From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 5FFBF4B50C for ; Sun, 7 Jul 2024 19:12:18 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id D4CDD68DBEF; Sun, 7 Jul 2024 22:12:15 +0300 (EEST) Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05olkn2086.outbound.protection.outlook.com [40.92.89.86]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 4F44C68D9D8 for ; Sun, 7 Jul 2024 22:12:10 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=l1fY5EH7g+f7cH7azTwZXyDpMAHZPYsk6MsumLe98H+LVmq6XvmRkkuX/+jfKjVZteoGTtP8+dVBfN09VKDWpPaJw5psPLVJBTTa02vposBBsF/L/v9BrSjsTUnNG6wkF9s5ajrNT3vtlNM3J/O2u8bz1VHxl1CK/98tCaMNyCbLvmQkinyMZu2FsCyZbFb1JxYzu32urE0HC1BsbwFzOzyjsjYvXApjrT3FdrVLASx7/OVeYQjOSgyqFUP/37U83BU5lk57tDqA0cCfwd025Vx+Fuk8q5gp+biG5CtkXQtpadlZBo/QA+9NvO1wprgE0MgB6OKC0BaNnf8Xb5+JKw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TacuqoWFVqs0NW1dsk2IVJnQd7bXM70uYrCJiPPUPIY=; b=lqm8wpoIfM9nJxoc9380VEGztFj8xdqCzur0Few6H1kKW+fQhzBx7oaxI33II/pilHdchC3qUlIcFEYqYRccqC5qYeTy8IfCMZ9tyRDQrxeSyHtI28aCwzXalBuwvDuZnrqKXYKygrPAzNIadDCBgHiOsDkTFt919GznNZAjjwusGMyNgwppLM10aft12YSEYrkgRQ1n9W2TlRvXZ/wwVSQR43mq6ssIREMMRzlEi7pI4/PNgmgd7PQVBuaJalV7+oxesslQb1Fuj+WqlC6Kdx+9/fUw+luvDkRKd4l80UlvJKWMX+NXOxpAaPI7vkkAsmIaZ1L+sWdBVJJXG3dfVA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TacuqoWFVqs0NW1dsk2IVJnQd7bXM70uYrCJiPPUPIY=; b=vS7OAMFbQuumuGCVVYQG6GdGI969kHYAQjJBVpjZrP9wHGE2KD6xVGELtiY3tYGZABCr0dD3hfJrS/zbraIFZ2MWF2xXcqHjTs8jI3QpfoEw/PKh+PyUNW0f3gAZ3XlzVRJT4e4nfUO/ILfx/gDFyMALriqbf90OlP2joCI8KFFHkns3jGglXvYxnCZ/Giw9c02mA/wmsB9fYvXwIjTePuXD2+3Lvot+oUBU7/EsCyow+IwGUm9BF0euoLn+o8b7exZjjgqTQzDu0vcarjlrN4Q25msTu652xX8cO89FfVhr5Sru6C6xifDFo3SK2JeVRmVVqpGf8PGxedxiP0/5Ag== Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) by DU2P250MB0254.EURP250.PROD.OUTLOOK.COM (2603:10a6:10:27a::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7741.31; Sun, 7 Jul 2024 19:12:08 +0000 Received: from AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::384d:40d4:ecb7:1c9]) by AS8P250MB0744.EURP250.PROD.OUTLOOK.COM ([fe80::384d:40d4:ecb7:1c9%4]) with mapi id 15.20.7741.017; Sun, 7 Jul 2024 19:12:08 +0000 Message-ID: Date: Sun, 7 Jul 2024 21:12:06 +0200 User-Agent: Mozilla Thunderbird To: ffmpeg-devel@ffmpeg.org References: <20240707184729.3525852-1-michael@niedermayer.cc> <20240707184729.3525852-6-michael@niedermayer.cc> Content-Language: en-US From: Andreas Rheinhardt In-Reply-To: X-TMN: [+iQm0GveZt1rMC+mr11ZzHSUSS8FDg2miNwDegGkhek=] X-ClientProxiedBy: ZR0P278CA0172.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:45::6) To AS8P250MB0744.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:541::14) X-Microsoft-Original-Message-ID: <5395c7cb-34a1-4de0-b92f-ef2d275d6907@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS8P250MB0744:EE_|DU2P250MB0254:EE_ X-MS-Office365-Filtering-Correlation-Id: 0385906d-1b46-4976-f51a-08dc9eb8b282 X-Microsoft-Antispam: BCL:0; ARA:14566002|19110799003|461199028|8060799006|56899033|3412199025|440099028; X-Microsoft-Antispam-Message-Info: vN6gUbNPi49Bgu9KYFUzHTYnJt6UVCtG/xJW6qGVSbm93OaJstBD/XSaIa6eKq0ZZQZRkFbQGAP4japPBMUGJhrGUh+5hIj/KyMH3auXOLvSz/xwlRrCTzbUFT7CAOO8A2EhysoAqW7newQJHpnk96OiWezw6GED6ap+pyDymuAUpeQkkcdSp26BSNwRAS+dZjNlWh9VV7+GAdXvdi4V1UGiIb/GpLTPZABO9BX9NeQWZDNJ1d/i0ZOHElzHlrv3bx1UwYhjALsRNU8DS9BKMRBzAvs68RUp7Zt43q848BbLs8psWnjplNXEWjmnbLU1AKy1lhGwha/Yr4fDPc2QQSrbB6MnWA/cqoOVUt4KzdNWaGi06BosinsQ113PIJ6L040OHdHsTXtfoRtiXQRGbmCIqMs60lnEU85LupZNPNyqgD6PDW+zbuyV1Ed6oFaIU/z0RkHQ97cEnuu0suc0rzIyLb1/xAqytGcvuUt1NCvdMGQ/pf1BkB/oV0BrlD/JUcue3v+CVuAkO9a5hsGgCHDjsJ+KTYOf7me3TkKbWFU0WS3JklsxfyoCPunrJK6sJXrlf0a+vRXWQGc6GzDdBUqA4LKYRRyuc9BoJmYNrkQsBZmQgtfxDiFNaut51nZH1aUZRmxhDkganZ+Cankjlw== X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?Z25TSThVR3E2VXFEUkVLNGNGZDVnLzRDdzE1SzVEdVMzem9KT01ZNGZJT1F3?= =?utf-8?B?bEJ1RmVmMS9RRC9JUEhteStRRkEzZjg0bnk2UUY3amgrMDYvQXVNWE9WVU5q?= =?utf-8?B?Q3lIREZvb0p5MFNRMG9OT29sNDZuYU8zekhXWC9rS1dtUzJ2NTNPNDlTdTcx?= =?utf-8?B?ekp3QkFiN1lBWmFFZG1wSzNGek03a2VjRGJ0K3F2L0lsUmdOVFFQK0tuVVgw?= =?utf-8?B?WXNkOWZlTGJxV0RrY3l3dm56T1c0bHROVklCcks5aFNyK0x5ZUI5ZGFudE83?= =?utf-8?B?dkltVGRzeUVXZzlESnduZGZabmFrTGF1NDR3VkpDcldCeERLQlFnK3o1VEJQ?= =?utf-8?B?Vy9qbXdHZlpraW91dkR0bUdhNlVKTlVURW1Gd1J6ZEY1L01sZVVDRDNIOXpJ?= =?utf-8?B?bnplOUg4RDIvQ3pOY24vdjZpcTlnbkYrWG9hRkNlVExYWDRVdDhBUFVBc2tW?= =?utf-8?B?bG9JeTNLRkpKQ0RVck00MVp6azlxR0I0MmFPbnlSU1lXL2syRERlV1ZoMWlR?= =?utf-8?B?NXdkbStTVTM0YnJBaTFId0IyWG9hMU5tVThtNTVJN0cvalUzTnFQdVhzYWJ2?= =?utf-8?B?dUxZVEljakQyY0dHNkZ3bzJSRUFpeS95RlRUN0JGWHVsY1JYN1RtanBsUXlS?= =?utf-8?B?bTl3aUl3bEJiZXI5S2wrZ0w2aWpXNkdWa0RhTU81b1pjc1VRNHVqV3VGWHFX?= =?utf-8?B?Tk0vOVh4NU1oOWdsTDhqTGNnVldHcFhySHU0VkE5TndmdTdEb3RtN0UrZWVn?= =?utf-8?B?ZGNIdWtzc2FoQkd1ZnVsUkRNR1BXb3JDRlFwckpMSERwNWVIRDdKV1B0WHpp?= =?utf-8?B?UlN1TUZGSVJ5Z25oRVpwaTduU0JRMDZQeUJ2b3ZIbGdaVUJ2SUNSV1hJVFN4?= =?utf-8?B?ZW9qQlA3UWJ3eTYySExyM2I4SWdzYUpSWkR2bU5TTm0xZHc4ZDZaT2dnMW9D?= =?utf-8?B?Z0hQTllKOWI0bC95RGl3V0ljdWZHbDM2dmJFRTI0YWc3MlNMWTFaNTFUUk8w?= =?utf-8?B?REhJc21MTmU3SFFDMTB1UXJNS0lMRnhINWRJOTF6SFZWUTVOQnJOU0w2Q0dk?= =?utf-8?B?d0NuenBhMFRnalVwQy9xQ3pQSTkzdXhIVi9YdGJIdjFhVitFMnBKYUVUT2Fz?= =?utf-8?B?bzRoSFZLLzltMkNFeVJzbnBSUDQ4bHJ6cncrcjNyZ2JqQXBqYTAwbC9DREVZ?= =?utf-8?B?TWZFbnR2NzVwemJpbEN4RysyZjJVbGFJYi9xakhiQW1ZeGFqekd6SkZNbk5F?= =?utf-8?B?N0sya3ozNUJMWHRvdm9HZDBhek1QNXhEV0RLeldNSExLZFJabzFGbnVUSXNp?= =?utf-8?B?a0xJcXRnSnRoNjZ6RDdoeEVxY0pNb203NWZDNUR6a1A3STc2dVVocXpwT2Na?= =?utf-8?B?eElDdE9kc3RXMzRxNFUrclNtZTFSN084bDZCQVRPSjlqT1lxanBxOWZrYlBr?= =?utf-8?B?dllzQnMycmNWZ2dJd1ZDZDZiSXRMK1FYb0k2MElWclBYcTc0dTJFUzBobjhW?= =?utf-8?B?ak9PSzB4Ujh0dXk0eXhTcW1FWUVCVkEzQkpXOUpDRjY4UXpKalE4K01TeHVS?= =?utf-8?B?VkZmRDFTVThoMzNjWWhHZUFtRi9KbEpBTFNud0ZuekNBZm1GQ3NhZS9nam9V?= =?utf-8?B?R01ZSk9kbkpqZXlQeEx3UTIrTDhDRnVEV0lHTjg1SHhLV3lGMlhGN0wxeVpv?= =?utf-8?B?cDk1dEFocDJCdmZBVHQzNmozeWJMYUVoMUNNaTlQQkd6b05BTnBiZFRRPT0=?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0385906d-1b46-4976-f51a-08dc9eb8b282 X-MS-Exchange-CrossTenant-AuthSource: AS8P250MB0744.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jul 2024 19:12:08.8541 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2P250MB0254 Subject: Re: [FFmpeg-devel] [PATCH 6/6] avfilter/af_surround: Check av_channel_layout_channel_from_index() stays within the fixed array used X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Andreas Rheinhardt: > Michael Niedermayer: >> Fixes: CID1516994 Out-of-bounds access >> Fixes: CID1516996 Out-of-bounds access >> Fixes: CID1516999 Out-of-bounds access >> >> Sponsored-by: Sovereign Tech Fund >> Signed-off-by: Michael Niedermayer >> --- >> libavfilter/af_surround.c | 3 +++ >> 1 file changed, 3 insertions(+) >> >> diff --git a/libavfilter/af_surround.c b/libavfilter/af_surround.c >> index e37dddc3614..fab39a37ea9 100644 >> --- a/libavfilter/af_surround.c >> +++ b/libavfilter/af_surround.c >> @@ -269,6 +269,9 @@ static int config_output(AVFilterLink *outlink) >> >> for (int ch = 0; ch < outlink->ch_layout.nb_channels; ch++) { >> float iscale = 1.f; >> + const int chan = av_channel_layout_channel_from_index(&s->out_ch_layout, ch); >> + if (chan >= FF_ARRAY_ELEMS(sc_map)) >> + return AVERROR_PATCHWELCOME; >> >> ret = av_tx_init(&s->irdft[ch], &s->itx_fn, AV_TX_FLOAT_RDFT, >> 1, s->win_size, &iscale, 0); > > Can this happen? > Apart from that: I think you are mistaken when you believe that this will "fix" the issue. Coverity will not think that these issues are fixed even with this check. - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".