From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 8E76442470 for ; Wed, 20 Jul 2022 22:17:35 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 2F62F68B60C; Thu, 21 Jul 2022 01:17:32 +0300 (EEST) Received: from EUR03-DBA-obe.outbound.protection.outlook.com (mail-dbaeur03olkn2016.outbound.protection.outlook.com [40.92.58.16]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 933C0680228 for ; Thu, 21 Jul 2022 01:17:26 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jP2939Foz5CzMCw2CHpPVPvY86fEbCekrqeXy2rcG6oDXTMg/DsXbLY+pwA+zaYtJaf+3mI2SNGBVc/4MpptNCfXBwVt3Dwor3MrMrHIEVneVg0HbkssCpWesSBLC/6fetI1WHyQjueQG2PRR0QpP0BSo6Lxmp1PtJ/4I78usnHXDQJARXOXWFD8iDVv0BZGYEd4ACZAtCslMB64TYQyXVeDuAUF+hDCwWoiDLPMTgRj0K9VjQBtf9rEcMB+5nnzFV0zTVGPE2p4G5ZtuRkqONBLHXf7rV9bbckOFfghgl1cZUWCAb5zkSpsyxUc+v6i+D5StkZkxxobaLw2x5Jm/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4Knu0dlVOfrQPlUVwknno399f9YTEPXW2P3zrfHzlYA=; b=nzo4OS4olun4ursliSRIe8ZkOcNpMu5LZolANeON4VlfV7L6ChgDivsu9CWsTXUPNEGl34Ui3QDHI2aBBdB+p7hE2CWV7BBOlZDH7FSMMOMluRozCeVF0itdKRMW9DZOt17fNUUSgHFXT3TI2NIb8oqnKcn8bV0iabKThQrsvhrdlsBcaNPkILMrCjIJX0yzG7vjPtv+4gYG83+jneIOkCsmwVE2Yl4Uv2QxK/gyHY082KYh+KgP9mIjyCZOtabees4gTrL5R44z3ktlcJzP8O4zIv//VBpc1ZF6Q04FuZ46+wS2dcxt80nXuHJLn89kfrI7sKbpH1GwGry0TFCQMw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4Knu0dlVOfrQPlUVwknno399f9YTEPXW2P3zrfHzlYA=; b=M4453GuLNnIVuwrB+wx4dI9kUdY+cT1GvKKj/7MegmJw+VLmL49GZqpXNX0rRQO4do24539SEJKEzPLy4g/e1LfF87m+srkt8cQ0JLt2QCUvxcDmeljqI12SV7fCdp1S/rFSt6inkkls5c5sqJhswcUojF0UjJxJp4WHrnelb6xL51P1XfV9UqUZbzDwjTRmQ9TdN4Unw8vu59aw9VS731xopZ9zLB1AYaqaiFSnBKcNocTvMhjWKC/ZCn31FyzezdYuAOxfgQ57DUKthOlSNnFC4JUQiy2/VYg3TCgkRt7nzMYb5mWTQ/f7tk/fkLII8ICRnz/xRs/rkIXjFo54vA== Received: from DB6PR0101MB2214.eurprd01.prod.exchangelabs.com (2603:10a6:4:42::27) by AM0PR01MB6482.eurprd01.prod.exchangelabs.com (2603:10a6:20b:160::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5458.18; Wed, 20 Jul 2022 22:17:24 +0000 Received: from DB6PR0101MB2214.eurprd01.prod.exchangelabs.com ([fe80::210e:b627:bcc9:8c46]) by DB6PR0101MB2214.eurprd01.prod.exchangelabs.com ([fe80::210e:b627:bcc9:8c46%11]) with mapi id 15.20.5438.023; Wed, 20 Jul 2022 22:17:24 +0000 Message-ID: Date: Thu, 21 Jul 2022 00:17:22 +0200 Content-Language: en-US To: ffmpeg-devel@ffmpeg.org References: <20220719113453.23169-1-michael@niedermayer.cc> <20220719113453.23169-5-michael@niedermayer.cc> <20220720143013.GA2088045@pb2> From: Andreas Rheinhardt In-Reply-To: <20220720143013.GA2088045@pb2> X-TMN: [T4AvK+nrIKmwU4WS1yRnMSG8MCkjBHFv] X-ClientProxiedBy: ZRAP278CA0009.CHEP278.PROD.OUTLOOK.COM (2603:10a6:910:10::19) To DB6PR0101MB2214.eurprd01.prod.exchangelabs.com (2603:10a6:4:42::27) X-Microsoft-Original-Message-ID: MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 1c948f99-5603-4d97-513d-08da6a9d9efd X-MS-TrafficTypeDiagnostic: AM0PR01MB6482:EE_ X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: BY7bKWSZ1NvNJifCDyg6YQKhR4UySIktyvGUwtIajTcn2eglgr0aDMUlwKcYUF2AiOyHlPKAXT7JC1iCNiHpXgvSyYeuKlGMFPz+Kh4XedpBtxiDY0NaPSYtFpbks02m+jUpIOyKsnHc34z+ZHtYO3dTgoqHFn3EFG/xFwhxuaYAggd7Mx7BF6o8H+vDBHLAYpguWT2QwfVUqcQPDa58liWjUDP1xuRhKoTopj1XGldu1mbD3KTZ9Huhm+LP01eJo5q9GQk8KWq4X2g0eq6b3uFbsE7xlDpUf+WY12hrokO9fH7PJjKUHPGd2MvUnJIJt4RkSp+dtW8QL95Ecvqcs4oi06LKjSdp/ao9lYRdFoExI2/pOJVHo21hRhHv29xSwyQV2OAdeTc/iCTUO22f+mLaV2mJBkIqaDlGk3VCCn+Tc6MmqnOSEsx4jBjs2jJYosf3tx/RnB6qxalXKSM1PYieUFUcvLUI6ipIVbvDwr4DsRjp2955iUwkjebEmPj9UmhP/2pRRBrllSjlATpGRkfejYCthrtbsK9y55tKHUaVkcL4M8QZDAhiXHS9x7D5ktNZ1JysU7DlMiGlv8hPcPVnuTbeni7NwNkJSVgJXEcrbBsQCNL0dAPvM8RnwVRZKzfuD7Gw541qwYP1rLg3vmsODB4Uar41yKJbpfNpnhDEHB9PdgVYkURAJuD0GHys X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?MExkakJVUFdvMVJWZkY5K0xWejBhcml4NXBWT0ZCZGJRZ2tWZUhjWXBsdDlG?= =?utf-8?B?N1hFaGlHV09tTGhZWnp6NGtTMlJidlNxZ1FxdDF5Ni9kY3ZWYkVHbFNrbStW?= =?utf-8?B?Z1pNeElOVDRVR0xlQ1A3eEhmUjE5WWZPZ05GQkZYdHdmVmxSdGlhSXN0aEYr?= =?utf-8?B?bklNREtwRmJGMzZFSk5xckJiaDUrVGc2OHl1Q1I3ZHBsa0dib1dWSXBrV2Ex?= =?utf-8?B?b3V3VFJIY1c0dkpjYXRQLzBlQ3EyRnNPY0VqMk9pdWVtd1ZZUktnODQyaS9E?= =?utf-8?B?OTRabm40TkJEd05aMkNMcEx2UVo4eDRxWlZjRGJOSmM1cERiWHZFeTVGVDRH?= =?utf-8?B?RG80cmJOc0FubUpmcWhTd05nNHdGSitZQU1ZSG5vd2pCQ2haQjUxQUdlNEU3?= =?utf-8?B?OTlPL21QNThaQ0gxU2lwWVgxWmorSWhuRWo0OWE1NUF2WUgwSlpqVENWTWkr?= =?utf-8?B?UUZOamZSWW40YmRxWTFOeXVaLytnUVFRTXJWUVIwOWovaWNBYzZxMnNZQWNB?= =?utf-8?B?L3NxMWlWaEFMZ1FaN2d5ZEFOeXp3c2lLa20zTy9kcmNXaFFtanV1d1N6Y21n?= =?utf-8?B?UlZVQXpZZlI3UU9GWkRxYkR6ZFVRT2VvaHlZRFk4dUM4cWZpa3pROVpLU2Rq?= =?utf-8?B?S1dtUGhqcGZXMUhESEtTY2JSeitCYjJQT2hkWmRIeXQ1UVVNWWlTaG52cVpt?= =?utf-8?B?YUVqUGx0S3JRamhKWjdhM015Wk5oSnk0elUxUnR3T0JySUgwN25QRTlaSitQ?= =?utf-8?B?bkVSUU1CRkQxUld4dFZLcmp1YmY1ZlZLQUFMeXlOVFZIMG5tWnE3R28rcktR?= =?utf-8?B?WVlUNEpsSGx0MmhSbVhlZEx4WTJKdSt6a1BvdFEvZHdPUGkwZHJxallGQk1W?= =?utf-8?B?K0NCRUlYanNqRElIMTdzOEh3b1BwTVlKUWMzUGZHb0I0NjVVeGxGZ2lPOXE2?= =?utf-8?B?T1pKV2dWWE9BVmljYm92STdIVit1OFRiN0oxTkpuQkJHcHhxSm1JYTZ0bkJn?= =?utf-8?B?Q2RVMDZXZ1BzRytwM0J1RmlKL1ZHTmRSZkcwZ3lwcmpQWUJwdGtWN2xsUVcx?= =?utf-8?B?TUJXUnpXdk5reGEvR2VDWmxPcnJMTGxvVml6K0xOdkxHQUNRQ0Y5a3Z6WUZ6?= =?utf-8?B?MDZxZ2wxcWVSOGVwaWJYZFFjL1VDNmVwQjl5Q3EzSGdYV1NmZ0ZHdld2azRk?= =?utf-8?B?SWg1S3FxRGV5TlNwRXAvSFNrVThPMkh1S1g4cW1QNSt2VXBveHVRbnRrN2o4?= =?utf-8?B?ay9ISjVDbEZ0ZFByY3NqNXg1ZUJGNW5nZVQ3N3JKcjVlQTVvQkg1ZGtyakhs?= =?utf-8?B?RmNrWmQ3bGQzL0ZrOTdqRmJNRHBBUFdmL2pIeXJSUlI2dWJnZ051eU5jMGNl?= =?utf-8?B?dUl2N3orZ0t6VjgxM2wzSzFNRFlkYXc3MDBCMVMveTgxUDl5bWozcXRwOVJD?= =?utf-8?B?Z290WHIyNkNZcEU5UnE4dFlTREtUTTZlWm1NdDVBVjhsUzFMSUVsREU1VXBp?= =?utf-8?B?T3NYZGJ1QzBBYVByWUpRRHZ3MDNmdUNJVEp6aE0wK1o5ejBhODc2SDJSZ2FY?= =?utf-8?B?VnltNFMvemprTkJCRms1ZnhLU3pGVERzZUtiMk1uSGhnZ241eWdaRzg3N2t0?= =?utf-8?B?anNhdVJHVXE1R1FYZ2pqc1pYWDlhUDg4eEYrL2ljUElYcnowZmtLRWhOMmUw?= =?utf-8?B?LzVxQVV0WFVpcnJBZmNzNjRLc09UbkNDajBPUFMyakxMOHg2MGM1SUc2Z0RM?= =?utf-8?Q?BZAUfpwV6MsMdiaCnY=3D?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1c948f99-5603-4d97-513d-08da6a9d9efd X-MS-Exchange-CrossTenant-AuthSource: DB6PR0101MB2214.eurprd01.prod.exchangelabs.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jul 2022 22:17:23.9126 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR01MB6482 Subject: Re: [FFmpeg-devel] [PATCH 5/6] avcodec/ffv1dec: consider run increase in minimal golomb frame size X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Michael Niedermayer: > On Tue, Jul 19, 2022 at 08:37:38AM -0300, James Almer wrote: >> >> >> On 7/19/2022 8:34 AM, Michael Niedermayer wrote: >>> Fixes: Timeout >>> Fixes: 49160/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_FFV1_fuzzer-5672826144686080 >>> >>> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg >>> Signed-off-by: Michael Niedermayer >>> --- >>> libavcodec/ffv1dec.c | 6 +++++- >>> 1 file changed, 5 insertions(+), 1 deletion(-) >>> >>> diff --git a/libavcodec/ffv1dec.c b/libavcodec/ffv1dec.c >>> index 01ddcaa512..9bdac0be4e 100644 >>> --- a/libavcodec/ffv1dec.c >>> +++ b/libavcodec/ffv1dec.c >>> @@ -883,7 +883,11 @@ static int decode_frame(AVCodecContext *avctx, AVFrame *rframe, >>> if (buf_size < avctx->width * avctx->height / (128*8)) >>> return AVERROR_INVALIDDATA; >>> } else { >>> - if (buf_size < avctx->height / 8) >>> + int i; >> >> for (int i... > > will apply with that change > > thx > James' suggestion made you use an uninitialized i in the actual check; and even the original check is wrong, as one can overrun ff_log2_run (unless there is a check that I am not missing). So it seems to me that reverting 15785e044ee1265464bb4f3ed727e2a8074f97b4 is appropriate. - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".