From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTPS id 8402F40D82 for ; Thu, 26 Jun 2025 18:16:37 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id 96DEF68E385; Thu, 26 Jun 2025 21:16:33 +0300 (EEST) Received: from mail-ed1-f43.google.com (mail-ed1-f43.google.com [209.85.208.43]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id D3B2368E282 for ; Thu, 26 Jun 2025 21:16:27 +0300 (EEST) Received: by mail-ed1-f43.google.com with SMTP id 4fb4d7f45d1cf-60c60f7eeaaso2204897a12.0 for ; Thu, 26 Jun 2025 11:16:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750961786; x=1751566586; darn=ffmpeg.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=V4NKz6Te9qlJQrDhJEB8u0I5MOHOGaieckDTVBhYv1o=; b=SbDc5u6UKRpx4e+XOeg+UTM10+dLX65O6UP1pRkxGpgXkRwmME9aTbCpK7NdiSiHKA hrlHMfzlR1s3fZHROi76eBujje9hPWwUdyeKDfRV5qOhaElaZ20+hjPLNaE3YtDXijqt JudNk9hctj4Agv+NMvR8dPXckTUDVV223ueeHxeVSGT/rwPHFH5KV9/U02AZD958tVBX 9CxJC04g49ky76Y30Cv6RePMwMAPNyttqZOFab9cZ9JzZy6h4/ZNewql5WfV/jvjlTjn Pd08tv2SS48AjrYaj/LIwooaAatHidnzliOd76+ueSMx/ZXUAW3IspuMUujFqo0odM3k Wbwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750961786; x=1751566586; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=V4NKz6Te9qlJQrDhJEB8u0I5MOHOGaieckDTVBhYv1o=; b=nvsnlyo39NF0e1ZPcSD3DyKW6pIqIAHDJUD8w0MqPQQIacFq6nK1raWrUL2+QJFcpp GUXNCtMPfmKfO/Zr7D5iup24QEyF/kM2kqsdnUrvPvNqDiOG3P9C+ijOTajBz6Bl6ynR OlsjMUcO/T/Sq9QObg5jAFEdEnU36ncKKwBQUxlxMi1MEhqaJGERhYtX9/CwzielsWc8 l2RDA2vjj0zxxHDaEO30UxVPDSIkLSXzh5vIc8JMn2QDo+S4VLgzlSPUEsrryPGkt3nv wZhSRXp1ckiF9H2mtZFPk9XAN8a0J+whM1+YETsub926sJygO+zjWq4tCpkKDF8yETW5 7JhQ== X-Gm-Message-State: AOJu0YwXnplzxrP0jJcO/3qSB2PZGRzMWQw7VZ05ZDTJ3etNISoMxM4Z rolqzkJKm160EAD7xUoLArd1zN7ao+0tFjim2+TnIsOWombc8PDtbhnmYYRmqBnR5TQbdAVrg49 io1zblKnB4E1T8BsMCyBSgTXAgHjfpw8sXQzF X-Gm-Gg: ASbGnctlAK6aeRPKXWnf9Vshkd9FXRASzw17paVoOGKbNzTFWHh3FvtCU67P9BUU+S5 k3DiJcYQpgkcc82VoRMdQdU5HUq9jTkUfjM9AzLAjaQWf9UBSY7Azi7iKj6ezzi17o/Z6NHcY76 z/Z/n6ieEPS75hu3SovKwzZNkY+rpe3pSeK47KsuaZ X-Google-Smtp-Source: AGHT+IEhUzMFp74uHuBP2oxuryhdollnbOeYwEyHaAWUR6Owk5u0cpTF79OvYLtpDzIJ0QhmVwksOwBL9BZTNwKqwf4= X-Received: by 2002:a05:6402:13cb:b0:604:abcd:b177 with SMTP id 4fb4d7f45d1cf-60c88e72f1emr73822a12.30.1750961786027; Thu, 26 Jun 2025 11:16:26 -0700 (PDT) MIME-Version: 1.0 References: <20250626040707.1295-1-micro6947@gmail.com> In-Reply-To: From: Kacper Michajlow Date: Thu, 26 Jun 2025 20:16:06 +0200 X-Gm-Features: Ac12FXw-E_IAFXSa9Uuz64T9MPjeeu-9gIlcGDZlhYEYRHfcFg2Vj_pYF3CynhI Message-ID: To: FFmpeg development discussions and patches Subject: Re: [FFmpeg-devel] [PATCH] libavcodec/utils: Ensure allocated buffer is zero-initialized X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Cc: xjdeng Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: n Thu, 26 Jun 2025 at 16:07, Zhao Zhili wrote: > > > > > On Jun 26, 2025, at 12:07, xjdeng wrote: > > > > In `av_fast_padded_mallocz`, the allocated buffer's zero-initialization is not guaranteed. > > This is because it calls `av_fast_malloc`, which in turn calls `fast_malloc` with `zero_realloc=0`. > > Consequently, the memory returned by the underlying `av_malloc` (used within `fast_malloc`) > > is not guaranteed to be zero-initialized. > > > > Furthermore, if `*size` is adjusted to be greater than `min_size + AV_INPUT_BUFFER_PADDING_SIZE`, > > the subsequent `memset` operation will not cover the entire allocated buffer, > > leaving a portion of it uninitialized. > > > > To ensure the entire allocated buffer is properly zero-initialized, we should use `FFMAX` > > to adjust the `memset` range. > > I think memset size is enough. size >= min_size + AV_INPUT_BUFFER_PADDING_SIZE. > > > > > Signed-off-by: xjdeng > > > > --- > > libavcodec/utils.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > diff --git a/libavcodec/utils.c b/libavcodec/utils.c > > index f2686b6863..e2afce71ef 100644 > > --- a/libavcodec/utils.c > > +++ b/libavcodec/utils.c > > @@ -72,8 +72,8 @@ void av_fast_padded_mallocz(void *ptr, unsigned int *size, size_t min_size) > > return; > > } > > av_fast_malloc(p, size, min_size + AV_INPUT_BUFFER_PADDING_SIZE); > > - if (*p) > > - memset(*p, 0, min_size + AV_INPUT_BUFFER_PADDING_SIZE); > > + if (*p) > > + memset(*p, 0, FFMAX(*size, min_size + AV_INPUT_BUFFER_PADDING_SIZE)); > > } I think the current code is intentional. In av_fast_malloc() and siblings the `*size` is the real allocation size, but your working area that you should be using is ` min_size` and hence why this area (+padding) is zeroed. You shouldn't be using anything beyond that, as it is allocated space, but "not active" right now. These functions are meant to be `fast` by not reallocating when there is enough space for user payload, and part of the `fast` part is also not zeroing the memory area that you as a user don't request in `min_size` parameter. - Kacper _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".