From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 2168845206 for ; Thu, 12 Jan 2023 07:37:51 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 3386568BD96; Thu, 12 Jan 2023 09:37:49 +0200 (EET) Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05olkn2090.outbound.protection.outlook.com [40.92.91.90]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 793FA68B9CA for ; Thu, 12 Jan 2023 09:37:42 +0200 (EET) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=R4ZIH5w+3DJGY86E8qNPRey9y03fzKgCM4yleVWZUfvsMmpplHXcT133jUzaydqma11sHqgKyjeW0rrb42THxl0+JI8RUeIuJBeAJR+715or+M9paV+DR0JK1TtqfF2e8cb8Z0fW7YWHusXQncFJvZrWHBOM/CyK0r/00Q8QQChGAZQB6a8tmNTIiPrfCjBcyUy+sKzSezOQGkSNaFnWDJj8RM6gS02aWkdWFvsVSJbLw8HlYaapRgEVNSujjB3srrG9w6nFVY7ikFxXQEiFFohLbyhGzjjFeJV9hIN8mHksxUOx1DQxW111BIDUIyyF8aidvZ5oiw/aQxV5nHZGvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7bu+jcHV0frwnP0cNSqW5UTNpR0p6Zr8zRWXcnUUQak=; b=WxIqlFG74rYd3oh/CIpYjX+Iw/6JxGejt4dH193SsDuUvrgm3VhrjFkOBuRG8N5SdCr6qn9N1gfNfzNkxDpuS1WOaJI4sBiAD5Qrssmto4uZZl6leNblvy8keFuLuLk7UvLVwr4Mjsgovg8cJ4971dQ9jUNv0SdB0P0lg8F2ndkEv4ARzDVSG+SpFopo3OEbL1rnXo1c1Isut26BKgZ3aEX70ILGa3HvA1S0q+gUlsjKxemEA8v1PNjrOWOte5M/KtNW1DbCSXDP2/1WJTwrSRxjq4lteOD9Oinp+6zjbU2b4SDp9LZWNZ4zQoBNtFGLbj0qOPYKLdlkw/R1bPls+Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7bu+jcHV0frwnP0cNSqW5UTNpR0p6Zr8zRWXcnUUQak=; b=Q/5KWzHbWCzQpLa6Rk11ZxA8ln5vDlCN38k1q2abhRdVV9p2PZRU83S4MWSPuzjp16zvI/gFNkwqZJMK+w4xkprKHKiKxa6F3IE5xGJ6xXgEIeqvTAqoi9sMr8oXi4Q7LdM8dR1H1qgHXQZWkm9sBhuzEUPx8mOH+qojZ9B6od+w7Dm7bk77wBdVDHatunUie7D2S90BmBYRyJ80xb7PZYkW+wMBpG+crgsb+7vH0yvwUrtB/vI8cFqdSZjukCvYOGLD4DxQqVotJtH18V30cZCqFyIEyAGpOWfB1cSMIKGATTOZ2Kbtd0VBLbpP+N+Hzq9dLJ8aZwqFIekITGppkQ== Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) by AS8P250MB0029.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:358::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5986.18; Thu, 12 Jan 2023 07:37:40 +0000 Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::c37:cabe:316a:60b2]) by AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::c37:cabe:316a:60b2%4]) with mapi id 15.20.6002.012; Thu, 12 Jan 2023 07:37:40 +0000 Message-ID: Date: Thu, 12 Jan 2023 08:38:08 +0100 Content-Language: en-US To: ffmpeg-devel@ffmpeg.org References: <20230111204221.22550-1-michael@niedermayer.cc> From: Andreas Rheinhardt In-Reply-To: <20230111204221.22550-1-michael@niedermayer.cc> X-TMN: [Oru6gUqvX+zrJ6yla+KfvyEe0mW8eNR1] X-ClientProxiedBy: ZR0P278CA0140.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:40::19) To AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) X-Microsoft-Original-Message-ID: <22170750-0c05-b011-9727-d542b423533d@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS8P250MB0744:EE_|AS8P250MB0029:EE_ X-MS-Office365-Filtering-Correlation-Id: 6ed76c35-e1ef-49ab-6dc8-08daf46fe227 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: rqvLAxR9BmuowMzyDPMUEqbGtriOT6S3tdpVfqVkCJY0IV5ItL1TEz7lthC5I8gMQ8py2h/ODio1uNEO/pbYO27JhWBuo5hHyAYhRHDx6M5bDNGKmKmh+IUZc4ftmEwiMNu7bJDB66m/eyFBZr/828XZrtshpbUAcSNrx0uBoLHKN7o8JsOtBVjvuoSbAFR9F91EV24CNUeOS+CLZ+TCKpN8swazD7jgFSqMOQyjU031rrlH0Qw47ButJHgcIU7aGOYrXVLmM6HPurZiKC5f6pDMcR2uFLallqYf/Zp72G1ee1BCwtcWkDmWcskLxpwaPHu3FykqQgBLR0ifiCCZuKcSjf4caYxrgY5AbIg7jLG9XXMIr1UHDC/SxUjhTS8dc5/MC8DHLDU5Z3RVcUgiD++HrXI+iZHMsFHCs2XuGniQ6E2/krREUAAuSLn11dB8/BmQVScTfj037TcAEMe5+/amoaJ7gx9M8EH0id4k6p6H854RQ0rzMdmF3IaOnusQprfLUOmARZWzFFWU/CJTGv2imcYDNtgRpYMDfUSJkZsgyWNTzy78g1yGHL1Z8K06DPuxz4UAkJrXeEC8FyNmG4WFwDg9GHn/hTSHRPIBaQSx+ABQhZaAyE3HjVvn54lmB9jBlevpBFR6gzzCwjhw/g== X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?NThIWEVyajlySndXMFVVMzR0QkpFNXJLZHdRWWdteWphcEFiRmhhVUFWdVBX?= =?utf-8?B?Q2o5OEJ1cnRhT0lJeENqLzRVZi9OaG11VkU4eWlrdEJsTjhkQng2ZlZteTNu?= =?utf-8?B?ZkgyeFNyTlFra2ZXdGhzUVBGRm1ETWdsWkdUSlBCdXExNTBkejJXck40NHps?= =?utf-8?B?cGRIaGFiMjdtcWRQY2UwQkZJL3VlOCtyUDB4aFRuNzVaVERJRHB1djBoNDIv?= =?utf-8?B?WGk3alpnQnpJV09iakhwRGdXd2VtSE5RSVlSbWJaS3Q3aWd3ZVYyeG1Qeldj?= =?utf-8?B?NndPZXBwWWlWcXhLb2JNdURnREdNdDdkbnJESTdQeXBWSWowSUw2OGVvdzdu?= =?utf-8?B?R2ZnMnZrS3ZTaE8wVkFUOEo5K01MRjRHSHJpVGs3eXBibVJvR05YWlNLSXBO?= =?utf-8?B?REZsd2FvMTZLaWhaK1NSZWZRMXJnZS9WMXlJQXdFSGY3QzQ0YUNWRDk1QVlr?= =?utf-8?B?VmM2UVhKZFVjQWNZUFhwUHZ1aHIydE9FRmVwK1VqS0dyVlZrN1BSTk5GRXM2?= =?utf-8?B?OWxQZXYvQUJsSnJlbTRoOEtIWEEwbTdOVE9NbzA3b3h0OE56alNnSlJyQ1hQ?= =?utf-8?B?bjVJUXFOUXIyNTB4c0ZYM2ZJdk1pOUlUQk5aTE1adUFibHphakdHSTlKdkxn?= =?utf-8?B?cVA1VVZGaU50TkZTWGpNbEpsQXBKVHpKbnZmVlNWZzhoU0NaS0JTVUNUV2tl?= =?utf-8?B?dVl4bHc4cGxaVVRXUTN5WldOTUF6OWRwallqOHU3M1F1dDhhWWFVanlySlMw?= =?utf-8?B?WW5xOFFpYlNFVW5QbVIxZjZJZVFFc2Z6SnFxQW5xTlByc3RaYzFrZVZNdVJ6?= =?utf-8?B?cDQ2KzJoMmtUQVpYc295Wk5ybHE1cVE1bEZ4ZWVjbk5OM3pUeFRlSEY3TG4r?= =?utf-8?B?S3N3VUNnUisvVDZhRk5qZW8vYXVQSGZZaGlESzE3YmpKQnlxbllmNTNCT1dM?= =?utf-8?B?WjA4VGRvS1Z1MUxTMnlkTU9jZFBTWVhEWnphQ2NHQnJDRXlyZVNyTmFqdlYr?= =?utf-8?B?YkxuRjJ1L2VTY2tkZ2J3bW9Ed2lncXhJUjZ5RENTVVRJWVRuMTlZRnAzcW9K?= =?utf-8?B?QWJhbjB6WVF1dUNoMHUxQzJiRnFMbkhud1RlUFozQU9iRWlCNFp1R3ZaWks3?= =?utf-8?B?c2drNTMxak5mZTdiVFprREJoZzJua3lyT0RsZThNWEw4b0ZsbVJMc3pmeFA2?= =?utf-8?B?eTM1UStOTGIrVXo2OHZDeHBmWUsvazdpZTJlOEwyN3AyTFFOZzd6YUVSc0xC?= =?utf-8?B?bm03d21ISUhVWWdkcFpCN0F5cGNhY2hZUU02aEQ1cG5QOGVOR1BHalcwdUpn?= =?utf-8?B?WVpZMm4rMlozdzVONEsxMzRkOUFZRGhBRnlQc2p1YzJZTk9oSVU1eEphZlI5?= =?utf-8?B?ZDhVK0VPdTdmS0xraEFsNVFLekZkQktBK0QzYTBCVkRPdjR4SXNpRFdKa2JS?= =?utf-8?B?aUJwbEpNdkR0a3J6ZCtudkhaMFNHWEcwNk90QmJuRmZXNWsrS21wZHJKcGY3?= =?utf-8?B?MzB6Nnc0R3ZuVDRCRndlK2R2NkRFS3NOd1Y1VGZvUC9GLzZuVk1iWUY3M000?= =?utf-8?B?YUszUThsdmxJM3VSVENzM29xbkQvMVFsTzlkU1NqcitvZGdPZXRQOVJmc3Ny?= =?utf-8?B?bHFHdUdndnV6L0VlZ3BpTU1XdVViTCtRbEhheWpzUnpTazdXWkJHM0NxSGky?= =?utf-8?B?bTZMbnBzcW4zc2xTcDdWU2d5SEtSMGlQTWFLMDl6Q29pT0xqNWZ6dlJQVFNS?= =?utf-8?Q?voAoLnV1NLHaaeD3PQ=3D?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6ed76c35-e1ef-49ab-6dc8-08daf46fe227 X-MS-Exchange-CrossTenant-AuthSource: AS8P250MB0744.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Jan 2023 07:37:40.1628 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8P250MB0029 Subject: Re: [FFmpeg-devel] [PATCH 1/6] avcodec/utils: allocate a line more for VC1 and WMV3 X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Michael Niedermayer: > Fixes: out of array read on 32bit > Fixes: 54857/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_VC1_fuzzer-5840588224462848 > > The chroma MC code reads over the currently allocated frame. > Alternative fixes would be allocating a few bytes more at the end instead of a whole > line extra or to adjust the threshold where the edge emu code is activated > > Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg > Signed-off-by: Michael Niedermayer > --- > libavcodec/utils.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/libavcodec/utils.c b/libavcodec/utils.c > index 2b63a498b9..1aa0a05a31 100644 > --- a/libavcodec/utils.c > +++ b/libavcodec/utils.c > @@ -321,6 +321,7 @@ void avcodec_align_dimensions2(AVCodecContext *s, int *width, int *height, > *width = FFALIGN(*width, w_align); > *height = FFALIGN(*height, h_align); > if (s->codec_id == AV_CODEC_ID_H264 || s->lowres || > + s->codec_id == AV_CODEC_ID_VC1 || s->codec_id == AV_CODEC_ID_WMV3 || > s->codec_id == AV_CODEC_ID_VP5 || s->codec_id == AV_CODEC_ID_VP6 || > s->codec_id == AV_CODEC_ID_VP6F || s->codec_id == AV_CODEC_ID_VP6A > ) { Does this only happen on 32bit systems? If so, why? - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".