From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 9DE544352B for ; Thu, 16 Jun 2022 10:13:49 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 384A868B7F3; Thu, 16 Jun 2022 13:13:47 +0300 (EEST) Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-oln040092070060.outbound.protection.outlook.com [40.92.70.60]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 4399E68B7B3 for ; Thu, 16 Jun 2022 13:13:41 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mKGXa+yoxXZegm7m+Af4anJfTLf7m3LjAuFE/ozKLum6V1Bk6lmhwb/YKxU1KlKZyRKdKdK++FBpSe4BeWHNdGnnyKMhaOj1NsoMdty4AFIeibrPl/1eIwA4xAOJXIcitTotKst2y7lcE/IY8wsePEr8tlDtoGl2cFwfiZyppFYtxD8qKIbH+1N4ijw0/rSscU38uugKvtzNRN3r+HJjtCfPiXtD2EEApscj+RppZZX0Wqye8eHUELxmIA4vcbrlEFaelQocEokSeCymldQWBmXFpxTSI2mvpOvRhBv2T8uNl4L3dIOdpGB+4bEZ+CNI9p1WSNGeLAGc1+6Va8sgWA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=URJtZ8+NqIQmWRzBMDZQ2sa2kBhKY8B0RbwjenWWsis=; b=JArh1avhG+LZRMNGj3VJk+6LcOUblPsveN/WxGUTXSJOXuIQPN4mpHE4mT/fe3yEcnszYHMn0Wxt/1E/61e3mf4Y1Q+6KPpV4Qn8kf/moR28QoAayYQ+m0VZQJNF0G4wEeoUrkt+qi56vs+/o7131lY3swrFmNwBrRwVKMNMGch9yvExLTn7Ab6GIQyPC0VFN75oo4n3cTfO2QxKUspsjFpF3aWu2IXyF1F+0s4NUkzTIVo5BYKrQg05lXqBHProgdvPSy+IUqnNfu04nY0/OeyGOCrvh+Ix9RC+i1JLTYh5hTywsWwR+LQds0pnkg0TZk5E2t6qEQmsH9HpeyGnJQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=URJtZ8+NqIQmWRzBMDZQ2sa2kBhKY8B0RbwjenWWsis=; b=AgieScGhzSINwIWpDhT45bu34AvEawbriaeSG1ghWVdLnO0neVi//a9B/UohAQUDaqjNk8AXPcWgu6uOPRvfBLaaTd5JmbjzpA2HXjbqNZU37p22w5MkzjgRsmRuLL0k6jWC5GOQiCiKOQJMMwS7xq1vb02TgdB4VANSpXbB9O9NWqOahNaJ1+p9xXtD30JSpdaHtGvyDncRwmOmJBnkUBsbiQdS4iIrlKX666yqjI4Y2N9ixtZR92h9INyP6B0SQjSppwDolKWymlXVBJs11K5u4K5thXmJCqYwcLV2f8+bT8up4dik5SD/X5lxadShPJ760GVlqp3X59LVFuBzlw== Received: from DB6PR0101MB2214.eurprd01.prod.exchangelabs.com (2603:10a6:4:42::27) by AM0PR01MB5619.eurprd01.prod.exchangelabs.com (2603:10a6:208:16f::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5332.15; Thu, 16 Jun 2022 10:13:39 +0000 Received: from DB6PR0101MB2214.eurprd01.prod.exchangelabs.com ([fe80::60b9:9f29:40cc:f01c]) by DB6PR0101MB2214.eurprd01.prod.exchangelabs.com ([fe80::60b9:9f29:40cc:f01c%10]) with mapi id 15.20.5332.021; Thu, 16 Jun 2022 10:13:39 +0000 Message-ID: Date: Thu, 16 Jun 2022 12:13:37 +0200 Content-Language: en-US To: ffmpeg-devel@ffmpeg.org References: <80816607-3610-9133-9d5d-7fee3040de06@mail.de> From: Andreas Rheinhardt In-Reply-To: <80816607-3610-9133-9d5d-7fee3040de06@mail.de> X-TMN: [afTUl6WnrN7v3oCqOmlQOWs+gvDBwE9n] X-ClientProxiedBy: ZR0P278CA0065.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:21::16) To DB6PR0101MB2214.eurprd01.prod.exchangelabs.com (2603:10a6:4:42::27) X-Microsoft-Original-Message-ID: MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 322e7c8a-3886-4e01-22f3-08da4f80e211 X-MS-TrafficTypeDiagnostic: AM0PR01MB5619:EE_ X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ZNKEH1byXQlyub+GWASs6sD/L1sVURPA5ezAbxq8sbklHvGRACjdy3L4EbmuhG1Lyhm0HTSsjXFpB/6jH53B79OIrSYOMQ/KXWY7ZDM8XJ34WzK33bTApkuvFPPxCfgnBb/MMN4+KFvRmLRjZRaNS82kpsfwAm155O4/WJYXY1q2rWUy8cAc3dQxvEPZ6HOFtNcfNWTRGsaC+jOnF6UDfpx6hi0J+gMinz1bsLynkhHSxjji27WcEUiNzee4QYS85VcuIP/BH18a4yvF5oWI5k3q7Mb1uYWcNJsc1jwMDZA4aD7chM4dcrIHGql4kVd8r3BM4oYKbVONhpekVTwZOhQsccJYPdHT8F0l6LM0hcSjHTZ13sqw6Zxe+PYCO5d1QmNHM+V06OFyJIwr+QxTHqzufAaaHehy6lYBM8j9ewekupL5/jSU2HAoEK+zSsN/2wTB7uy1LLh4EZbA0tkO4kq0cHnlXCGUXaaAiS/zylqsP/SdwcEpyZFmEoB+glfX/+aDWSrtVr/N2jJ6omb7bh/OoBb44S0AT0wODoG1c0cy92r4dhRHx0y0jC8lX7qTuGqXWPykTtZye5ZmZCU8Ug== X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?Z2E4VXUxTEErV3EzbjZaZkR6TCs5K0VCR1Y4SndVZ2h2YTFBUkRXeU4xdnVN?= =?utf-8?B?U3hyVTd6Q3lFOTJ5MWUrbkdMNEdiZmoyamU2NmR3NUlPckFhOWoxcFZGRzR5?= =?utf-8?B?dGtEREJIOFBXc09DbHRWdFAxYUN1ajUwU0F0ODh5RldjeTNvbHRURElUOWJB?= =?utf-8?B?c0tDZjdpc3JqaXhhRTdVdGxjQXNZakNycGJ1eWN5THltalZwVE9sNXN3VEsr?= =?utf-8?B?NnFIR3h0VGl3Rm5pQ2VwL2RjYklBZmFSVmI0WWFyenQzNkQycVE4S3RRMk5H?= =?utf-8?B?cjNuaFk5WlQ3ZFJad1NnNDY3Sm9xcG1US25PK1d6dlJsdXZ2L3lMOFFFMGo3?= =?utf-8?B?eFExZS9FT0ZRNExyOEhkQTc2WHp5dWV3ZStEdTdRQ1lQNHM1STBzRXVDbzll?= =?utf-8?B?RlVWbG9xNHZYVjJBaEUxa245SlNYd3B1dXNlK1hLT2dEbEY1Ym1xVGFFTDBa?= =?utf-8?B?WGU5cUQ3UGRSRHJFSkxid1JWRWFZVERrcGw5MFIrZnpmT3lwMFYvQWxKS2c1?= =?utf-8?B?M0F5YU50YkZJT1Y3NURQWGZ2UnhOcGwrNkZ3SDl0UDliUDVjem1rNlg5UEFq?= =?utf-8?B?d2oxc1NocmVKb2IrK3pDUE5YeXNLcVRIUlFuM1NwVjVQWjhNYnBYdGFLdStk?= =?utf-8?B?QUVsa3JEQ001YnNISmRhWHFYbUhITEFuYjd5K241VUR3QmtXYlNvelZUcHJt?= =?utf-8?B?RER5TlJyVHNWNWxmM1NocjJQcGNDTnQwSE5TcVFtZlF0T2hVUDZMRCtLNzc3?= =?utf-8?B?eUZocVA0L0IrYlVIY3pXNGNDcTFnYkY3R25UWEJ3djR0S1lpUDJIK2RxT3ov?= =?utf-8?B?K3p4MzBTWVNJV3VMQjI0eEFqb1NMOEhHbDhDMCtab3dybHZYSnBBRUZ3eUI1?= =?utf-8?B?T0pNQk5MUW1RaEpkQ0tkY3F3TmpNV2F5NnQ4Q01nZE9aUnFvaG14cW9wc0Zy?= =?utf-8?B?NmRUWHp1MHd5RmhzVjRQL1R0MmpBVk40TUptYnhVNS9mdENzTExBanRaUkNI?= =?utf-8?B?dTlvT1daZ0o2MFpLRVZCKzZ6WGJVdkdwSHZLNi8rOUJYUy9vQkc1RSs5TURO?= =?utf-8?B?L1c4V0VtMGxndHRubkx5bXJVT3NGR1g3TlBDM3J3a3Vub2wyZTZpekF0ZlVE?= =?utf-8?B?U29vUmxENnd6Y2ZYVkRQdkFOYzF0V0l3YkpPb0J6bG40c3l0VjR5Qi9aRkQz?= =?utf-8?B?YnZXUGtoa2tkRVVtQzFQR0tpYlQwVEJBbTQrN2ZQRUlQN0dRMzdsNHByTXEw?= =?utf-8?B?UFR3V1hYc1IvT3JsaEttM0o0elN4N25ldjM2WFBHNTdCbzVCeFNWOWZqOHR3?= =?utf-8?B?bHBvOHg1UU43WDFBai9qbDVGMzF4eGF6bllJaGFlSytmaHJMSlRoSTNKbkdl?= =?utf-8?B?V3lxZktzSUxiR3pleE9COWxVcVo3QytWc2pLeFlxRGVVSGdqUDRMNWlxQ2ly?= =?utf-8?B?MWQxVDVjUms2R0U3NTEvNXVmZzgyWkMvb0hXbjVud2FJL09ZUTRRaFhiYXRl?= =?utf-8?B?UHZ6azFEOHprY0o1eGhmODc1RDgxYlBIQjVvaWJ1MjhYWHBLMnMrTWd6c3hG?= =?utf-8?B?U25KaXovUWdLT1VPa3JXYmVtdTduMWRxSlFiSEtvYU1jeGJtNzVzMkZKTjBO?= =?utf-8?B?STRGMDdZbTFGWWRoTGdBVTJOb21JZjVwUnVmYjZVZTR5N280eVhOU1BKb0xQ?= =?utf-8?B?OXBHV0NBZjJHSWVzK0JTTk1hVWtHRUNBaXhrN09jV1VPZi9uK1RPWHlSYmlh?= =?utf-8?B?SHF0YWtJdnNCSzI4Si8vR2FrdkgySG1zM2pEWk5OSFhwVnA1ZWtMOEdNcUVO?= =?utf-8?B?NUhrY0ZEWnFTd3IrR2dXWjRIbjV4QWxsZjJPRTkwWXkxSHZzQmNzVEsyL1RQ?= =?utf-8?B?aXVOcHFXUTNSNVBMbTBUWjQydkUwQUh4NWlQR3lPd2dlMHhjZ3RUNm5zYTFx?= =?utf-8?B?ZTAvVFBvREtoYnFrWnQvb1J1VUpuUHBrVnhuZHd5d0FzTVFXYTFqdzNraXVr?= =?utf-8?B?ZDE3clVoOWRRPT0=?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 322e7c8a-3886-4e01-22f3-08da4f80e211 X-MS-Exchange-CrossTenant-AuthSource: DB6PR0101MB2214.eurprd01.prod.exchangelabs.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Jun 2022 10:13:39.6653 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR01MB5619 Subject: Re: [FFmpeg-devel] [PATCH] lavc/dovi_rpu: Fix UB for possible left shift of negative values X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Thilo Borgmann: > diff --git a/libavcodec/dovi_rpu.c b/libavcodec/dovi_rpu.c > index a87562c8a3..833ce9e705 100644 > --- a/libavcodec/dovi_rpu.c > +++ b/libavcodec/dovi_rpu.c > @@ -153,7 +153,7 @@ static inline uint64_t get_ue_coef(GetBitContext *gb, const AVDOVIRpuDataHeader > case RPU_COEFF_FIXED: > ipart = get_ue_golomb_long(gb); > fpart.u32 = get_bits_long(gb, hdr->coef_log2_denom); > - return (ipart << hdr->coef_log2_denom) + fpart.u32; > + return ipart * (1 << hdr->coef_log2_denom) + fpart.u32; > > case RPU_COEFF_FLOAT: > fpart.u32 = get_bits_long(gb, 32); > @@ -172,7 +172,7 @@ static inline int64_t get_se_coef(GetBitContext *gb, const AVDOVIRpuDataHeader * > case RPU_COEFF_FIXED: > ipart = get_se_golomb_long(gb); > fpart.u32 = get_bits_long(gb, hdr->coef_log2_denom); > - return (ipart << hdr->coef_log2_denom) + fpart.u32; > + return ipart * (1 << hdr->coef_log2_denom) + fpart.u32; > > case RPU_COEFF_FLOAT: > fpart.u32 = get_bits_long(gb, 32); coef_log2_denom can be in the range 13..32. This means that 1 << hdr->coef_log2_denom can be UB (namely if coef_log2_denom is 31 or 32 for ordinary 32 bit ints); this time it is not UB that happens to work as expected, because 1 << 32 will be 0 or 1 (depending upon the system) and not 2^32. In case of get_ue_coef() this actually adds UB to otherwise fine code. - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".