From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTPS id 1B1AC4F2F9 for ; Mon, 16 Jun 2025 09:47:06 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id CA39968DAE3; Mon, 16 Jun 2025 12:47:02 +0300 (EEST) Received: from EUR02-DB5-obe.outbound.protection.outlook.com (mail-db5eur02olkn2085.outbound.protection.outlook.com [40.92.50.85]) by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id 628BB68D8FC for ; Mon, 16 Jun 2025 12:46:56 +0300 (EEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=xFYcdSze58w9aGE+yFLiDHsef499O0EHzOgDKs4HDHVK3wD5QPvWEEdWSo/56nFojMtzY7dwbacg5uknNOyzVVhDSgPgLV7Ec61fSGn8540N68VG3ptDvD/JcuZjZ5l+/jT4mp4X4amsI3NYUohToFZ6K6khNk75/8ASReR2drwdv2ZyQzLJwzZHQ7Bd4MYnb8YB9ofy37aiZHLFcEb/YknaYie72Vk/ChPe2K7JqgSz0Wl1ogXdznxtpuZnYEP46+/WTwN0dq9bIqTLx5J5WFK7r7ouMIinuQTgcXrzuHddaNCOhnqv36xNcBgTRrginQcSTbxlMoyYh6eAMqxTXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=QUbN6xfQ1KhG14exe2NpC4Irdb3kHL38u65H8TX4JzQ=; b=RWPFRwHwNjtc/dIwYLiPOnXPJZzQ/1ZUqsQILVk9Ucb25hk2NyL10QDRYa0Xzr9LC+U5Pi0Mk6MB7KSawulZuJCeIibmJQpTVPSfLsOJmOcjzfRPHNSlCKmpS8cx2aONyXM5xCkoZGAUx7mPXTty/bSISJDTLh6bpLyW43rCn/OO07mUnFF9J1Ow+fXpuR4Z5YbyIkU/quUA4tEbG2BbEMScgTEqxRCOAP8a1FGImT0b/QaG4hrmDW3dLeDhjmRGMu1vn3NY+lOu+GZL9Sj2u5v76xxouPvFway88acE2iXxaAKbdL5PQ/x9aQLzLuAoa3NXOsnSSstE+kTa+/PcLA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QUbN6xfQ1KhG14exe2NpC4Irdb3kHL38u65H8TX4JzQ=; b=WMGGGLgvXyGGdsxqdNOi7E5XYv2hqpGUuXH7EcK/Y/k0RJ2nQMBwkWYHRlC45wNVi2tiwSwH2d2QbleQELuSVLAwJqoPsIAtLrYroRBhBUJ5RpKj8wkxzdbJWxIDrZ1pvWsTP7Pj+rp3Qyfn10f9r45nlneutk1+sJmJcj0u1UBGFvn+zLzymcLZs6IaY/vIPD6OZv9sPq9FH0e9FgD4lufaEyFxH6xQG7ou4shg1310nzra84Lrd+W10nadzkLULN+eGsNQaq2zMAeB2haMn/LdfhQx6bryXJt7Cao3rbPOOzi2IVYk3WDZu4za0Gw7L/r1C4s1MZaetYmXQnciPg== Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17) by AS1P250MB0525.EURP250.PROD.OUTLOOK.COM (2603:10a6:20b:4a2::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8835.19; Mon, 16 Jun 2025 09:46:54 +0000 Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM ([fe80::d6a1:e3af:a5f1:b614]) by GV1P250MB0737.EURP250.PROD.OUTLOOK.COM ([fe80::d6a1:e3af:a5f1:b614%7]) with mapi id 15.20.8835.027; Mon, 16 Jun 2025 09:46:54 +0000 Message-ID: Date: Mon, 16 Jun 2025 11:46:53 +0200 User-Agent: Mozilla Thunderbird To: ffmpeg-devel@ffmpeg.org References: Content-Language: en-US From: Andreas Rheinhardt In-Reply-To: X-ClientProxiedBy: FR4P281CA0435.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:d1::14) To GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17) X-Microsoft-Original-Message-ID: <70347043-2ee7-4e25-9ef3-2fc52e9b7ccb@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: GV1P250MB0737:EE_|AS1P250MB0525:EE_ X-MS-Office365-Filtering-Correlation-Id: f3eee932-20dd-4e77-09eb-08ddacbaba16 X-MS-Exchange-SLBlob-MailProps: AZnQBsB9XmpirIBHktUo1qChFBbx+NYsCJP5PUDUpgSCGX7qhTd+PhcU9Jgow+eOVWWvdDWRnklRjBCFGPBc4JzwYp/4yxLMRIOEIk1jFnRCQwWdGkq79/1ajkdjHqxZML/sZL10ZCKhWlCKmDy/8qqMrdXroHnrmYlFQ5wPluVX6939QQG7Kd/4dptihtKGvoIkKB6wEf/WkHhbzKTF2slAEORh2/KcM6gaUue2JRuhMSVnlIMPCHjYGC+h15F3Wg0AXgA76O39GP6HdIeiciTx4xQnICGXhHTAnuHwsPxlWQr2n1IiBsVEcnU9oCIxSJgezjs83aacmjorYEf3aMv8z5UM1O3Iawj1mxII+GiKpIT5X52qFAOvY5Vazx3Kqqtc3VxrntXuo6TlSAPLkolpsUOjdy4HmGuSDpxAzPlmVDpZnCeEQf6i4M/a5VDhYDML6DPSV3ekJkaVBiLQEZ4N7HHKoGQsMNM4+jawuhtymJ0rDvUer3dJXbkVFqAeM/ggT9FiKmHBMFnkG/tgl+EBa5Dz22LfgSeuQ7G5VUMEzy1ywpMBAT39pa87AEEjhMRiLNgfrOOvRfDdsUzCCkck0RD2P9ZOHr8NDT7NVI5OZ51pjKbd2ZqURyt1nh96EgTGsOmwOWpjWOHeTrMcq3UeyFKnWNv5ZdbQ6KabMcBL15azmOibK8oT+3Myd6ahVATmUCVxwYCp1KWq5kFHSW4i/xep6iJy5gKC6uq1DDKoVY2uT1A3XSPCLlKCj8KvT8/GPwVDd7c= X-Microsoft-Antispam: BCL:0; ARA:14566002|8060799009|7092599006|19110799006|15080799009|461199028|5072599009|6090799003|3412199025|40105399003|440099028; X-Microsoft-Antispam-Message-Info: =?utf-8?B?Wk9COHZPNGR5eGxpVVl6UGVGSENZU0JNdjA2UEhyYnBnZWxBVmtxOTI5Z2da?= =?utf-8?B?T2RQd2x6a21tQXYrTTlIb0JOMG52YUQzUGV1RjI5ZnBJcTdRRU1jWk1sWURt?= =?utf-8?B?S3dObE9hL2VoY3pYZEorL01wSTBxek5OSnErRzRRRGlzTm5tMCtpbzJMRFBO?= =?utf-8?B?WlhXR3NRNFAzc0gzMEhrZXNGbmI0elFNVFZFUmJCekE0YlJqdExnVTFlU3V4?= =?utf-8?B?Rmg1U04rTm1kSFdNOWlIVFZMUlIveTBYSGpVYWY2dHh2YXhMWGp1VExDampu?= =?utf-8?B?czI5SnROckFaKzFpSXZoVk5DdHhIb1dRZkh4TkpkQllNd3MrSU5OdTIwOUxa?= =?utf-8?B?K3pYOXVHcCtuZktCSHVMUkR0eEZUYXR1KzNBVnNiNXUrZ1VBWFF3SGYrSmJr?= =?utf-8?B?akpLUEFBNWxzQUVBeHFieVYyNVREMFAxd0VSS1BUSHV1OUZWbHNoZ1ZKMkRT?= =?utf-8?B?aENEZk9hMnB2dnBibDhwNldkRDREUkZ2eVl2Y3FuTndjSXZUQW16alF0RkUr?= =?utf-8?B?amRCNDkzSWl2ZnRoZHl5dS9jQ2F5RUNTWlljOU1SVERLTEEvbm1BMFJSb29Y?= =?utf-8?B?cmtsRkxUY0hyWE50MGVCTjhJcVVoM0RPenZOam9aNDFWSy81THVONnlDb1NL?= =?utf-8?B?ZTM4TmRkWTA3ZWxwaHQ5RTBRcUxWY0NVa0lPSXU4RVlKV0o3OE1wcy9Oei9C?= =?utf-8?B?R3A5MDM4RGFNUy9jWUpZQlEvUG5QTXdSVTdKdG9DNS80Qng2Tlh2dkFjZXdZ?= =?utf-8?B?OGtQV2k1cmNMUHNvZFJqQ2FqNlFaMEd2WFZtM1FJblVEVk5KeHpDWFFodkky?= =?utf-8?B?dG1NOTFVQkh5TnlsOEdCSGlQc3BIN0RDa2xNWE1MRW5JT0hsd1NJT0ZZbmds?= =?utf-8?B?WXltM0VzT1RvTTEraEZ0NUdHN2FTbi9NTmVtNWxndzhFUjBJZ2FXL1BtVTZV?= =?utf-8?B?bTlWblh3UVNNYWNxR3NZWTZnaVhWRjREN0JHS211a3NhWFFTUnBZTTVlZ1Q5?= =?utf-8?B?N1gyL21yYTcwazgyb3JHZ0xzUU1pSzZ6aW5CNjFOQVdvNHJJaE5paWM4dEdE?= =?utf-8?B?cXBkZ3ZjR1lvOXFaTk5BS1p5VGVYbWd2eUFOa2Y2Nm53SGgyRk1LRlJZOUVW?= =?utf-8?B?RWJNRlFzcFdraStGdFBDTnU2RitMZGNuOXFtVmtwU1h0UCtKd202dHp2YnZq?= =?utf-8?B?NVpINVFNS2ZxYmU5azNvRytRZkQ3SlhYRU9jbGkvMTVTY2dXTThOVVZ6NjdS?= =?utf-8?B?azJOQTFHODZ5Yy9DYlF2dG0vL2pjMGFaRkg3MTJSeCtNcUtJRTdaWWJQMDA5?= =?utf-8?B?anN0Zk16RDVvSTFSRUxBRVExdXhrU3F2WUVieFA3cm5HaG91NFFtNkwvK3lB?= =?utf-8?B?VzFIL0wxUnhOcHhoRlhwZ2pia0JnUTJBQUdKcEhnbXlTNXNMdHVMaEVSeVZP?= =?utf-8?B?NVRiclcyT3Z1MWRwWXVnbmhOcWc2bzZ4VWgzbExKU2JVUWtLMTlWb3FYUTdk?= =?utf-8?B?YjRQSC9IbVBZZ08vUlFMN3VxWnNjWE1LcDRsTGdOZ1Z0OTNaSlBFYnZIdEJJ?= =?utf-8?Q?/2LSniK4RPg+rWVlhHJ7iiUU8=3D?= X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?YlhaMGFIdG8zUGkxNmtud1VJNU5GMjB5a1JNNUpaVVg2amd0ZzBYbUNOakI1?= =?utf-8?B?TlZHdi9EUjQycDJDdVoxQmNoVjlqSGVwYzlqVFhVQjJsWDBNZU43MTlLcERn?= =?utf-8?B?empzTVdoc1p4VFVjOVRiRHdIVWxsR3puMi9GVjB3cG1qZEY1YjFGZGFoV3Jw?= =?utf-8?B?S0tiZjF3cUxYOThGRDFjOUU0V3NBUTlJZXZIblczNllraVJJSWdyeUhTUi9l?= =?utf-8?B?c0RZT2I3NTV0Y0NZdEwwM2tzQ2lWd0s2VGtaY2thZWlONnN6Mi9mTE5iL25W?= =?utf-8?B?MlYwRlBPaUVNQStaMFRhYld0WU44eVM3N2tFSEFnTVBSdlNXMW10N1FDYmJS?= =?utf-8?B?eHBVbE9oNUVVL3k5ZjhOZmNDRzl6RTdGa2FpWkpHa3dQd1p1aHVVVERLMXEx?= =?utf-8?B?L3dMQUt0bi9lNWRhVzNHekNKZjFvak5TM2tIOGV5aVMwcVd3aTlXNXFNVDRy?= =?utf-8?B?SWJBU3JhUGJEWTFlVGtIU3ZuTTR3TlNOek0rQm5HbjgvNFgvQlpGVkdqcVAx?= =?utf-8?B?S1hrQXZSYUtNczJNU3Q4OFYzTlFuQXdpa1ZZUDVVK2V0VUFxKzFzL1FsOU1u?= =?utf-8?B?Z1ZoZERTTnNFR2dBVjVCby95b3pkb2tNSnVQUUN5OVY4K0dGUm5CTEdzaXFi?= =?utf-8?B?ZXNCellQc2FJNHRvcHpMMVJMQjZrRDh6eHZ3WGdZZkVBTVJEdXJwaWhaMEFG?= =?utf-8?B?RmFLdS9xUUg5QTArazdpb3hsMjdrUkY1TXJ4NDNDbHV4R1V1NllXN3RyamZB?= =?utf-8?B?QktZQllOWlg1c2p5YSt4bGU3UXdoZmd4U3dvMEtES3NzdmZBdkNQeEJtZlQ1?= =?utf-8?B?akNjY0Y4S3piL2NoRWpTRkdkWktOY1FXa2VER2N6dzR4SUlRNWxsRFhFT2lH?= =?utf-8?B?SHNqenArMVd5VHlLUll4ZnJXdU9EMFVzQTkwek1vZjBiVHFoTkJpTEpWTVBK?= =?utf-8?B?R1RmMGlQcXZFZVRzTDRZYW9TMnlkVmlMRDNrRVNSTVRQMzllVzdVQk52VXo1?= =?utf-8?B?eThIcXpubTloRGU4SnFEek0rOElMNEt0QW1tSVhyZFc0MzZCWmdsVnptOXBZ?= =?utf-8?B?VE1yN1JNT085WFpCdlRUb1p5cWp5RENSd1ZsOWdkbSs4bDVyOXZpdW01N204?= =?utf-8?B?aFN0U1NJOUJkWmF2ekhYekd2enRnRTBIWStBTzA2bTdkbkJ3UldmZ0Q0blEx?= =?utf-8?B?SnVETkJFZGxhaXVPbGVYWEdNZXpFOE9lWGRSaHpXNS96eTVWRCsxNDkrc0JH?= =?utf-8?B?elc4KzNqS0hmeVpQTnZaZGxnN3pTdVprTVFWSTc2bkZBeFo2OGJqRTdWQjNF?= =?utf-8?B?SnJLbE41OHVleDdMVURMenFUWTVPeis0M2huTEFPcTN4NjFlTk0xMmdFYXpM?= =?utf-8?B?TVlackFldHN5L0prU1dRT2doeExYazY2d2p4QkRNUWVmYmxYd1dyRldwd3Mv?= =?utf-8?B?OURwQVFIRkVPaW53Z3g5ZDZLMVdsR05zeVQxVnAzUkVPL1k0RTdYYUNQVVo0?= =?utf-8?B?OXZLNm1mRFVOYzVUVS9XV3VUclZtbmlnYy91Sk5WQ1V1YTljKzlhczBvd0JU?= =?utf-8?B?NmhVMWQ3WWROZzIrSDRTbjJGMDUzWlYvM01MYnRKeXkyWkkyMlZTOXp4dHJK?= =?utf-8?B?alBkczM5cUtYUlM0YVFaSnNjSzhYVGREbjl3UGlaZnlaQ05na2tSUXpxZ0RQ?= =?utf-8?B?bHRFb25VNTZJZWR1UU1xd0VKcE1hMWloUUVFSlEvek5aUHdIa3ZWSjdkb3hW?= =?utf-8?B?Mkswc1o3TVVVMnZleWZ2SS9wZTZnN0RSS1VrTGxIVnBMeHB0K0RoWG0veHlZ?= =?utf-8?B?V3Vkc1ZSMEQvaFZEZy9wUT09?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: f3eee932-20dd-4e77-09eb-08ddacbaba16 X-MS-Exchange-CrossTenant-AuthSource: GV1P250MB0737.EURP250.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Jun 2025 09:46:54.4871 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS1P250MB0525 Subject: Re: [FFmpeg-devel] [PATCH v3] checkasm/h264dsp: Fix stack overflow in check_idct_dequant X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Zhao Zhili: > From: Zhao Zhili > > --- > tests/checkasm/h264dsp.c | 20 +++++++++++++++----- > 1 file changed, 15 insertions(+), 5 deletions(-) > > diff --git a/tests/checkasm/h264dsp.c b/tests/checkasm/h264dsp.c > index f5f9650224..a0f8fd858a 100644 > --- a/tests/checkasm/h264dsp.c > +++ b/tests/checkasm/h264dsp.c > @@ -328,25 +328,35 @@ static void check_idct_multiple(void) > static void check_idct_dequant(void) > { > static const int depths[5] = { 8, 9, 10, 12, 14 }; > - LOCAL_ALIGNED_16(int16_t, src, [16]); > - /* Ensure dst buffers are large enough to hold dctcoefs of all bit-depths. */ > + /* Ensure buffers are large enough to hold dctcoefs of all bit-depths. */ > + LOCAL_ALIGNED_16(uint8_t, src_buf, [16 * sizeof(int32_t)]); > LOCAL_ALIGNED_16(uint8_t, dst0, [16 * 16 * sizeof(int32_t)]); > LOCAL_ALIGNED_16(uint8_t, dst1, [16 * 16 * sizeof(int32_t)]); > + int16_t *src = (int16_t *)src_buf; > int16_t *dst_ref = (int16_t *)dst0; > int16_t *dst_new = (int16_t *)dst1; > H264DSPContext h; > int bit_depth, i, qmul; > declare_func_emms(AV_CPU_FLAG_MMX | AV_CPU_FLAG_SSE2, void, int16_t *output, int16_t *input, int qmul); > > - for (int j = 0; j < 16; j++) > - src[j] = (rnd() % 512) - 256; > - > qmul = rnd() % 4096; > > for (i = 0; i < FF_ARRAY_ELEMS(depths); i++) { > bit_depth = depths[i]; > ff_h264dsp_init(&h, bit_depth, 1); > > + if (bit_depth == 8) { > + for (size_t j = 0; j < 16; j++) { > + int16_t r = (rnd() % 512) - 256; > + AV_WN16A(&src_buf[j << 1], r); > + } > + } else { > + for (size_t j = 0; j < 16; j++) { > + int32_t r = (rnd() % (1 << (bit_depth + 1))) - (1 << bit_depth); > + AV_WN32A(&src_buf[j << 2], r); > + } > + } > + > memset(dst0, 0, 16 * 16 * SIZEOF_COEF); > memset(dst1, 0, 16 * 16 * SIZEOF_COEF); > This still has an effective-type violation: src_buf is of type uint8_t, yet the ff_h264_luma_dc_dequant_idct functions will read it as int16_t/int32_t. It also still has the downside that buffer overflows for the 8bit case can go undetected. - Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".