[FFmpeg-devel] [PATCH] avcodec/mjpegdec: Fixes runtime error: signed integer overflow: -24543 * 2031616 cannot be represented in type 'int'

Michael Niedermayer michael at niedermayer.cc
Fri Apr 7 17:41:12 EEST 2017

On Fri, Apr 07, 2017 at 07:46:01AM -0400, Ronald S. Bultje wrote:
> Hi,
> On Fri, Apr 7, 2017 at 6:47 AM, Michael Niedermayer <michael at niedermayer.cc>
> wrote:
> > On Fri, Apr 07, 2017 at 06:26:05AM -0400, Ronald S. Bultje wrote:
> > > On Fri, Apr 7, 2017 at 6:22 AM, Michael Niedermayer
> > <michael at niedermayer.cc>
> > > > Id like to apply the patch unless you or someone else objects.
> > >
> > > I really don't like this approach. I'd like you to try to find something
> > > more sensible that protects developer machines from bugs also.
> >
> > i suggested to decouple SUINT from the #ifdef DEBUG, which fixes
> > exactly that possibility (and noone seemed to care)
> You asked - in this email - to apply this patch as-is. The patch does not
> decouple #ifdef DEBUG from SUINT.

I suggested it previously to decouple them.
This patch is in no way related to the coupling, with or without the
coupling the patch wouldnt change

> Now the question is whether SUINT has any raison d'etre in our main
> codebase. If it's under #if 0 or otherwise "dead code", any Diego'ification
> would immediately get rid of it. So answer me this question: if the code is
> under #if 0, why shouldn't it just exist locally on your hard disk only?

as has been said many times SUINT is essential to test for one class
of bugs with ubsan.
If its in a private branch, only i would test with it, only i would
maintain it until i lost interrest and it bit rots, if that happens
we lose the ability to test for this class of bugs

do people want this ?

> (Yes, I have actual (old) debug branches for the vp9 decoder locally.)

i have all kinds of branches too, but this isnt specific to a single
codec or a single developer

Do you maintain some branch that contains type changes
accorss the codebase that you know you will need repeatly in the
future ?

Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

If you drop bombs on a foreign country and kill a hundred thousand
innocent people, expect your government to call the consequence
"unprovoked inhuman terrorist attacks" and use it to justify dropping
more bombs and killing more people. The technology changed, the idea is old.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20170407/ad5c8413/attachment.sig>

More information about the ffmpeg-devel mailing list