From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTP id 92C6046012
	for <ffmpegdev@gitmailbox.com>; Sun, 30 Apr 2023 19:58:49 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id D8F7568C0A9;
	Sun, 30 Apr 2023 22:58:45 +0300 (EEST)
Received: from relay9-d.mail.gandi.net (relay9-d.mail.gandi.net
 [217.70.183.199])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id B275A68C09B
 for <ffmpeg-devel@ffmpeg.org>; Sun, 30 Apr 2023 22:58:39 +0300 (EEST)
Received: (Authenticated sender: michael@niedermayer.cc)
 by mail.gandi.net (Postfix) with ESMTPSA id 564CEFF809
 for <ffmpeg-devel@ffmpeg.org>; Sun, 30 Apr 2023 19:58:37 +0000 (UTC)
Date: Sun, 30 Apr 2023 21:58:36 +0200
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Message-ID: <20230430195836.GL275832@pb2>
References: <20230427183840.1015-1-michael@niedermayer.cc>
 <20230427183840.1015-3-michael@niedermayer.cc>
 <e6c59e3c-7f56-8ed7-c8c1-7b015ec9dd84@gmail.com>
MIME-Version: 1.0
In-Reply-To: <e6c59e3c-7f56-8ed7-c8c1-7b015ec9dd84@gmail.com>
Subject: Re: [FFmpeg-devel] [PATCH 3/3] avcodec/hevc_ps: Avoid signed
 overflow before check on QP
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: multipart/mixed; boundary="===============2176307098259918324=="
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/20230430195836.GL275832@pb2/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>


--===============2176307098259918324==
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="Ahst0DKxuyFxAqHk"
Content-Disposition: inline


--Ahst0DKxuyFxAqHk
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Apr 27, 2023 at 03:49:54PM -0300, James Almer wrote:
> On 4/27/2023 3:38 PM, Michael Niedermayer wrote:
> > Fixes: signed integer overflow: -2147483648 - 5 cannot be represented i=
n type 'int'
> > Fixes: 58066/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_fuz=
zer-5312995835379712
> >=20
> > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz=
/tree/master/projects/ffmpeg
> > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> > ---
> >   libavcodec/hevc_ps.c | 6 +++---
> >   1 file changed, 3 insertions(+), 3 deletions(-)
> >=20
> > diff --git a/libavcodec/hevc_ps.c b/libavcodec/hevc_ps.c
> > index 1533e2a817..6b8f432609 100644
> > --- a/libavcodec/hevc_ps.c
> > +++ b/libavcodec/hevc_ps.c
> > @@ -1522,9 +1522,9 @@ static int pps_scc_extension(GetBitContext *gb, A=
VCodecContext *avctx,
> >       pps->pps_curr_pic_ref_enabled_flag =3D get_bits1(gb);
> >       if (pps->residual_adaptive_colour_transform_enabled_flag =3D get_=
bits1(gb)) {
> >           pps->pps_slice_act_qp_offsets_present_flag =3D get_bits1(gb);
> > -        pps->pps_act_y_qp_offset  =3D get_se_golomb_long(gb) - 5;
> > -        pps->pps_act_cb_qp_offset =3D get_se_golomb_long(gb) - 5;
> > -        pps->pps_act_cr_qp_offset =3D get_se_golomb_long(gb) - 3;
> > +        pps->pps_act_y_qp_offset  =3D get_se_golomb_long(gb) - 5U;
> > +        pps->pps_act_cb_qp_offset =3D get_se_golomb_long(gb) - 5U;
> > +        pps->pps_act_cr_qp_offset =3D get_se_golomb_long(gb) - 3U;
>=20
> Spec compliant values for all of these are in the -7..17 and -9..15 range,
> so just use get_se_golomb() instead, which i assume is for small values,
> much like get_ue_golomb().

will apply with that change

thx

[...]
--=20
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Its not that you shouldnt use gotos but rather that you should write
readable code and code with gotos often but not always is less readable

--Ahst0DKxuyFxAqHk
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iF0EABEIAB0WIQSf8hKLFH72cwut8TNhHseHBAsPqwUCZE7IZwAKCRBhHseHBAsP
q71oAJ94V9VNVpijwtjAu04XURNzJowHFwCcCzdypwKMDE+/ofgZa5wAznhD4MA=
=ZNku
-----END PGP SIGNATURE-----

--Ahst0DKxuyFxAqHk--

--===============2176307098259918324==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

--===============2176307098259918324==--