From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTPS id DD6514C22A for ; Wed, 30 Jul 2025 22:59:34 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id 2EE9A68CA5E; Thu, 31 Jul 2025 01:59:30 +0300 (EEST) Received: from mail-ed1-f44.google.com (mail-ed1-f44.google.com [209.85.208.44]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id 3A49268C59E for ; Thu, 31 Jul 2025 01:59:23 +0300 (EEST) Received: by mail-ed1-f44.google.com with SMTP id 4fb4d7f45d1cf-5f438523d6fso2097a12.1 for ; Wed, 30 Jul 2025 15:59:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1753916362; x=1754521162; darn=ffmpeg.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=rFXahHFwFOXiuj0JClrOw3lpDaQHV+tLnc0XdtOxP30=; b=P4vtsztDWByTO4PlmzzIwTK6bV/033P+QDM/JTOOtAMV8wVufsvvrX1BBAWkgH0hUC yoj4lfhGGoquiUYQalhGFVC/pSAL4lYNJYIQEXnsYedy+Uy6Z5IKkLvvplTqJ/RyFUoR V+hvN8sOrfzaHWrLJSUvP45zlGAOX8KajvCA0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1753916362; x=1754521162; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=rFXahHFwFOXiuj0JClrOw3lpDaQHV+tLnc0XdtOxP30=; b=kvh+TO0JCFFu4qPXD+fyRvz3B+fdpCUmfxVeLHHNR1Lqj9sYO6WvREEP+M0sWxXlLo Loei6vQNG/gxLZAO+5Lrkgof3yzKPMDmDp+1SXFEza+AvZ4sl67DJOHgAQfGZz9+tvdH IHp9Y20pGBUweNpTUAWS7eU0BNCm3A3ip4nhCySFlb5xqtNBfseAYZy9HSDWJa3BZe/s 0wePzTRjDuK/9op+0tOSOAfA1e4Rakyjpo2TFDHnWImQUkWebGAX0KauY8P7KKrrGlyD iVldVRAM2eYQWeFs/H8aN8ZOqCpFSbWaxH6I2tF/9JksAohkfD3IoShpKRObRIauLHvW VP6A== X-Gm-Message-State: AOJu0YyHz1IcVbikp6+vUSvHlnXelTKz++OzDiAGmT8o7bh8XREqxUCj FPzM6+9F8O8huFpIZOZvhn22k8fsMTkE6OnJgig46cf/PAnxYkwUYKlT0iCmpf2v5ZgkhFsKU23 Bb+ZjXMKikVb8UIyuwHWQIlBSEHuv5L8is/cjYR/q3gJfic9em80btxgI X-Gm-Gg: ASbGncuNKIChE6d+10CzdUrWvp3f6VmIstpGEodkMWkDzlYD5FRveYF7XdeQGethgJi XyDUwPx+DLUlXaUONez1XOvaliiaZ8RV1PuA1gE3WksaGlxOJNg4kdR2W8hzZKA98Lvd8YACnmt nftbLNb6TNmOYdNmk6BJsbUo9sIl5m202/aMSLHaXf5XmL3tNoS+283vTlf+2yZCd9ayJKo9RpU deX3c4oMWV2YaqQKr45Q5WG3M1kC9uihGvIPw== X-Google-Smtp-Source: AGHT+IH/B4bAe80EW19zgg8utuCtAkJ8h8gmgw3CSzaSmiviFgaX8xoVroU7538jHJHZItE95zWrxCOS7tNDtQzShQw= X-Received: by 2002:a05:6402:3410:b0:615:6167:4835 with SMTP id 4fb4d7f45d1cf-615ac6c9ae4mr5814a12.7.1753916361491; Wed, 30 Jul 2025 15:59:21 -0700 (PDT) MIME-Version: 1.0 References: <20250730100138.GP29660@pb2> <20250730195248.GQ29660@pb2> In-Reply-To: <20250730195248.GQ29660@pb2> From: Dale Curtis Date: Wed, 30 Jul 2025 15:59:09 -0700 X-Gm-Features: Ac12FXxJ6WsrNhQDu4ch2O1V4GvFy7AACnvykOcybhMIlLXx5XhZOWqmgVg1zqg Message-ID: To: FFmpeg development discussions and patches Content-Type: multipart/mixed; boundary="000000000000b20898063b2d79fd" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 Subject: Re: [FFmpeg-devel] [flac] Fix integer-overflow in flac_lpc_33_c X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: --000000000000b20898063b2d79fd Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Patchset updated with your suggestions. Thanks! On Wed, Jul 30, 2025 at 12:53=E2=80=AFPM Michael Niedermayer wrote: > Hi Dale > > On Wed, Jul 30, 2025 at 09:36:51AM -0700, Dale Curtis wrote: > > On Wed, Jul 30, 2025 at 3:01=E2=80=AFAM Michael Niedermayer < > michael@niedermayer.cc> > > wrote: > > > > > Hi Dale > > > > > > On Tue, Jul 29, 2025 at 03:07:38PM -0700, Dale Curtis wrote: > > > > This fix copies a couple of casts from surrounding functions. > > > > See https://crbug.com/432528781 for stack trace details. > > > > > > > > Signed-off-by: Dale Curtis > > > > > > > flacdsp.c | 2 +- > > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > 187b2fdeaecb08d3683b90875f4d7c0e74a38da1 flac_fix_v1.patch > > > > From 0bf245bf8a031d12aec77e68dbc627247255eeb0 Mon Sep 17 00:00:00 > 2001 > > > > From: Dale Curtis > > > > Date: Tue, 29 Jul 2025 22:05:19 +0000 > > > > Subject: [PATCH] [flac] Fix integer-overflow in flac_lpc_33_c > > > > > > > > This fix copies a couple of casts from surrounding functions. > > > > > > > > See https://crbug.com/432528781 for stack trace details. > > > > > > You (email=3Dmichael@niedermayer.cc) are not authorized to access thi= s > page! > > > > > > > The bug is public and I can open it in an incognito window, so I'm not > sure > > what's going on here. Are you referring to the Clusterfuzz page itself?= I > > can add more info to the bug if it's helpful, but can't control > ClusterFuzz > > access unfortunately. > > you wrote "for stack trace details.", but the stack trace details are on > the > Clusterfuzz page > > so either the "for stack trace details." should be removed or some stack > trace details could be added to teh public page > Ah, sorry, I thought ClusterFuzz had included it since it was a low severity issue. I've updated the bug. > > > > > > > > > > > > > > > [...] > > > > > > > - decoded[j] =3D residual[i] + (sum >> qlevel); > > > > + decoded[j] =3D (uint64_t)residual[i] + (unsigned)(sum >> > qlevel); > > > > > > This does not give the same result for cases that do not overflow > > > > > > I would guess more in the direction of: > > > > > > decoded[j] =3D (int64_t)residual[i] + (uint64_t)(sum >> qleve= l); > > > > > > > Happy to make that change, but are one of the following casts also > > incorrect then? > > > https://github.com/FFmpeg/FFmpeg/blob/master/libavcodec/flacdsp.c#L111 > > Iam not sure the int64_t vs uint64_t affects any audio output, it > does affect a checkasm. So iam not sure about "correct" > > > > https://github.com/FFmpeg/FFmpeg/blob/master/libavcodec/flacdsp.c#L69 > > sum is a int, so -> unsigned should be fine > > in the case of the patch sum is a int64_t so casting to unsigned truncate= s > it > Ah, I didn't check the type for sum closely enough. Sorry again! > > thx > > [...] > > -- > Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB > > If you fake or manipulate statistics in a paper in physics you will never > get a job again. > If you fake or manipulate statistics in a paper in medicin you will get > a job for life at the pharma industry. > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". > --000000000000b20898063b2d79fd Content-Type: application/x-patch; name="flac_fix_v2.patch" Content-Disposition: attachment; filename="flac_fix_v2.patch" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_mdqki0200 RnJvbSAxNDkzN2YxZjMxZjU4MDFmYWY2NDgzZjkwZGZhZmQzYzQwZmFjMzhjIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBEYWxlIEN1cnRpcyA8ZGFsZWN1cnRpc0BjaHJvbWl1bS5vcmc+ CkRhdGU6IFR1ZSwgMjkgSnVsIDIwMjUgMjI6MDU6MTkgKzAwMDAKU3ViamVjdDogW1BBVENIXSBb ZmxhY10gRml4IGludGVnZXItb3ZlcmZsb3cgaW4gZmxhY19scGNfMzNfYwoKVGhpcyBmaXggY29w aWVzIGEgY291cGxlIG9mIGNhc3RzIGZyb20gc3Vycm91bmRpbmcgZnVuY3Rpb25zLgpTZWUgaHR0 cHM6Ly9jcmJ1Zy5jb20vNDMyNTI4NzgxIGZvciBzdGFjayB0cmFjZSBkZXRhaWxzLgoKU2lnbmVk LW9mZi1ieTogRGFsZSBDdXJ0aXMgPGRhbGVjdXJ0aXNAY2hyb21pdW0ub3JnPgotLS0KIGxpYmF2 Y29kZWMvZmxhY2RzcC5jIHwgMiArLQogMSBmaWxlIGNoYW5nZWQsIDEgaW5zZXJ0aW9uKCspLCAx IGRlbGV0aW9uKC0pCgpkaWZmIC0tZ2l0IGEvbGliYXZjb2RlYy9mbGFjZHNwLmMgYi9saWJhdmNv ZGVjL2ZsYWNkc3AuYwppbmRleCBmNTM2MmJmNjZmLi5iNWIwNjA5NzE2IDEwMDY0NAotLS0gYS9s aWJhdmNvZGVjL2ZsYWNkc3AuYworKysgYi9saWJhdmNvZGVjL2ZsYWNkc3AuYwpAQCAtOTQsNyAr OTQsNyBAQCBzdGF0aWMgdm9pZCBmbGFjX2xwY18zM19jKGludDY0X3QgKmRlY29kZWQsIGNvbnN0 IGludDMyX3QgKnJlc2lkdWFsLAogICAgICAgICBpbnQ2NF90IHN1bSA9IDA7CiAgICAgICAgIGZv ciAoaiA9IDA7IGogPCBwcmVkX29yZGVyOyBqKyspCiAgICAgICAgICAgICBzdW0gKz0gKGludDY0 X3QpY29lZmZzW2pdICogKHVpbnQ2NF90KWRlY29kZWRbal07Ci0gICAgICAgIGRlY29kZWRbal0g PSByZXNpZHVhbFtpXSArIChzdW0gPj4gcWxldmVsKTsKKyAgICAgICAgZGVjb2RlZFtqXSA9ICh1 aW50NjRfdClyZXNpZHVhbFtpXSArICh1aW50NjRfdCkoc3VtID4+IHFsZXZlbCk7CiAgICAgfQog fQogCi0tIAoyLjUwLjEuNTUyLmc5NDJkNjU5ZTFiLWdvb2cKCg== --000000000000b20898063b2d79fd Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe". --000000000000b20898063b2d79fd--