From: Jeremy Dorfman <jdorfman-at-google.com@ffmpeg.org>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: Re: [FFmpeg-devel] [PATCH] libavcodec/h264dec: avoid arithmetic on null pointers
Date: Wed, 1 Mar 2023 15:31:55 -0500
Message-ID: <CABLWQLWNDayKPt6nOVyUPAT6k0enBgHbVa9Yh14hgNNk2odkfA@mail.gmail.com> (raw)
In-Reply-To: <CABLWQLVH51wK2cenzOy8c0C=PeAft22__PySh-_vdAsG5AjL3g@mail.gmail.com>
On Wed, Mar 1, 2023 at 3:22 PM Jeremy Dorfman <jdorfman@google.com> wrote:
>
> On Wed, Mar 1, 2023 at 2:07 PM James Almer <jamrial@gmail.com> wrote:
> >
> > On 3/1/2023 3:50 PM, Jeremy Dorfman wrote:
> > > null pointer arithmetic is undefined behavior in C.
> > > ---
> > > libavcodec/h264dec.c | 4 ++--
> > > 1 file changed, 2 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/libavcodec/h264dec.c b/libavcodec/h264dec.c
> > > index 2d691731c5..ef698f2630 100644
> > > --- a/libavcodec/h264dec.c
> > > +++ b/libavcodec/h264dec.c
> > > @@ -912,8 +912,8 @@ static int finalize_frame(H264Context *h, AVFrame *dst, H264Picture *out, int *g
> > > av_log(h->avctx, AV_LOG_DEBUG, "Duplicating field %d to fill missing\n", field);
> > >
> > > for (p = 0; p<4; p++) {
> > > - dst_data[p] = f->data[p] + (field^1)*f->linesize[p];
> > > - src_data[p] = f->data[p] + field *f->linesize[p];
> > > + dst_data[p] = f->data[p] ? f->data[p] + (field^1)*f->linesize[p] : NULL;
> > > + src_data[p] = f->data[p] ? f->data[p] + field *f->linesize[p] : NULL;
> > > linesizes[p] = 2*f->linesize[p];
> > > }
> >
> > Probably cleaner and clearer to do it like this:
> >
> > dst_data[p] = FF_PTR_ADD(f->data[p], (field^1)*f->linesize[p]);
> > src_data[p] = FF_PTR_ADD(f->data[p], field *f->linesize[p]);
>
> Thank you for the feedback. That seems reasonable to me; I wasn't aware of FF_PTR_ADD.
>
> ---
> libavcodec/h264dec.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/libavcodec/h264dec.c b/libavcodec/h264dec.c
> index 2d691731c5..0ac04baa4d 100644
> --- a/libavcodec/h264dec.c
> +++ b/libavcodec/h264dec.c
> @@ -31,6 +31,7 @@
>
> #include "libavutil/avassert.h"
> #include "libavutil/imgutils.h"
> +#include "libavutil/internal.h"
> #include "libavutil/opt.h"
> #include "libavutil/thread.h"
> #include "libavutil/video_enc_params.h"
> @@ -912,8 +913,8 @@ static int finalize_frame(H264Context *h, AVFrame *dst, H264Picture *out, int *g
> av_log(h->avctx, AV_LOG_DEBUG, "Duplicating field %d to fill missing\n", field);
>
> for (p = 0; p<4; p++) {
> - dst_data[p] = f->data[p] + (field^1)*f->linesize[p];
> - src_data[p] = f->data[p] + field *f->linesize[p];
> + dst_data[p] = FF_PTR_ADD(f->data[p], (field^1)*f->linesize[p]);
> + src_data[p] = FF_PTR_ADD(f->data[p], field *f->linesize[p]);
> linesizes[p] = 2*f->linesize[p];
> }
>
I apologize for the mangled patch and spam. Hopefully this comes
through as text/plain without the corrupted patch:
---
libavcodec/h264dec.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/libavcodec/h264dec.c b/libavcodec/h264dec.c
index 2d691731c5..0ac04baa4d 100644
--- a/libavcodec/h264dec.c
+++ b/libavcodec/h264dec.c
@@ -31,6 +31,7 @@
#include "libavutil/avassert.h"
#include "libavutil/imgutils.h"
+#include "libavutil/internal.h"
#include "libavutil/opt.h"
#include "libavutil/thread.h"
#include "libavutil/video_enc_params.h"
@@ -912,8 +913,8 @@ static int finalize_frame(H264Context *h, AVFrame
*dst, H264Picture *out, int *g
av_log(h->avctx, AV_LOG_DEBUG, "Duplicating field %d to
fill missing\n", field);
for (p = 0; p<4; p++) {
- dst_data[p] = f->data[p] + (field^1)*f->linesize[p];
- src_data[p] = f->data[p] + field *f->linesize[p];
+ dst_data[p] = FF_PTR_ADD(f->data[p], (field^1)*f->linesize[p]);
+ src_data[p] = FF_PTR_ADD(f->data[p], field *f->linesize[p]);
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next prev parent reply other threads:[~2023-03-01 20:32 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-01 18:50 Jeremy Dorfman
2023-03-01 19:07 ` James Almer
2023-03-01 20:22 ` Jeremy Dorfman
2023-03-01 20:31 ` Jeremy Dorfman [this message]
2023-03-02 9:05 ` Anton Khirnov
2023-03-02 11:33 ` James Almer
2023-03-02 11:37 ` James Almer
2023-03-02 16:09 ` Jeremy Dorfman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CABLWQLWNDayKPt6nOVyUPAT6k0enBgHbVa9Yh14hgNNk2odkfA@mail.gmail.com \
--to=jdorfman-at-google.com@ffmpeg.org \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git