From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: [FFmpeg-devel] [PATCH 1/3] avcodec/h261enc: Don't use (size_t)-1
Date: Mon, 17 Mar 2025 11:54:15 +0100
Message-ID: <AS8P250MB07446AB33E107241BE745F768FDF2@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM> (raw)
[-- Attachment #1: Type: text/plain, Size: 29 bytes --]
Patches attached.
- Andreas
[-- Attachment #2: 0001-avcodec-h261enc-Don-t-use-size_t-1.patch --]
[-- Type: text/x-patch, Size: 1125 bytes --]
From b5391a5fc9049addae418073393765703ecbbf9a Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Mon, 17 Mar 2025 09:53:42 +0100
Subject: [PATCH 1/3] avcodec/h261enc: Don't use (size_t)-1
Fixes "runtime error: addition of unsigned offset to 0x765a09523a90
overflowed to 0x765a09523a8e". This fixes all H.261 tests when run
under UBsan.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
libavcodec/h261enc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/h261enc.c b/libavcodec/h261enc.c
index 36436ee60f..5e6d5d1f9c 100644
--- a/libavcodec/h261enc.c
+++ b/libavcodec/h261enc.c
@@ -337,7 +337,7 @@ static av_cold void h261_encode_init_static(void)
uni_h261_rl_len_last[UNI_AC_ENC_INDEX(run, 64 - level)] = len + 2;
}
- for (size_t i = 1;; i++) {
+ for (ptrdiff_t i = 1;; i++) {
// sign-one MV codes; diff -16..-1, 16..31
mv_codes[32 - i][0] = mv_codes[-i][0] = (ff_h261_mv_tab[i][0] << 1) | 1 /* sign */;
mv_codes[32 - i][1] = mv_codes[-i][1] = ff_h261_mv_tab[i][1] + 1;
--
2.45.2
[-- Attachment #3: 0002-avcodec-snow-Don-t-add-to-NULL.patch --]
[-- Type: text/x-patch, Size: 994 bytes --]
From dfd7b0149620e6b3540e4825382dc13dfd6318df Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Mon, 17 Mar 2025 09:59:36 +0100
Subject: [PATCH 2/3] avcodec/snow: Don't add to NULL
It is undefined behavior.
Fixes "runtime error: applying non-zero offset 8 to null pointer".
Fixes the Snow vsynth FATE-tests.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
libavcodec/snow.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libavcodec/snow.h b/libavcodec/snow.h
index ff7ebc1c58..9b19e70bd5 100644
--- a/libavcodec/snow.h
+++ b/libavcodec/snow.h
@@ -272,7 +272,8 @@ static av_always_inline void add_yblock(SnowContext *s, int sliced, slice_buffer
if(!sliced && offset_dst)
dst += src_x + src_y*dst_stride;
- dst8+= src_x + src_y*src_stride;
+ if (sliced || add)
+ dst8+= src_x + src_y*src_stride;
// src += src_x + src_y*src_stride;
ptmp= tmp + 3*tmp_step;
--
2.45.2
[-- Attachment #4: 0003-avcodec-svq1enc-Don-t-add-to-NULL.patch --]
[-- Type: text/x-patch, Size: 1424 bytes --]
From 4b54469109031ea5017491f3c1e96d439ad58eac Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Mon, 17 Mar 2025 10:10:32 +0100
Subject: [PATCH 3/3] avcodec/svq1enc: Don't add to NULL
It is undefined behavior. Pass a dummy buffer instead.
Fixes "runtime error: applying non-zero offset 1024 to null pointer".
affected the SVQ1 vsynth FATE tests.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
libavcodec/svq1enc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/svq1enc.c b/libavcodec/svq1enc.c
index 40e3fd0045..cf0ab64d79 100644
--- a/libavcodec/svq1enc.c
+++ b/libavcodec/svq1enc.c
@@ -444,8 +444,8 @@ static int svq1_encode_plane(SVQ1EncContext *s, int plane,
put_bits(&s->reorder_pb[5], SVQ1_BLOCK_INTRA_LEN, SVQ1_BLOCK_INTRA_CODE);
score[0] = SVQ1_BLOCK_INTRA_LEN * lambda;
}
- score[0] += encode_block(s, src + 16 * x, NULL, temp, stride,
- 5, 64, lambda, 1);
+ score[0] += encode_block(s, src + 16 * x, src + 16 * x /* unused */,
+ temp, stride, 5, 64, lambda, 1);
for (i = 0; i < 6; i++) {
count[0][i] = put_bits_count(&s->reorder_pb[i]);
flush_put_bits(&s->reorder_pb[i]);
--
2.45.2
[-- Attachment #5: Type: text/plain, Size: 251 bytes --]
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
reply other threads:[~2025-03-17 10:54 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=AS8P250MB07446AB33E107241BE745F768FDF2@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM \
--to=andreas.rheinhardt@outlook.com \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git