From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTPS id 4FAC84CAD1
	for <ffmpegdev@gitmailbox.com>; Fri, 11 Apr 2025 08:36:31 +0000 (UTC)
Received: from [127.0.1.1] (localhost [127.0.0.1])
	by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id DF23068C25D;
	Fri, 11 Apr 2025 11:36:27 +0300 (EEST)
Received: from nef.ens.fr (nef2.ens.fr [129.199.96.40])
 by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id 9B32F68B63D
 for <ffmpeg-devel@ffmpeg.org>; Fri, 11 Apr 2025 11:36:18 +0300 (EEST)
X-ENS-nef-client: 129.199.129.80 ( name = phare.normalesup.org )
Received: from phare.normalesup.org (phare.normalesup.org [129.199.129.80])
 by nef.ens.fr (8.14.4/1.01.28121999) with ESMTP id 53B8aHod020061
 for <ffmpeg-devel@ffmpeg.org>; Fri, 11 Apr 2025 10:36:18 +0200
Received: by phare.normalesup.org (Postfix, from userid 1001)
 id D7B422EFD9; Fri, 11 Apr 2025 10:36:17 +0200 (CEST)
Date: Fri, 11 Apr 2025 10:36:17 +0200
From: Nicolas George <george@nsup.org>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Message-ID: <Z_jUgQrjVSXkDfvN@phare.normalesup.org>
References: <tencent_079C0CE00E5AB635FB818234013E7F56A909@qq.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <tencent_079C0CE00E5AB635FB818234013E7F56A909@qq.com>
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3
 (nef.ens.fr [129.199.96.32]); Fri, 11 Apr 2025 10:36:18 +0200 (CEST)
Subject: Re: [FFmpeg-devel] [PATCH 00/22] Deprecate av_uninit
X-BeenThere: ffmpeg-devel@ffmpeg.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
List-Unsubscribe: <https://ffmpeg.org/mailman/options/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=unsubscribe>
List-Archive: <https://ffmpeg.org/pipermail/ffmpeg-devel>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Subscribe: <https://ffmpeg.org/mailman/listinfo/ffmpeg-devel>,
 <mailto:ffmpeg-devel-request@ffmpeg.org?subject=subscribe>
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ffmpeg-devel-bounces@ffmpeg.org
Sender: "ffmpeg-devel" <ffmpeg-devel-bounces@ffmpeg.org>
Archived-At: <https://master.gitmailbox.com/ffmpegdev/Z_jUgQrjVSXkDfvN@phare.normalesup.org/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

Zhao Zhili (HE12025-04-11):
> From: Zhao Zhili <zhilizhao@tencent.com>
> 
> The macro is meant to suppress false uninitialized warnings. However,
> sometimes these 'false uninitialized warnings' are really undefined
> behavior, and leading to real issue like crash, e.g., ab792634197e.
> 
> For false uninitialized warnings, it can be silenced by initialization,
> and compiler can easily optimize away unnecessary initializations.
> 
> av_uninit shouldn't be used in any case.

NAK, you are hiding the UBs, not fixing the bugs.

If the author of the code put av_uninit, that means they believe the
value will always have been initialized by the part of the code
responsible for it. If that is not true, then it is a bug that can lead
to an exploitable security issue or a silent data corruption.

With your changes, nothing proves that the = 0 you put there is the
right value, the bug is still there: the code expects the value to be
correctly set, but instead there is an arbitrary 0.

At least, with av_uninit, valgrind and fuzzing can find the bugs.

Regards,

-- 
  Nicolas George
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".