Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
 help / color / mirror / Atom feed
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
To: ffmpeg-devel@ffmpeg.org
Cc: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Subject: [FFmpeg-devel] [PATCH 3/3] avcodec/cbs_h2645: Avoid function pointer casts, fix UB
Date: Thu, 22 Feb 2024 00:32:09 +0100
Message-ID: <AS8P250MB0744E65CD5B170149DC0BB8D8F572@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <AS8P250MB074446B5FF80C55BDD6B41DB8F572@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM>

The SEI message read/write functions are called
via function pointers where the SEI message-specific
context is passed as void*. But the actual function
definitions use a pointer to their proper context
in place of void*, making the calls undefined behaviour.
Clang UBSan 17 warns about this.

This commit fixes this by making the functions match
the type of the call. This reduced the number of failing
FATE tests with UBSan from 164 to 85 here.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
 libavcodec/cbs_h264_syntax_template.c | 24 ++++++++++-----------
 libavcodec/cbs_h265_syntax_template.c | 31 +++++++++++++++++----------
 libavcodec/cbs_h266_syntax_template.c |  6 +++---
 libavcodec/cbs_sei.h                  |  8 +++----
 libavcodec/cbs_sei_syntax_template.c  | 23 ++++++++++++--------
 5 files changed, 52 insertions(+), 40 deletions(-)

diff --git a/libavcodec/cbs_h264_syntax_template.c b/libavcodec/cbs_h264_syntax_template.c
index 0f8bba4a0d..282cd24292 100644
--- a/libavcodec/cbs_h264_syntax_template.c
+++ b/libavcodec/cbs_h264_syntax_template.c
@@ -511,9 +511,9 @@ static int FUNC(pps)(CodedBitstreamContext *ctx, RWContext *rw,
 }
 
 static int FUNC(sei_buffering_period)(CodedBitstreamContext *ctx, RWContext *rw,
-                                      H264RawSEIBufferingPeriod *current,
-                                      SEIMessageState *sei)
+                                      void *current_, SEIMessageState *sei)
 {
+    H264RawSEIBufferingPeriod *current = current_;
     CodedBitstreamH264Context *h264 = ctx->priv_data;
     const H264RawSPS *sps;
     int err, i, length;
@@ -605,9 +605,9 @@ static int FUNC(sei_pic_timestamp)(CodedBitstreamContext *ctx, RWContext *rw,
 }
 
 static int FUNC(sei_pic_timing)(CodedBitstreamContext *ctx, RWContext *rw,
-                                H264RawSEIPicTiming *current,
-                                SEIMessageState *sei)
+                                void *current_, SEIMessageState *sei)
 {
+    H264RawSEIPicTiming *current = current_;
     CodedBitstreamH264Context *h264 = ctx->priv_data;
     const H264RawSPS *sps;
     int err;
@@ -677,9 +677,9 @@ static int FUNC(sei_pic_timing)(CodedBitstreamContext *ctx, RWContext *rw,
 }
 
 static int FUNC(sei_pan_scan_rect)(CodedBitstreamContext *ctx, RWContext *rw,
-                                   H264RawSEIPanScanRect *current,
-                                   SEIMessageState *sei)
+                                   void *current_, SEIMessageState *sei)
 {
+    H264RawSEIPanScanRect *current = current_;
     int err, i;
 
     HEADER("Pan-Scan Rectangle");
@@ -704,9 +704,9 @@ static int FUNC(sei_pan_scan_rect)(CodedBitstreamContext *ctx, RWContext *rw,
 }
 
 static int FUNC(sei_recovery_point)(CodedBitstreamContext *ctx, RWContext *rw,
-                                    H264RawSEIRecoveryPoint *current,
-                                    SEIMessageState *sei)
+                                    void *current_, SEIMessageState *sei)
 {
+    H264RawSEIRecoveryPoint *current = current_;
     int err;
 
     HEADER("Recovery Point");
@@ -720,9 +720,9 @@ static int FUNC(sei_recovery_point)(CodedBitstreamContext *ctx, RWContext *rw,
 }
 
 static int FUNC(film_grain_characteristics)(CodedBitstreamContext *ctx, RWContext *rw,
-                                            H264RawFilmGrainCharacteristics *current,
-                                            SEIMessageState *state)
+                                            void *current_, SEIMessageState *state)
 {
+    H264RawFilmGrainCharacteristics *current = current_;
     CodedBitstreamH264Context *h264 = ctx->priv_data;
     const H264RawSPS *sps;
     int err, c, i, j;
@@ -803,9 +803,9 @@ static int FUNC(film_grain_characteristics)(CodedBitstreamContext *ctx, RWContex
 }
 
 static int FUNC(sei_display_orientation)(CodedBitstreamContext *ctx, RWContext *rw,
-                                         H264RawSEIDisplayOrientation *current,
-                                         SEIMessageState *sei)
+                                         void *current_, SEIMessageState *sei)
 {
+    H264RawSEIDisplayOrientation *current = current_;
     int err;
 
     HEADER("Display Orientation");
diff --git a/libavcodec/cbs_h265_syntax_template.c b/libavcodec/cbs_h265_syntax_template.c
index 2d4b954718..53ae0cabff 100644
--- a/libavcodec/cbs_h265_syntax_template.c
+++ b/libavcodec/cbs_h265_syntax_template.c
@@ -1620,8 +1620,9 @@ static int FUNC(slice_segment_header)(CodedBitstreamContext *ctx, RWContext *rw,
 
 static int FUNC(sei_buffering_period)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     H265RawSEIBufferingPeriod *current, SEIMessageState *sei)
+     void *current_, SEIMessageState *sei)
 {
+    H265RawSEIBufferingPeriod *current = current_;
     CodedBitstreamH265Context *h265 = ctx->priv_data;
     const H265RawSPS *sps;
     const H265RawHRDParameters *hrd;
@@ -1730,8 +1731,9 @@ static int FUNC(sei_buffering_period)
 
 static int FUNC(sei_pic_timing)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     H265RawSEIPicTiming *current, SEIMessageState *sei)
+     void *current_, SEIMessageState *sei)
 {
+    H265RawSEIPicTiming *current = current_;
     CodedBitstreamH265Context *h265 = ctx->priv_data;
     const H265RawSPS *sps;
     const H265RawHRDParameters *hrd;
@@ -1806,8 +1808,9 @@ static int FUNC(sei_pic_timing)
 
 static int FUNC(sei_pan_scan_rect)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     H265RawSEIPanScanRect *current, SEIMessageState *sei)
+     void *current_, SEIMessageState *sei)
 {
+    H265RawSEIPanScanRect *current = current_;
     int err, i;
 
     HEADER("Pan-Scan Rectangle");
@@ -1833,8 +1836,9 @@ static int FUNC(sei_pan_scan_rect)
 
 static int FUNC(sei_recovery_point)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     H265RawSEIRecoveryPoint *current, SEIMessageState *sei)
+     void *current_, SEIMessageState *sei)
 {
+    H265RawSEIRecoveryPoint *current = current_;
     int err;
 
     HEADER("Recovery Point");
@@ -1848,9 +1852,9 @@ static int FUNC(sei_recovery_point)
 }
 
 static int FUNC(film_grain_characteristics)(CodedBitstreamContext *ctx, RWContext *rw,
-                                            H265RawFilmGrainCharacteristics *current,
-                                            SEIMessageState *state)
+                                            void *current_, SEIMessageState *state)
 {
+    H265RawFilmGrainCharacteristics *current = current_;
     CodedBitstreamH265Context *h265 = ctx->priv_data;
     const H265RawSPS *sps = h265->active_sps;
     int err, c, i, j;
@@ -1914,8 +1918,9 @@ static int FUNC(film_grain_characteristics)(CodedBitstreamContext *ctx, RWContex
 
 static int FUNC(sei_display_orientation)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     H265RawSEIDisplayOrientation *current, SEIMessageState *sei)
+     void *current_, SEIMessageState *sei)
 {
+    H265RawSEIDisplayOrientation *current = current_;
     int err;
 
     HEADER("Display Orientation");
@@ -1933,8 +1938,9 @@ static int FUNC(sei_display_orientation)
 
 static int FUNC(sei_active_parameter_sets)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     H265RawSEIActiveParameterSets *current, SEIMessageState *sei)
+     void *current_, SEIMessageState *sei)
 {
+    H265RawSEIActiveParameterSets *current = current_;
     CodedBitstreamH265Context *h265 = ctx->priv_data;
     const H265RawVPS *vps;
     int err, i;
@@ -1970,8 +1976,9 @@ static int FUNC(sei_active_parameter_sets)
 
 static int FUNC(sei_decoded_picture_hash)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     H265RawSEIDecodedPictureHash *current, SEIMessageState *sei)
+     void *current_, SEIMessageState *sei)
 {
+    H265RawSEIDecodedPictureHash *current = current_;
     CodedBitstreamH265Context *h265 = ctx->priv_data;
     const H265RawSPS *sps = h265->active_sps;
     int err, c, i;
@@ -2002,8 +2009,9 @@ static int FUNC(sei_decoded_picture_hash)
 
 static int FUNC(sei_time_code)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     H265RawSEITimeCode *current, SEIMessageState *sei)
+     void *current_, SEIMessageState *sei)
 {
+    H265RawSEITimeCode *current = current_;
     int err, i;
 
     HEADER("Time Code");
@@ -2053,8 +2061,9 @@ static int FUNC(sei_time_code)
 
 static int FUNC(sei_alpha_channel_info)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     H265RawSEIAlphaChannelInfo *current, SEIMessageState *sei)
+     void *current_, SEIMessageState *sei)
 {
+    H265RawSEIAlphaChannelInfo *current = current_;
     int err, length;
 
     HEADER("Alpha Channel Information");
diff --git a/libavcodec/cbs_h266_syntax_template.c b/libavcodec/cbs_h266_syntax_template.c
index e75f2f6971..8a2adeb9e4 100644
--- a/libavcodec/cbs_h266_syntax_template.c
+++ b/libavcodec/cbs_h266_syntax_template.c
@@ -3428,10 +3428,10 @@ static int FUNC(slice_header) (CodedBitstreamContext *ctx, RWContext *rw,
 }
 
 static int FUNC(sei_decoded_picture_hash) (CodedBitstreamContext *ctx,
-                                           RWContext *rw,
-                                           H266RawSEIDecodedPictureHash *
-                                           current, SEIMessageState *unused)
+                                           RWContext *rw, void *current_,
+                                           SEIMessageState *unused)
 {
+    H266RawSEIDecodedPictureHash *current = current_;
     int err, c_idx, i;
 
     HEADER("Decoded Picture Hash");
diff --git a/libavcodec/cbs_sei.h b/libavcodec/cbs_sei.h
index 4511c506cc..6d1bed4171 100644
--- a/libavcodec/cbs_sei.h
+++ b/libavcodec/cbs_sei.h
@@ -126,12 +126,10 @@ typedef struct SEIMessageTypeDescriptor {
     SEIMessageWriteFunction write;
 } SEIMessageTypeDescriptor;
 
-// Macro for the read/write pair.  The clumsy cast is needed because the
-// current pointer is typed in all of the read/write functions but has to
-// be void here to fit all cases.
+// Macro for the read/write pair.
 #define SEI_MESSAGE_RW(codec, name) \
-    .read  = (SEIMessageReadFunction) cbs_ ## codec ## _read_  ## name, \
-    .write = (SEIMessageWriteFunction)cbs_ ## codec ## _write_ ## name
+    .read  = cbs_ ## codec ## _read_  ## name, \
+    .write = cbs_ ## codec ## _write_ ## name
 
 // End-of-list sentinel element.
 #define SEI_MESSAGE_TYPE_END { .type = -1 }
diff --git a/libavcodec/cbs_sei_syntax_template.c b/libavcodec/cbs_sei_syntax_template.c
index 62dd1dabaa..16d2cbc406 100644
--- a/libavcodec/cbs_sei_syntax_template.c
+++ b/libavcodec/cbs_sei_syntax_template.c
@@ -18,8 +18,9 @@
 
 static int FUNC(filler_payload)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     SEIRawFillerPayload *current, SEIMessageState *state)
+     void *current_, SEIMessageState *state)
 {
+    SEIRawFillerPayload *current = current_;
     int err, i;
 
     HEADER("Filler Payload");
@@ -36,8 +37,9 @@ static int FUNC(filler_payload)
 
 static int FUNC(user_data_registered)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     SEIRawUserDataRegistered *current, SEIMessageState *state)
+     void *current_, SEIMessageState *state)
 {
+    SEIRawUserDataRegistered *current = current_;
     int err, i, j;
 
     HEADER("User Data Registered ITU-T T.35");
@@ -68,8 +70,9 @@ static int FUNC(user_data_registered)
 
 static int FUNC(user_data_unregistered)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     SEIRawUserDataUnregistered *current, SEIMessageState *state)
+     void *current_, SEIMessageState *state)
 {
+    SEIRawUserDataUnregistered *current = current_;
     int err, i;
 
     HEADER("User Data Unregistered");
@@ -96,8 +99,9 @@ static int FUNC(user_data_unregistered)
 
 static int FUNC(mastering_display_colour_volume)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     SEIRawMasteringDisplayColourVolume *current, SEIMessageState *state)
+     void *current_, SEIMessageState *state)
 {
+    SEIRawMasteringDisplayColourVolume *current = current_;
     int err, c;
 
     HEADER("Mastering Display Colour Volume");
@@ -118,8 +122,9 @@ static int FUNC(mastering_display_colour_volume)
 
 static int FUNC(content_light_level_info)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     SEIRawContentLightLevelInfo *current, SEIMessageState *state)
+     void *current_, SEIMessageState *state)
 {
+    SEIRawContentLightLevelInfo *current = current_;
     int err;
 
     HEADER("Content Light Level Information");
@@ -132,9 +137,9 @@ static int FUNC(content_light_level_info)
 
 static int FUNC(alternative_transfer_characteristics)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     SEIRawAlternativeTransferCharacteristics *current,
-     SEIMessageState *state)
+     void *current_, SEIMessageState *state)
 {
+    SEIRawAlternativeTransferCharacteristics *current = current_;
     int err;
 
     HEADER("Alternative Transfer Characteristics");
@@ -146,9 +151,9 @@ static int FUNC(alternative_transfer_characteristics)
 
 static int FUNC(ambient_viewing_environment)
     (CodedBitstreamContext *ctx, RWContext *rw,
-     SEIRawAmbientViewingEnvironment *current,
-     SEIMessageState *state)
+     void *current_, SEIMessageState *state)
 {
+    SEIRawAmbientViewingEnvironment *current = current_;
     static const uint16_t max_ambient_light_value = 50000;
     int err;
 
-- 
2.40.1

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".

  parent reply	other threads:[~2024-02-21 23:45 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-21 23:31 [FFmpeg-devel] [PATCH 1/3] avcodec/cbs_h266_syntax_template: Don't omit unused function parameter Andreas Rheinhardt
2024-02-21 23:32 ` [FFmpeg-devel] [PATCH 2/3] avutil/opt: Use correct function pointer type Andreas Rheinhardt
2024-02-24 12:09   ` Mark Thompson
2024-02-21 23:32 ` Andreas Rheinhardt [this message]
2024-02-24 12:06   ` [FFmpeg-devel] [PATCH 3/3] avcodec/cbs_h2645: Avoid function pointer casts, fix UB Mark Thompson
2024-02-24 14:46     ` Andreas Rheinhardt
2024-02-24  2:51 ` [FFmpeg-devel] [PATCH 1/3] avcodec/cbs_h266_syntax_template: Don't omit unused function parameter Andreas Rheinhardt

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=AS8P250MB0744E65CD5B170149DC0BB8D8F572@AS8P250MB0744.EURP250.PROD.OUTLOOK.COM \
    --to=andreas.rheinhardt@outlook.com \
    --cc=ffmpeg-devel@ffmpeg.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
		ffmpegdev@gitmailbox.com
	public-inbox-index ffmpegdev

Example config snippet for mirrors.


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git