[FFmpeg-devel] [PATCH] avcodec/golomb: Mask shift amount before use in get_ue_golomb()

Michael Niedermayer michaelni at gmx.at
Sat Dec 12 19:13:44 CET 2015

On Fri, Dec 11, 2015 at 04:24:43PM -0500, Ganesh Ajjanagadde wrote:
> On Fri, Dec 11, 2015 at 4:14 PM, Andreas Cadhalpun
> <andreas.cadhalpun at googlemail.com> wrote:
> > On 07.12.2015 00:27, Ganesh Ajjanagadde wrote:
> >> On Sun, Dec 6, 2015 at 6:12 PM, Andreas Cadhalpun
> >> <andreas.cadhalpun at googlemail.com> wrote:
> >>> On 06.12.2015 22:48, Michael Niedermayer wrote:
> >>>> my concern is more on h264 (CAVLC) and hevc speed
> >>>
> >>> I tested with 444_8bit_cavlc.h264 added 100 together with the concat demuxer,
> >>> and couldn't see a measurable speed difference caused by this error check.
> >>
> >> Ok, so here is my understanding of the situation.
> >> I think both of you are right, but have different perspectives on this.
> >> So in practice a log < 7 may be usually predicted correctly, and the
> >> compiler in all likelihood will continue to inline the function. Thus,
> >> excepting the first run, there should not be an issue, and maybe the
> >> compiler even feeds in the "likely" information for the first run
> >> also.
> >>
> >> Nevertheless, I also understand Michael's perspective: h264 is
> >> arguably one of the most important codecs as supplied by FFmpeg. Even
> >> a 0.01% speedloss in some place should be done with extreme caution,
> >> since over time these may accumulate to something more sizable, say
> >> 0.5%. There should be a very good justification for it, and thus
> >> Michael spends effort trying to ensure that the security issue is
> >> fixed at identical asm.
> >
> > I wouldn't call this a security issue, it's just undefined behavior.
> Meant really from a theoretical perspective, since undefined means
> anything can happen. Of course, in practice a distinction may be
> drawn. But then again, I consider even these worthy of backport.

btw, if you feel something should be backported, dont hesitate to
push cherry picked commits to the release branches
(with cherry-pick -x)
if you are unsure if somethig should be cherry picked, dont hesitate
to ask


Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Let us carefully observe those good qualities wherein our enemies excel us
and endeavor to excel them, by avoiding what is faulty, and imitating what
is excellent in them. -- Plutarch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20151212/a79b4fb5/attachment.sig>

More information about the ffmpeg-devel mailing list