From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 6889B42D5F for ; Thu, 5 May 2022 03:55:59 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 4D65B68B310; Thu, 5 May 2022 06:55:57 +0300 (EEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 6256B68B289 for ; Thu, 5 May 2022 06:55:50 +0300 (EEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1651722955; x=1683258955; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=FfAt9N141hjexKoCg/9aMNU+DLr1BJ9V/NiBYcL3rdw=; b=MLXVrvZI2HPtOBp59RwBiTTc16yQ136to8+ZcjNfnhfwSNvPkjiX1QV4 lyPFEZUVFYAkZxEPwMdagtpTnUbJ/a/2RsnhMaWTHZQRxOpW8FbZvrJL6 BV13/li+UJYd2rpkdl6TAF+yVvNxoc6RbL2uKPG/aSgL3hdkXigAn5K5z MAoipMrpuIs86HNrBL0Rst4AvcX8rxANajFK/NSud0VyxlmcmHyK9CZQG dR9SaTtcXaU3+Tf+FVXgsqkJ1FhV9+mNZyRmPiL16vkEryaIjaEd+IxXk Tr54feWNHmWsCcYovzZYcn6a4Vahj8zQUf2zolIkmN6amUlebbufPvKfN g==; X-IronPort-AV: E=McAfee;i="6400,9594,10337"; a="293172948" X-IronPort-AV: E=Sophos;i="5.91,200,1647327600"; d="scan'208";a="293172948" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 May 2022 20:55:47 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.91,200,1647327600"; d="scan'208";a="694468488" Received: from fmsmsx604.amr.corp.intel.com ([10.18.126.84]) by orsmga004.jf.intel.com with ESMTP; 04 May 2022 20:55:47 -0700 Received: from fmsmsx609.amr.corp.intel.com (10.18.126.89) by fmsmsx604.amr.corp.intel.com (10.18.126.84) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Wed, 4 May 2022 20:55:46 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx609.amr.corp.intel.com (10.18.126.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Wed, 4 May 2022 20:55:46 -0700 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.177) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Wed, 4 May 2022 20:55:46 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ORudrCVWFhjQgq9Ql1Y+4Fn3ZfC4Cv3mE81YCUKulNmnkRIY6OwwHJIxkJaoe+v0v/dM/KrgjO9ikQA/BbaayOhdkRqbisqDACskdO50O8TDewSSkxCjsYz9eR42xoPV+xsxZqIDJrBev6F1BGs6Ncs2ATvmzAFk/coABQ/gnQSL6LhqT4jM0/kw3DkUkzq0nvBOPGQn577ZpwqNbUzmL5P/HXXA/vKL7+rV8+mJgvIv2FQZzIYRtbkd9SoR8VlNMw+DVLryL1VibvEz2q2tSzhfJWAxLP6uYbaSKZbgh51m7yE+Hiqs39qx57Y0PG/DLI4rVpjQHeP4FzYpNAqvtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qsQGwxt2SQEq6YaS1E2NqoWkyIric9y9X0tCgXiSB+Q=; b=Q7lh8j31kEtW91uQSzJPHJxMihXfFhAvOLISONoJWA6UTUUP6ozFn/SDpK9vgpfiZ+T9vQyllQWOvnbq1YD2+1S0gMpcvwxa6vxKuXhc2QcKftTITUphj+NytA4510CBaB+9pYUu0dm4LG3sd89A6tmMCsZFmKeCq2vxwKCo1VigKP4O9BNQENx6hjgOtNUtMCR00NWhVFeCcU6tXp5qZ2S8Z/s0J4b+HOxgu8FNoO9IRH2FhNF9qoBgs6VdOFZcWuWTmB06Z87xZO8U3GKdVKnzUPmd+qxAfgsj5VsDqN/yLpvRJblx3keC29oTZdqARePKJv4LmYqcfBMAbtJviQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from BY5PR11MB3879.namprd11.prod.outlook.com (2603:10b6:a03:18f::17) by SJ0PR11MB5813.namprd11.prod.outlook.com (2603:10b6:a03:422::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5206.25; Thu, 5 May 2022 03:55:44 +0000 Received: from BY5PR11MB3879.namprd11.prod.outlook.com ([fe80::14b2:848:f938:32f6]) by BY5PR11MB3879.namprd11.prod.outlook.com ([fe80::14b2:848:f938:32f6%3]) with mapi id 15.20.5206.013; Thu, 5 May 2022 03:55:44 +0000 From: "Chen, Wenbin" To: FFmpeg development discussions and patches Thread-Topic: [FFmpeg-devel] [PATCH v2] libavcodec/cbs_av1: Add size check before parse obu Thread-Index: AQHYQ0c55cN6ijtcVkGWgBQQNDnebq0I7YiAgAbsKMA= Date: Thu, 5 May 2022 03:55:44 +0000 Message-ID: References: <20220329082921.756174-1-wenbin.chen@intel.com> <39b1abfb-8f9b-9ae1-01b8-16acf821c23c@jkqxz.net> In-Reply-To: <39b1abfb-8f9b-9ae1-01b8-16acf821c23c@jkqxz.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.6.401.20 dlp-reaction: no-action authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a450eb94-e8aa-4e6e-1eae-08da2e4b2177 x-ms-traffictypediagnostic: SJ0PR11MB5813:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: gvuN8HLUGaq1vpErPycb1TH6Z5VohO6jNQud3hUAyVt9pEdlKmWmgWxI+ObYSs9LMoUJMxCcS0JSFSBAuJX++0CvFWzk1ZEqrZNL25Rn3IagFB0c9wgAvFMfXErpbBnrU5xFFQ2mcROKvPoqURYLjMcvQ+/esl0zp9uUMhuhYZ3vocRc9QJwn5YG73tg/cN5YjrC6NwBqTeGK6UKKIHd61GQcZk/rFDgZwpZTUCww3G/12CvaBTxY/Wd/kLDFXS3Av7Nw/dlaMzR2uifxHS7bdn/cORH5icDzWCiPWF3Uf+hZ3+8VvP8oTFUZe/PAtaMOSMitvy+j3CfXO2iO7axE+ChhRbiCwX3hjDa7DeuiAMZilbVd+inhNCmXXs43bKG5p/3CBVoQQ4M1u2uC/NkfMOiK9hzKIoaXgyA/AxThZbKxprmN/JiPtrjMvnOgzNGGyN8p/Wti1ED4wSDH/bei6E9O7gffcsVOyy5cLCqvSXFQ8nuhnut9T8OWuRd8J8DGVxDu1HJUIWVT9wKQFYw8cA5f9iyTAgdT4lGrUV/u3VrAKrdKw7wt0ApgYVnwyIIDUQez6Hj9DaRELwNkF6SVOGS+tB+28heih250FCDlIExl1dbpqEWDPp5+dK+UIWVRLhOYuLwu2ilLu0f0hgey+MQKhtxxk5aap2Q1EHN6HHC6Vo8J4tmWkjuLWRO03JZSOsRbqrpz9lNiEEZx7+CDiIXZ4Cj40U99E1loeh8yzC/7eCQop2pv4AEkM6x48Q7pOBhOpIKUQtFit+yYF37tmD85z/mGGS4EXniFGkzLI4= x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR11MB3879.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(26005)(186003)(6506007)(53546011)(7696005)(9686003)(33656002)(82960400001)(122000001)(38070700005)(86362001)(38100700002)(55016003)(83380400001)(5660300002)(508600001)(19627235002)(6916009)(316002)(76116006)(66946007)(8676002)(66556008)(8936002)(52536014)(66476007)(966005)(66446008)(64756008)(2906002)(71200400001); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?ESs8VwBemcSSDBcIg3s2uOPljjAXBjpXW/a58KFRvZ6cdkuf5BOQl7R8OjzD?= =?us-ascii?Q?ZL2nUgonyaltI84BXqVu4zU7DuhDN9AqCM+hEmz5urRE9IuNO4T0Hsf7N0Hz?= =?us-ascii?Q?mF0B+ibjwNLqmJJqf0htedFX4wh0B/vBL0w4lCA6GrlzoaPi91Z7bZpxMXiL?= =?us-ascii?Q?nn38dPon0eIHj2Mf7m/x9E9eyS82itDxUJBO5n/j6kUD7ky+/v9n7MAovOSy?= =?us-ascii?Q?QhNccvtCwSDI4PnWC0tdUwTvdJDskktFdP2U9+qx2xyLau+533sJPiYW/fbW?= =?us-ascii?Q?tB2yJJiJ/rAaIS947Cowuy65L0LP/XAPueU2pi6NsxE5cCZ+N6CXxDJKKHZN?= =?us-ascii?Q?DDYqGUchqW20m6pTU9VMj0Adrav1in1OlQPBsMAvZmjwyMlXxlsJU5c3S0ST?= =?us-ascii?Q?H+NBpqDCKrYxyU/vNZjmBzZ5pw61kMUhdYyLWFKnVQQk1KEHyYXmWfLVj+2e?= =?us-ascii?Q?QB60X48bBqEIgk921YSWB/JsjflFg2rWym1wIvGeUnCJiHZ44K7NfPckOXIY?= =?us-ascii?Q?nNtMMVYZ7BSO1HLO77Q0ufa4MxyE9NqM6ZF+vV4l9aJFYZzPq6k3w2Sa90Vt?= =?us-ascii?Q?yRI84bQm0ulNxmZBK7GB9xc8fMRpsfzPh+oiJRprCAr+7/20W3A6cfxpvWzD?= =?us-ascii?Q?OzgVMjVSpT5m6W3xpxUyG59e4zO862etaDef0EPZMPVcu9+3rRz//AnXWVkZ?= =?us-ascii?Q?ADXZZocRBDGuNvWF8+gg1qL3pjHsnAlk52MrvPO7EU1j9cKPXo9ZULgV5gKK?= =?us-ascii?Q?6Fy8W1uLhbRXH1csEl5awnvwaUjQ58Q09RCfHvknjGaIKa+FbK+1IOeIuK22?= =?us-ascii?Q?5YOTJa0p5EmjbzF1/uwbJn8q7ctHCko5RMVRI9U3/xMjN8kLPEOkwDp2nWcn?= =?us-ascii?Q?8ev4JX7LNFs5DfHOm7sWEEFgOnhhbNexEB20kRmgfqGbEzY/EQx9wgyhYyy7?= =?us-ascii?Q?DkI3L6TWfGNw2yQ9RKgSHvEayGcL5Zkil1KNmCcPgVZo8y3lyEsPJwlW2TBL?= =?us-ascii?Q?HTt09klddf50k8GspjwL4KwaBbRG5/+mL7/hRjG53I1/NNxKBQGVI+YEjFKC?= =?us-ascii?Q?qV0R5GmRvK3hfmFpFCt/WzytFKrYo9EUY4JTO9rGFkS/YNFgMmWwfBsJedvd?= =?us-ascii?Q?rhTXzFj9C6iU2yWvwkTyeFfH+ANSSpLeO0yUFZ9x92wKPY+GKabYsJVXf0aL?= =?us-ascii?Q?d+RVkl/8D3fhMPGv0dlQjJ9fW7UBoaE2XdpWc5QdNSjo3hPDwkFP4eoOhdZb?= =?us-ascii?Q?G7FUYfTv+JeGrKomu4LLqv2UbJAPMtdbQV/Jc0TJfrDgMCvC+INFUs0ZyTb/?= =?us-ascii?Q?ukYXGvr6umefMY4CVzXYM5Lo5LfW5hviM0TSY/8PrSuNm8E3CGvJPd2iFkgg?= =?us-ascii?Q?zYtingMcHmP+sbPEBePw5EZIBrDkrqLj1dMGsctC1mgcBYtOoIirFuKIQEBu?= =?us-ascii?Q?ngbixUNTZ1AnjnjMVaWKqvZky44Yh+OU0MrzsJTQxJLZtasHkF6PTDhFy7mt?= =?us-ascii?Q?UJ92JqcXTgqD70OtWCOlow1RoYFjxJvghfe/TI9LsY6TEFfMSDJQKeg3kn0o?= =?us-ascii?Q?Ervx0uaNnXJxfa87JDo9C0wrgCSJsb1tQPFF+xsoOi6h825x+g0SoLfGwG4j?= =?us-ascii?Q?twHY1boFB4RiIs70uxsoX4jjy80lDrLwKj/rxV3UJ1b1FcSK6oUxwbTZSVVf?= =?us-ascii?Q?G/Zo4XwvN9BksdP7F38CbUx6Y5+y1UdpqUav/tuOjAEs0D8vxic3daEETp8U?= =?us-ascii?Q?EivwYvpJLA=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB3879.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: a450eb94-e8aa-4e6e-1eae-08da2e4b2177 X-MS-Exchange-CrossTenant-originalarrivaltime: 05 May 2022 03:55:44.4601 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: SMtplXdtnWyTnceUZZLvfeJukMVnozWyWWFFFRjSWac3E8V5ebiMuBPk2O8zRAPFa114DlmKzQtylefgOwBgOA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR11MB5813 X-OriginatorOrg: intel.com Subject: Re: [FFmpeg-devel] [PATCH v2] libavcodec/cbs_av1: Add size check before parse obu X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: > On 29/03/2022 09:29, Wenbin Chen wrote: > > cbs_av1_write_unit() check pbc size after parsing obu frame, and return > > AVERROR(ENOSPC) if pbc is small. pbc will be reallocated and this obu > > frame will be parsed again, but this may cause error because > > CodedBitstreamAV1Context has already been updated, for example > > ref_order_hint is updated and will not match the same obu frame. Now > size > > check is added before parsing obu frame to avoid this error. > > > > Signed-off-by: Wenbin Chen > > --- > > libavcodec/cbs_av1.c | 6 +++--- > > 1 file changed, 3 insertions(+), 3 deletions(-) > > > > diff --git a/libavcodec/cbs_av1.c b/libavcodec/cbs_av1.c > > index 1229480567..29e7bc16df 100644 > > --- a/libavcodec/cbs_av1.c > > +++ b/libavcodec/cbs_av1.c > > @@ -1075,6 +1075,9 @@ static int > cbs_av1_write_obu(CodedBitstreamContext *ctx, > > put_bits32(pbc, 0); > > } > > > > + if (8 * (unit->data_size + obu->obu_size) > put_bits_left(pbc)) > > + return AVERROR(ENOSPC); > > unit->data_size is not usefully set when we are writing here (it might be the > size of the old bitstream in editing cases, or it might just be zero). Thank you for pointing this out. If data_size is unset this check wouldn't work and the problem still occurs. I will try to find a better way to fix this. > > > + > > td = NULL; > > start_pos = put_bits_count(pbc); > > > > @@ -1196,9 +1199,6 @@ static int > cbs_av1_write_obu(CodedBitstreamContext *ctx, > > flush_put_bits(pbc); > > av_assert0(data_pos <= start_pos); > > > > - if (8 * obu->obu_size > put_bits_left(pbc)) > > - return AVERROR(ENOSPC); > > - > > if (obu->obu_size > 0) { > > memmove(pbc->buf + data_pos, > > pbc->buf + start_pos, header_size); > > So, this doesn't work? The header hasn't been written that point, so you > don't know if there is enough space for both the OBU header and the OBU > data. > > Having the check in both places would be fine (the newly-added one being a > way to bail early when there definitely isn't enough space), but that wouldn't > do what you want. Ok, I will keep the both places in my next patch if I still fix issue in this way. > > I'm not sure what the right answer is here. Do we need some way to unwind > the written header? The initial buffer size is 1MB and gets doubled each time, > so this is not going to be hit very often. Unwinding header is an alternative way. I will check If it is possible. This problem is rare. The problem occurs when I frame below buffer size but one P/B frame in the gop is greater than buffer size. Thanks Wenbin > > - Mark > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".