ref: ba08e37cd28515055edd42d092835ac142ca8114
parent: d8996b181d2013abd01a2e9f5dceae5e09b3afda
author: Marvin Scholz <epirat07@gmail.com>
date: Sun Oct 28 22:04:50 EDT 2018
dav1d: Fix theoretical invalid pointer dereference Fix a theoretical bug found by the clang static analyzer: In theory num_muxers could be smaller than res, never evaluating the loop (as the condition would be false) but not satisfying the i == num_muxers case, so proceeding and dereferencing the never initialized impl pointer. Fixing this is simple: Changed the num_muxers and index variables to unsigned so num_muxers can never be smaller than i.
--- a/tools/output/output.c
+++ b/tools/output/output.c
@@ -43,7 +43,7 @@
#define MAX_NUM_MUXERS 4
static const Muxer *muxers[MAX_NUM_MUXERS];
-static int num_muxers = 0;
+static unsigned num_muxers = 0;
#define register_muxer(impl) { \extern const Muxer impl; \
@@ -81,7 +81,8 @@
{const Muxer *impl;
MuxerContext *c;
- int res, i;
+ unsigned i;
+ int res;
if (name) { for (i = 0; i < num_muxers; i++) {