AddressSanitizer: global-buffer-overflow (on any input)

[jbeich]

Found on FreeBSD with Clang 8.0. Lines correspond to e92a57c snapshot

$ curl -O https://media.xiph.org/video/derf/y4m/bus_cif.y4m
$ ffmpeg -i bus_cif.y4m -y bus_cif.yuv
$ SvtVp9EncApp -i bus_cif.yuv -w 352 -h 288 -b bus_cif.ivf
-------------------------------------
SVT-VP9 Encoder v0.1.0
SVT [version]   : SVT-VP9 Encoder Lib v0.1.0
SVT [build]     : GCC 4.2.1      64 bit
LIB Build date: Feb 21 2019 09:30:59
-------------------------------------------

[WARNING] For best speed performance, run with sudo privileges !

Number of logical cores available: 8
Number of PPCS 75
-------------------------------------------
SVT [config]: Profile [0]       Level (auto)
SVT [config]: EncoderMode / Tune                                                : 9 / 1
SVT [config]: EncoderBitDepth                                                   : 8
SVT [config]: SourceWidth / SourceHeight                                        : 352 / 288
SVT [config]: FrameRate / Gop Size                                              : 60 / 64
SVT [config]: HierarchicalLevels / BaseLayerSwitchMode / PredStructure          : 4 / 0 / 2
SVT [config]: BRC Mode / QP                                                     : CQP / 45
-------------------------------------------
=================================================================
==7729==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0008011b682d at pc 0x00080154bb21 bp 0x7fffffff7ef0 sp 0x7fffffff7ee8
READ of size 1 at 0x0008011b682d thread T0
    #0 0x80154bb20 in md_scan_all_blks Source/Lib/Codec/EbUtility.c:513:59
    #1 0x80154bea3 in md_scan_all_blks Source/Lib/Codec/EbUtility.c:524:9
    #2 0x80154bea3 in md_scan_all_blks Source/Lib/Codec/EbUtility.c:524:9
    #3 0x80154bea3 in md_scan_all_blks Source/Lib/Codec/EbUtility.c:524:9
    #4 0x80154d227 in build_ep_block_stats Source/Lib/Codec/EbUtility.c:723:5
    #5 0x80129a838 in eb_init_encoder Source/Lib/Codec/EbEncHandle.c:723:5
    #6 0x1124fa0 in init_encoder Source/App/EbAppContext.c:439:20
    #7 0x1127094 in main Source/App/EbAppMain.c:159:53
    #8 0x106611c in _start /usr/src/lib/csu/amd64/crt1.c:76:7

0x0008011b682d is located 51 bytes to the left of global variable '<string literal>' defined in 'Source/Lib/Codec/EbUtility.c:611:21' (0x8011b6860) of size 4
  '<string literal>' is ascii string '


'
0x0008011b682d is located 0 bytes to the right of global variable 'blocksize_to_txsize' defined in 'Source/Lib/Codec/EbUtility.h:60:23' (0x8011b6820) of size 13
SUMMARY: AddressSanitizer: global-buffer-overflow Source/Lib/Codec/EbUtility.c:513:59 in md_scan_all_blks
Shadow bytes around the buggy address:
  0x400100236cb0: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
  0x400100236cc0: 00 00 00 00 04 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
  0x400100236cd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x400100236ce0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x400100236cf0: 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 00 07 f9 f9
=>0x400100236d00: f9 f9 f9 f9 00[05]f9 f9 f9 f9 f9 f9 04 f9 f9 f9
  0x400100236d10: f9 f9 f9 f9 07 f9 f9 f9 f9 f9 f9 f9 03 f9 f9 f9
  0x400100236d20: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 03 f9 f9 f9
  0x400100236d30: f9 f9 f9 f9 00 00 07 f9 f9 f9 f9 f9 00 00 00 00
  0x400100236d40: 00 00 00 00 00 00 00 00 00 06 f9 f9 f9 f9 f9 f9
  0x400100236d50: 00 00 00 00 00 00 00 00 00 00 07 f9 f9 f9 f9 f9
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==7729==ABORTING