From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTPS id 136FF4CEF4
	for <ffmpegdev@gitmailbox.com>; Thu, 29 May 2025 23:49:01 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id 0CAED68C70A;
	Fri, 30 May 2025 02:48:59 +0300 (EEST)
Received: from relay8-d.mail.gandi.net (relay8-d.mail.gandi.net
 [217.70.183.201])
 by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id 3185E68C455
 for <ffmpeg-devel@ffmpeg.org>; Fri, 30 May 2025 02:48:57 +0300 (EEST)
Received: by mail.gandi.net (Postfix) with ESMTPSA id 359B443AFE
 for <ffmpeg-devel@ffmpeg.org>; Thu, 29 May 2025 23:48:57 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc;
 s=gm1; t=1748562537;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:mime-version:mime-version:content-type:content-type:
 in-reply-to:in-reply-to:references:references;
 bh=viHRj4BRFjnqDmJHPJAlvDdGtjwVmrBKen8kOfLv+0g=;
 b=CiiSXah8iwHGEjLj5ayf9Dyd/NrmTjo6y6MrPxTa0H4FWjLdIUr++CrImfAp/+6ve07bJS
 U32if038ATSZvdG54mMlJb/AbwW7Zc3c+FIk10aIW8T53vEDOKHa8VOme9bTnXdbOEOCbn
 iDDPvZlkJDL6rrNIvJ7tDdYHzkvxO7PF1pXw8qgMN2iQclh5yiK018oC10S3AKccNqDyPj
 Bt1/zEkhkmmTz0WRwuWGNmazMBTP1J+yo5znOfWcSpj0Z+pvJWXsQp/8psD0Wxg/2N5b5g
 9FcDAsusQHxAex5krY0PbAF55WnQPjv6fAe6uICO1zLVX6CxOAkmdvRjSOQW2g==
Date: Fri, 30 May 2025 01:48:56 +0200
From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Message-ID: <20250529234856.GE29660@pb2>
References: <20250508215738.3582069-1-michael@niedermayer.cc>
 <20250508215738.3582069-2-michael@niedermayer.cc>
MIME-Version: 1.0
In-Reply-To: <20250508215738.3582069-2-michael@niedermayer.cc>
X-GND-State: clean
X-GND-Score: -85
X-GND-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtddtgddvjeegleculddtuddrgeefvddrtddtmdcutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfitefpfffkpdcuggftfghnshhusghstghrihgsvgenuceurghilhhouhhtmecufedtudenucesvcftvggtihhpihgvnhhtshculddquddttddmnegfrhhlucfvnfffucdludehmdenucfjughrpeffhffvuffkfhggtggujgesghdtreertddtvdenucfhrhhomhepofhitghhrggvlhcupfhivgguvghrmhgrhigvrhcuoehmihgthhgrvghlsehnihgvuggvrhhmrgihvghrrdgttgeqnecuggftrfgrthhtvghrnheptefggedvffeiueffvefhiedtgfefjedukeefgeetgeevgeejgeekvdevjeelveeknecuffhomhgrihhnpehgihhthhhusgdrtghomhenucfkphepgedurdeiiedrieejrdduudefnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepgedurdeiiedrieejrdduudefpdhhvghloheplhhotggrlhhhohhsthdpmhgrihhlfhhrohhmpehmihgthhgrvghlsehnihgvuggvrhhmrgihvghrrdgttgdpnhgspghrtghpthhtohepuddprhgtphhtthhopehffhhmphgvghdquggvvhgvlhesfhhfmhhpvghgrdhorhhg
X-GND-Sasl: michael@niedermayer.cc
Subject: Re: [FFmpeg-devel] [PATCH 2/7] avcodec/hevc/hevcdec: Check
 num_entry_point_offsets
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: multipart/mixed; boundary="===============3292541718765219209=="
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/20250529234856.GE29660@pb2/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>


--===============3292541718765219209==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="IAaHMFmBR2Mx5Voy"
Content-Disposition: inline


--IAaHMFmBR2Mx5Voy
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, May 08, 2025 at 11:57:33PM +0200, Michael Niedermayer wrote:
> The code uses int, unsigned int and uint16_t to store num_entry_point_off=
sets
> This limits it to the smallest of the 3.
> Alternatively uint16_t can be changed and then a larger limit used.
> A Check will still be needed.
>=20
> Fixes: 391974932/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_HEVC_f=
uzzer-5966648879677440
> Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in t=
ype 'int'
>=20
> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/t=
ree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavcodec/hevc/hevcdec.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

will apply

[...]
--=20
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

If one takes all money from those who grow wealth and gives it to those who
do not grow wealth, 10 years later, almost the same people who where wealthy
will be wealthy again, the same people who where poor will be poor again.

--IAaHMFmBR2Mx5Voy
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iF0EABEKAB0WIQSf8hKLFH72cwut8TNhHseHBAsPqwUCaDjyaAAKCRBhHseHBAsP
q30QAKCVDUgB0c2947YwUZyKmBl8KCYGqgCfVCo2gk5YQVkitJ+CNlJABKSwvWs=
=N75S
-----END PGP SIGNATURE-----

--IAaHMFmBR2Mx5Voy--

--===============3292541718765219209==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

--===============3292541718765219209==--