From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 02EF241015 for ; Thu, 10 Nov 2022 19:41:22 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 81B0568B8AC; Thu, 10 Nov 2022 21:41:18 +0200 (EET) Received: from relay1-d.mail.gandi.net (relay1-d.mail.gandi.net [217.70.183.193]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id DA1A668B0A6 for ; Thu, 10 Nov 2022 21:41:11 +0200 (EET) Received: (Authenticated sender: michael@niedermayer.cc) by mail.gandi.net (Postfix) with ESMTPSA id 01209240007 for ; Thu, 10 Nov 2022 19:41:10 +0000 (UTC) Date: Thu, 10 Nov 2022 20:41:10 +0100 From: Michael Niedermayer To: FFmpeg development discussions and patches Message-ID: <20221110194110.GA1814017@pb2> References: <20221106123430.1668-1-michael@niedermayer.cc> MIME-Version: 1.0 In-Reply-To: Subject: Re: [FFmpeg-devel] [PATCH 1/7] avcodec/bonk: Use unsigned in predictor_calc_error() to avoid undefined overflows X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: multipart/mixed; boundary="===============2840230471305694808==" Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: --===============2840230471305694808== Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="cN+O50sc7gZAK+8F" Content-Disposition: inline --cN+O50sc7gZAK+8F Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Nov 06, 2022 at 07:31:23PM +0100, Paul B Mahol wrote: > On 11/6/22, Michael Niedermayer wrote: > > Fixes: signed integer overflow: 22 * -2107998208 cannot be represented = in > > type 'int' > > Fixes: > > 51363/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_BONK_fuzzer-566= 0734784143360 > > > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer > > --- > > libavcodec/bonk.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/libavcodec/bonk.c b/libavcodec/bonk.c > > index 1695229dbd..9e8892e4db 100644 > > --- a/libavcodec/bonk.c > > +++ b/libavcodec/bonk.c > > @@ -278,7 +278,7 @@ static int predictor_calc_error(int *k, int *state,= int > > order, int error) > > *state_ptr =3D &(state[order-2]); > > > > for (i =3D order-2; i >=3D 0; i--, k_ptr--, state_ptr--) { > > - int k_value =3D *k_ptr, state_value =3D *state_ptr; > > + unsigned k_value =3D *k_ptr, state_value =3D *state_ptr; > > > > x -=3D shift_down(k_value * state_value, LATTICE_SHIFT); > > state_ptr[1] =3D state_value + shift_down(k_value * x, > > LATTICE_SHIFT); > > -- > > 2.17.1 > > >=20 > probably fine. will apply thx [...] --=20 Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Many things microsoft did are stupid, but not doing something just because microsoft did it is even more stupid. If everything ms did were stupid they would be bankrupt already. --cN+O50sc7gZAK+8F Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iF0EABEIAB0WIQSf8hKLFH72cwut8TNhHseHBAsPqwUCY21TxgAKCRBhHseHBAsP q7mpAKCPdvRQCkThmvNvYOrCP7AU7dIE3ACfU2mQn6QBlXSyzfxbwP0Xo2dXDs4= =tqG5 -----END PGP SIGNATURE----- --cN+O50sc7gZAK+8F-- --===============2840230471305694808== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". --===============2840230471305694808==--