From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTP id 61EA445279
	for <ffmpegdev@gitmailbox.com>; Mon, 16 Jan 2023 08:20:04 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id A0B1368BD2C;
	Mon, 16 Jan 2023 10:20:00 +0200 (EET)
Received: from mail-vk1-f171.google.com (mail-vk1-f171.google.com
 [209.85.221.171])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 9E8A468BD09
 for <ffmpeg-devel@ffmpeg.org>; Mon, 16 Jan 2023 10:19:53 +0200 (EET)
Received: by mail-vk1-f171.google.com with SMTP id t2so13009262vkk.9
 for <ffmpeg-devel@ffmpeg.org>; Mon, 16 Jan 2023 00:19:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=to:subject:message-id:date:from:references:in-reply-to:mime-version
 :from:to:cc:subject:date:message-id:reply-to;
 bh=Qg0k5NV8NyC8Rqm1FEKqzsvCb7RaEGBdqTGQVx0C7kg=;
 b=cXzFS0G1mmV4ptyQzPCMmDWTtYi1himnAgyqRsS8TX1i57zjHKAqENQLJY5AWlnGQt
 sgL6BsPfnpp0t0r7a7P2XbIS12rCNPrSHy3APsUIhKMGBcpfloAsSymcOwaIpK4PaVU8
 LaXTezr+DkRzW3eMOD5E4KSGMGkc48IMyxlqzVkpRXKj/nI5aSW2MyBrmPXfwYVhI0C0
 rusAwJ5D155/cngWF4vkqTzh+SlFvV6xujNgRwefkNWfe8HiZQ6sJrwxio3kIFcEQERw
 NfsMhmjFn4YAj1NIb93yJigEa1te9LV2psjczV8WTZIBwxmAWlvqR9OHM1ASSHKpRwrA
 aHnQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=to:subject:message-id:date:from:references:in-reply-to:mime-version
 :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=Qg0k5NV8NyC8Rqm1FEKqzsvCb7RaEGBdqTGQVx0C7kg=;
 b=nYQVV8E4Zzf96WwRbeK8o2ceiSNicy0EhBTQJbAalr9grMOWqxV54I3YPUC/JzJcVp
 1qf5EXTtrWZQnCatltEuqRqpWKY6mQGzBsVj2pdxkfmdddmrRsftpPPax+yCSxr54H7Y
 vVCLe3qinSwwk5sXTBf64jeRBu0/blD0CrsO812SW35sb2Wz4BS/3PKOVsmCW8I9l98G
 y6s1Wnp7qVcRQqnH9gjdB4yVNuFTM9+ygf8CF0fq3235YPtxcR15IiPt+TutGIrjK+ox
 /HkYjRoK7UAoBr+I7bnffr25GD/lkCWEzUO0SH0Fzos2iAAWs/6ARZKXjLf+qNI5EgmO
 nB3Q==
X-Gm-Message-State: AFqh2kqbyiywGpv/XjzGBXzcEITVH1+P1eKy8hpRqb5fiY0h+q83FDXY
 BF16hLPehytETuFkLJpfqFl6MpZQzgp7TP90SE6U26Vj
X-Google-Smtp-Source: AMrXdXuaON2wIoCFBqzzDHU01bCWvthbBEr2mqdm12Fm/kqDUjqjYAfNcckwFZB1QYdiKBUUmuPHqJgnMkOCOxbN66c=
X-Received: by 2002:a1f:5f51:0:b0:3db:14db:2cc6 with SMTP id
 t78-20020a1f5f51000000b003db14db2cc6mr1387549vkb.17.1673857191929; Mon, 16
 Jan 2023 00:19:51 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a05:612c:2428:b0:32a:5eaa:92e4 with HTTP; Mon, 16 Jan 2023
 00:19:50 -0800 (PST)
In-Reply-To: <20230113000138.9994-3-michael@niedermayer.cc>
References: <20230113000138.9994-1-michael@niedermayer.cc>
 <20230113000138.9994-3-michael@niedermayer.cc>
From: Paul B Mahol <onemda@gmail.com>
Date: Mon, 16 Jan 2023 09:19:50 +0100
Message-ID: <CAPYw7P6cOkKr-CP3MtzGDK3T2rZZQ3pf=uTdSxgYPPJpEk2XCQ@mail.gmail.com>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: Re: [FFmpeg-devel] [PATCH 3/5] avcodec/012v: Order operations for
 odd size handling
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/CAPYw7P6cOkKr-CP3MtzGDK3T2rZZQ3pf=uTdSxgYPPJpEk2XCQ@mail.gmail.com/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

On 1/13/23, Michael Niedermayer <michael@niedermayer.cc> wrote:
> Fixes: out of array access
> Fixes:
> 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ZERO12V_fuzzer-6714182078955520.fuzz
> Fixes:
> 48567/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_ZERO12V_fuzzer-6698145212137472.fuzz
>
> Found-by: continuous fuzzing process
> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavcodec/012v.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/libavcodec/012v.c b/libavcodec/012v.c
> index 2d89a86b98..f0197cd8f9 100644
> --- a/libavcodec/012v.c
> +++ b/libavcodec/012v.c
> @@ -131,8 +131,8 @@ static int zero12v_decode_frame(AVCodecContext *avctx,
> AVFrame *pic,
>              u = x/2 + (uint16_t *)(pic->data[1] + line *
> pic->linesize[1]);
>              v = x/2 + (uint16_t *)(pic->data[2] + line *
> pic->linesize[2]);
>              memcpy(y, y_temp, sizeof(*y) * (width - x));
> -            memcpy(u, u_temp, sizeof(*u) * (width - x + 1) / 2);
> -            memcpy(v, v_temp, sizeof(*v) * (width - x + 1) / 2);
> +            memcpy(u, u_temp, sizeof(*u) * ((width - x + 1) / 2));
> +            memcpy(v, v_temp, sizeof(*v) * ((width - x + 1) / 2));
>          }
>
>          line_end += stride;
> --
> 2.17.1
>


LGTM

> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
>
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".