From 20a30077c3659e6dc0c5b9dfa08d39b70a6b5f4e Mon Sep 17 00:00:00 2001 From: Ganesh Ajjanagadde Date: Tue, 27 Oct 2015 20:11:40 -0400 Subject: [PATCH] avutil/mathematics: correct documentation for av_gcd av_gcd is now always defined regardless of input. This documents this change in the "documented API". Two benefits (closely related): 1. The function is robust, and there is no need to worry about INT64_MIN, etc. 2. Clients of av_gcd, like av_reduce, can now be made fully correct. Currently, av_reduce can trigger undefined behavior if e.g num is INT64_MIN due to integer overflow in the FFABS. Furthermore, this undefined behavior is completely undocumented, and could be a fuzzer's paradise. The FFABS was needed in the past as av_gcd was undefined for negative inputs. In order to make av_reduce robust, it is essential to guarantee that av_gcd works for all int64_t. Reviewed-by: Michael Niedermayer Signed-off-by: Ganesh Ajjanagadde --- libavutil/mathematics.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/libavutil/mathematics.h b/libavutil/mathematics.h index ac94488729..57c44f845d 100644 --- a/libavutil/mathematics.h +++ b/libavutil/mathematics.h @@ -77,9 +77,10 @@ enum AVRounding { }; /** - * Return the greatest common divisor of a and b. - * If both a and b are 0 or either or both are <0 then behavior is - * undefined. + * Compute the greatest common divisor of a and b. + * + * @return gcd of a and b up to sign; if a >= 0 and b >= 0, return value is >= 0; + * if a == 0 and b == 0, returns 0. */ int64_t av_const av_gcd(int64_t a, int64_t b);