From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTP id 3431D4747B
	for <ffmpegdev@gitmailbox.com>; Wed,  8 May 2024 09:47:02 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id D955C68D541;
	Wed,  8 May 2024 12:46:59 +0300 (EEST)
Received: from EUR01-HE1-obe.outbound.protection.outlook.com
 (mail-he1eur01olkn2081.outbound.protection.outlook.com [40.92.65.81])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 9609B68D4DB
 for <ffmpeg-devel@ffmpeg.org>; Wed,  8 May 2024 12:46:50 +0300 (EEST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=bt9Xr74O+NFOfD5JSRXptOHysS1GgL0gGcMIHtFlq8euYTT6kgZU+T7Zsog0diozmvfQIuoMHrOHl4Fsna9G87DU2y8igNpR2z7AQjQ4pCgsGhlNbXK6Z7x5Li8LBLp3fmTEzPKu2YK00V+Hp3Fo3QounE4Jyr0QRFhPblGMOasdVTXitC5CDY24QLwu6D6Xe03XcUfmq5oKe9G/4YI8ofusYPodeM9dbZEftxw5xdwIGLkAVbO8ZJxI7m2eIN4jrLiT/4bKHRlwn6Qw310jUnHwgmumpQukLZrBjzNEaSH53P8SdLFW7A+WP6dCt1NiWCSVWi7iO3hoQtdYAWQHgA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=+QkbZsb+U/IKRADSMPk0Ttx0XSPSOGQd06UnVPlAo+4=;
 b=CsquRBXR3COuFEhXkPgpF/GhNBiL15Y8zfqkPDFzj8CWVM1pornoOSC32dJlwbQZHig8NwLZmp9fHJ13wiQWmgXgLmNTgKV8M+Z2wCOkccHtDrwaQT36ZQcPJPJEVsVQF7gMlnbVUIZS6WVQqO2/8fsx5sOLFcalDavHERAz7JILFzMpZCL68/HLYahIoUh7ZX3UlF/XqLBgJqAijwZzei+PnKp1Bq7nl0VEP8dY1yOKhhZaKGJXpzNgkXhpuKkMQDnP6r5GKOtL9IYIFcH5qfl++2oH+qD5rtZU0RyJDYUnDcuLBF6NhfaCbx2Q3nrB4zJX2LBuHxBSwqqOdIuk6A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
 dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;
 s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=+QkbZsb+U/IKRADSMPk0Ttx0XSPSOGQd06UnVPlAo+4=;
 b=YvGHxlkXgq6rYi1Sc76xPFaME9uNIVLn+3wqMNW+M+6hrhn9XuN2VSKxxzkko21CummBlhFNPu5Me4ckua9/IWn4DgfVWuYNmjWmpq/CFgra65XGlLHU9adoiPc0u6pHl/1h96aqpp8KXSYb1sof8ojKZxYBbd3tVgqtkgkZSScxA43g2RLwZBb/PvxyjFJPtf61fP5Q9gd/pZVSvHuJzugpp4VWJ+flqzSBycrkIOfp5YpPjEz32XJQ3wH9Z8WAWUljYhJPVFzwN8x/OTGYxT6cIi39hnZag4qHw1cAgHmBpxoV6Bn/QZ8Q/4eILYtkkySShbfAbIMi3dzGDH1a7A==
Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17)
 by AS8P250MB0332.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:37f::20) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.45; Wed, 8 May
 2024 09:46:48 +0000
Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM
 ([fe80::d6a1:e3af:a5f1:b614]) by GV1P250MB0737.EURP250.PROD.OUTLOOK.COM
 ([fe80::d6a1:e3af:a5f1:b614%7]) with mapi id 15.20.7544.041; Wed, 8 May 2024
 09:46:48 +0000
Message-ID: <GV1P250MB073713D9C61F31CA1F27B3088FE52@GV1P250MB0737.EURP250.PROD.OUTLOOK.COM>
Date: Wed, 8 May 2024 11:46:45 +0200
User-Agent: Mozilla Thunderbird
To: ffmpeg-devel@ffmpeg.org
References: <20240508023923.28209-1-michael@niedermayer.cc>
Content-Language: en-US
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
In-Reply-To: <20240508023923.28209-1-michael@niedermayer.cc>
X-TMN: [n0s8A5oZafvBs/Mio3y1EUWMN6qKFnU8PDJHEYtpkWQ=]
X-ClientProxiedBy: ZR2P278CA0029.CHEP278.PROD.OUTLOOK.COM
 (2603:10a6:910:46::12) To GV1P250MB0737.EURP250.PROD.OUTLOOK.COM
 (2603:10a6:150:8e::17)
X-Microsoft-Original-Message-ID: <b9742e54-ddd8-4d1e-8dbd-3fa79b11bbb0@outlook.com>
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: GV1P250MB0737:EE_|AS8P250MB0332:EE_
X-MS-Office365-Filtering-Correlation-Id: 946dfada-feb8-400a-f7b6-08dc6f43c777
X-Microsoft-Antispam: BCL:0;ARA:14566002|461199019|3412199016|440099019;
X-Microsoft-Antispam-Message-Info: 5UoVKK1TbqLiBtokUyBvjo9G8OY9CLog48ImndXo6+/CuEgtAwKFCckyAS2UHakmsWQ5DLuerMQrVvRRR5XzD3e1PIrM0JhktUKmAAZtRS1uiJ/Adhy0cms1MMcN3a5pY5sQiSspcY+t4fjQuJr3cf5P5voiCE03vVdZJ7RQ+1CjRBzf9Tf9NlonT6THbtSm37vljE/8hCJD27O6Vl9OI3Fy6eJlso4pS/5F7RWxh0ISiUXhNDsuoe/eLASlWCzzXLSeFIERG9W5/iJKAPvAP8LCNImgiJrVF3SPUEaFX0hJ76F1hu+bfIsE8wHFboCTglJ+KT4RdLJva0C22FE4yX3n2uB93QpEZQyLnk078RYTlg9R4VT1vy5k/JK7bnyP8IJ3OsUKHndjay5JksUFV6QlEevQwHEG/zAQ3O5nrspjC+9p7Nh673CEI5SBEy1/ARziuQL2pxUGf17h0Emt1v6tDiRdj5qd+HhcNtS17H2/Am/wkG79bvCn69e8CDVL9muO2n1oApeYuYroFBApnG32tyv+8OVtrB9c8honYseba9L/lEYMHMIRULSZDVxZ
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?QTN3YkcxSk5lS0o5dTB1L1lscVVjclVDaU84MnlENXJEM1hwRkg1TWFZd3pP?=
 =?utf-8?B?Tm4wRDRoem1obFdhRjIrVURHTXpvSEgzUit2TnBPYVVSQUZ1Y0pjQ3lkQ0lk?=
 =?utf-8?B?N3gyaE5sZ0R4ejZMaUNrS3V6ZGZQWnhpRDM2aTVzNjVvVWRHSU5ENDlIczAv?=
 =?utf-8?B?aVpQOVR5Y1l2cUhxSndNajlLbHZlTHhFQ1M5RVJuT1c4Q2Urd095Wk16NmtM?=
 =?utf-8?B?VDVudTUzUEw0U2g2UjRXSVpqbjFROWpxL2tqSWh6a1ExVlRqN0preHRQUVN0?=
 =?utf-8?B?aU90bWgwbUZ4aGVUR2RpM0Juc2JyeURxNUliY0kvMXg1UnVDRWJNb1pwcWt6?=
 =?utf-8?B?cXp5M0p5S09yRzA4aWFsNEpPSkg1UWFNYkRpTUljS1hpemtuNkQwd1hQcVM2?=
 =?utf-8?B?RGg0aERxdjZ1dFZFMHJxR25OYUptT09WcUVXRC8vOUl5blUrcnlIYUYrTmZN?=
 =?utf-8?B?NFJNeElWdmo5aFhDTEYvR1crc29WTThoZ0ZMekRuMnkwMitrT2tXN3lJRHZI?=
 =?utf-8?B?WkFpZUJTbWFDVkhOS3A2clQzbWJvL0t0dkRIK3R0Mkxab0VQbWdDWldKaVpJ?=
 =?utf-8?B?d2ZEdG1aUis2MkgxbkYwcE14YmN2Q2RMLzFRS2dXeU5sYWtSWk0zVW5xNHQ5?=
 =?utf-8?B?ZmFySVFnbFFVV1UxNENDQi9wY3B4Y1NPM2J6MTZpWGdaWW95NEVDaVNwWWpP?=
 =?utf-8?B?MzB3K2M5WHRyUlZZQmM2KzJXY2swOFdaV3VqaEpraVh6K3Z4KzBia0dZN1Fq?=
 =?utf-8?B?OHhBUGJPK08vVFM1WkFrRi9GOU0xZmN6OUlrdGNGQTlVa3pCdzkzZkNlY2JD?=
 =?utf-8?B?bTBRdWVqdlIxSTN2ZTNhaXlyeFlhY2RwR0tnSlRNSXhnaXBhcmlPcUp6SW9k?=
 =?utf-8?B?NHdUSnFPeER5YVJHOGZydXBYQ2N6aHozSjVkTGoxZThnVzBKVnVpNU9VaWlw?=
 =?utf-8?B?Zzd4NWJvbm1jVnZqS3NNc3IzYUJqQ2Q2clMvWVhCQnJ3N2FVeG95LzBIYllM?=
 =?utf-8?B?dVFLOHZoNlZKSmp6cFlNMU1YUDY2eXJRWHpEdEswWTNNNTQ4R3A3YWVWYlVU?=
 =?utf-8?B?ZjFnTjRKWTZWb2hYS016aGtjVHlmdHkxeEJNc3UzNXR5OGlucS9VcG4xZ3JD?=
 =?utf-8?B?WXdUeitXVmVPRHVoeGhlUmpVWDk1aGE5bE0xZ3hPdDJlSW9IU0YwWDFkUUVm?=
 =?utf-8?B?MitvellXcHFTQ3RKU0ozNTlKbDdzd2JaeFZpSitMTVk2cUprT0dib3pITGx1?=
 =?utf-8?B?bHVkd2hYcExnbUNUUmFTV1BoYTFtUnN0ZnIrMEQ3a21NQ2YxWlZoUUg1ZlFk?=
 =?utf-8?B?cnE4VXZvUjZCUDMxOWpyVldxZmFTMnRnNXpyRHBQSklkd00zRGgxSnJaZGto?=
 =?utf-8?B?NXdqMDAvajZtakZyenRLTy9WODJzRHVadVA3VEcydEc5L2QrQkNBdG5xWVM0?=
 =?utf-8?B?aXcvZEN2ZmtrTDBPRW8rd1R6RU9QNFBleTc5c0hVaEpZRC9DdXdjeEZ5aExL?=
 =?utf-8?B?c0pwZGczU1NMMStxOFdGS3Rwbk9XNk1pTFdneDYxV1JOMitnS3JZMWRkQ3pi?=
 =?utf-8?B?c0lPTGlPVXVwYkFsTzZZejMvUCtjck9SS1g3Wm1IWGZrNHhaUCtxd0FPWUFH?=
 =?utf-8?B?Y2V4ZWlnZzhjcDBLOThkNXgrVDQ3M1ZVY28rUjU2RGFqcHA4Rk8rR0lIRXFq?=
 =?utf-8?B?RmZ3RWZNU0VTaUwydldKcUxHbmRFNUtvZ2xGa2oyNUpPWEdMb2RjMzVBPT0=?=
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 946dfada-feb8-400a-f7b6-08dc6f43c777
X-MS-Exchange-CrossTenant-AuthSource: GV1P250MB0737.EURP250.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 May 2024 09:46:48.3497 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8P250MB0332
Subject: Re: [FFmpeg-devel] [PATCH 1/3] avcodec/cbs_jpeg: Assert that
 cbs_jpeg_assemble_fragment() stays within the array
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/GV1P250MB073713D9C61F31CA1F27B3088FE52@GV1P250MB0737.EURP250.PROD.OUTLOOK.COM/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

Michael Niedermayer:
> Inspired by: CID1473561 Untrusted pointer write
> 
> Sponsored-by: Sovereign Tech Fund
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavcodec/cbs_jpeg.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/libavcodec/cbs_jpeg.c b/libavcodec/cbs_jpeg.c
> index b1b58dcd65e..628841c5f37 100644
> --- a/libavcodec/cbs_jpeg.c
> +++ b/libavcodec/cbs_jpeg.c
> @@ -401,6 +401,7 @@ static int cbs_jpeg_assemble_fragment(CodedBitstreamContext *ctx,
>                  } else {
>                      data[dp++] = unit->data[sp];
>                  }
> +                av_assert0(dp <= size - 2);
>              }
>          }
>      }

You want to add an av_assert0 to a hot loop (or rather: to what would be
a hot loop in case this code were executed) just because Coverity thinks
that reading data with a different endianness taints this data? (That
the supposedly tainted variable has actually already been checked via an
assert makes this even more crazy.)

- Andreas

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".