On Sat, May 15, 2021 at 10:08:17PM +0530, Vedaa wrote: > Hi, > > Apologies for the trivial mistakes. I have fixed them in this patch. > I have also added simple checks for overflow and underflow. Would this > be sufficient or should I reduce the bits I read from the fuzzer?
its ok but theres a minor issue remaining
> I will also submit a pull request to oss-fuzz as soon as this patch is
> applied. :)
ok
[...]
> +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
> +
> +int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
> + if (size < 2 * sizeof(int64_t))
> + return 1;
> +
> + int64_t a,b,pdt;
This would produce a compiler warning
> + a = AV_RB64(data);
> + b = AV_RB64(data + sizeof(int64_t));
> + pdt = a * b;
Signed integer overflow is undefined behavior in C
> + if ((b > 0 && a < INT64_MAX - b && a > INT64_MIN + b ) ||
> + (b < 0 && a > INT64_MIN - b && a < INT64_MAX + b) &&
> + pdt/b == a)
> + TestInteger(a,b);
> + return 0;
> +}
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
Complexity theory is the science of finding the exact solution to an
approximation. Benchmarking OTOH is finding an approximation of the exact
signature.asc
Description: PGP signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
