Opened 3 years ago

Closed 10 months ago

#8221 closed defect (fixed)

left shift of negative value bugs in libavcodec/vc2enc.c

Reported by: Suhwan Owned by:
Priority: normal Component: undetermined
Version: git-master Keywords: ubsan
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

Summary of the bug:
There're two left shift of negative value bugs in libavcodec/vc2enc.c

libavcodec/vc2enc.c:660:51: runtime error: left shift of negative value -2
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior libavcodec/vc2enc.c:660:51 in 
libavcodec/vc2enc.c:661:51: runtime error: left shift of negative value -1
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior libavcodec/vc2enc.c:661:51 in

How to reproduce:

% ffmpeg_g -t 1 -y -r 118 -i $PoC -target vcd -loglevel 0 -map 0 -c:v:0 vc2 -disposition:v:105 ppm -disposition:a:103 alias_pix -aframes 118 -r 71 -b:v 440k tmp.mp4

ffmpeg version N-95199-g9847380f5f Copyright (c) 2000-2019 the FFmpeg developers
  built with clang version 6.0.0-1ubuntu2 (tags/RELEASE_600/final)
  configuration: --cc=clang --cxx=clang++ --ld=clang --enable-debug --toolchain=clang-usan

Attachments (2)

gdb-vc2enc (16.1 KB ) - added by Suhwan 3 years ago.
PoC_vc2enc.jpg (319 bytes ) - added by Suhwan 3 years ago.
poc

Download all attachments as: .zip

Change History (3)

by Suhwan, 3 years ago

Attachment: gdb-vc2enc added

by Suhwan, 3 years ago

Attachment: PoC_vc2enc.jpg added

poc

comment:1 by Elon Musk, 10 months ago

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.