[FFmpeg-devel] [PATCH] *alloc(type)
Reimar Döffinger
Reimar.Doeffinger
Sat Nov 20 14:20:08 CET 2010
On Sat, Nov 20, 2010 at 04:05:32PM +0300, Yuriy Kaminskiy wrote:
> Reimar D?ffinger wrote:
> > On Sat, Nov 20, 2010 at 04:37:30AM +0100, Michael Niedermayer wrote:
> >> patchset below fixes the type used in malloc and co
> >> The sense behind this patch is that feeding things that dont fit in unsigned
> >> int into *alloc() can lead to successfull allocation of too small arrays which
> >> is pretty bad.
> >> There are probably more functions that should be changed like av_new_packet()
> >> but i had to start somewhere and will look into the others too if noone else
> >> does.
> >> Note, i will apply this in a few days if there are no objections
> >
> > This has some side-effects I do not like.
> > For example, allocating more than 4 GB now becomes possible, even
> > though such an allocation is almost certain to be a bug.
> No. A bit more context:
> === cut ===
> void *av_malloc(unsigned int size)
> {
> void *ptr = NULL;
> #if CONFIG_MEMALIGN_HACK
> long diff;
> #endif
>
> /* let's disallow possible ambiguous cases */
> if(size > (INT_MAX-16) )
> return NULL;
Ok, I'll change my suggestions to:
How about using uint64_t always?
How about adding a
#if SIZE_MAX < INT_MAX
#error unsupported system (size_t < int)
#endif
More information about the ffmpeg-devel
mailing list