[FFmpeg-devel] [PATCH 00/22] Deprecate av_uninit
Nicolas George
george at nsup.org
Fri Apr 11 11:36:17 EEST 2025
Zhao Zhili (HE12025-04-11):
> From: Zhao Zhili <zhilizhao at tencent.com>
>
> The macro is meant to suppress false uninitialized warnings. However,
> sometimes these 'false uninitialized warnings' are really undefined
> behavior, and leading to real issue like crash, e.g., ab792634197e.
>
> For false uninitialized warnings, it can be silenced by initialization,
> and compiler can easily optimize away unnecessary initializations.
>
> av_uninit shouldn't be used in any case.
NAK, you are hiding the UBs, not fixing the bugs.
If the author of the code put av_uninit, that means they believe the
value will always have been initialized by the part of the code
responsible for it. If that is not true, then it is a bug that can lead
to an exploitable security issue or a silent data corruption.
With your changes, nothing proves that the = 0 you put there is the
right value, the bug is still there: the code expects the value to be
correctly set, but instead there is an arbitrary 0.
At least, with av_uninit, valgrind and fuzzing can find the bugs.
Regards,
--
Nicolas George
More information about the ffmpeg-devel
mailing list