From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
To: ffmpeg-devel@ffmpeg.org
Cc: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Subject: [FFmpeg-devel] [PATCH 1/8] avutil/mem: Handle fast allocations near UINT_MAX properly
Date: Tue, 5 Jul 2022 22:09:37 +0200
Message-ID: <DB6PR0101MB2214034DCAA45C10037497958F819@DB6PR0101MB2214.eurprd01.prod.exchangelabs.com> (raw)
av_fast_realloc and av_fast_mallocz? store the size of
the objects they allocate in an unsigned. Yet they overallocate
and currently they can allocate more than UINT_MAX bytes
in case a user has requested a size of about UINT_MAX * 16 / 17
or more if SIZE_MAX > UINT_MAX. In this case it is impossible
to store the true size of the buffer via the unsigned*;
future requests are likely to use the (re)allocation codepath
even if the buffer is actually large enough because of
the incorrect size.
Fix this by ensuring that the actually allocated size
always fits into an unsigned. (This entails erroring out
in case the user requested more than UINT_MAX.)
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
---
libavutil/mem.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libavutil/mem.c b/libavutil/mem.c
index a0c9a42849..18aff5291f 100644
--- a/libavutil/mem.c
+++ b/libavutil/mem.c
@@ -510,6 +510,8 @@ void *av_fast_realloc(void *ptr, unsigned int *size, size_t min_size)
return ptr;
max_size = atomic_load_explicit(&max_alloc_size, memory_order_relaxed);
+ /* *size is an unsigned, so the real maximum is <= UINT_MAX. */
+ max_size = FFMIN(max_size, UINT_MAX);
if (min_size > max_size) {
*size = 0;
@@ -542,6 +544,8 @@ static inline void fast_malloc(void *ptr, unsigned int *size, size_t min_size, i
}
max_size = atomic_load_explicit(&max_alloc_size, memory_order_relaxed);
+ /* *size is an unsigned, so the real maximum is <= UINT_MAX. */
+ max_size = FFMIN(max_size, UINT_MAX);
if (min_size > max_size) {
av_freep(ptr);
--
2.34.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next reply other threads:[~2022-07-05 20:10 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-05 20:09 Andreas Rheinhardt [this message]
2022-07-05 20:26 ` [FFmpeg-devel] [PATCH 2/8] avformat/flvenc: Add deinit function Andreas Rheinhardt
2022-07-06 2:28 ` Steven Liu
2022-07-05 20:26 ` [FFmpeg-devel] [PATCH 3/8] avutil/mem: Add av_fast_realloc_array() Andreas Rheinhardt
2022-07-06 14:40 ` Tomas Härdin
2022-07-06 14:46 ` Andreas Rheinhardt
2022-07-06 14:54 ` Tomas Härdin
2022-07-12 14:12 ` Andreas Rheinhardt
2022-07-14 8:14 ` Anton Khirnov
2022-07-14 12:51 ` Andreas Rheinhardt
2022-07-17 8:30 ` Anton Khirnov
2022-09-26 12:25 ` Andreas Rheinhardt
2022-09-26 14:21 ` Andreas Rheinhardt
2022-09-26 14:24 ` Tomas Härdin
2022-09-27 15:23 ` Tomas Härdin
2022-09-28 9:35 ` Tomas Härdin
2022-09-28 11:06 ` Andreas Rheinhardt
2022-09-28 11:41 ` Tomas Härdin
2022-07-21 21:23 ` Tomas Härdin
2022-08-17 15:29 ` Anton Khirnov
2022-07-05 20:26 ` [FFmpeg-devel] [PATCH 4/8] avformat/flvenc: Use array instead of linked list for index Andreas Rheinhardt
2022-07-06 14:58 ` Tomas Härdin
2022-07-06 15:03 ` Andreas Rheinhardt
2022-07-05 20:26 ` [FFmpeg-devel] [PATCH 5/8] avformat/matroskaenc: Use av_fast_realloc_array for index entries Andreas Rheinhardt
2022-07-06 15:03 ` Tomas Härdin
2022-07-06 15:10 ` Andreas Rheinhardt
2022-07-06 15:21 ` Tomas Härdin
2022-07-05 20:26 ` [FFmpeg-devel] [PATCH 6/8] avcodec/movtextenc: Use av_fast_realloc_array Andreas Rheinhardt
2022-07-06 15:06 ` Tomas Härdin
2022-07-05 20:26 ` [FFmpeg-devel] [PATCH 7/8] avutil/fifo: Simplify growing FIFO Andreas Rheinhardt
2022-07-05 20:26 ` [FFmpeg-devel] [PATCH 8/8] avutil/fifo: Grow FIFO faster when growing automatically Andreas Rheinhardt
2022-07-06 13:02 ` [FFmpeg-devel] [PATCH 1/8] avutil/mem: Handle fast allocations near UINT_MAX properly Anton Khirnov
2022-07-06 13:08 ` Andreas Rheinhardt
2022-07-06 13:17 ` Anton Khirnov
2022-07-06 14:24 ` Tomas Härdin
2022-07-06 14:40 ` Andreas Rheinhardt
2022-08-17 14:31 ` Tomas Härdin
2022-09-26 11:50 ` Tomas Härdin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DB6PR0101MB2214034DCAA45C10037497958F819@DB6PR0101MB2214.eurprd01.prod.exchangelabs.com \
--to=andreas.rheinhardt@outlook.com \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git