[FFmpeg-cvslog] avfilter/af_tremolo: fix heap-buffer overflow
Paul B Mahol
git at videolan.org
Tue Sep 14 00:16:33 EEST 2021
ffmpeg | branch: release/4.1 | Paul B Mahol <onemda at gmail.com> | Sat Oct 19 19:34:47 2019 +0200| [3a9f384225cb6e5720d36d0b01dd446cfd6f1772] | committer: James Almer
avfilter/af_tremolo: fix heap-buffer overflow
Fixes #8317
(cherry picked from commit 58bb9d3a3a6ede1c6cfb82bf671a5f138e6b2144)
Signed-off-by: James Almer <jamrial at gmail.com>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=3a9f384225cb6e5720d36d0b01dd446cfd6f1772
---
libavfilter/af_tremolo.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/libavfilter/af_tremolo.c b/libavfilter/af_tremolo.c
index 8cbc79892d..f55e8e2b09 100644
--- a/libavfilter/af_tremolo.c
+++ b/libavfilter/af_tremolo.c
@@ -28,6 +28,7 @@ typedef struct TremoloContext {
double freq;
double depth;
double *table;
+ int table_size;
int index;
} TremoloContext;
@@ -72,7 +73,7 @@ static int filter_frame(AVFilterLink *inlink, AVFrame *in)
dst += channels;
src += channels;
s->index++;
- if (s->index >= inlink->sample_rate / s->freq)
+ if (s->index >= s->table_size)
s->index = 0;
}
@@ -125,11 +126,12 @@ static int config_input(AVFilterLink *inlink)
const double offset = 1. - s->depth / 2.;
int i;
- s->table = av_malloc_array(inlink->sample_rate / s->freq, sizeof(*s->table));
+ s->table_size = inlink->sample_rate / s->freq;
+ s->table = av_malloc_array(s->table_size, sizeof(*s->table));
if (!s->table)
return AVERROR(ENOMEM);
- for (i = 0; i < inlink->sample_rate / s->freq; i++) {
+ for (i = 0; i < s->table_size; i++) {
double env = s->freq * i / inlink->sample_rate;
env = sin(2 * M_PI * fmod(env + 0.25, 1.0));
s->table[i] = env * (1 - fabs(offset)) + offset;
More information about the ffmpeg-cvslog
mailing list