWth7vBa++GdLXsXclj2wwDHpsz12RAPf6ZPBykGJ9sIJ3XL62gGC1RNN1XTFD bZmUiIUaXpEFvnZgglsE20hlocKngechqEH4UV1SAkbyPj9F7paM+5r9wcINb8mq85BBcCJzAMoB m25x/dF157biBokqrrRTxaKlk3Iu5Z8g7z/KgsUVf/99QzakNKs5qnZlq7Hd70/+/7xJAY9ggiz5 /KJtiwTSYqLnrm+RxX4Dm+m6mtcenKfhJJq9VK+rPdKgx4cado3tRLpbR+KlR5Q140927m/RcSHT cKp4HnGZgRI1Sn57AITHUsR6+3SIRpSQ38kpeXO6SZvCMtzJqePlkhEfqa8z5uuxVa7GtTaLfW7Z wey38yTjhqv/xgQ2YvODbtODaK1iz611JB+VzqCEk2zb7JDqlGonCC7BnUbNZPMUZ+YQHmgDuFab IqdwmDH+G1HB+VDuS1cMSqv5fTLx6Q0A8HJwnjLHroDZHpR/jYOktb1bobTSDfwtJc1Uz4H2SXKv V57OzoH1cimkDf70BlV1PfuW0d0a6xZRpAyLHB7w7zqmaZCDY/AzqSrFtbJ8AZ9R+5wlcRdBIuFP yH93Wx35nAAyQKeZ7aTQnCR3zdjecLOwg+/42Dh203SqCTRMwEE7knKEdLK6eNLG6dzcllp5IUog +t4n+Ho/Q25KHZZwT8ycxlSluRfBBkHd6yUgJnKEagwyywJ6iVmkZ0UFauIOxA1AAfClwuwwetvS MaYQOwzwL3JYQQ20mzHCoJbso4S+jV3sKPI/0LV+bQMD/fG80nvESzA2Cpj1nC5DWFUfNwLUxANV 29xF2N8wg+r9jd29iO4dTzmj8gtLDh2jYbob6Ed5Re67ebJHzVWA8l From: Zhao Zhili To: ffmpeg-devel@ffmpeg.org Date: Tue, 21 Sep 2021 17:14:07 +0800 X-OQ-MSGID: <20210921091407.34169-1-quinkblack@foxmail.com> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 Subject: [FFmpeg-devel] [PATCH] checkasm/hevc_pel: fix stack-buffer-overflow X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: Zhao Zhili Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" X-TUID: UQtVHV9owmry ==225880==ERROR: AddressSanitizer: stack-buffer-overflow on address ... READ of size 2 at 0x7fffe49ab400 thread T0 #0 0x18301da in put_hevc_qpel_hv_9 src/libavcodec/hevcdsp_template.c:666 #1 0x6c6bc4 in checkasm_check_hevc_qpel src/tests/checkasm/hevc_pel.c:97 #2 0x6cecc8 in checkasm_check_hevc_pel src/tests/checkasm/hevc_pel.c:528 --- tests/checkasm/hevc_pel.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/checkasm/hevc_pel.c b/tests/checkasm/hevc_pel.c index ec24309081..3dc7cd9090 100644 --- a/tests/checkasm/hevc_pel.c +++ b/tests/checkasm/hevc_pel.c @@ -34,7 +34,7 @@ static const int denoms[] = {0, 7, 12, -1 }; static const int offsets[] = {0, 255, -1 }; #define SIZEOF_PIXEL ((bit_depth + 7) / 8) -#define BUF_SIZE (2 * MAX_PB_SIZE * (2 * 4 + MAX_PB_SIZE)) +#define BUF_SIZE (2 * MAX_PB_SIZE * (2 * 4 + MAX_PB_SIZE) + 8) #define randomize_buffers() \ do { \