From 4cc27eb80873cb45efcd2ce7ad9e66fe74b47ac9 Mon Sep 17 00:00:00 2001 From: Arman Hasanzadeh Date: Tue, 12 Aug 2025 19:01:15 -0700 Subject: [PATCH] Add fbounds-safety annotations for `bit_depths`. Reasoning: Analysis showed `bit_depths` is passed from `VP8LCreateHuffmanTree` (as `huff_code->code_lengths`) to `GenerateOptimalTree` (as `bit_depths` with size `histogram_size` = `huff_code->num_symbols`) and then to `SetBitDepths`. The `HuffmanTreeCode` struct stores `code_lengths` and `codes` pointers, both sized by `num_symbols`. These arrays are allocated in `GetHuffBitLengthsAndCodes` (called by `EncodeImageInternal`) based on `num_symbols`. The fix involves: - Annotating `HuffmanTreeCode::code_lengths` and `HuffmanTreeCode::codes` with `__counted_by(num_symbols)` in `src/utils/huffman_encode_utils.h`. - Annotating the `bit_depths` parameter in `GenerateOptimalTree` with `__counted_by(histogram_size)` in `src/utils/huffman_encode_utils.c`. - Annotating the `bit_depths` parameter in `SetBitDepths` with `__indexable` in `src/utils/huffman_encode_utils.c`, as the size parameter (`histogram_size`) is not directly available but indexing is known to be safe based on caller logic (indices `tree->value` are within `[0, histogram_size - 1]`). Bug: 432511821 Change-Id: Icfd32f15d0744983b5912d527e5bc59ac58343a5 --- src/utils/huffman_encode_utils.c | 5 +++-- src/utils/huffman_encode_utils.h | 8 +++++--- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/src/utils/huffman_encode_utils.c b/src/utils/huffman_encode_utils.c index 45f758ea..1b18f384 100644 --- a/src/utils/huffman_encode_utils.c +++ b/src/utils/huffman_encode_utils.c @@ -139,7 +139,7 @@ static int CompareHuffmanTrees(const void* ptr1, const void* ptr2) { static void SetBitDepths(const HuffmanTree* const tree, const HuffmanTree* const pool, - uint8_t* const bit_depths, int level) { + uint8_t* WEBP_INDEXABLE const bit_depths, int level) { if (tree->pool_index_left >= 0) { SetBitDepths(&pool[tree->pool_index_left], pool, bit_depths, level + 1); SetBitDepths(&pool[tree->pool_index_right], pool, bit_depths, level + 1); @@ -170,7 +170,8 @@ static void SetBitDepths(const HuffmanTree* const tree, static void GenerateOptimalTree(const uint32_t* const histogram, int histogram_size, HuffmanTree* tree, int tree_depth_limit, - uint8_t* const bit_depths) { + uint8_t* WEBP_COUNTED_BY(histogram_size) + const bit_depths) { uint32_t count_min; HuffmanTree* tree_pool; int tree_size_orig = 0; diff --git a/src/utils/huffman_encode_utils.h b/src/utils/huffman_encode_utils.h index 98dc61da..d80f96b1 100644 --- a/src/utils/huffman_encode_utils.h +++ b/src/utils/huffman_encode_utils.h @@ -31,9 +31,11 @@ typedef struct { // Struct to represent the tree codes (depth and bits array). typedef struct { - int num_symbols; // Number of symbols. - uint8_t* code_lengths; // Code lengths of the symbols. - uint16_t* codes; // Symbol Codes. + int num_symbols; // Number of symbols. + // Code lengths of the symbols. + uint8_t* WEBP_COUNTED_BY(num_symbols) code_lengths; + // Symbol Codes. + uint16_t* WEBP_COUNTED_BY(num_symbols) codes; } HuffmanTreeCode; // Struct to represent the Huffman tree.