On Thu, Aug 17, 2017 at 11:14:47PM -0700, Vitaly Buka wrote: > Signed integer overflow is undefined behavior. > Detected with clang and -fsanitize=signed-integer-overflow > > Signed-off-by: Vitaly Buka <vitalyb...@google.com> > --- > libavcodec/utils.c | 2 +- > libavformat/aviobuf.c | 4 +++- > libavformat/mov.c | 2 +- > 3 files changed, 5 insertions(+), 3 deletions(-) > > diff --git a/libavcodec/utils.c b/libavcodec/utils.c > index 1336e921c9..024dc1f3e2 100644 > --- a/libavcodec/utils.c > +++ b/libavcodec/utils.c > @@ -971,7 +971,7 @@ FF_ENABLE_DEPRECATION_WARNINGS > } > > if (!avctx->rc_initial_buffer_occupancy) > - avctx->rc_initial_buffer_occupancy = avctx->rc_buffer_size * 3 / > 4; > + avctx->rc_initial_buffer_occupancy = avctx->rc_buffer_size * 3ll > / 4; > > if (avctx->ticks_per_frame && avctx->time_base.num && > avctx->ticks_per_frame > INT_MAX / avctx->time_base.num) { > diff --git a/libavformat/aviobuf.c b/libavformat/aviobuf.c > index 7f4e740a33..319a402faf 100644 > --- a/libavformat/aviobuf.c > +++ b/libavformat/aviobuf.c > @@ -259,7 +259,9 @@ int64_t avio_seek(AVIOContext *s, int64_t offset, int > whence) > offset1 = pos + (s->buf_ptr - s->buffer); > if (offset == 0) > return offset1; > - offset += offset1; > + // Use unsigned type to avoid undefined behavior of singed overflow. > + // Code below will report error on overflow anyway. > + offset += (uint64_t)offset1;
instead of 2 lines of comments why not add a if() that checks for the specififc case and error out instead of the cast? The code from the patch depends on the input being limited range and being followed by a check. If either changes then the cast to uin64_t would silently give something wrong [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB Asymptotically faster algorithms should always be preferred if you have asymptotical amounts of data
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel