subject:"\[FFmpeg\-devel\] \[PATCH 1\/4\] avcodec\/prosumer\: Check for bytestream eof in decompress\(\)"

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

2018-11-02 Thread Michael Niedermayer

On Wed, Oct 31, 2018 at 12:13:50PM +0100, Paul B Mahol wrote:
> On 10/31/18, Michael Niedermayer  wrote:
> > Fixes: Infinite loop
> > Fixes:
> > 10685/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PROSUMER_fuzzer-5652236881887232
> >
> > Found-by: continuous fuzzing process
> > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > Signed-off-by: Michael Niedermayer 
> > ---
> >  libavcodec/prosumer.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> 
> patchset looks ok.

will apply

thx

[...]
-- 
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Dictatorship naturally arises out of democracy, and the most aggravated
form of tyranny and slavery out of the most extreme liberty. -- Plato


signature.asc
Description: PGP signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

2018-10-31 Thread Michael Niedermayer

On Wed, Oct 31, 2018 at 09:59:04AM -0300, James Almer wrote:
> On 10/31/2018 9:18 AM, Michael Niedermayer wrote:
> > On Wed, Oct 31, 2018 at 12:06:28PM +0100, Hendrik Leppkes wrote:
> >> On Wed, Oct 31, 2018 at 12:03 PM Michael Niedermayer
> >>  wrote:
> >>>
> >>> Fixes: Infinite loop
> >>> Fixes: 
> >>> 10685/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PROSUMER_fuzzer-5652236881887232
> >>>
> >>> Found-by: continuous fuzzing process 
> >>> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> >>> Signed-off-by: Michael Niedermayer 
> >>> ---
> >>>  libavcodec/prosumer.c | 2 +-
> >>>  1 file changed, 1 insertion(+), 1 deletion(-)
> >>>
> >>> diff --git a/libavcodec/prosumer.c b/libavcodec/prosumer.c
> >>> index 6e98677b55..2fd9880ee1 100644
> >>> --- a/libavcodec/prosumer.c
> >>> +++ b/libavcodec/prosumer.c
> >>> @@ -57,7 +57,7 @@ static int decompress(GetByteContext *gb, int size, 
> >>> PutByteContext *pb, const ui
> >>>  b = lut[2 * idx];
> >>>
> >>>  while (1) {
> >>> -if (bytestream2_get_bytes_left_p(pb) <= 0)
> >>> +if (bytestream2_get_bytes_left_p(pb) <= 0 || 
> >>> bytestream2_get_eof(pb))
> >>>  return 0;
> >>>  if (((b & 0xFF00u) != 0x8000u) || (b & 0xFFu)) {
> >>>  if ((b & 0xFF00u) != 0x8000u) {
> >>
> >> Why does bytestream2_get_bytes_left_p not return <= 0 at eof, where
> >> there certainly arent any bytes left?
> > 
> > there are 2 bytes left because a 4 byte write failed to fit in 2 bytes
> > 
> > maybe bytestream2_get_bytes_left_p() should be made to return 0 once eof is
> > set even if space remains
> 
> Unrelated to this, but seeing how all the main GetByteContext functions
> start with bytestream2_get and all the PutByteContext functions with
> bytestream2_put, the fact these two functions from the latter start with
> bytestream2_get is not ideal.
> You have bytestream2_get_bytes_left for GetByteContext and
> bytestream2_get_bytes_left_p with the suffix p hinting it's for
> PutByteContext, but then you have bytestream2_get_eof for PutByteContext
> without a suffix and nothing for GetByteContext. It's confusing and not
> exactly intuitive.

fully agree



> 
> In GetBitContext and PutBitContext they are properly called
> get_bits_left() and put_bits_left() respectively, for example.
> ___
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

-- 
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

It is dangerous to be right in matters on which the established authorities
are wrong. -- Voltaire


signature.asc
Description: PGP signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

2018-10-31 Thread James Almer

On 10/31/2018 9:18 AM, Michael Niedermayer wrote:
> On Wed, Oct 31, 2018 at 12:06:28PM +0100, Hendrik Leppkes wrote:
>> On Wed, Oct 31, 2018 at 12:03 PM Michael Niedermayer
>>  wrote:
>>>
>>> Fixes: Infinite loop
>>> Fixes: 
>>> 10685/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PROSUMER_fuzzer-5652236881887232
>>>
>>> Found-by: continuous fuzzing process 
>>> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
>>> Signed-off-by: Michael Niedermayer 
>>> ---
>>>  libavcodec/prosumer.c | 2 +-
>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/libavcodec/prosumer.c b/libavcodec/prosumer.c
>>> index 6e98677b55..2fd9880ee1 100644
>>> --- a/libavcodec/prosumer.c
>>> +++ b/libavcodec/prosumer.c
>>> @@ -57,7 +57,7 @@ static int decompress(GetByteContext *gb, int size, 
>>> PutByteContext *pb, const ui
>>>  b = lut[2 * idx];
>>>
>>>  while (1) {
>>> -if (bytestream2_get_bytes_left_p(pb) <= 0)
>>> +if (bytestream2_get_bytes_left_p(pb) <= 0 || 
>>> bytestream2_get_eof(pb))
>>>  return 0;
>>>  if (((b & 0xFF00u) != 0x8000u) || (b & 0xFFu)) {
>>>  if ((b & 0xFF00u) != 0x8000u) {
>>
>> Why does bytestream2_get_bytes_left_p not return <= 0 at eof, where
>> there certainly arent any bytes left?
> 
> there are 2 bytes left because a 4 byte write failed to fit in 2 bytes
> 
> maybe bytestream2_get_bytes_left_p() should be made to return 0 once eof is
> set even if space remains

Unrelated to this, but seeing how all the main GetByteContext functions
start with bytestream2_get and all the PutByteContext functions with
bytestream2_put, the fact these two functions from the latter start with
bytestream2_get is not ideal.
You have bytestream2_get_bytes_left for GetByteContext and
bytestream2_get_bytes_left_p with the suffix p hinting it's for
PutByteContext, but then you have bytestream2_get_eof for PutByteContext
without a suffix and nothing for GetByteContext. It's confusing and not
exactly intuitive.

In GetBitContext and PutBitContext they are properly called
get_bits_left() and put_bits_left() respectively, for example.
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

2018-10-31 Thread Michael Niedermayer

On Wed, Oct 31, 2018 at 12:06:28PM +0100, Hendrik Leppkes wrote:
> On Wed, Oct 31, 2018 at 12:03 PM Michael Niedermayer
>  wrote:
> >
> > Fixes: Infinite loop
> > Fixes: 
> > 10685/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PROSUMER_fuzzer-5652236881887232
> >
> > Found-by: continuous fuzzing process 
> > https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> > Signed-off-by: Michael Niedermayer 
> > ---
> >  libavcodec/prosumer.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/libavcodec/prosumer.c b/libavcodec/prosumer.c
> > index 6e98677b55..2fd9880ee1 100644
> > --- a/libavcodec/prosumer.c
> > +++ b/libavcodec/prosumer.c
> > @@ -57,7 +57,7 @@ static int decompress(GetByteContext *gb, int size, 
> > PutByteContext *pb, const ui
> >  b = lut[2 * idx];
> >
> >  while (1) {
> > -if (bytestream2_get_bytes_left_p(pb) <= 0)
> > +if (bytestream2_get_bytes_left_p(pb) <= 0 || 
> > bytestream2_get_eof(pb))
> >  return 0;
> >  if (((b & 0xFF00u) != 0x8000u) || (b & 0xFFu)) {
> >  if ((b & 0xFF00u) != 0x8000u) {
> 
> Why does bytestream2_get_bytes_left_p not return <= 0 at eof, where
> there certainly arent any bytes left?

there are 2 bytes left because a 4 byte write failed to fit in 2 bytes

maybe bytestream2_get_bytes_left_p() should be made to return 0 once eof is
set even if space remains


[...]

-- 
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Avoid a single point of failure, be that a person or equipment.


signature.asc
Description: PGP signature
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

2018-10-31 Thread Paul B Mahol

On 10/31/18, Michael Niedermayer  wrote:
> Fixes: Infinite loop
> Fixes:
> 10685/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PROSUMER_fuzzer-5652236881887232
>
> Found-by: continuous fuzzing process
> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer 
> ---
>  libavcodec/prosumer.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>

patchset looks ok.
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

2018-10-31 Thread Hendrik Leppkes

On Wed, Oct 31, 2018 at 12:03 PM Michael Niedermayer
 wrote:
>
> Fixes: Infinite loop
> Fixes: 
> 10685/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PROSUMER_fuzzer-5652236881887232
>
> Found-by: continuous fuzzing process 
> https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
> Signed-off-by: Michael Niedermayer 
> ---
>  libavcodec/prosumer.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libavcodec/prosumer.c b/libavcodec/prosumer.c
> index 6e98677b55..2fd9880ee1 100644
> --- a/libavcodec/prosumer.c
> +++ b/libavcodec/prosumer.c
> @@ -57,7 +57,7 @@ static int decompress(GetByteContext *gb, int size, 
> PutByteContext *pb, const ui
>  b = lut[2 * idx];
>
>  while (1) {
> -if (bytestream2_get_bytes_left_p(pb) <= 0)
> +if (bytestream2_get_bytes_left_p(pb) <= 0 || bytestream2_get_eof(pb))
>  return 0;
>  if (((b & 0xFF00u) != 0x8000u) || (b & 0xFFu)) {
>  if ((b & 0xFF00u) != 0x8000u) {

Why does bytestream2_get_bytes_left_p not return <= 0 at eof, where
there certainly arent any bytes left?

- Hendrik
___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

[FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

2018-10-31 Thread Michael Niedermayer

Fixes: Infinite loop
Fixes: 
10685/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_PROSUMER_fuzzer-5652236881887232

Found-by: continuous fuzzing process 
https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer 
---
 libavcodec/prosumer.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/prosumer.c b/libavcodec/prosumer.c
index 6e98677b55..2fd9880ee1 100644
--- a/libavcodec/prosumer.c
+++ b/libavcodec/prosumer.c
@@ -57,7 +57,7 @@ static int decompress(GetByteContext *gb, int size, 
PutByteContext *pb, const ui
 b = lut[2 * idx];
 
 while (1) {
-if (bytestream2_get_bytes_left_p(pb) <= 0)
+if (bytestream2_get_bytes_left_p(pb) <= 0 || bytestream2_get_eof(pb))
 return 0;
 if (((b & 0xFF00u) != 0x8000u) || (b & 0xFFu)) {
 if ((b & 0xFF00u) != 0x8000u) {
-- 
2.19.1

___
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
http://ffmpeg.org/mailman/listinfo/ffmpeg-devel

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

Re: [FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

[FFmpeg-devel] [PATCH 1/4] avcodec/prosumer: Check for bytestream eof in decompress()

7 matches

Site Navigation

Mail list logo

Footer information