[FFmpeg-devel] [PATCH] mingw memalign hack fix
Justin Ruggles
justin.ruggles
Mon Dec 1 05:11:18 CET 2008
David DeHaven wrote:
>>>>> + diff = ((-(long)ptr - 1)&15) + 1;
>>>> intptr_t should be used instead of long.
>>> Agreed. I fixed av_malloc too...
>> still exploitable, besides your code cannot work at all
>> when "diff" changes the content of the buffer will not be where
>> realign()
>> requires it to be.
>>
>> may i suggest that you first tell us which av_realloc() call is causig
>> problems, it likely should just be replaced by av_free() av_malloc()
>
>
> I understand your point about exploitability...
>
> Geez, where do I start? The h.264 and ac3 decoders both use
> av_realloc'd blocks frequently (either directly or through other
> calls), those have been the two most annoying. I suppose I could track
> down where all the reallocations are happening, might take some time
> as we're preparing for a weekend of feasting on roasted bird :)
The only place I can see in the AC-3 decoder where unaligned memory
might possibly be used in SIMD code is in float_to_int16_interleaved().
Although, if the documentation of avcodec_decode_audio2() is followed,
the output buffer needs to be aligned in order to guarantee proper
decoding. Maybe ffmpeg doesn't adhere to that guideline...I haven't
checked.
-Justin
More information about the ffmpeg-devel
mailing list