From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org> Subject: [FFmpeg-devel] [PATCH 1/3] avcodec/h261enc: Don't use (size_t)-1 Date: Mon, 17 Mar 2025 11:54:15 +0100 Message-ID: <AS8P250MB07446AB33E107241BE745F768FDF2@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM> (raw) [-- Attachment #1: Type: text/plain, Size: 29 bytes --] Patches attached. - Andreas [-- Attachment #2: 0001-avcodec-h261enc-Don-t-use-size_t-1.patch --] [-- Type: text/x-patch, Size: 1125 bytes --] From b5391a5fc9049addae418073393765703ecbbf9a Mon Sep 17 00:00:00 2001 From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> Date: Mon, 17 Mar 2025 09:53:42 +0100 Subject: [PATCH 1/3] avcodec/h261enc: Don't use (size_t)-1 Fixes "runtime error: addition of unsigned offset to 0x765a09523a90 overflowed to 0x765a09523a8e". This fixes all H.261 tests when run under UBsan. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> --- libavcodec/h261enc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/h261enc.c b/libavcodec/h261enc.c index 36436ee60f..5e6d5d1f9c 100644 --- a/libavcodec/h261enc.c +++ b/libavcodec/h261enc.c @@ -337,7 +337,7 @@ static av_cold void h261_encode_init_static(void) uni_h261_rl_len_last[UNI_AC_ENC_INDEX(run, 64 - level)] = len + 2; } - for (size_t i = 1;; i++) { + for (ptrdiff_t i = 1;; i++) { // sign-one MV codes; diff -16..-1, 16..31 mv_codes[32 - i][0] = mv_codes[-i][0] = (ff_h261_mv_tab[i][0] << 1) | 1 /* sign */; mv_codes[32 - i][1] = mv_codes[-i][1] = ff_h261_mv_tab[i][1] + 1; -- 2.45.2 [-- Attachment #3: 0002-avcodec-snow-Don-t-add-to-NULL.patch --] [-- Type: text/x-patch, Size: 994 bytes --] From dfd7b0149620e6b3540e4825382dc13dfd6318df Mon Sep 17 00:00:00 2001 From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> Date: Mon, 17 Mar 2025 09:59:36 +0100 Subject: [PATCH 2/3] avcodec/snow: Don't add to NULL It is undefined behavior. Fixes "runtime error: applying non-zero offset 8 to null pointer". Fixes the Snow vsynth FATE-tests. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> --- libavcodec/snow.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libavcodec/snow.h b/libavcodec/snow.h index ff7ebc1c58..9b19e70bd5 100644 --- a/libavcodec/snow.h +++ b/libavcodec/snow.h @@ -272,7 +272,8 @@ static av_always_inline void add_yblock(SnowContext *s, int sliced, slice_buffer if(!sliced && offset_dst) dst += src_x + src_y*dst_stride; - dst8+= src_x + src_y*src_stride; + if (sliced || add) + dst8+= src_x + src_y*src_stride; // src += src_x + src_y*src_stride; ptmp= tmp + 3*tmp_step; -- 2.45.2 [-- Attachment #4: 0003-avcodec-svq1enc-Don-t-add-to-NULL.patch --] [-- Type: text/x-patch, Size: 1424 bytes --] From 4b54469109031ea5017491f3c1e96d439ad58eac Mon Sep 17 00:00:00 2001 From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> Date: Mon, 17 Mar 2025 10:10:32 +0100 Subject: [PATCH 3/3] avcodec/svq1enc: Don't add to NULL It is undefined behavior. Pass a dummy buffer instead. Fixes "runtime error: applying non-zero offset 1024 to null pointer". affected the SVQ1 vsynth FATE tests. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com> --- libavcodec/svq1enc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libavcodec/svq1enc.c b/libavcodec/svq1enc.c index 40e3fd0045..cf0ab64d79 100644 --- a/libavcodec/svq1enc.c +++ b/libavcodec/svq1enc.c @@ -444,8 +444,8 @@ static int svq1_encode_plane(SVQ1EncContext *s, int plane, put_bits(&s->reorder_pb[5], SVQ1_BLOCK_INTRA_LEN, SVQ1_BLOCK_INTRA_CODE); score[0] = SVQ1_BLOCK_INTRA_LEN * lambda; } - score[0] += encode_block(s, src + 16 * x, NULL, temp, stride, - 5, 64, lambda, 1); + score[0] += encode_block(s, src + 16 * x, src + 16 * x /* unused */, + temp, stride, 5, 64, lambda, 1); for (i = 0; i < 6; i++) { count[0][i] = put_bits_count(&s->reorder_pb[i]); flush_put_bits(&s->reorder_pb[i]); -- 2.45.2 [-- Attachment #5: Type: text/plain, Size: 251 bytes --] _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
reply other threads:[~2025-03-17 10:54 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=AS8P250MB07446AB33E107241BE745F768FDF2@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM \ --to=andreas.rheinhardt@outlook.com \ --cc=ffmpeg-devel@ffmpeg.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel This inbox may be cloned and mirrored by anyone: git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \ ffmpegdev@gitmailbox.com public-inbox-index ffmpegdev Example config snippet for mirrors. AGPL code for this site: git clone https://public-inbox.org/public-inbox.git