On 03.12.2015 23:09, Michael Niedermayer wrote: > From: Michael Niedermayer <mich...@niedermayer.cc> > > Fixes undefined behavior > Fixes: mozilla bug 1229208 > Fixes: > fbeb8b2c7c996e9b91c6b1af319d7ebc/asan_heap-oob_195450f_2743_e8856ece4579ea486670be2b236099a0.bit > > Found-by: Tyson Smith > Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc> > --- > libavcodec/golomb.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libavcodec/golomb.h b/libavcodec/golomb.h > index d30bb6b..323665d 100644 > --- a/libavcodec/golomb.h > +++ b/libavcodec/golomb.h > @@ -72,7 +72,7 @@ static inline int get_ue_golomb(GetBitContext *gb) > av_log(NULL, AV_LOG_ERROR, "Invalid UE golomb code\n"); > return AVERROR_INVALIDDATA; > } > - buf >>= log; > + buf >>= log & 31; > buf--; > > return buf; >
While that certainly fixes the undefined behavior, I'm wondering what's the relation to commit fd165ac. In other words, why not just remove the CONFIG_FTRAPV from the error check above? Also, if you are interested in fixing such undefined behavior, I have lots of fuzzed samples triggering ubsan all over the place... Best regards, Andreas _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
