From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 25C7149644 for ; Fri, 17 May 2024 07:53:37 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 30FBB68D352; Fri, 17 May 2024 10:53:34 +0300 (EEST) Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05olkn2063.outbound.protection.outlook.com [40.92.91.63]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 8017668CD1B for ; Fri, 17 May 2024 10:53:27 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cw169ihIQERL5YglRGvazNK+w8ZI2fEwaxJy6LqGxBNPhTc23teCY/QHvAYn5jw/Pp3bO6hfCdCkZ9d63sVr3k+mzMet4PBIbf7whfmpFwBAHSw5S+L97grUlTk/W/u+PoKu3QE+tw3ejjuTPXvX3yHambrXyHScsvNn5jY0fvTH2oQnazZFcpnt4m02wDNYgkSfXjENhJcCAkpXgz5wSJ83ExGE+pZi4JSa6rR8qE42FRhrrTwbt14MDUITq+sShDR0nC3v5+2faSm0VW1mC3QO953lvvldU0Z5pl/QJHfUWJsrE5pv99n4SsBGL6laPO9Ee63Yz364w47uUzoshw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/JIpmyyVtDc/+ezRV2nbEHUAndePj+nlFYB9iE/zsAI=; b=a0EFVckK1vxKgdhl4dckYm9pLurUN5AbW1ZZbXc8GpKqD0RExZuOHLXZSQjkuRebG722HNhDShs1EXq4f7K6rkC4xCXLe8yML3fjud88iQdadw1s/AP3nXSD6WCi1vKQ9DyZpW5/O/HBDmC0qLZUQV1pR39IS96pDUNyalBcSzq0cOgzhUfxDWiZIRK6fAfXw5nBzbcDiQmEGTm80Zt9caZMZCt58uUU8uKX4FvDUnhDRMo0OGJuykg+TR28PKmnJVG/c0eUMc3/7MPtvDqXQxyz2DYGhPnVAl35m9tsddnGHpKv5WT0UFSGkawcvqAyqG5XveZkKx3H84A8U1NxcA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/JIpmyyVtDc/+ezRV2nbEHUAndePj+nlFYB9iE/zsAI=; b=LhKqoKKavn0IBgn5a2N5/T3AqNO+uAKIOYnt+E+IM2fxVgqC63oHLfm4OG0G16NhqcLn11rQTT2N3/xreDaOkFNAKPjgPeLFmT0Hz9P1p0EUpORQVeVg7uec7oXMibeXW/B+k7F5FMVv5q+pto/eLO6kbaw4CaGbXAXjJ/AZEjSVdWywaVfjZq1P4Ena/+tFSdgX9aVA2q3rPzdDFva6IFyVSJQ2em5DWl1wc7NaZQSLIGhLkYdzfmzJEd8wxrehXc9l4UDfDOnMW+9ESLvVEIsJ3yUb49FpqUPqc3aP8i3/u1wNLBmkDAXGp0JpQy+c9qFiUoY8XHM58aKmrCrNlg== Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) by PR3P250MB0116.EURP250.PROD.OUTLOOK.COM (2603:10a6:102:173::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7587.30; Fri, 17 May 2024 07:53:24 +0000 Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::384d:40d4:ecb7:1c9]) by AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::384d:40d4:ecb7:1c9%4]) with mapi id 15.20.7544.052; Fri, 17 May 2024 07:53:24 +0000 Message-ID: Date: Fri, 17 May 2024 09:53:21 +0200 User-Agent: Mozilla Thunderbird To: ffmpeg-devel@ffmpeg.org References: <20240516231932.6950-1-michael@niedermayer.cc> <20240516231932.6950-4-michael@niedermayer.cc> Content-Language: en-US From: Andreas Rheinhardt In-Reply-To: <20240516231932.6950-4-michael@niedermayer.cc> X-TMN: [TrHNxSjFDtF4T3+Fv0JvSfWqwwdb4HQRHDwpOEy8tMI=] X-ClientProxiedBy: ZR0P278CA0135.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:40::14) To AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) X-Microsoft-Original-Message-ID: MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS8P250MB0744:EE_|PR3P250MB0116:EE_ X-MS-Office365-Filtering-Correlation-Id: 928bf192-cddc-4f62-aa3a-08dc76466dbc X-Microsoft-Antispam: BCL:0;ARA:14566002|461199019|440099019|3412199016; X-Microsoft-Antispam-Message-Info: ksiluZBL+yQoy0mKeSk1r9qREaZlifsWxG16OwRJ5RCSFIGVuGC+Win/O6/0p1/fas95+76UgAxUEusWfRvCpcAcY1iZW6aycUC68aCcVeZYO3qTdUwH3j87hAixX6MQAaMtEa40GKgYPWBf7HsCG4tpgxjhy1kl4QtG/UGen1tRYApdr4Qp2eIaQvxWJW4TRQ8KWDLrNViEjo90ap2TshEl1d4ZwcXwdI3Y3INP71X2vBURtWioI4of0YAr0kqSHUDN7eXZa/SbLkuG1CelaCuAf2MDrDS4uhibrgTRpEbjQj05T5Y+xXQb6Ga/Hu0AltXckJkWr5FIAINrJ3SLLqhM+JWmykIcvpIlgVKHghACio0ZxAYzqZq0Wy8blUoxSpOhxleBkAfywyQxTfO7onReY366AZcpH8NrKxqhurc3SR0yEyKyVoLFh0nJR8skqAr3AEUfvuY/CWXIKbngC22Gav87z4Jlirhtyhxlr5yDIDupbJYiUIWWqKFOLBpMrSYp5IqMFOU3rxiN8IlpfgA0PELBmw/2xI+6Vi7T+9ISvxOiEidi5CkuV90I3ZGu X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?SzFkb0pKcXNrajc1MHBzdGU1cTJKSnNsVGRjN0dGSnowdnc5Zk1PQTBtWmxp?= =?utf-8?B?WGtKQlRsUzVKU0xIQXA5bDJlK1J5blAySFZvcXU5U2Y4ZDJHV0pNRmo4Snp3?= =?utf-8?B?d0Z2bUdYb05jSlNiVHNqaEtZSW1DM1RjNGZtQXVFc3llSlMrYzlzQkpUeGx6?= =?utf-8?B?UEk4T01rZHpUQ0tOZFh5dUpiNEs1TytNTFRjL0dlbGhnaCtScW84d3lUdjky?= =?utf-8?B?TjVGRUZGZ1NRZXVKL2g0UzRaYTdNVFg4VFV2bEdMZkdwQzF6QlFGOTJLMHU0?= =?utf-8?B?NVZlNG5mYzFjQklCb3hDYUR5WU5xbEw0WmVCcGxNeTVpclh4NUhRZVhuelhS?= =?utf-8?B?VWdiL3lhUXJ2Qko3MzZab2lzMnJuUHNBZHo4Q0FNVDVHa1l5TSsvT2Z3NGta?= =?utf-8?B?T1BlaSs0elgzVzlvcmxWQjYwRWw5OXRVWGpOc0l1TlVhR01xN0o5dm5tMEcy?= =?utf-8?B?ZHNaVTd2QkVYVDR0RUpaQjZRZzU0MXdKbW5xU2hTeTd6QU1hOFIwVWdhaHlF?= =?utf-8?B?SjNFbm9DVFJEZ0toTERwK0JNYTJUamJSUjlWbmxhQnZXUFlkbW5ESTd0amhH?= =?utf-8?B?MS80RGJ1QnRUelk0Y1BqUFFPUTZldWYzQkY3YTVaTXREN05jTGVMM1BsdDJm?= =?utf-8?B?MHphY3hXUXU1aHRlWDlGQlF6VTA2Z1RZV0N3WCsyTmR1TVBNb3lmU3FXTmIx?= =?utf-8?B?UDVNS2VYb3VJdVlKZEtUb240Nm1DbEtSNUoyTlNjWWpiWnNBYW1hQUJDQlRD?= =?utf-8?B?eXpIa1BvOTR2RDdKMFY3RlhYQTJ6UXpVQWNiYTVOV2ZqMlhoeHlwbXJzNHdV?= =?utf-8?B?c0NpM3J1WUMzdzBBbFZPeG85aEZpYmg1aTFtajNIazhDa2lIZFkyVC9EaDFQ?= =?utf-8?B?TkllUTdsTGgvbCtYWm1xVyt2UzZOaWJBYlQ4UXg1RzZsblFoQ0Z4ZzZMWlhI?= =?utf-8?B?aTRLbnVndUFIbVk4dHl1VGlBZlo3Q1U5UTh1VlcwV1ZIODJDK3AzUkx6ZWNw?= =?utf-8?B?YWZZTE5OVllGdDZUOTJIbWhYd3Z2bm9KZmdHUzlWV1dqVVpLekpkU2d0RXdw?= =?utf-8?B?aDBqQ2dweXNwdmwvcStPVUc2NUs2S3BsaS9EYXQxRGpYaFR2MUFwU1dxckp2?= =?utf-8?B?Umt1R3BFR2dSWmRDTGZzNEF6NTdsck9oa3hGTW8yVGlQS085US92R0w1eXhE?= =?utf-8?B?WHFrcDViY3BSYXl1Ti9FTStTcTM1ZDZpbmdacjR4ZW9YWExnYTNVajNCSjNa?= =?utf-8?B?T3ovR0phcWlMb21ZM2hSVTMzS2FFem9PUFM4VXYraGQ5WUdFbzl6UnlnT0hP?= =?utf-8?B?dlNiVVBlM0dHSGRQWnB1VFd1WWZmbGxsSmJzL3FhbUVRbWxhMk5BTEViTFVu?= =?utf-8?B?WGpHTTZLS3o1TDB1MFh0eFpreHFzM2FRZVhXS3RBSWtDNHk5S3ZzTEVMdmVV?= =?utf-8?B?RGxmUVdRZm4rV3VWMG1KbkpZdC9hRUN6Nm1FdFNMUlFxeWVNanFOVnZucWFL?= =?utf-8?B?QU0vNkxRRHovdEJDSytLaXo3cUZYZHZkMCtDWnU4TE1qbDZlVHpCOWNuNFA1?= =?utf-8?B?cUZHcUJ6RmM2Z2ZBZXFYVEwzdk5OTUl4dHVvZTBja3JtUDVMdllvb2JEbXBv?= =?utf-8?B?Si9McVFEbThaZUZtQTRJeC9XLzlLTU1taHVJUkFVdkgrMFljakgraUl0aE5z?= =?utf-8?B?bm9ObzVtWDhiNWZrMEt5WkZsdGdYT0VLODJaKzlMMGxwYlowbW5CQzJBPT0=?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 928bf192-cddc-4f62-aa3a-08dc76466dbc X-MS-Exchange-CrossTenant-AuthSource: AS8P250MB0744.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 May 2024 07:53:24.3771 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3P250MB0116 Subject: Re: [FFmpeg-devel] [PATCH 4/5] avcodec/sga: Check non constant init_get_bits8() X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Michael Niedermayer: > Fixes: CID1473562 Unchecked return value > Fixes: CID1473592 Unchecked return value > > Sponsored-by: Sovereign Tech Fund > Signed-off-by: Michael Niedermayer > --- > libavcodec/sga.c | 10 ++++++++-- > 1 file changed, 8 insertions(+), 2 deletions(-) > > diff --git a/libavcodec/sga.c b/libavcodec/sga.c > index 0f42cf912b2..aca941e057e 100644 > --- a/libavcodec/sga.c > +++ b/libavcodec/sga.c > @@ -254,11 +254,14 @@ static int decode_palmapdata(AVCodecContext *avctx) > const int bits = (s->nb_pal + 1) / 2; > GetByteContext *gb = &s->gb; > GetBitContext pm; > + int ret; > > bytestream2_seek(gb, s->palmapdata_offset, SEEK_SET); > if (bytestream2_get_bytes_left(gb) < s->palmapdata_size) > return AVERROR_INVALIDDATA; > - init_get_bits8(&pm, gb->buffer, s->palmapdata_size); > + ret = init_get_bits8(&pm, gb->buffer, s->palmapdata_size); > + if (ret < 0) > + return ret; > > for (int y = 0; y < s->tiles_h; y++) { > uint8_t *dst = s->palmapindex_data + y * s->tiles_w; > @@ -277,11 +280,14 @@ static int decode_tiledata(AVCodecContext *avctx) > SGAVideoContext *s = avctx->priv_data; > GetByteContext *gb = &s->gb; > GetBitContext tm; > + int ret; > > bytestream2_seek(gb, s->tiledata_offset, SEEK_SET); > if (bytestream2_get_bytes_left(gb) < s->tiledata_size) > return AVERROR_INVALIDDATA; > - init_get_bits8(&tm, gb->buffer, s->tiledata_size); > + ret = init_get_bits8(&tm, gb->buffer, s->tiledata_size); > + if (ret < 0) > + return ret; > > for (int n = 0; n < s->nb_tiles; n++) { > uint8_t *dst = s->tileindex_data + n * 64; Both of these can not fail and could be checked via av_assert1: palmapdata_size is given by (s->tiles_w * s->tiles_h * ((s->nb_pal + 1) / 2) + 7) / 8 with tiles_w and tiles_h being in the 0..255 range and nb_pal being in the 0..4 range. tiledata_size is given by s->nb_tiles * 32; nb_tiles fits in 16 bits (it is either read via AV_RB16 or is given as the product of tiles_h * tiles_w, both of which are read from simple uint8_t. - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".