Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
 help / color / mirror / Atom feed
* [FFmpeg-devel] [PATCH 1/3] avcodec/h261enc: Don't use (size_t)-1
@ 2025-03-17 10:54 Andreas Rheinhardt
  0 siblings, 0 replies; only message in thread
From: Andreas Rheinhardt @ 2025-03-17 10:54 UTC (permalink / raw)
  To: FFmpeg development discussions and patches

[-- Attachment #1: Type: text/plain, Size: 29 bytes --]

Patches attached.

- Andreas

[-- Attachment #2: 0001-avcodec-h261enc-Don-t-use-size_t-1.patch --]
[-- Type: text/x-patch, Size: 1125 bytes --]

From b5391a5fc9049addae418073393765703ecbbf9a Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Mon, 17 Mar 2025 09:53:42 +0100
Subject: [PATCH 1/3] avcodec/h261enc: Don't use (size_t)-1

Fixes "runtime error: addition of unsigned offset to 0x765a09523a90
overflowed to 0x765a09523a8e". This fixes all H.261 tests when run
under UBsan.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
 libavcodec/h261enc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/h261enc.c b/libavcodec/h261enc.c
index 36436ee60f..5e6d5d1f9c 100644
--- a/libavcodec/h261enc.c
+++ b/libavcodec/h261enc.c
@@ -337,7 +337,7 @@ static av_cold void h261_encode_init_static(void)
         uni_h261_rl_len_last[UNI_AC_ENC_INDEX(run, 64 - level)] = len + 2;
     }
 
-    for (size_t i = 1;; i++) {
+    for (ptrdiff_t i = 1;; i++) {
         // sign-one MV codes; diff -16..-1, 16..31
         mv_codes[32 - i][0] = mv_codes[-i][0] = (ff_h261_mv_tab[i][0] << 1) | 1 /* sign */;
         mv_codes[32 - i][1] = mv_codes[-i][1] = ff_h261_mv_tab[i][1] + 1;
-- 
2.45.2


[-- Attachment #3: 0002-avcodec-snow-Don-t-add-to-NULL.patch --]
[-- Type: text/x-patch, Size: 994 bytes --]

From dfd7b0149620e6b3540e4825382dc13dfd6318df Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Mon, 17 Mar 2025 09:59:36 +0100
Subject: [PATCH 2/3] avcodec/snow: Don't add to NULL

It is undefined behavior.
Fixes "runtime error: applying non-zero offset 8 to null pointer".
Fixes the Snow vsynth FATE-tests.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
 libavcodec/snow.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libavcodec/snow.h b/libavcodec/snow.h
index ff7ebc1c58..9b19e70bd5 100644
--- a/libavcodec/snow.h
+++ b/libavcodec/snow.h
@@ -272,7 +272,8 @@ static av_always_inline void add_yblock(SnowContext *s, int sliced, slice_buffer
 
     if(!sliced && offset_dst)
         dst += src_x + src_y*dst_stride;
-    dst8+= src_x + src_y*src_stride;
+    if (sliced || add)
+        dst8+= src_x + src_y*src_stride;
 //    src += src_x + src_y*src_stride;
 
     ptmp= tmp + 3*tmp_step;
-- 
2.45.2


[-- Attachment #4: 0003-avcodec-svq1enc-Don-t-add-to-NULL.patch --]
[-- Type: text/x-patch, Size: 1424 bytes --]

From 4b54469109031ea5017491f3c1e96d439ad58eac Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Mon, 17 Mar 2025 10:10:32 +0100
Subject: [PATCH 3/3] avcodec/svq1enc: Don't add to NULL

It is undefined behavior. Pass a dummy buffer instead.
Fixes "runtime error: applying non-zero offset 1024 to null pointer".
affected the SVQ1 vsynth FATE tests.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
 libavcodec/svq1enc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavcodec/svq1enc.c b/libavcodec/svq1enc.c
index 40e3fd0045..cf0ab64d79 100644
--- a/libavcodec/svq1enc.c
+++ b/libavcodec/svq1enc.c
@@ -444,8 +444,8 @@ static int svq1_encode_plane(SVQ1EncContext *s, int plane,
                     put_bits(&s->reorder_pb[5], SVQ1_BLOCK_INTRA_LEN, SVQ1_BLOCK_INTRA_CODE);
                     score[0] = SVQ1_BLOCK_INTRA_LEN * lambda;
                 }
-                score[0] += encode_block(s, src + 16 * x, NULL, temp, stride,
-                                         5, 64, lambda, 1);
+                score[0] += encode_block(s, src + 16 * x, src + 16 * x /* unused */,
+                                         temp, stride, 5, 64, lambda, 1);
                 for (i = 0; i < 6; i++) {
                     count[0][i] = put_bits_count(&s->reorder_pb[i]);
                     flush_put_bits(&s->reorder_pb[i]);
-- 
2.45.2


[-- Attachment #5: Type: text/plain, Size: 251 bytes --]

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2025-03-17 10:54 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-03-17 10:54 [FFmpeg-devel] [PATCH 1/3] avcodec/h261enc: Don't use (size_t)-1 Andreas Rheinhardt

Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
		ffmpegdev@gitmailbox.com
	public-inbox-index ffmpegdev

Example config snippet for mirrors.


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git