Patches attached.
- Andreas
From b5391a5fc9049addae418073393765703ecbbf9a Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinha...@outlook.com>
Date: Mon, 17 Mar 2025 09:53:42 +0100
Subject: [PATCH 1/3] avcodec/h261enc: Don't use (size_t)-1
Fixes "runtime error: addition of unsigned offset to 0x765a09523a90
overflowed to 0x765a09523a8e". This fixes all H.261 tests when run
under UBsan.
Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@outlook.com>
---
libavcodec/h261enc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/h261enc.c b/libavcodec/h261enc.c
index 36436ee60f..5e6d5d1f9c 100644
--- a/libavcodec/h261enc.c
+++ b/libavcodec/h261enc.c
@@ -337,7 +337,7 @@ static av_cold void h261_encode_init_static(void)
uni_h261_rl_len_last[UNI_AC_ENC_INDEX(run, 64 - level)] = len + 2;
}
- for (size_t i = 1;; i++) {
+ for (ptrdiff_t i = 1;; i++) {
// sign-one MV codes; diff -16..-1, 16..31
mv_codes[32 - i][0] = mv_codes[-i][0] = (ff_h261_mv_tab[i][0] << 1) | 1 /* sign */;
mv_codes[32 - i][1] = mv_codes[-i][1] = ff_h261_mv_tab[i][1] + 1;
--
2.45.2
From dfd7b0149620e6b3540e4825382dc13dfd6318df Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinha...@outlook.com>
Date: Mon, 17 Mar 2025 09:59:36 +0100
Subject: [PATCH 2/3] avcodec/snow: Don't add to NULL
It is undefined behavior.
Fixes "runtime error: applying non-zero offset 8 to null pointer".
Fixes the Snow vsynth FATE-tests.
Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@outlook.com>
---
libavcodec/snow.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libavcodec/snow.h b/libavcodec/snow.h
index ff7ebc1c58..9b19e70bd5 100644
--- a/libavcodec/snow.h
+++ b/libavcodec/snow.h
@@ -272,7 +272,8 @@ static av_always_inline void add_yblock(SnowContext *s, int sliced, slice_buffer
if(!sliced && offset_dst)
dst += src_x + src_y*dst_stride;
- dst8+= src_x + src_y*src_stride;
+ if (sliced || add)
+ dst8+= src_x + src_y*src_stride;
// src += src_x + src_y*src_stride;
ptmp= tmp + 3*tmp_step;
--
2.45.2
From 4b54469109031ea5017491f3c1e96d439ad58eac Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinha...@outlook.com>
Date: Mon, 17 Mar 2025 10:10:32 +0100
Subject: [PATCH 3/3] avcodec/svq1enc: Don't add to NULL
It is undefined behavior. Pass a dummy buffer instead.
Fixes "runtime error: applying non-zero offset 1024 to null pointer".
affected the SVQ1 vsynth FATE tests.
Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@outlook.com>
---
libavcodec/svq1enc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/svq1enc.c b/libavcodec/svq1enc.c
index 40e3fd0045..cf0ab64d79 100644
--- a/libavcodec/svq1enc.c
+++ b/libavcodec/svq1enc.c
@@ -444,8 +444,8 @@ static int svq1_encode_plane(SVQ1EncContext *s, int plane,
put_bits(&s->reorder_pb[5], SVQ1_BLOCK_INTRA_LEN, SVQ1_BLOCK_INTRA_CODE);
score[0] = SVQ1_BLOCK_INTRA_LEN * lambda;
}
- score[0] += encode_block(s, src + 16 * x, NULL, temp, stride,
- 5, 64, lambda, 1);
+ score[0] += encode_block(s, src + 16 * x, src + 16 * x /* unused */,
+ temp, stride, 5, 64, lambda, 1);
for (i = 0; i < 6; i++) {
count[0][i] = put_bits_count(&s->reorder_pb[i]);
flush_put_bits(&s->reorder_pb[i]);
--
2.45.2
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
