From patchwork Sun Nov  6 12:34:24 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 39188
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a21:999a:b0:a4:2148:650a with SMTP id
 ve26csp1529855pzb;
        Sun, 6 Nov 2022 04:34:43 -0800 (PST)
X-Google-Smtp-Source: 
 AMsMyM5c0ToaePR29obKBN88yfS2oM9sLpzm/FSqEkH0na1/zr4KXrpY2gyRTXrwJvy8CqKqsPBE
X-Received: by 2002:a17:906:6956:b0:7ae:3a0b:c6f6 with SMTP id
 c22-20020a170906695600b007ae3a0bc6f6mr10971571ejs.383.1667738083274;
        Sun, 06 Nov 2022 04:34:43 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1667738083; cv=none;
        d=google.com; s=arc-20160816;
        b=yETO2D7ldpFw4ukpwwoBg8Z2F3R31uawytps41HWEYC/cBy1/5tjkHZ/hKIHK5APfF
         mvQvfub54hGktGslnwOihiXtcPv2rjH1dN6zwgMsAUySxDmKkmZN3llTxMU2X7T3+PfB
         DD/vutKZ+J5+phpARQbhshsI+PiVvVOCJsxMAc1CP0QVgTq3Ur2EbbbhW+AXdx3VxCgR
         Pc2qohbTJ7r4dnXDSmPvoLyCO/d6WAH+5+h4zz8Ah+sL+tmgbpGUvjQCJMJwN2arXALg
         4qBjaCH4pytGgz8V0u0fwDGs6Xc88HvhJ74RI4ixtueMNijYKD6kCNXpgLXHEAycBNhi
         3vOg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:message-id:date:to:from:delivered-to;
        bh=di78MPso/iuKueygiYlrcDhM7BeFK9UKaJnYXYrXEbA=;
        b=s0esp4vSFBOcWo2g3kGK6djth8l7v1wAN2kHm44gnQ1FmwkBub078/JOApRyu+RZBK
         nptcLbgLTNYqmTb6aK8DliyxEayfFX2o+8IyZ1SNLl8FUr2yXlLiCpSF71PMnLGMnZbf
         ZQgXBGbInnkHnDW26VX/QHVZlT6KMopDVxmkgwY4WA5Zle8AJGft/PJg6WlfxdYyZGBK
         gFyaV7p+9ktGJyup/jmRthoTX9oLi2RHzFyP7pvKw5v/NKwgWC+V3d488oEMDAThfXhY
         YW1Rvyuw+3LM+aMUOB59KgxGKgnALWnT2IyjYbgxf57YiKfJCdmOAjOzLOkg6QgtmJG+
         LwAQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 s4-20020a056402520400b004523826ed6dsi6645865edd.554.2022.11.06.04.34.42;
        Sun, 06 Nov 2022 04:34:43 -0800 (PST)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 1C1CF68B5B3;
	Sun,  6 Nov 2022 14:34:40 +0200 (EET)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from relay8-d.mail.gandi.net (relay8-d.mail.gandi.net
 [217.70.183.201])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 063D2680A26
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 14:34:32 +0200 (EET)
Received: (Authenticated sender: michael@niedermayer.cc)
 by mail.gandi.net (Postfix) with ESMTPSA id 1A7CB1BF207
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 12:34:31 +0000 (UTC)
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun,  6 Nov 2022 13:34:24 +0100
Message-Id: <20221106123430.1668-1-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
Subject: [FFmpeg-devel] [PATCH 1/7] avcodec/bonk: Use unsigned in
 predictor_calc_error() to avoid undefined overflows
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: v/eyu6TaakTR

Fixes: signed integer overflow: 22 * -2107998208 cannot be represented in type 'int'
Fixes: 51363/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BONK_fuzzer-5660734784143360

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/bonk.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/bonk.c b/libavcodec/bonk.c
index 1695229dbd..9e8892e4db 100644
--- a/libavcodec/bonk.c
+++ b/libavcodec/bonk.c
@@ -278,7 +278,7 @@ static int predictor_calc_error(int *k, int *state, int order, int error)
         *state_ptr = &(state[order-2]);
 
     for (i = order-2; i >= 0; i--, k_ptr--, state_ptr--) {
-        int k_value = *k_ptr, state_value = *state_ptr;
+        unsigned k_value = *k_ptr, state_value = *state_ptr;
 
         x -= shift_down(k_value * state_value, LATTICE_SHIFT);
         state_ptr[1] = state_value + shift_down(k_value * x, LATTICE_SHIFT);

From patchwork Sun Nov  6 12:34:25 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 39189
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a21:999a:b0:a4:2148:650a with SMTP id
 ve26csp1529904pzb;
        Sun, 6 Nov 2022 04:34:51 -0800 (PST)
X-Google-Smtp-Source: 
 AMsMyM7b4cgZP0lcvNgag4IlWluxMN7m0PGGUBZXPq6CBWiUbVkK6V5tVJ5napfCwPxXn0/DI4Eu
X-Received: by 2002:a05:6402:2285:b0:462:cabf:5a0a with SMTP id
 cw5-20020a056402228500b00462cabf5a0amr44014510edb.279.1667738091591;
        Sun, 06 Nov 2022 04:34:51 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1667738091; cv=none;
        d=google.com; s=arc-20160816;
        b=mW+MtpHl1Wa38x0JsZPPPUpVkFiqZo9x7FeNyS6bRPTEWYSjnN04oVGinocJ7MskI3
         eaqtOpsMkvD3bTkc9t9WnlHV6oD8cf0Ijfiyi4m2xAljkHnzbDZVi+Chv4W6ytG0EPwm
         sqa/SkdpCMmQ6HOxEor13O41FUcEo8bPNgkU+fS3QXokmrwFWUWrTDFDGq1nGbzDE0FL
         4NQ3cWyghOlmTLdG6TEKFtq0VyL8eKa5k5enfUlzGo6fyAfJGZZ54vzH4aif6GETsZNO
         6v3L1JHF+J89ThJco34E0eKo0deSPlSrGYb80NH0WW8fN7bivPoxvbEUUVTgBtRRyKg2
         qcTw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:references:in-reply-to:message-id:date
         :to:from:delivered-to;
        bh=vaJqWMOwJ1xpdI0fpQ+l67OFYG2W09hlL6Q4/lSIMWs=;
        b=ykz4JGPePUivGh7anudw79cQiU2E5WsvDBfvQ3vetj2VND0XLnz5ekbIFCee5bUO08
         Q5Z9YKEQkWTkC+jMC5Hoqa7g7ithPkIV04sC6QZ9uiW4hDUtVFsm8zN7Sni4xnRf0Zxl
         xA6rnKNfcDSpUvKkoVMDXDWHx0IzNZF+CAflbznezM/JjONqKfjircNznKQl5PYSQgzH
         CVo4IWPYS0FOnu25WC09DVheQDkhEN6/CiUud5QIcUUBJLddsHu2H/MSvsu6bcsPLGkE
         CTnOll+gh0itt26BoLLHDTsSkGFYrNH2Pn733Ndes8AwZmptkdocx46bXs7245TtCXzN
         5YBg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 hc13-20020a170907168d00b00781d82a6fc9si6194350ejc.264.2022.11.06.04.34.50;
        Sun, 06 Nov 2022 04:34:51 -0800 (PST)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 1A3C068980E;
	Sun,  6 Nov 2022 14:34:42 +0200 (EET)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from relay6-d.mail.gandi.net (relay6-d.mail.gandi.net
 [217.70.183.198])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 655EB68B612
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 14:34:35 +0200 (EET)
Received: (Authenticated sender: michael@niedermayer.cc)
 by mail.gandi.net (Postfix) with ESMTPSA id 578C1C0005
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 12:34:34 +0000 (UTC)
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun,  6 Nov 2022 13:34:25 +0100
Message-Id: <20221106123430.1668-2-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20221106123430.1668-1-michael@niedermayer.cc>
References: <20221106123430.1668-1-michael@niedermayer.cc>
Subject: [FFmpeg-devel] [PATCH 2/7] avcodec/bonk: Simplify read_uint_max()
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: 4guj1Pv4IlL/

The max == 0 case can be removed too but i left it as 50% of the cases use it

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/bonk.c | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/libavcodec/bonk.c b/libavcodec/bonk.c
index 9e8892e4db..04ea4def2f 100644
--- a/libavcodec/bonk.c
+++ b/libavcodec/bonk.c
@@ -132,7 +132,6 @@ static av_cold int bonk_init(AVCodecContext *avctx)
 static unsigned read_uint_max(BonkContext *s, uint32_t max)
 {
     unsigned value = 0;
-    int i, bits;
 
     if (max == 0)
         return 0;
@@ -140,15 +139,9 @@ static unsigned read_uint_max(BonkContext *s, uint32_t max)
     if (max >> 31)
         return 32;
 
-    bits = 32 - ff_clz(max);
-
-    for (i = 0; i < bits - 1; i++)
-        if (get_bits1(&s->gb))
-            value += 1 << i;
-
-    if ((value | (1 << (bits - 1))) <= max)
+    for (unsigned i = 1; i <= max - value; i+=i)
         if (get_bits1(&s->gb))
-            value += 1 << (bits - 1);
+            value += i;
 
     return value;
 }

From patchwork Sun Nov  6 12:34:26 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 39190
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a21:999a:b0:a4:2148:650a with SMTP id
 ve26csp1529950pzb;
        Sun, 6 Nov 2022 04:34:59 -0800 (PST)
X-Google-Smtp-Source: 
 AMsMyM4dWfnbmb1LdPgqe7XhGIkEfyR1yuvD+b3LjYbG6EyXrAWMGw1VupwiI6X+EDNJV7w0mhdu
X-Received: by 2002:a50:a6d2:0:b0:461:8a43:e93 with SMTP id
 f18-20020a50a6d2000000b004618a430e93mr574435edc.275.1667738098895;
        Sun, 06 Nov 2022 04:34:58 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1667738098; cv=none;
        d=google.com; s=arc-20160816;
        b=r7+tvvPSLSoMf/eYj0gpdWvzvMIZlA4UJpRkDK+QH3vP9hKp2Blfy9ypTjrqLMDfNE
         0iAKXyIQ7lSi7jxu/L9gJAK8KqkI6iN8don11XwCBd5UFwz3oEA0Jq4MHE6ruyzkjl03
         6RKW0Hlkr6ZFPs6aDAzHLI8Wvqnu+rOxQgtyLOdH/vaXykZZgsIBWuBrXgw0fmG5L67T
         +gLUxyDfovEVBaa13k9TYYNn+XEZJpNWNLFeBl2ktHlJG7cBpkZu0t2n1D4NNckgzIyN
         ObPOvhp8jNWrX+hYrPxUjSFhs2o1c6Rd1udTY9HyXwcgXYE5fBO/iapG3MnKKGIKJ4Yn
         BHyA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:references:in-reply-to:message-id:date
         :to:from:delivered-to;
        bh=rmLB7WtOyiV0EFALWG96j+N7w5jAi9jV3G9YtpIuHFk=;
        b=yCfZzHO24a1LwmqsgwrlfrKi48aeoYFeEx9ju1IaN4P/ZXDWcV4YDRPPSiDA88Z4Xy
         E8ih4OGsj5W6E6evvs5r9ruzaieucHljgwXOWYg0VvNqEa9oXjMZXbGK0+nT4o2/0eOZ
         N1gd8A7khNEK1bh7rA9x8QsX5PZ5bugRjIcSGGGDfTpHuCb17l5zLVPZY9NtEII0y5co
         100oeYOjmzUVBO41TbK/xTGM3X8dmMjY4hSAWPyo6E26fzDg4ccb+zR0OStAqUWlx8FK
         qgiFOgLrvkgJIGRsWCfanlSzFBCFoRkyBvH5USFgMwJEvh0GG00yLdGwFemKB8iDTgRc
         2WTQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 ht14-20020a170907608e00b007ae4717bf08si5979024ejc.359.2022.11.06.04.34.58;
        Sun, 06 Nov 2022 04:34:58 -0800 (PST)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 2405868B6F0;
	Sun,  6 Nov 2022 14:34:44 +0200 (EET)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from relay9-d.mail.gandi.net (relay9-d.mail.gandi.net
 [217.70.183.199])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id AA3AA680A26
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 14:34:37 +0200 (EET)
Received: (Authenticated sender: michael@niedermayer.cc)
 by mail.gandi.net (Postfix) with ESMTPSA id D5DBFFF803
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 12:34:35 +0000 (UTC)
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun,  6 Nov 2022 13:34:26 +0100
Message-Id: <20221106123430.1668-3-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20221106123430.1668-1-michael@niedermayer.cc>
References: <20221106123430.1668-1-michael@niedermayer.cc>
Subject: [FFmpeg-devel] [PATCH 3/7] avcodec/bonk: Remove special 32bit case
 from read_uint_max()
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: igSJnZObUTdK

This case seems not to match the reference decoder and it also
seems not reachable

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/bonk.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/libavcodec/bonk.c b/libavcodec/bonk.c
index 04ea4def2f..fca8c246aa 100644
--- a/libavcodec/bonk.c
+++ b/libavcodec/bonk.c
@@ -136,8 +136,7 @@ static unsigned read_uint_max(BonkContext *s, uint32_t max)
     if (max == 0)
         return 0;
 
-    if (max >> 31)
-        return 32;
+    av_assert0(max >> 31 == 0);
 
     for (unsigned i = 1; i <= max - value; i+=i)
         if (get_bits1(&s->gb))

From patchwork Sun Nov  6 12:34:27 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 39191
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a21:999a:b0:a4:2148:650a with SMTP id
 ve26csp1529995pzb;
        Sun, 6 Nov 2022 04:35:07 -0800 (PST)
X-Google-Smtp-Source: 
 AMsMyM7SBF85Xn0o3rBh2z9HZr/PO62ukfDJVrdBivmPdvromZURPTYNMZ2PwMKIiJV7TEFrk/eo
X-Received: by 2002:a05:6402:1d4a:b0:461:d375:7927 with SMTP id
 dz10-20020a0564021d4a00b00461d3757927mr46130861edb.18.1667738106928;
        Sun, 06 Nov 2022 04:35:06 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1667738106; cv=none;
        d=google.com; s=arc-20160816;
        b=Jfsj01sUeFk9oYXLWM89dyGoV16kw2GvERiZ3rscUEGGhnvdMSZZJYHO55LlbJ0dKu
         SgG0GDh+ASbTYnhty4MNATzm8fL8gQ+9YoAthgd8KfkyfV/Yw/lTdTd6q8iER1JNPjvZ
         HclBiRN6ORfX+lFcuptPguriMqunEmOz9IQokEVHAu714xE0uiFXf6mnANX4AlLVFxIj
         gE6NqRGIqGz69DC7aP6GOl2ukTvbZyYtvLgMRREvQatPhEakJNKKJfHgMMg6dD1v0fBM
         G3U1T2XdUiU2BmhancUOo7rFjJ+BSWODzLvi31Ava7bCnIkIvFJVBnIGzdxrLjIQyA00
         WLsw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:references:in-reply-to:message-id:date
         :to:from:delivered-to;
        bh=6VeQKpcA9Pgl5L3G3SSeklbyc2JOgStsZiPRGVKK0EE=;
        b=wuhkKVxRBNv5c9tqbfVVRdZn/oXVdI7JKsFln6X4gH5fH9q60+/paAw9doOOCWbjgE
         g9NBjJ+D835SPd39v3ocWPq+meghNoqKvBuuQpQwHX1EDPROe5qanOB41KreCGTowOng
         T4mYJqjD7OvxCM14i67f/4krHQMlC0pRGeaGy9ZCZrO+Lr+w5ZYZ5y758FbLSSgJg6Mk
         wBB16iBPf5ZenjldrgORIMAPASszD/7umFWiR6sBhXQDWu19314V8IqvmkPftCiQJqjB
         jp1qrF+TfG3SJWwdxg0+FCzhgLQUHkcicVCE8LRxxllYTHLtg8zY/Kob2bWi0e2Jeg9v
         o5Cw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 qf42-20020a1709077f2a00b007701a050273si6159275ejc.942.2022.11.06.04.35.06;
        Sun, 06 Nov 2022 04:35:06 -0800 (PST)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 3858268B735;
	Sun,  6 Nov 2022 14:34:45 +0200 (EET)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from relay3-d.mail.gandi.net (relay3-d.mail.gandi.net
 [217.70.183.195])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id E137968B6F0
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 14:34:38 +0200 (EET)
Received: (Authenticated sender: michael@niedermayer.cc)
 by mail.gandi.net (Postfix) with ESMTPSA id 1C12D60006
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 12:34:37 +0000 (UTC)
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun,  6 Nov 2022 13:34:27 +0100
Message-Id: <20221106123430.1668-4-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20221106123430.1668-1-michael@niedermayer.cc>
References: <20221106123430.1668-1-michael@niedermayer.cc>
Subject: [FFmpeg-devel] [PATCH 4/7] avcodec/bonk: actual_run seems not able
 to become negative
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: 2Dj06CWi8b3q

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/bonk.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/libavcodec/bonk.c b/libavcodec/bonk.c
index fca8c246aa..99dac0b951 100644
--- a/libavcodec/bonk.c
+++ b/libavcodec/bonk.c
@@ -184,8 +184,7 @@ static int intlist_read(BonkContext *s, int *buf, int entries, int base_2_part)
         } else if (steplet > 0) {
             int actual_run = read_uint_max(s, steplet - 1);
 
-            if (actual_run < 0)
-                break;
+            av_assert0(actual_run >= 0);
 
             if (actual_run > 0) {
                 bits[x  ].bit   = dominant;

From patchwork Sun Nov  6 12:34:28 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 39192
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a21:999a:b0:a4:2148:650a with SMTP id
 ve26csp1530060pzb;
        Sun, 6 Nov 2022 04:35:17 -0800 (PST)
X-Google-Smtp-Source: 
 AMsMyM5ifQXF4sRb/5ps7zwcpK+Hfii9lsKdQHBJmjh4Sl7IUJm//sX+5b48EFBC/RN7tIWbsh4s
X-Received: by 2002:a17:907:984:b0:77f:4d95:9e2f with SMTP id
 bf4-20020a170907098400b0077f4d959e2fmr43320630ejc.176.1667738117258;
        Sun, 06 Nov 2022 04:35:17 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1667738117; cv=none;
        d=google.com; s=arc-20160816;
        b=bA7xGQYb/7+6TDxCW5AjbZ3d0tv57eF5eNyzkEFmRnnCym4C+gWN3/8bHcWGj9eUiL
         QaC848fGjRV5SqO2t2JmicKENZUqFMzAtwTo1QkJJvRKv7jeA1HQ6OaaFlMJiFZbEgLM
         EZqBBX8nFyG+whXmS02ZoyqvgHhhFVpJrNHef/BNK/Ffdsyw7cRhi0HkK5Nee4YhPval
         ykbcqMq0lg/xDwYC16w0dbxfGC9DDjDwet3MtVmrGtV7uy3ekHPrKWlWq2flXugTIhx8
         6wepaWGiQgXKojCsG+pptUUPs0H7LVDxLF+NEOlMwNAmuVlB+JizYYamQ2TRIJMLtUUt
         169Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:references:in-reply-to:message-id:date
         :to:from:delivered-to;
        bh=BDLc5GlsfztHW5GHeZdMF/R0pnX4C8tLcSI29LNY9zc=;
        b=uwZlX+KbPUiPfQMZQea9zPDs83TAxYsA5wCd6ocJdQ0fTyvsd7rIKs04jbJNiWdED3
         S3O/pyDNmVwJyH40ho7n8n6h9TeB3VDyQM4kkkzSuToerv0qPMDQhNccz/Z6IcVRPAJG
         m4qFzlq5QbpeVCi7w2fa1tEpjkId6FFytesuZXwnibnJ4yuaSeMz7J+bEB5jgiRIlGFk
         ID6M9QZoVvEEFCf2O9iFzwI8ZBVR2EMgrxcwxHiAJsj++7AIFzf++qHQwuUX5akK6gio
         XKHE9pYnRDRHueN9K1bXg8CHLcv0t8Ei/9zP2VL/kflzyBDhw050u9DckT2ykRf25Fya
         zhtQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 y14-20020a17090668ce00b0078e071ddcb0si4211236ejr.478.2022.11.06.04.35.15;
        Sun, 06 Nov 2022 04:35:17 -0800 (PST)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 3E77268B75F;
	Sun,  6 Nov 2022 14:34:47 +0200 (EET)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from relay2-d.mail.gandi.net (relay2-d.mail.gandi.net
 [217.70.183.194])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 885E668B6EC
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 14:34:39 +0200 (EET)
Received: (Authenticated sender: michael@niedermayer.cc)
 by mail.gandi.net (Postfix) with ESMTPSA id E24EC40008
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 12:34:38 +0000 (UTC)
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun,  6 Nov 2022 13:34:28 +0100
Message-Id: <20221106123430.1668-5-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20221106123430.1668-1-michael@niedermayer.cc>
References: <20221106123430.1668-1-michael@niedermayer.cc>
Subject: [FFmpeg-devel] [PATCH 5/7] avcodec/bonk: step cannot become 0
 without overflowing which is undefined
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: 1vXBZyPJz9Nw

also the original reference code does not contain a 0 check

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/bonk.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/libavcodec/bonk.c b/libavcodec/bonk.c
index 99dac0b951..37ad7854b6 100644
--- a/libavcodec/bonk.c
+++ b/libavcodec/bonk.c
@@ -203,8 +203,6 @@ static int intlist_read(BonkContext *s, int *buf, int entries, int base_2_part)
         }
 
         if (step < 256) {
-            if (step == 0)
-                return AVERROR_INVALIDDATA;
             step = 65536 / step;
             dominant = !dominant;
         }

From patchwork Sun Nov  6 12:34:29 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 39193
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a21:999a:b0:a4:2148:650a with SMTP id
 ve26csp1530101pzb;
        Sun, 6 Nov 2022 04:35:25 -0800 (PST)
X-Google-Smtp-Source: 
 AMsMyM4hZKUnrDF8db7Boc14JMYlO1Pn+FMjLZf7GRVCZ7hY5lGOx55SlQgpWFBCNvmAiJkuOWVZ
X-Received: by 2002:a17:906:80c:b0:7ae:7b1:df51 with SMTP id
 e12-20020a170906080c00b007ae07b1df51mr20922364ejd.651.1667738125560;
        Sun, 06 Nov 2022 04:35:25 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1667738125; cv=none;
        d=google.com; s=arc-20160816;
        b=QMGsSp8Jp2Jo0IbgeBLOrNwuyYIFomxrvTzcZ4owUMAKFCGLAgXrW6JgkdJg2n1P21
         8sGiQbd49Mh1gWIVGp9IX3KduLmg/Xhf7Lw2pvc8/UfaUx0Brvx2G7tnPCVVDjDze1MX
         gAM17R8QIYoXh9ZuLJ/2MKogSazQsb4t8Gf2yDNHQ2pP/ggDonRnBOAhzeU6vRbbDlUq
         q2foUuCMF8UAKJXYom+vFct/rnEqFxLZtBWNvoLvP4pIE1gBabiMIXE5YhovQ1vhYWZr
         W/omQpVVuRe/ae/5f+sZoQxXubCAeWCbv0F4CKjluh113E7NCKs0NMjLGIUYi0zRSXmN
         7p6A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:references:in-reply-to:message-id:date
         :to:from:delivered-to;
        bh=Hq11c58pwzZVhq6OyTYeDyul35KMU2F688nSZ+jDlaI=;
        b=HwVGzaOI/g2OkaHLSF17aEtv85l4ZRO9uoGAgEUPaPw0Pa3HMdHYzwZGMr7HP9geXL
         n9CLbPR24vOVGu1GMa8K8taYhiDob8uuJwRP7LmpxWFrcL1Dv9keUeK238jcDuN7EIHe
         yvAP+DVvgLb1VHgFNoCnjQXMpUlP9/jNiaIbaIfXVRiGxYUq0qEdgM2t0TwrirJaS4sJ
         cTmM2P2rCZDMbP6FkMUlRe65HtmPncG+IrooKRVQDGfbukWlBBmdhYU/Oo33gjEBWl4F
         HMeOohf308CnJNc0BHAxfnbp48rGIZLAZXQ0Imnb1Zn4j7uZ9/Ad+tzIjehYjf1t0Ehx
         wohQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 g22-20020a056402321600b00457166171c6si5806892eda.432.2022.11.06.04.35.23;
        Sun, 06 Nov 2022 04:35:25 -0800 (PST)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 35B6868B7B9;
	Sun,  6 Nov 2022 14:34:50 +0200 (EET)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from relay5-d.mail.gandi.net (relay5-d.mail.gandi.net
 [217.70.183.197])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 438D568B76F
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 14:34:42 +0200 (EET)
Received: (Authenticated sender: michael@niedermayer.cc)
 by mail.gandi.net (Postfix) with ESMTPSA id 3BC591C0005
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 12:34:40 +0000 (UTC)
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun,  6 Nov 2022 13:34:29 +0100
Message-Id: <20221106123430.1668-6-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20221106123430.1668-1-michael@niedermayer.cc>
References: <20221106123430.1668-1-michael@niedermayer.cc>
Subject: [FFmpeg-devel] [PATCH 6/7] avcodec/bonk: Check step against overflow
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: qsvFWTmJEDjZ

No testcase

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/bonk.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libavcodec/bonk.c b/libavcodec/bonk.c
index 37ad7854b6..f2427de4f1 100644
--- a/libavcodec/bonk.c
+++ b/libavcodec/bonk.c
@@ -180,6 +180,8 @@ static int intlist_read(BonkContext *s, int *buf, int entries, int base_2_part)
             if (!dominant)
                 n_zeros += steplet;
 
+            if (step > INT32_MAX*8LL/9 + 1)
+                return AVERROR_INVALIDDATA;
             step += step / 8;
         } else if (steplet > 0) {
             int actual_run = read_uint_max(s, steplet - 1);

From patchwork Sun Nov  6 12:34:30 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Niedermayer <michael@niedermayer.cc>
X-Patchwork-Id: 39194
Delivered-To: ffmpegpatchwork2@gmail.com
Received: by 2002:a05:6a21:999a:b0:a4:2148:650a with SMTP id
 ve26csp1530145pzb;
        Sun, 6 Nov 2022 04:35:32 -0800 (PST)
X-Google-Smtp-Source: 
 AMsMyM4RtH/ATRDZFMcbwRbHck4Rk1c/iltAS42sN5uQ8db6APeWFl6KJR8W+DrYeVWDA+faJVSN
X-Received: by 2002:a17:907:7fa5:b0:791:9a5f:101a with SMTP id
 qk37-20020a1709077fa500b007919a5f101amr43349902ejc.453.1667738132011;
        Sun, 06 Nov 2022 04:35:32 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1667738132; cv=none;
        d=google.com; s=arc-20160816;
        b=lJWBt+EIfqLtzuG5z9CokNR1GLzaA9XHraqh9i8C5ALGImbuaDkdJw0NXgR4LFUbEa
         S2PmKXR0Ht3hYK1x+dmZ+lyIQFCpQh3KtlxCnoUGFagANXqp1kaBrlciCFz+iaWp3fmG
         O0pvyDKTl3ARmC/Yxz+nqY7QxuQ6ZMXn5zz82Mz3wqDmn0eEZ9yVokaJjOdvD68OXK6z
         kn5uMWdfegPRsnxF8iygJCBNz2XSGqmtBfdpThx5qcP759a7bvTLwyvGbF6WUyiHJDzp
         B6rm/L2M7ofLvJO2w32z5QKX0i03YCZMMlEjULpMTwjM7vscL9cM21hrQZwy1b1YXjrc
         VcDA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:content-transfer-encoding:mime-version:reply-to
         :list-subscribe:list-help:list-post:list-archive:list-unsubscribe
         :list-id:precedence:subject:references:in-reply-to:message-id:date
         :to:from:delivered-to;
        bh=Qq1LJz6vAigkzV3X6NF3oXMDd/KJaWAxYq3anE5QsoM=;
        b=c03HvM/8QEcgsYYbkv7mVaay0E0le9Cl0Q6LgIZhPx6JAx5kkxdyH0iNG+VRqGKf/p
         SD8b9/CHpFsKO/ejjlgU+dC2LlTZlo23RiTlO0nNEOLZdMVLk9PwQo+P48UOE9AQH+Qn
         2J9ui10620N6n+JIHMWbWAFh1CyMv+OfykCfnMyAqqbWiT+zXR8ROtAsxIQZEl+44Ttb
         raXEaXiq5UscSekhLZ5+kN7tJ786r6J7ZJnA4fxlyPJAtVYAoaGgS3Yn0h0IcfZKapQH
         uddW+HqOWnrwuPukRj2AZ/pQz1AVI1NV4epRcLgDiMee2tHEHuTO28DKRg7YpVKBJpCQ
         hleg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org. [79.124.17.100])
        by mx.google.com with ESMTP id
 q5-20020a50cc85000000b0046402025290si5237701edi.387.2022.11.06.04.35.31;
        Sun, 06 Nov 2022 04:35:32 -0800 (PST)
Received-SPF: pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender) client-ip=79.124.17.100;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of ffmpeg-devel-bounces@ffmpeg.org
 designates 79.124.17.100 as permitted sender)
 smtp.mailfrom=ffmpeg-devel-bounces@ffmpeg.org
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 32C1D68B743;
	Sun,  6 Nov 2022 14:34:51 +0200 (EET)
X-Original-To: ffmpeg-devel@ffmpeg.org
Delivered-To: ffmpeg-devel@ffmpeg.org
Received: from relay6-d.mail.gandi.net (relay6-d.mail.gandi.net
 [217.70.183.198])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 36B8A68B680
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 14:34:43 +0200 (EET)
Received: (Authenticated sender: michael@niedermayer.cc)
 by mail.gandi.net (Postfix) with ESMTPSA id 91ACCC0009
 for <ffmpeg-devel@ffmpeg.org>; Sun,  6 Nov 2022 12:34:42 +0000 (UTC)
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Date: Sun,  6 Nov 2022 13:34:30 +0100
Message-Id: <20221106123430.1668-7-michael@niedermayer.cc>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20221106123430.1668-1-michael@niedermayer.cc>
References: <20221106123430.1668-1-michael@niedermayer.cc>
Subject: [FFmpeg-devel] [PATCH 7/7] avcodec/bonk: steplet cannot become
 negative
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
MIME-Version: 1.0
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
X-TUID: 42O7/bn2TpyQ

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/bonk.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/libavcodec/bonk.c b/libavcodec/bonk.c
index f2427de4f1..c775ed5ddf 100644
--- a/libavcodec/bonk.c
+++ b/libavcodec/bonk.c
@@ -169,8 +169,7 @@ static int intlist_read(BonkContext *s, int *buf, int entries, int base_2_part)
             return AVERROR_INVALIDDATA;
 
         if (!get_bits1(&s->gb)) {
-            if (steplet < 0)
-                break;
+            av_assert0(steplet >= 0);
 
             if (steplet > 0) {
                 bits[x  ].bit   = dominant;