* [FFmpeg-devel] [PATCH 1/4] avcodec/notchlc: Check init_get_bits8() for failure
@ 2024-05-13 1:20 Michael Niedermayer
2024-05-13 1:20 ` [FFmpeg-devel] [PATCH 2/4] avcodec/pcm-dvdenc: 64bit pkt-size Michael Niedermayer
` (3 more replies)
0 siblings, 4 replies; 7+ messages in thread
From: Michael Niedermayer @ 2024-05-13 1:20 UTC (permalink / raw)
To: FFmpeg development discussions and patches
Fixes: CID1500300 Unchecked return value
Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
libavcodec/notchlc.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/libavcodec/notchlc.c b/libavcodec/notchlc.c
index 6dd3f884407..30427f4ba92 100644
--- a/libavcodec/notchlc.c
+++ b/libavcodec/notchlc.c
@@ -243,7 +243,9 @@ static int decode_blocks(AVCodecContext *avctx, AVFrame *p,
bytestream2_seek(&dgb, s->y_data_offset + row_offset, SEEK_SET);
- init_get_bits8(&bit, dgb.buffer, bytestream2_get_bytes_left(&dgb));
+ ret = init_get_bits8(&bit, dgb.buffer, bytestream2_get_bytes_left(&dgb));
+ if (ret < 0)
+ return ret;
for (int x = 0; x < avctx->width; x += 4) {
unsigned item = bytestream2_get_le32(gb);
unsigned y_min = item & 4095;
--
2.43.2
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 7+ messages in thread* [FFmpeg-devel] [PATCH 2/4] avcodec/pcm-dvdenc: 64bit pkt-size 2024-05-13 1:20 [FFmpeg-devel] [PATCH 1/4] avcodec/notchlc: Check init_get_bits8() for failure Michael Niedermayer @ 2024-05-13 1:20 ` Michael Niedermayer 2024-05-13 1:20 ` [FFmpeg-devel] [PATCH 3/4] avcodec/proresenc_anatoliy: Assert that AV_PROFILE_UNKNOWN is replaced Michael Niedermayer ` (2 subsequent siblings) 3 siblings, 0 replies; 7+ messages in thread From: Michael Niedermayer @ 2024-05-13 1:20 UTC (permalink / raw) To: FFmpeg development discussions and patches It seems nothing prevents such overflow even though odd Fixes: CID1441934 Unintentional integer overflow Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/pcm-dvdenc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/pcm-dvdenc.c b/libavcodec/pcm-dvdenc.c index 1e7ee644f66..71e9b6915ad 100644 --- a/libavcodec/pcm-dvdenc.c +++ b/libavcodec/pcm-dvdenc.c @@ -116,7 +116,7 @@ static int pcm_dvd_encode_frame(AVCodecContext *avctx, AVPacket *avpkt, { PCMDVDContext *s = avctx->priv_data; int samples = frame->nb_samples * avctx->ch_layout.nb_channels; - int64_t pkt_size = (frame->nb_samples / s->samples_per_block) * s->block_size + 3; + int64_t pkt_size = (int64_t)(frame->nb_samples / s->samples_per_block) * s->block_size + 3; int blocks = (pkt_size - 3) / s->block_size; const int16_t *src16; const int32_t *src32; -- 2.43.2 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 7+ messages in thread
* [FFmpeg-devel] [PATCH 3/4] avcodec/proresenc_anatoliy: Assert that AV_PROFILE_UNKNOWN is replaced 2024-05-13 1:20 [FFmpeg-devel] [PATCH 1/4] avcodec/notchlc: Check init_get_bits8() for failure Michael Niedermayer 2024-05-13 1:20 ` [FFmpeg-devel] [PATCH 2/4] avcodec/pcm-dvdenc: 64bit pkt-size Michael Niedermayer @ 2024-05-13 1:20 ` Michael Niedermayer 2024-05-13 1:20 ` [FFmpeg-devel] [PATCH 4/4] avcodec/qsvdec: Check av_image_get_buffer_size() for failure Michael Niedermayer 2024-06-02 19:17 ` [FFmpeg-devel] [PATCH 1/4] avcodec/notchlc: Check init_get_bits8() " Michael Niedermayer 3 siblings, 0 replies; 7+ messages in thread From: Michael Niedermayer @ 2024-05-13 1:20 UTC (permalink / raw) To: FFmpeg development discussions and patches If its not replaced we would have a negative index used in an array potentially Helps: CID1440385 Negative array index read Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/proresenc_anatoliy.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libavcodec/proresenc_anatoliy.c b/libavcodec/proresenc_anatoliy.c index 2fb96e9cf56..8709f400d04 100644 --- a/libavcodec/proresenc_anatoliy.c +++ b/libavcodec/proresenc_anatoliy.c @@ -857,7 +857,8 @@ static av_cold int prores_encode_init(AVCodecContext *avctx) avctx->profile = AV_PROFILE_PRORES_4444; av_log(avctx, AV_LOG_INFO, "encoding with ProRes 4444+ (ap4h) profile\n"); - } + } else + av_assert0(0); } else if (avctx->profile < AV_PROFILE_PRORES_PROXY || avctx->profile > AV_PROFILE_PRORES_XQ) { av_log( -- 2.43.2 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 7+ messages in thread
* [FFmpeg-devel] [PATCH 4/4] avcodec/qsvdec: Check av_image_get_buffer_size() for failure 2024-05-13 1:20 [FFmpeg-devel] [PATCH 1/4] avcodec/notchlc: Check init_get_bits8() for failure Michael Niedermayer 2024-05-13 1:20 ` [FFmpeg-devel] [PATCH 2/4] avcodec/pcm-dvdenc: 64bit pkt-size Michael Niedermayer 2024-05-13 1:20 ` [FFmpeg-devel] [PATCH 3/4] avcodec/proresenc_anatoliy: Assert that AV_PROFILE_UNKNOWN is replaced Michael Niedermayer @ 2024-05-13 1:20 ` Michael Niedermayer 2024-05-13 1:47 ` Xiang, Haihao 2024-06-02 19:17 ` [FFmpeg-devel] [PATCH 1/4] avcodec/notchlc: Check init_get_bits8() " Michael Niedermayer 3 siblings, 1 reply; 7+ messages in thread From: Michael Niedermayer @ 2024-05-13 1:20 UTC (permalink / raw) To: FFmpeg development discussions and patches Fixes: CID1477406 Improper use of negative value Sponsored-by: Sovereign Tech Fund Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/qsvdec.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/libavcodec/qsvdec.c b/libavcodec/qsvdec.c index ed0bfe4c8b8..a51ddace622 100644 --- a/libavcodec/qsvdec.c +++ b/libavcodec/qsvdec.c @@ -379,9 +379,12 @@ static int qsv_decode_init_context(AVCodecContext *avctx, QSVContext *q, mfxVide q->frame_info = param->mfx.FrameInfo; - if (!avctx->hw_frames_ctx) - q->pool = av_buffer_pool_init(av_image_get_buffer_size(avctx->pix_fmt, - FFALIGN(avctx->width, 128), FFALIGN(avctx->height, 64), 1), av_buffer_allocz); + if (!avctx->hw_frames_ctx) { + ret = av_image_get_buffer_size(avctx->pix_fmt, FFALIGN(avctx->width, 128), FFALIGN(avctx->height, 64), 1); + if (ret < 0) + return ret; + q->pool = av_buffer_pool_init(ret, av_buffer_allocz); + } return 0; } -- 2.43.2 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [FFmpeg-devel] [PATCH 4/4] avcodec/qsvdec: Check av_image_get_buffer_size() for failure 2024-05-13 1:20 ` [FFmpeg-devel] [PATCH 4/4] avcodec/qsvdec: Check av_image_get_buffer_size() for failure Michael Niedermayer @ 2024-05-13 1:47 ` Xiang, Haihao 2024-05-19 19:50 ` Michael Niedermayer 0 siblings, 1 reply; 7+ messages in thread From: Xiang, Haihao @ 2024-05-13 1:47 UTC (permalink / raw) To: ffmpeg-devel On Ma, 2024-05-13 at 03:20 +0200, Michael Niedermayer wrote: > Fixes: CID1477406 Improper use of negative value > > Sponsored-by: Sovereign Tech Fund > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/qsvdec.c | 9 ++++++--- > 1 file changed, 6 insertions(+), 3 deletions(-) > > diff --git a/libavcodec/qsvdec.c b/libavcodec/qsvdec.c > index ed0bfe4c8b8..a51ddace622 100644 > --- a/libavcodec/qsvdec.c > +++ b/libavcodec/qsvdec.c > @@ -379,9 +379,12 @@ static int qsv_decode_init_context(AVCodecContext *avctx, > QSVContext *q, mfxVide > > q->frame_info = param->mfx.FrameInfo; > > - if (!avctx->hw_frames_ctx) > - q->pool = av_buffer_pool_init(av_image_get_buffer_size(avctx- > >pix_fmt, > - FFALIGN(avctx->width, 128), FFALIGN(avctx->height, 64), > 1), av_buffer_allocz); > + if (!avctx->hw_frames_ctx) { > + ret = av_image_get_buffer_size(avctx->pix_fmt, FFALIGN(avctx->width, > 128), FFALIGN(avctx->height, 64), 1); > + if (ret < 0) > + return ret; > + q->pool = av_buffer_pool_init(ret, av_buffer_allocz); > + } > return 0; > } > LGTM, thx - Haihao _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [FFmpeg-devel] [PATCH 4/4] avcodec/qsvdec: Check av_image_get_buffer_size() for failure 2024-05-13 1:47 ` Xiang, Haihao @ 2024-05-19 19:50 ` Michael Niedermayer 0 siblings, 0 replies; 7+ messages in thread From: Michael Niedermayer @ 2024-05-19 19:50 UTC (permalink / raw) To: FFmpeg development discussions and patches [-- Attachment #1.1: Type: text/plain, Size: 1560 bytes --] On Mon, May 13, 2024 at 01:47:36AM +0000, Xiang, Haihao wrote: > On Ma, 2024-05-13 at 03:20 +0200, Michael Niedermayer wrote: > > Fixes: CID1477406 Improper use of negative value > > > > Sponsored-by: Sovereign Tech Fund > > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > > --- > > libavcodec/qsvdec.c | 9 ++++++--- > > 1 file changed, 6 insertions(+), 3 deletions(-) > > > > diff --git a/libavcodec/qsvdec.c b/libavcodec/qsvdec.c > > index ed0bfe4c8b8..a51ddace622 100644 > > --- a/libavcodec/qsvdec.c > > +++ b/libavcodec/qsvdec.c > > @@ -379,9 +379,12 @@ static int qsv_decode_init_context(AVCodecContext *avctx, > > QSVContext *q, mfxVide > > > > q->frame_info = param->mfx.FrameInfo; > > > > - if (!avctx->hw_frames_ctx) > > - q->pool = av_buffer_pool_init(av_image_get_buffer_size(avctx- > > >pix_fmt, > > - FFALIGN(avctx->width, 128), FFALIGN(avctx->height, 64), > > 1), av_buffer_allocz); > > + if (!avctx->hw_frames_ctx) { > > + ret = av_image_get_buffer_size(avctx->pix_fmt, FFALIGN(avctx->width, > > 128), FFALIGN(avctx->height, 64), 1); > > + if (ret < 0) > > + return ret; > > + q->pool = av_buffer_pool_init(ret, av_buffer_allocz); > > + } > > return 0; > > } > > > > LGTM, thx will apply thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Elect your leaders based on what they did after the last election, not based on what they say before an election. [-- Attachment #1.2: signature.asc --] [-- Type: application/pgp-signature, Size: 195 bytes --] [-- Attachment #2: Type: text/plain, Size: 251 bytes --] _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [FFmpeg-devel] [PATCH 1/4] avcodec/notchlc: Check init_get_bits8() for failure 2024-05-13 1:20 [FFmpeg-devel] [PATCH 1/4] avcodec/notchlc: Check init_get_bits8() for failure Michael Niedermayer ` (2 preceding siblings ...) 2024-05-13 1:20 ` [FFmpeg-devel] [PATCH 4/4] avcodec/qsvdec: Check av_image_get_buffer_size() for failure Michael Niedermayer @ 2024-06-02 19:17 ` Michael Niedermayer 3 siblings, 0 replies; 7+ messages in thread From: Michael Niedermayer @ 2024-06-02 19:17 UTC (permalink / raw) To: FFmpeg development discussions and patches [-- Attachment #1.1: Type: text/plain, Size: 512 bytes --] On Mon, May 13, 2024 at 03:20:08AM +0200, Michael Niedermayer wrote: > Fixes: CID1500300 Unchecked return value > > Sponsored-by: Sovereign Tech Fund > Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> > --- > libavcodec/notchlc.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) will apply the remaining patches of this set [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB What does censorship reveal? It reveals fear. -- Julian Assange [-- Attachment #1.2: signature.asc --] [-- Type: application/pgp-signature, Size: 195 bytes --] [-- Attachment #2: Type: text/plain, Size: 251 bytes --] _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2024-06-02 19:17 UTC | newest] Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2024-05-13 1:20 [FFmpeg-devel] [PATCH 1/4] avcodec/notchlc: Check init_get_bits8() for failure Michael Niedermayer 2024-05-13 1:20 ` [FFmpeg-devel] [PATCH 2/4] avcodec/pcm-dvdenc: 64bit pkt-size Michael Niedermayer 2024-05-13 1:20 ` [FFmpeg-devel] [PATCH 3/4] avcodec/proresenc_anatoliy: Assert that AV_PROFILE_UNKNOWN is replaced Michael Niedermayer 2024-05-13 1:20 ` [FFmpeg-devel] [PATCH 4/4] avcodec/qsvdec: Check av_image_get_buffer_size() for failure Michael Niedermayer 2024-05-13 1:47 ` Xiang, Haihao 2024-05-19 19:50 ` Michael Niedermayer 2024-06-02 19:17 ` [FFmpeg-devel] [PATCH 1/4] avcodec/notchlc: Check init_get_bits8() " Michael Niedermayer
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel This inbox may be cloned and mirrored by anyone: git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \ ffmpegdev@gitmailbox.com public-inbox-index ffmpegdev Example config snippet for mirrors. AGPL code for this site: git clone https://public-inbox.org/public-inbox.git