From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 6CEBF48FC4 for ; Mon, 1 Apr 2024 15:44:37 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 178DA68CDE3; Mon, 1 Apr 2024 18:44:35 +0300 (EEST) Received: from relay3-d.mail.gandi.net (relay3-d.mail.gandi.net [217.70.183.195]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 59E9A68C1D9 for ; Mon, 1 Apr 2024 18:44:29 +0300 (EEST) Received: by mail.gandi.net (Postfix) with ESMTPSA id 8764D60004 for ; Mon, 1 Apr 2024 15:44:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1711986268; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=mFdTk82uAOtIngThK3zMIIp0O5XlfRM82BwiWtcpiz8=; b=l8BDil4rWiUMR8TByeXzoNuBNlR69tXLn0VXTYnGJ48A+z+dmzEoqrvnDMG1DfgaCZP/Jf CC4RJ0QEK1jvS5s1w7I/cy9ivA7dyIMh6X2QYvbRXCUxqeYIkoqfDwcgQcGky4QJOulgRN QOnx6phD080IWqZstV8NEqcdFnjrJNRgd8uVmMnB8DCo/mYVvrHV4detn66ykM6Lr+G0fu PQDrddUH8rkwZRiT0Hd4KnxdAs6nF80f9V4Ajzs0yi9Wg5KMhVM9IVAMWkK87Hof8yAUeD hAs4MyKiR8l7zSs35swWl96MUjlsjyolz+68vvXLjMEi2stMcPQJkBh/4u27fQ== Date: Mon, 1 Apr 2024 17:44:27 +0200 From: Michael Niedermayer To: FFmpeg development discussions and patches Message-ID: <20240401154427.GC6420@pb2> References: <20240329193221.11522-1-michael@niedermayer.cc> MIME-Version: 1.0 In-Reply-To: X-GND-Sasl: michael@niedermayer.cc Subject: Re: [FFmpeg-devel] [PATCH 1/3] avcodec/jpeg2000htdec: Check magp before using it in a shift X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: multipart/mixed; boundary="===============3523314431616282319==" Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: --===============3523314431616282319== Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="P3Sa5BnbMJp68zLp" Content-Disposition: inline --P3Sa5BnbMJp68zLp Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Mar 30, 2024 at 09:56:58AM +0100, Tomas H=E4rdin wrote: > fre 2024-03-29 klockan 20:32 +0100 skrev Michael Niedermayer: > > Fixes: shift exponent -1 is negative > > Fixes: 65378/clusterfuzz-testcase-minimized- > > ffmpeg_AV_CODEC_ID_JPEG2000_fuzzer-5457678193197056 > >=20 > > Found-by: continuous fuzzing process > > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > > Signed-off-by: Michael Niedermayer > > --- > > =A0libavcodec/jpeg2000dec.c | 7 +++++-- > > =A01 file changed, 5 insertions(+), 2 deletions(-) > >=20 > > diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c > > index 1afc6b1e2dd..fe2afb05057 100644 > > --- a/libavcodec/jpeg2000dec.c > > +++ b/libavcodec/jpeg2000dec.c > > @@ -1910,6 +1910,8 @@ static inline void tile_codeblocks(const > > Jpeg2000DecoderContext *s, Jpeg2000Tile > > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 int nb_precincts, prec= no; > > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 Jpeg2000Band *band =3D= rlevel->band + bandno; > > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 int cblkno =3D 0, band= pos; > > +=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 /* See Rec. ITU-T T.800,= Equation E-2 */ > > +=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 int magp =3D quantsty->e= xpn[subbandno] + quantsty- > > >nguardbits - 1; > > =A0 > > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 bandpos =3D bandno + (= reslevelno > 0); > > =A0 > > @@ -1917,6 +1919,9 @@ static inline void tile_codeblocks(const > > Jpeg2000DecoderContext *s, Jpeg2000Tile > > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 band->coor= d[1][0] =3D=3D band->coord[1][1]) > > =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 continue; > > =A0 > > +=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 if ((codsty->cblk_style = & JPEG2000_CTSY_HTJ2K_F) && > > magp >=3D 31) > > +=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 return; >=20 > Please also print an error message and return AVERROR_PATCHWELCOME will apply with these changes thx [...] --=20 Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB When the tyrant has disposed of foreign enemies by conquest or treaty, and there is nothing more to fear from them, then he is always stirring up some war or other, in order that the people may require a leader. -- Plato --P3Sa5BnbMJp68zLp Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iF0EABEIAB0WIQSf8hKLFH72cwut8TNhHseHBAsPqwUCZgrWWwAKCRBhHseHBAsP q/2DAJ0Thb5v6ZFACWT6kNF0ZcD2nwbTQgCfbwsU9EXWfMBRXHRuflgRLQXjuNY= =Ebr3 -----END PGP SIGNATURE----- --P3Sa5BnbMJp68zLp-- --===============3523314431616282319== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". --===============3523314431616282319==--