[FFmpeg-cvslog] mpeg4videoenc: Don't crash with -fsanitize=bounds

Vitaly Buka git at videolan.org
Sun Jul 5 20:50:18 EEST 2020


ffmpeg | branch: release/2.8 | Vitaly Buka <vitalybuka-at-google.com at ffmpeg.org> | Tue Apr 21 21:34:19 2020 -0700| [72a8f82844b94a0bfc1338916fab7fe705aa2bb2] | committer: Michael Niedermayer

mpeg4videoenc: Don't crash with -fsanitize=bounds

Also the patch makes this code consistent with mpeg4videodec.c

Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit f163d30de2090a7275f1fb8ad69258576f12c1a2)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=72a8f82844b94a0bfc1338916fab7fe705aa2bb2
---

 libavcodec/mpeg4videoenc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavcodec/mpeg4videoenc.c b/libavcodec/mpeg4videoenc.c
index 0cde63ba4e..c8142491e6 100644
--- a/libavcodec/mpeg4videoenc.c
+++ b/libavcodec/mpeg4videoenc.c
@@ -104,7 +104,7 @@ static inline void restore_ac_coeffs(MpegEncContext *s, int16_t block[6][64],
     memcpy(s->block_last_index, zigzag_last_index, sizeof(int) * 6);
 
     for (n = 0; n < 6; n++) {
-        int16_t *ac_val = s->ac_val[0][0] + s->block_index[n] * 16;
+        int16_t *ac_val = &s->ac_val[0][0][0] + s->block_index[n] * 16;
 
         st[n] = s->intra_scantable.permutated;
         if (dir[n]) {
@@ -143,7 +143,7 @@ static inline int decide_ac_pred(MpegEncContext *s, int16_t block[6][64],
         score -= get_block_rate(s, block[n], s->block_last_index[n],
                                 s->intra_scantable.permutated);
 
-        ac_val  = s->ac_val[0][0] + s->block_index[n] * 16;
+        ac_val  = &s->ac_val[0][0][0] + s->block_index[n] * 16;
         ac_val1 = ac_val;
         if (dir[n]) {
             const int xy = s->mb_x + s->mb_y * s->mb_stride - s->mb_stride;



More information about the ffmpeg-cvslog mailing list