tis 2022-07-05 klockan 22:09 +0200 skrev Andreas Rheinhardt: > av_fast_realloc and av_fast_mallocz? store the size of > the objects they allocate in an unsigned. Yet they overallocate > and currently they can allocate more than UINT_MAX bytes > in case a user has requested a size of about UINT_MAX * 16 / 17 > or more if SIZE_MAX > UINT_MAX. In this case it is impossible > to store the true size of the buffer via the unsigned*; > future requests are likely to use the (re)allocation codepath > even if the buffer is actually large enough because of > the incorrect size. > > Fix this by ensuring that the actually allocated size > always fits into an unsigned. (This entails erroring out > in case the user requested more than UINT_MAX.) > > Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@outlook.com> > --- > libavutil/mem.c | 4 ++++ > 1 file changed, 4 insertions(+)
Second bump for this and patch 3/8. This is holding up my rebasing my jpeg2000 patches and indirectly Caleb's htj2k stuff benefiting from them /Tomas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
