On Thu, Dec 3, 2015 at 5:09 PM, Michael Niedermayer <michae...@gmx.at> wrote: > From: Michael Niedermayer <mich...@niedermayer.cc> > > Fixes undefined behavior > Fixes: mozilla bug 1229208 > Fixes: > fbeb8b2c7c996e9b91c6b1af319d7ebc/asan_heap-oob_195450f_2743_e8856ece4579ea486670be2b236099a0.bit > > Found-by: Tyson Smith > Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind > Signed-off-by: Michael Niedermayer <mich...@niedermayer.cc>
Minor comment: was this found by xiedingbao's undefined behavior report as well? While investigating, I found some things that were flagging the golomb code, but can't confirm that it is this one. I don't mind at all; it may be somewhat funny if 3 people independently came up with the same report :). As for the technical change, seems ok but you may want a better review as I have not done deep analysis of this. > --- > libavcodec/golomb.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libavcodec/golomb.h b/libavcodec/golomb.h > index d30bb6b..323665d 100644 > --- a/libavcodec/golomb.h > +++ b/libavcodec/golomb.h > @@ -72,7 +72,7 @@ static inline int get_ue_golomb(GetBitContext *gb) > av_log(NULL, AV_LOG_ERROR, "Invalid UE golomb code\n"); > return AVERROR_INVALIDDATA; > } > - buf >>= log; > + buf >>= log & 31; > buf--; > > return buf; > -- > 1.7.9.5 > > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > http://ffmpeg.org/mailman/listinfo/ffmpeg-devel _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
