[FFmpeg-devel] [PATCH] avcodec/dovi_rpudec: replace brittle struct copying code

[Andreas Rheinhardt]

Niklas Haas:
> From: Niklas Haas <git at haasn.dev>
> 
> This code was unnecessarily trying to be robust against downgrades of
> libavutil (relative to the version libavcodec was compiled against), but
> in the process, ended up with very brittle code that is easy to
> accidentally forget to update when adding new fields.
> 
> Instead, do the obvious thing and just directly copy the parts of the
> struct known at compile time. Since it is not generally supported to
> link against a version of libavutil older than the version libavcodec
> was compiled against, the struct shrinking externally is not a case we
> need to be worrying about.

The exact opposite is true: The code is trying to be robust against
upgrades of libavutil. The reason for this is potential trailing padding
in the structures that are copied here. It may be used for actual stuff
in a future libavutil and the approach you use here allows the compiler
to clobber it.

(How would this code be robust against downgrades of libavutil at all?
There is no check here that sizeof of the side data is big enough to
contain everything we expect it to contain.)

> ---
>  libavcodec/dovi_rpudec.c | 12 +++++-------
>  1 file changed, 5 insertions(+), 7 deletions(-)
> 
> diff --git a/libavcodec/dovi_rpudec.c b/libavcodec/dovi_rpudec.c
> index 7c7eda9d09..adf2c00cf5 100644
> --- a/libavcodec/dovi_rpudec.c
> +++ b/libavcodec/dovi_rpudec.c
> @@ -56,14 +56,12 @@ int ff_dovi_attach_side_data(DOVIContext *s, AVFrame *frame)
>          return AVERROR(ENOMEM);
>      }
>  
> -    /* Copy only the parts of these structs known to us at compiler-time. */
> -#define COPY(t, a, b, last) memcpy(a, b, offsetof(t, last) + sizeof((b)->last))
> -    COPY(AVDOVIRpuDataHeader, av_dovi_get_header(dovi), &s->header, disable_residual_flag);
> -    COPY(AVDOVIDataMapping, av_dovi_get_mapping(dovi), s->mapping, nlq_pivots);
> -    COPY(AVDOVIColorMetadata, av_dovi_get_color(dovi), s->color, source_diagonal);
> -    ext_sz = FFMIN(sizeof(AVDOVIDmData), dovi->ext_block_size);
> +    *av_dovi_get_header(dovi)  = s->header;
> +    *av_dovi_get_mapping(dovi) = *s->mapping;
> +    *av_dovi_get_color(dovi)   = *s->color;
> +    av_assert0(dovi->ext_block_size >= sizeof(AVDOVIDmData));
>      for (int i = 0; i < s->num_ext_blocks; i++)
> -        memcpy(av_dovi_get_ext(dovi, i), &s->ext_blocks[i], ext_sz);
> +        *av_dovi_get_ext(dovi, i) = s->ext_blocks[i];
>      dovi->num_ext_blocks = s->num_ext_blocks;
>      return 0;
>  }