From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTP id 2387049A73
	for <ffmpegdev@gitmailbox.com>; Mon, 26 Feb 2024 22:28:05 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id D320968C92A;
	Tue, 27 Feb 2024 00:28:04 +0200 (EET)
Received: from mail-pg1-f181.google.com (mail-pg1-f181.google.com
 [209.85.215.181])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 7E03E680BC0
 for <ffmpeg-devel@ffmpeg.org>; Tue, 27 Feb 2024 00:27:58 +0200 (EET)
Received: by mail-pg1-f181.google.com with SMTP id
 41be03b00d2f7-5cddc5455aeso3472658a12.1
 for <ffmpeg-devel@ffmpeg.org>; Mon, 26 Feb 2024 14:27:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=gmail.com; s=20230601; t=1708986476; x=1709591276; darn=ffmpeg.org;
 h=content-transfer-encoding:in-reply-to:from:references:to
 :content-language:subject:user-agent:mime-version:date:message-id
 :from:to:cc:subject:date:message-id:reply-to;
 bh=fF0MY4tuxqX82R8EjwKx8dWzM1N/5UYkfdHa2rd1UCw=;
 b=kbHQGIfXwL6Xeiyk38efbcvs2R1+1FcULA+LzkKxdnKV6O1RcFwhghdmWcMKYyt0mY
 5z9kRjjlnRaVK3kAFVPzP5ieWP7vtTU6QQj2hLRTXwz+3yCTU3OWOY1BywLsVVomfNdq
 zf7IlmiB53TrZVeyjWz+aUCkKv2AdVmi1gNJHNM6ONqXn/IKY/9LOWCYokLcvFK/QuxC
 LJmvLPGhbs/wAghI1zfVg/bDXEjudOhVg9U7eoIgZNfMO8ZntNDzepRwFCftVMfl/jIo
 bN8MMMEGxEbHiTT/lKpoXgSfM7UlOyoxC3lJGaY86Aru2bvF+buViZwVCLUwEE+/FQ1l
 zDTQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1708986476; x=1709591276;
 h=content-transfer-encoding:in-reply-to:from:references:to
 :content-language:subject:user-agent:mime-version:date:message-id
 :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=fF0MY4tuxqX82R8EjwKx8dWzM1N/5UYkfdHa2rd1UCw=;
 b=lFKvYpudPy5Q+fVuh4lfvZMseb4pYZOiGtI1DwTu4W4r/TQfFYkSVUiapKnM4+dYRh
 Dvji/nznrVvbc3sNO6sB93U+a4uN4nVwOAQu6qVQwB9i+yB1oAIqS668OWAIc208kIl8
 RC9Pt4suuANPnnUcLY3Eu6k90AQsPna9cDhzsBFvsFHqzprRrvdb1DchZidMY4VjM4uC
 f+v9zDsEsVfYpt4kCrw5Xrdy0p3pZAt/faorQjHyHlNSX8OXVXAsmoo31NBwBdQo4CsU
 zv6/1pwQUHB8Nu4FhJL9kpVUh1SyxTvfMIUxnZw11PMKEhdNllfvGFWISFPquI2E128v
 TRAw==
X-Gm-Message-State: AOJu0Yz9OA/X5rQ8cf7U/3edgJthdbmocgtgY7qbdf/maus7HGFkFyk+
 fSMY6TkPpAglytXucbmV2n+ZZVlovEpgzCkIZzXcTIlpj25tV2nw4YM8Kp7e
X-Google-Smtp-Source: AGHT+IGZGJZv4syxW6l6HJLOXkJKEfJsqGO1dWAv/QQXeqIOpKbfk1rsnmsrSWQIvqseE7Rvvs1TQw==
X-Received: by 2002:a05:6a20:c990:b0:1a0:d8b9:1065 with SMTP id
 gy16-20020a056a20c99000b001a0d8b91065mr612622pzb.15.1708986475691; 
 Mon, 26 Feb 2024 14:27:55 -0800 (PST)
Received: from [192.168.0.11] ([190.194.169.124])
 by smtp.gmail.com with ESMTPSA id
 t20-20020a056a00139400b006e3f09fd6a4sm4714549pfg.170.2024.02.26.14.27.54
 for <ffmpeg-devel@ffmpeg.org>
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Mon, 26 Feb 2024 14:27:55 -0800 (PST)
Message-ID: <0c637d91-5d88-4567-9d4b-3f2cce2ffd1c@gmail.com>
Date: Mon, 26 Feb 2024 19:28:11 -0300
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: ffmpeg-devel@ffmpeg.org
References: <AS8P250MB0744E3373BEE03FF338F6F078F5A2@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM>
 <AS8P250MB0744EFFDD33DAD5A9A8DDBC78F5A2@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM>
From: James Almer <jamrial@gmail.com>
In-Reply-To: <AS8P250MB0744EFFDD33DAD5A9A8DDBC78F5A2@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM>
Subject: Re: [FFmpeg-devel] [PATCH v2 2/2] avformat/mov: Don't use entry[-1]
 in pointer arithmetic
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/0c637d91-5d88-4567-9d4b-3f2cce2ffd1c@gmail.com/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

On 2/26/2024 7:15 PM, Andreas Rheinhardt wrote:
> It is undefined behaviour.
> Fixes many failed tests with UBSan and GCC 13 like
> "src/libavformat/mov.c:4229:44: runtime error: store to address
> 0x5572abe20f80 with insufficient space for an object of type 'struct
> MOVIndexRange'"
> (The line number does not refer to the line where &entry[-1]
> is assigned.)
> 
> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
> ---
> Now switching to next_index_range in order to avoid
> having to duplicate the current_index_range == NULL check.

I prefer the first version. mov_fix_index() is called once per track 
during init (and then it may not be called depending on user options), 
so it's hardly a bottleneck, and next_index_range[-1] is much less clear 
and intuitive at a quick glance than current_index_range.

> 
>   libavformat/mov.c | 17 ++++++++---------
>   1 file changed, 8 insertions(+), 9 deletions(-)
> 
> diff --git a/libavformat/mov.c b/libavformat/mov.c
> index 71e8f7ae8f..d7da19998b 100644
> --- a/libavformat/mov.c
> +++ b/libavformat/mov.c
> @@ -4022,7 +4022,7 @@ static void mov_fix_index(MOVContext *mov, AVStream *st)
>       int num_discarded_begin = 0;
>       int first_non_zero_audio_edit = -1;
>       int packet_skip_samples = 0;
> -    MOVIndexRange *current_index_range;
> +    MOVIndexRange *next_index_range;
>       int found_keyframe_after_edit = 0;
>       int found_non_empty_edit = 0;
>   
> @@ -4038,7 +4038,7 @@ static void mov_fix_index(MOVContext *mov, AVStream *st)
>           return;
>       }
>       msc->current_index_range = msc->index_ranges;
> -    current_index_range = msc->index_ranges - 1;
> +    next_index_range = msc->index_ranges;
>   
>       // Clean AVStream from traces of old index
>       sti->index_entries = NULL;
> @@ -4225,11 +4225,11 @@ static void mov_fix_index(MOVContext *mov, AVStream *st)
>               }
>   
>               // Update the index ranges array
> -            if (current_index_range < msc->index_ranges || index != current_index_range->end) {
> -                current_index_range++;
> -                current_index_range->start = index;
> +            if (next_index_range == msc->index_ranges || index != next_index_range[-1].end) {
> +                next_index_range->start = index;
> +                next_index_range++;
>               }
> -            current_index_range->end = index + 1;
> +            next_index_range[-1].end = index + 1;
>   
>               // Only start incrementing DTS in frame_duration amounts, when we encounter a frame in edit list.
>               if (edit_list_start_encountered > 0) {
> @@ -4289,9 +4289,8 @@ static void mov_fix_index(MOVContext *mov, AVStream *st)
>       av_freep(&frame_duration_buffer);
>   
>       // Null terminate the index ranges array
> -    current_index_range++;
> -    current_index_range->start = 0;
> -    current_index_range->end = 0;
> +    next_index_range->start = 0;
> +    next_index_range->end   = 0;
>       msc->current_index = msc->index_ranges[0].start;
>   }
>   
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".