[FFmpeg-devel] [RFC v2 3/3] daaladec: Implement a native Daala decoder

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Tue Dec 29 17:49:58 CET 2015

On 29.12.2015 17:32, Ronald S. Bultje wrote:
> On Tue, Dec 29, 2015 at 11:29 AM, Andreas Cadhalpun <
> andreas.cadhalpun at googlemail.com> wrote:
>> On 29.12.2015 17:15, Ronald S. Bultje wrote:
>>> In that case, you likely need 64bit integers for 15bit math precision
>> (look at
>>> vp9 code), or daala needs to reduce precision (as does hevc).
>> Yes, either the intermediate calculation needs to happen with 64bit
>> integers,
>> or the input has to be sanitized in some way.
> It depends what the purpose and source was. Was this real input, or fuzzed,
> or what?

These were fuzzed samples.

> vp9 decoder can certainly overflow with garbage input and that is
> specifically defined so in libvpx. "Only input generated from a real fdct"
> is considered sane and has a defined outcome.

Do you have a sample causing overflows in the vp9 decoder?

> (Overflows in dsp code are typically not a security concern.)

Well, the overflows in the imdct calculation of the aac_fixed decoder ultimately
caused crashes.

Best regards,

More information about the ffmpeg-devel mailing list