#8217 closed defect (fixed)
left shift of negative value bug in libavcodec/ra144enc.c
Reported by: | Suhwan | Owned by: | |
---|---|---|---|
Priority: | minor | Component: | avcodec |
Version: | git-master | Keywords: | ra144 ubsan |
Cc: | Blocked By: | ||
Blocking: | Reproduced by developer: | no | |
Analyzed by developer: | no |
Description
Summary of the bug:
There is a left shift of negative value bug in libavcodec/ra144enc.c
libavcodec/ra144enc.c:480:69: runtime error: left shift of negative value -2682 SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior libavcodec/ra144enc.c:480:69 in libavcodec/lpc.h:189:15: runtime error: division by zero SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior libavcodec/lpc.h:189:15 in
How to reproduce:
% ffmpeg_g -y -r 70 -i $PoC -loglevel 0 -c:a:0 real_144 -c:a:48 alias_pix -disposition:v:122 flashsv2 tmp.aptx ffmpeg version N-95199-g9847380f5f Copyright (c) 2000-2019 the FFmpeg developers built with clang version 6.0.0-1ubuntu2 (tags/RELEASE_600/final), --enable-debug --toolchain=clang-asan
Attachments (2)
Change History (4)
by , 4 years ago
Attachment: | PoC_ra144.wav added |
---|
by , 4 years ago
comment:1 by , 4 years ago
Component: | undetermined → avcodec |
---|---|
Resolution: | → fixed |
Status: | new → closed |
Fixed in e3fb9af6f1353f30855eaa1cbd5befaf06e303b8. Notice that I was unable to reproduce the division by zero in lpc.h that you mention in your ticket; it is also absent in your gdb log, so I guess that you simply made an error.
comment:2 by , 4 years ago
Keywords: | ra144 added |
---|---|
Priority: | normal → minor |
I still see the lpc error with clang 9.0.1, it seems covered by ticket #8213.
Note:
See TracTickets
for help on using tickets.
poc