[FFmpeg-devel] [PATCH 4/5] avutil/lfg: Correct index type to avoid undefined behavior
James Almer
jamrial at gmail.com
Sun Oct 20 00:35:59 EEST 2019
On 10/19/2019 6:15 PM, Michael Niedermayer wrote:
> On Sat, Oct 19, 2019 at 05:45:04PM -0300, James Almer wrote:
>> On 10/19/2019 5:39 PM, Michael Niedermayer wrote:
>>> Fixes: signed integer overflow: 2147483647 + 1 cannot be represented in type 'int'
>>> Fixes: 18333/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_COMFORTNOISE_fuzzer-5668481831272448
>>>
>>> Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
>>> Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
>>> ---
>>> libavutil/lfg.h | 2 +-
>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/libavutil/lfg.h b/libavutil/lfg.h
>>> index 03f779ad8a..8b18df2cea 100644
>>> --- a/libavutil/lfg.h
>>> +++ b/libavutil/lfg.h
>>> @@ -26,7 +26,7 @@
>>>
>>> typedef struct AVLFG {
>>> unsigned int state[64];
>>> - int index;
>>> + unsigned index;
>>> } AVLFG;
>>
>> Wouldn't this be considered an API change?
>
> is index public API ?
lfg.h is an installed header, and nothing in the doxy for the struct or
field says anything about it not being considered public.
I know you're not really supposed to access it manually to being with,
but i don't know if it's safe to change it just like that.
> anyway i can fix this without changing the struct
> maybe thats safer
>
> will do that
>
> thanks
>
> [...]
>
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request at ffmpeg.org with subject "unsubscribe".
>
More information about the ffmpeg-devel
mailing list