[FFmpeg-devel] [PATCH] oggparsedaala: reject too large gpshift
Ganesh Ajjanagadde
gajjanag at mit.edu
Wed Dec 30 01:19:28 CET 2015
On Tue, Dec 29, 2015 at 4:14 PM, Andreas Cadhalpun
<andreas.cadhalpun at googlemail.com> wrote:
> On 30.12.2015 01:04, Ganesh Ajjanagadde wrote:
>> On Tue, Dec 29, 2015 at 4:00 PM, Andreas Cadhalpun
>> <andreas.cadhalpun at googlemail.com> wrote:
>>> On 29.12.2015 22:27, Rostislav Pehlivanov wrote:
>>>> oggparsetheora has the same bit of code to read the gpshift, so it would
>>>> probably be a good idea to add it to this patch as well.
>>>
>>> No, oggparsetheora only reads 5 bits for gpshift.
>>> The only thing from this patch that also applies there is the (theoretical)
>>> issue of 1<<31 not being defined for int32_t.
>>
>> Can you clarify precisely what you mean by this? I am pretty sure
>> ubsan and others do fail for 1<<31, and I know that it is undefined
>> behavior. Are you saying that it is impossible to trigger a 1<<31, or
>> only that it is highly improbable?
>
> Yes, ubsan fails for 1<<31 and it is theoretically undefined behavior, but
> it works in practice in contrast to e.g. 1<<40, which just doesn't fit.
> That's what I meant. The 1<<31 case can be triggered in both.
Ok. I still deem 1<<31 as worthy of fixing, as anyway it is easy to do.
>
> Best regards,
> Andreas
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
More information about the ffmpeg-devel
mailing list