subject:"\[FFmpeg\-devel\] \[PATCH 1\/3\] avcodec\/qdm2\: Do not read out of array in fix_coding_method

Re: [FFmpeg-devel] [PATCH 1/3] avcodec/qdm2: Do not read out of array in fix_coding_method_array()

2019-07-08 Thread Michael Niedermayer

On Mon, Jun 24, 2019 at 02:09:57PM +0200, Moritz Barsnick wrote:
> On Mon, Jun 24, 2019 at 01:01:02 +0200, Michael Niedermayer wrote:
> > +if (sb + (j + k) / 64 > 29) {
> [...]
> >  if (coding_method[ch][sb + (j + k) / 64][(j + k) % 64] 
> > > coding_method[ch][sb][j]) {
> 
> You could do the "sb + (j + k) / 64]" calculation only once and reuse
> the result. OTOH, this code is full of magic numbers (notably 30, where
> your 29 derives from) which could nicely make use of macros, but don't,
> so it probably doesn't matter.

ill factor the value in a seperate variable and will apply

thanks


[...]
-- 
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

The misfortune of the wise is better than the prosperity of the fool.
-- Epicurus


signature.asc
Description: PGP signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH 1/3] avcodec/qdm2: Do not read out of array in fix_coding_method_array()

2019-06-24 Thread Moritz Barsnick

On Mon, Jun 24, 2019 at 01:01:02 +0200, Michael Niedermayer wrote:
> +if (sb + (j + k) / 64 > 29) {
[...]
>  if (coding_method[ch][sb + (j + k) / 64][(j + k) % 64] > 
> coding_method[ch][sb][j]) {

You could do the "sb + (j + k) / 64]" calculation only once and reuse
the result. OTOH, this code is full of magic numbers (notably 30, where
your 29 derives from) which could nicely make use of macros, but don't,
so it probably doesn't matter.

Moritz
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

[FFmpeg-devel] [PATCH 1/3] avcodec/qdm2: Do not read out of array in fix_coding_method_array()

2019-06-23 Thread Michael Niedermayer

Instead we ask for a sample, its unclear what to do in this case.

Fixes: index 30 out of bounds for type 'int8_t [30][64]'
Fixes: 
15339/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_QDM2_fuzzer-5749441484554240

Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer 
---
 libavcodec/qdm2.c | 4 
 1 file changed, 4 insertions(+)

diff --git a/libavcodec/qdm2.c b/libavcodec/qdm2.c
index 1397218bdd..52c7cc73a0 100644
--- a/libavcodec/qdm2.c
+++ b/libavcodec/qdm2.c
@@ -408,6 +408,10 @@ static int fix_coding_method_array(int sb, int channels,
 }
 for (k = 0; k < run; k++) {
 if (j + k < 128) {
+if (sb + (j + k) / 64 > 29) {
+SAMPLES_NEEDED
+continue;
+}
 if (coding_method[ch][sb + (j + k) / 64][(j + k) % 64] > 
coding_method[ch][sb][j]) {
 if (k > 0) {
 SAMPLES_NEEDED
-- 
2.22.0

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Re: [FFmpeg-devel] [PATCH 1/3] avcodec/qdm2: Do not read out of array in fix_coding_method_array()

Re: [FFmpeg-devel] [PATCH 1/3] avcodec/qdm2: Do not read out of array in fix_coding_method_array()

[FFmpeg-devel] [PATCH 1/3] avcodec/qdm2: Do not read out of array in fix_coding_method_array()

3 matches

Site Navigation

Mail list logo

Footer information