From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
To: ffmpeg-devel@ffmpeg.org
Cc: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Subject: [FFmpeg-devel] [PATCH 6/8] avcodec/mpegvideo_dec: Don't zero context on init failure
Date: Mon, 2 Oct 2023 12:52:00 +0200
Message-ID: <AS8P250MB074463C6D8BC4A1A57568A158FC5A@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <AS8P250MB0744CC369A3887A6A38474498FC7A@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM>
Up until now, ff_mpeg_update_thread_context() zeroes
the context to initialize on initialization failure.
This has been added in e1d7d4bd13cdd8856a3611d1ea387ac733a7aebf.
Just as now, ff_mpeg_update_thread_context() simply
copied the src MpegEncContext over the dst MpegEncContext
to initialize it, but clear_context() was only added in
b160fc290cf49b516c5b6ee0730fd9da7fc623b1, so that cleaning up
on init failure was a minefield if performed.
It was not always performed, namely not before the first
allocation needed to be freed. In the fuzzer sample that
led to e1d7d4bd13cdd8856a3611d1ea387ac733a7aebf, the call
to av_image_check_size() failed and before said commit,
the context contained lots of pointers from the src context,
leading to assert violations lateron.
Of course, the proper fix for this is resetting the pointers
(or even better, not copying them in the first place), so
this zeroing is unnecessary since commit
b160fc290cf49b516c5b6ee0730fd9da7fc623b1. It is also harmful,
because it makes initializing something only once during init
more complicated; See the h264chroma handling in the diff
for an example. Therefore it is removed.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
libavcodec/mpegvideo_dec.c | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/libavcodec/mpegvideo_dec.c b/libavcodec/mpegvideo_dec.c
index f9fccff518..3f173a9feb 100644
--- a/libavcodec/mpegvideo_dec.c
+++ b/libavcodec/mpegvideo_dec.c
@@ -83,13 +83,8 @@ int ff_mpeg_update_thread_context(AVCodecContext *dst,
if (s1->context_initialized) {
ff_mpv_idct_init(s);
- if ((err = ff_mpv_common_init(s)) < 0) {
- memset(s, 0, sizeof(*s));
- s->avctx = dst;
- s->private_ctx = private_ctx;
- memcpy(&s->h264chroma, &s1->h264chroma, sizeof(s->h264chroma));
+ if ((err = ff_mpv_common_init(s)) < 0)
return err;
- }
}
}
--
2.34.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next prev parent reply other threads:[~2023-10-02 10:51 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-30 18:02 [FFmpeg-devel] [PATCH 1/4] avcodec/mpegvideo_dec: Check for existence of planes before accesses Andreas Rheinhardt
2023-09-30 18:02 ` [FFmpeg-devel] [PATCH 2/4] avcodec/mpegvideo_dec: Don't memset twice Andreas Rheinhardt
2023-09-30 18:02 ` [FFmpeg-devel] [PATCH 3/4] avcodec/mpegvideo_dec: Remove commented-out legacy cruft Andreas Rheinhardt
2023-10-01 20:29 ` Michael Niedermayer
2023-09-30 18:02 ` [FFmpeg-devel] [PATCH 4/4] avcodec/h264_slice: Don't keep AVCodecContext props in sync manually Andreas Rheinhardt
2023-10-02 10:51 ` [FFmpeg-devel] [PATCH 5/8] avcodec/mpeg12dec: Don't initialize IDCT more than once Andreas Rheinhardt
2023-10-03 22:14 ` Andreas Rheinhardt
2023-10-02 10:52 ` Andreas Rheinhardt [this message]
2023-10-02 10:52 ` [FFmpeg-devel] [PATCH 7/8] avcodec/mpegvideo_dec: Always initialize IDCTDSPContext during init Andreas Rheinhardt
2023-10-02 10:52 ` [FFmpeg-devel] [PATCH 8/8] avcodec/h263dec, mpeg4videodec: Parse extradata " Andreas Rheinhardt
2023-10-02 23:39 ` [FFmpeg-devel] [PATCH 1/4] avcodec/mpegvideo_dec: Check for existence of planes before accesses Andreas Rheinhardt
2023-10-03 16:04 ` [FFmpeg-devel] [PATCH 09/12] avcodec/rv10: Remove dead code Andreas Rheinhardt
2023-10-04 17:28 ` Michael Niedermayer
2023-10-03 16:04 ` [FFmpeg-devel] [PATCH 10/12] avcodec/rv10: Replace switch by LUT Andreas Rheinhardt
2023-10-04 17:27 ` Michael Niedermayer
2023-10-06 1:42 ` Vittorio Giovara
2023-10-06 2:03 ` Andreas Rheinhardt
2023-10-07 16:44 ` Michael Niedermayer
2023-10-03 16:04 ` [FFmpeg-devel] [PATCH 11/12] avcodec/h261dec, mpeg12dec, vc1dec: Remove setting write-only flags Andreas Rheinhardt
2023-10-04 17:26 ` Michael Niedermayer
2023-10-03 16:04 ` [FFmpeg-devel] [PATCH 12/12] avcodec/mpegvideo: Move allocating new_picture to the encoder Andreas Rheinhardt
2023-10-06 2:21 ` Andreas Rheinhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=AS8P250MB074463C6D8BC4A1A57568A158FC5A@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM \
--to=andreas.rheinhardt@outlook.com \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git