shithub: dav1d

Download patch

ref: 6ac49461b1dd8f0c5afe5f34cab882ca46e03ed2
parent: 5b67e1a2fcf03b6e9bdd088fe50b7bbf981804b4
author: Janne Grunau <[email protected]>
date: Wed Oct 17 18:37:26 EDT 2018

fix skip_mode_params parsing if enable_order_hint == 0

Fix following ubsan error in #68:
../src/env.h:296:24: runtime error: shift exponent -1 is negative
[Detaching after fork from child process 22253]
    #0 0x7ffff76ad6f9 in get_poc_diff /home/janne/src/dav1d/build-usan/../src/env.h:296:24
    #1 0x7ffff76ad6f9 in parse_frame_hdr /home/janne/src/dav1d/build-usan/../src/obu.c:757
    #2 0x7ffff7696491 in dav1d_parse_obus /home/janne/src/dav1d/build-usan/../src/obu.c:1023:20
    #3 0x7ffff7921c7d in dav1d_decode /home/janne/src/dav1d/build-usan/../src/lib.c:193:20
    #4 0x424869 in main /home/janne/src/dav1d/build-usan/../tools/dav1d.c:108:20
    #5 0x7ffff63dfae6 in __libc_start_main (/lib64/libc.so.6+0x21ae6)
    #6 0x403489 in _start (/home/janne/src/dav1d/build-usan/tools/dav1d+0x403489)

I can't reproduce the ubsan error in the issue.

--- a/src/obu.c
+++ b/src/obu.c
@@ -746,7 +746,7 @@
            (gb->ptr - init_ptr) * 8 - gb->bits_left);
 #endif
     hdr->skip_mode_allowed = 0;
-    if (hdr->switchable_comp_refs && hdr->frame_type & 1) {
+    if (hdr->switchable_comp_refs && hdr->frame_type & 1 && seqhdr->order_hint) {
         const unsigned poc = hdr->frame_offset;
         unsigned off_before[2] = { 0xFFFFFFFF, 0xFFFFFFFF };
         int off_after = -1;