From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTP id C9A9E4AB61
	for <ffmpegdev@gitmailbox.com>; Mon, 13 May 2024 20:45:28 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id F187968D6E9;
	Mon, 13 May 2024 23:45:25 +0300 (EEST)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com
 (mail-vi1eur05olkn2011.outbound.protection.outlook.com [40.92.90.11])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id D8DD968D3A8
 for <ffmpeg-devel@ffmpeg.org>; Mon, 13 May 2024 23:45:19 +0300 (EEST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=P3CNzH4b8819jyPyppWm09wxVOdKes3llFNHem4se5DeSgjH9H54eL8sH0GRwsXbCuCGEi+Gr6bCc30ALW3m/rvx2qNJhkZ9uv+lTS0AfCCv8AWx0vlZdlUHd8NefI0CslNaIRBPwU4tJTOYY6iuMiqXW53FfK5ddWS/aOt3Diuii3QzipyTPTanZoA549xyPvgtOsdH3jl/WNbDZq678htsYa3e6SlxKECwTXjLQYg+/uuTBGsJKCU4JCNIlkY/f+wU6+Ro+haUkzXLxppBL/iM/23i57srtyz3IrvKv6UW9J0xaDPjs5Ccir8//BcX+3jFjIr8zqVBY/3FJ5gtJQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=06tOpCzQWGw9s5PjoiQF/VCZDPZuwoC/w8eQRXrRZG8=;
 b=CizohvzTejOrJTzGO3Ggy0Ek2rtonMmKS6FlhqjYgXzmiaX5i+EGXiWC8zPwxlcAne/6JfwG2bUCVgzFknZJBgn+sEK/8rRlfRMwnfM3qTXqy7JG0Hj0FnQiDvPwBrBi4TdOC/mVCxawe0+tMZB+yemVDYchXI5GS1BIk0tvcrGppmrjxk0D4a7oLQLySWIJTYAHTjsqWr4355BM6IP6MvzDYSpWCGbCHpbpqxYYgFAaoYfCEtbYJnYBtdz+b87XOE8KuB4JnKHYfwqvmP9VytXfcCqjyxhjXmIlQQE639/ZeYWKyIj3Jht7zCWtp7QxSAHBP7lJ81Iq9Btndy4xFQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
 dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;
 s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=06tOpCzQWGw9s5PjoiQF/VCZDPZuwoC/w8eQRXrRZG8=;
 b=eRKINRE9xUxIf7v6puQoGlyOKV9QPgGo+6JimNzK3L2rSHV1uGq5xJJHLMI1Q42L7G6I5jULa+4L4g2/Fy7Mv51dGNfGELZR9BCiyF8WrYRibYBAOd/hkTVtbYLxm19nrENc11VQnGkLOimIP3F0PaASFduIsXAq1Y4hDgSOFY/H2Y3TTM7P5wsuGPyClGGnHa4EfVCSmlpQijV/DYQo8B2UjTDTN8skhlE8pAUaao9B4yaRZi894xWmKOeTf+5QT05MHiew82SHZOdanT+8ymJ90EER2Dd9ZcLGSdMi5dMcpBKhUyf+RHSXE92wbSdKADXlmND5R58fc6svHxpwhQ==
Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM (2603:10a6:150:8e::17)
 by DU2P250MB0397.EURP250.PROD.OUTLOOK.COM (2603:10a6:10:27c::16) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.55; Mon, 13 May
 2024 20:45:17 +0000
Received: from GV1P250MB0737.EURP250.PROD.OUTLOOK.COM
 ([fe80::d6a1:e3af:a5f1:b614]) by GV1P250MB0737.EURP250.PROD.OUTLOOK.COM
 ([fe80::d6a1:e3af:a5f1:b614%7]) with mapi id 15.20.7544.052; Mon, 13 May 2024
 20:45:17 +0000
Message-ID: <GV1P250MB0737FB1A59032C33162D818B8FE22@GV1P250MB0737.EURP250.PROD.OUTLOOK.COM>
Date: Mon, 13 May 2024 22:45:16 +0200
User-Agent: Mozilla Thunderbird
To: ffmpeg-devel@ffmpeg.org
References: <20240504235200.2875183-1-michael@niedermayer.cc>
Content-Language: en-US
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
In-Reply-To: <20240504235200.2875183-1-michael@niedermayer.cc>
X-TMN: [H5B5jkUMSUvyuamgO7TcYAxgdiThav5xiEARDhxVLLg=]
X-ClientProxiedBy: FR4P281CA0211.DEUP281.PROD.OUTLOOK.COM
 (2603:10a6:d10:e4::7) To GV1P250MB0737.EURP250.PROD.OUTLOOK.COM
 (2603:10a6:150:8e::17)
X-Microsoft-Original-Message-ID: <82fc2876-50eb-49ee-a692-5e5056fa0529@outlook.com>
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: GV1P250MB0737:EE_|DU2P250MB0397:EE_
X-MS-Office365-Filtering-Correlation-Id: 6148a323-7507-43f6-755d-08dc738d98f2
X-Microsoft-Antispam: BCL:0;ARA:14566002|461199019|440099019|3412199016;
X-Microsoft-Antispam-Message-Info: Ps5Bd/scP17dUQLzQkkrWB2QEUM8e6lfb42Od0Og0hS2keib/wtorSFL4SovUHSS5K8zeFOeWH36F3PakGUEjc+aqWqTz7r4s8xcYMllIgeiATPKqSWu0J2WV0XtmW5gEeEd8mtCgku9VarTqZ0AWQNmjbUZmthZWfZzSfRmnX8e+5qDxk1bEQC/8drJD+FlD15fMStWlS26mRwaTYMjG93j7xOougmMQi5XyO24louAVq/llmkpeP6MEr5FKGAk7GduLNIopu2eRRmOdd7mct4q9SL5OsPDACm0s/rG2ESs3buMo5xMFVkwUwIyJJ+ktHb2ADUSCnzkvi6S0PPyWqVuEZgM7N+9FfygUzehZkq14NMhZP1OlBTwaj9pyycZBN9lmsKNRgsCPJHL3wLVaRghrwcAJYzqmtLQt+GFwO7vLtqG+i/3Fmn4kdfHCmY0o7pVU1YH17QcKGm6otiJd/HTf6cFbs92Avh1d6PbmtfyqeQnWCDSZKv8mFMuzXCVpUFUb+H6hHp7XRh7JVOsBvUi9ZkdAoIFaefzLM9jyIxkbLCOR+E+5G1nW9lTMfhD
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?d01id25ZZUsxYWtLZ1VjYzhFWWs2ZERIUWxYSXd4NER6U0pVNFQ5bFZxQWE5?=
 =?utf-8?B?R2x4aHJUdlQ5dUFseTBRbEpaTEdQN2FXa2dYalhZNXZVL3E5R1V2cWxpWlN5?=
 =?utf-8?B?MjFldmtZSnJySStaL09ZVDJFaTN0NFRpcUtmenRLeHY5d3VJQkxwK2JnRS9l?=
 =?utf-8?B?Nk5SdEFIKy85b0JyR2d5NTJuVVBHblZIdGg0cG5LMXNicVRBQVVEMm1GL3hU?=
 =?utf-8?B?dmE4S3VsM2hPTjAwUkZQWVp2RVc5RGgvRDdIUXVEcEhjSStYNi9ObVpzQkV6?=
 =?utf-8?B?ZW9nVnB1eTc0WVI4Mkc0RXpTSXZ0dDk4ZTBncmU4OTh1QXc2Y3ZMMDVTdlFR?=
 =?utf-8?B?TnZqeVVKR0o3TXBmV3NHTFowS0t6QzQ5YnJhdExwUStzRjZjczRRM0dvK3Vw?=
 =?utf-8?B?ZWFDc1VTb1RUSnFjOUUrRUlMMnkvM2d1V1BZeEtQMm0rdDZKdGlJaFdnTHM0?=
 =?utf-8?B?cnoydTJaUnZDd2NkQzdGZGlUNDJrV0FlNXVsaGVBN0tmZG1qaXNCRHljSnZV?=
 =?utf-8?B?N2p0MzlTaWpGb2ZSTjV1UU55bFpQYWFUeGt3TmJaNDNDMThXaExpOHBrZTFR?=
 =?utf-8?B?OWVzQnBpY0NIb3l3U1lqWVhpd3BTUVBDZWNrRmE1ZzZWTVcwYlNxc2JieFVJ?=
 =?utf-8?B?a2xyR2lQU0dYNDBBMlpFQmNTaHV6WXF2OU10SHAydEpZYkNGbFJyWG1IMkV3?=
 =?utf-8?B?dnRibnNJZXJpKzdqZ1pjNkp1OElVYU1OV2JadWxITlhUL2JscktYMnNoZlZZ?=
 =?utf-8?B?cll3S1hQRG9TdHVYRE9maG1BMmRNQ3BuQXBGemtoRjEyVGZxU0dSeXEybVc0?=
 =?utf-8?B?M01yUXVaaFdYNHdQZlphU2hVSks3b0ZGdmpYYlFpaHdMRmk2dWdTeUx3SEFt?=
 =?utf-8?B?WitDME01T3YrQTFIM0pvbnVsM24rZVJGZmN3b2RzamVicGF4aEZLamhVWVhz?=
 =?utf-8?B?YlFMWDJ4TlJ0VU96Wkxmd3A4NVVjZWh6SEFTSjU5M0RlUGJnTzZ5cVhobnVO?=
 =?utf-8?B?WEUwTE9rWjMxWUxmdTRjN2RXcFlqanZ0cXk2Snk5bngrRUV5bzhBMXZkVEkw?=
 =?utf-8?B?VWlRRXpEVmFWVDFkMzZFNk5hTGpYTXROM3JJa29MOGQzNUhibHJqUFhPR3Bk?=
 =?utf-8?B?SzJnZTRIblBDWFVtbExkcnVIOERvZzRBWXo1d2V0eWRBR3pUNVpzUDdtRWNY?=
 =?utf-8?B?d3hwTlRFR1IyNUNQVVQyM25zR3FyZm10UU4rOG93YnRSMGNMTlhBdEUzWTcy?=
 =?utf-8?B?MnZldDZkd2FYaktaQ28xRjF6eUFMT2NqQUtTQjdYLzRIaEZ3YnBzb2JSMXEv?=
 =?utf-8?B?c0crNEtXUTZzQnhteTZvYkdnblhyUkVKR1djaS9tRW5jVG5PVy96U0tjNlRr?=
 =?utf-8?B?NVJzbnNTWUNlSStkNmc5UG1YZzhjSkE0TTltc3dzQkNvZE5WUDVwUEpZdVZH?=
 =?utf-8?B?dHh1c2gyU3RQeThQT1VROGtMTzB3aGpsQmtlblNGaEpCRkRaQWNySGw5cEpy?=
 =?utf-8?B?V3hQOTNmYWNvUnBWUUR0dTh3RnVMYkFUYnU3b25yM1krS08vL09DTVBoSkYx?=
 =?utf-8?B?RXB6Y1dqcDM3YVZ1a1BQcHZsVFRXS2NNRFVrTEk5azQ2cGVEQVpkOTBMWFY2?=
 =?utf-8?B?cTRGUW1Ec3dLSW1WLzRiWmJRQXprajdtU1dOTEpreTVDMC9KYi9IdHhtRDRW?=
 =?utf-8?B?S2s1bGRsZ3d2Sm9XZjVHWGVac2hYRXNpemo3WnRmcm1Ha3QvWmd2QStnPT0=?=
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 6148a323-7507-43f6-755d-08dc738d98f2
X-MS-Exchange-CrossTenant-AuthSource: GV1P250MB0737.EURP250.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 May 2024 20:45:17.5886 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DU2P250MB0397
Subject: Re: [FFmpeg-devel] [PATCH 1/2] avcodec/flac_parser: Assert that we
 do not overrun the link_penalty array
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/GV1P250MB0737FB1A59032C33162D818B8FE22@GV1P250MB0737.EURP250.PROD.OUTLOOK.COM/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

Michael Niedermayer:
> Fixes: CID1454676 Out-of-bounds read
> 
> Sponsored-by: Sovereign Tech Fund
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> ---
>  libavcodec/flac_parser.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/libavcodec/flac_parser.c b/libavcodec/flac_parser.c
> index 47904d515a6..d9c47801f83 100644
> --- a/libavcodec/flac_parser.c
> +++ b/libavcodec/flac_parser.c
> @@ -518,6 +518,8 @@ static int check_header_mismatch(FLACParseContext  *fpc,
>          for (i = 0; i < FLAC_MAX_SEQUENTIAL_HEADERS && curr != child; i++)
>              curr = curr->next;
>  
> +        av_assert0(i < FLAC_MAX_SEQUENTIAL_HEADERS);
> +
>          if (header->link_penalty[i] < FLAC_HEADER_CRC_FAIL_PENALTY ||
>              header->link_penalty[i] == FLAC_HEADER_NOT_PENALIZED_YET) {
>              FLACHeaderMarker *start, *end;

If this is only supposed to mark an issue as invalid for the sanitizer,
why are you adding an av_assert0 instead of av_assert1 here (and in
other patches)?

- Andreas

_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".