[FFmpeg-devel] [PATCH] avcodec/fft_template: Fix multiple runtime error: signed integer overflow: -1943918714 - 1935113003 cannot be represented in type 'int'

Michael Niedermayer michael at niedermayer.cc
Sat May 27 00:11:28 EEST 2017


On Fri, May 26, 2017 at 03:20:14PM +0100, Rostislav Pehlivanov wrote:
> On 26 May 2017 at 12:21, wm4 <nfxjfg at googlemail.com> wrote:
> 
> > On Thu, 25 May 2017 16:10:49 +0200
> > Michael Niedermayer <michael at niedermayer.cc> wrote:
> >
> > > Fixes: 1735/clusterfuzz-testcase-minimized-5350472347025408
> > >
> > > Found-by: continuous fuzzing process https://github.com/google/oss-
> > fuzz/tree/master/projects/ffmpeg
> > > Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> > > ---
> > >  libavcodec/fft_template.c | 50 +++++++++++++++++++++++-------
> > -----------------
> > >  1 file changed, 25 insertions(+), 25 deletions(-)
> > >
> > > diff --git a/libavcodec/fft_template.c b/libavcodec/fft_template.c
> > > index 480557f49f..e3a37e5d69 100644
> > > --- a/libavcodec/fft_template.c
> > > +++ b/libavcodec/fft_template.c
> > > @@ -249,7 +249,7 @@ static void fft_calc_c(FFTContext *s, FFTComplex *z)
> > {
> > >
> > >      int nbits, i, n, num_transforms, offset, step;
> > >      int n4, n2, n34;
> > > -    FFTSample tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7, tmp8;
> > > +    SUINT tmp1, tmp2, tmp3, tmp4, tmp5, tmp6, tmp7, tmp8;
> >
> > I want this SUINT thing gone, not have more of it.
> > _______________________________________________
> > ffmpeg-devel mailing list
> > ffmpeg-devel at ffmpeg.org
> > http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
> >
> 
> I agree, especially here.

> Overflows should be left to happen in transforms if the input is corrupt.

signed int overflow is not allowed in C, if that is what you meant.


> Codecs are designed such that transforms won't overflow unless corrupt data
> is fed. We allow for that to happen already (in the VP9 DCTs), so FFTs
> shouldn't be excluded.
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Modern terrorism, a quick summary: Need oil, start war with country that
has oil, kill hundread thousand in war. Let country fall into chaos,
be surprised about raise of fundamantalists. Drop more bombs, kill more
people, be surprised about them taking revenge and drop even more bombs
and strip your own citizens of their rights and freedoms. to be continued
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20170526/10e37ef2/attachment.sig>


More information about the ffmpeg-devel mailing list