[FFmpeg-devel] [PATCH] oggparsedaala: reject too large gpshift

Ganesh Ajjanagadde gajjanag at mit.edu
Wed Dec 30 01:04:44 CET 2015


On Tue, Dec 29, 2015 at 4:00 PM, Andreas Cadhalpun
<andreas.cadhalpun at googlemail.com> wrote:
> On 29.12.2015 22:27, Rostislav Pehlivanov wrote:
>> oggparsetheora has the same bit of code to read the gpshift, so it would
>> probably be a good idea to add it to this patch as well.
>
> No, oggparsetheora only reads 5 bits for gpshift.
> The only thing from this patch that also applies there is the (theoretical)
> issue of 1<<31 not being defined for int32_t.

Can you clarify precisely what you mean by this? I am pretty sure
ubsan and others do fail for 1<<31, and I know that it is undefined
behavior. Are you saying that it is impossible to trigger a 1<<31, or
only that it is highly improbable?

[...]


More information about the ffmpeg-devel mailing list