Opened 7 years ago
Closed 7 years ago
#6117 closed defect (needs_more_info)
type mismatch of AC3EncodeContext in different translation units
| Reported by: | Daniel Krupp | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | undetermined |
| Version: | unspecified | Keywords: | |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | no | |
| Analyzed by developer: | no |
Description
Summary of the bug:
While analyzing your project with clang I spotted the following problem.
The struct AC3EncodeContext (defined in ac3enc.h) is defined differently depending on the CONFIG_AC3ENC_FLOAT macro.
When compiling eac3enc.c the CONFIG_AC3ENC_FLOAT is 1, while in ac3enc.c it is 0.
But there is a pass of this struct from in line 417 in ac3enc.c
...
if (CONFIG_EAC3_ENCODER && s->eac3)
ff_eac3_get_frame_exp_strategy(s);
...
The two translation units (TU) are linked together, and since the definition of the struct in the TUs are different, this could cause memory corruption problems when accessing its fields (and against the one definition rule).
The potential bug still exists in commit e4d65434633b67fd03d379fe9d0ab9dc97d767dc
Change History (5)
comment:1 by , 7 years ago
comment:2 by , 7 years ago
I did not reproduce the problem in run-time. Inspecting the code a bit more in detail I see that in AC3EncodeContext there are only pointers to the changing types: SampleType,CoefType and thus the size of and memory layout of the struct remains the same in the 2 TUs. So I do not expect run-time error in the current form of the struct.
Still, this violates the one definition rule of C/C++ which may not cause run-time error in this very specific case.
comment:5 by , 7 years ago
| Resolution: | → needs_more_info |
|---|---|
| Status: | new → closed |
How can I reproduce the memory corruption?