From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: Re: [FFmpeg-devel] [PATCH 2/5] avcodec/aaccoder: assert that escape case len is not causing issues
Date: Sun, 28 Apr 2024 23:57:25 +0200
Message-ID: <20240428215725.GK6420@pb2> (raw)
In-Reply-To: <NwadwJu--3-9@lynne.ee>
[-- Attachment #1.1: Type: text/plain, Size: 2084 bytes --]
On Sun, Apr 28, 2024 at 11:41:20PM +0200, Lynne wrote:
> Apr 28, 2024, 23:31 by michael@niedermayer.cc:
>
> > Inspired by CID1465483 Unintentional integer overflow
> >
> > Sponsored-by: Sovereign Tech Fund
> > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> > ---
> > libavcodec/aaccoder.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > diff --git a/libavcodec/aaccoder.c b/libavcodec/aaccoder.c
> > index 4ce54ca8867..6e5817e237b 100644
> > --- a/libavcodec/aaccoder.c
> > +++ b/libavcodec/aaccoder.c
> > @@ -178,6 +178,8 @@ static av_always_inline float quantize_and_encode_band_cost_template(
> > int coef = av_clip_uintp2(quant(fabsf(in[i+j]), Q, ROUNDING), 13);
> > int len = av_log2(coef);
> >
> > + av_assert2(len >= 4);
> > +
> > put_bits(pb, len - 4 + 1, (1 << (len - 4 + 1)) - 2);
> > put_sbits(pb, len, coef);
> > }
> >
>
> I'm not sure that's correct to do. Any specific cases where this happens?
if len is 3 or less then put_bits will have a negative value or
undefined shift
coverity sasid this:
" overflow_before_widen: Potentially overflowing expression 1 << len - 4 + 1 with type int (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type BitBuf (64 bits, unsigned). To avoid overflow, cast 1 to type BitBuf."
So what coverity really said is that the expression could exeed 32bit _because_ its
used in 64bit context. Thats just stupid from coverity also teh clip above
limits this to 13 bit so i dont see how it can overflow in the "too large" direction
and i marked this one as false positive.
I wasnt 100% sure about the too small side, i tested it and its never too small
but coverity didnt claim it could be too small, so that question is outside the issue
So i added a assert in this patch.
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Those who are too smart to engage in politics are punished by being
governed by those who are dumber. -- Plato
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
[-- Attachment #2: Type: text/plain, Size: 251 bytes --]
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next prev parent reply other threads:[~2024-04-28 21:57 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-28 21:30 [FFmpeg-devel] [PATCH 1/5] tools/opt_common: Check for malloc failure Michael Niedermayer
2024-04-28 21:30 ` [FFmpeg-devel] [PATCH 2/5] avcodec/aaccoder: assert that escape case len is not causing issues Michael Niedermayer
2024-04-28 21:41 ` Lynne
2024-04-28 21:57 ` Michael Niedermayer [this message]
2024-04-28 22:26 ` Lynne
2024-04-29 22:58 ` Michael Niedermayer
2024-04-28 21:30 ` [FFmpeg-devel] [PATCH 3/5] avcodec/ac3_parser: Check init_get_bits8() for failure Michael Niedermayer
2024-04-28 21:30 ` [FFmpeg-devel] [PATCH 4/5] avcodec/amrwbdec: assert mode to be valid in decode_fixed_vector() Michael Niedermayer
2024-05-05 1:41 ` Michael Niedermayer
2024-04-28 21:30 ` [FFmpeg-devel] [PATCH 5/5] avcodec/atrac9dec: Check init_get_bits8() for failure Michael Niedermayer
2024-04-28 21:41 ` Lynne
2024-04-30 22:53 ` Michael Niedermayer
2024-04-29 6:52 ` Paul B Mahol
2024-04-29 23:30 ` Michael Niedermayer
2024-05-05 1:39 ` [FFmpeg-devel] [PATCH 1/5] tools/opt_common: Check for malloc failure Michael Niedermayer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240428215725.GK6420@pb2 \
--to=michael@niedermayer.cc \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git