[FFmpeg-cvslog] avfilter/vf_edgedetect: fix heap-buffer overflow

Paul B Mahol git at videolan.org
Tue Sep 14 00:16:54 EEST 2021


ffmpeg | branch: release/4.1 | Paul B Mahol <onemda at gmail.com> | Tue Oct 15 16:38:40 2019 +0200| [ac5a7d5a67afb6b26460412d51f026ecf22c2193] | committer: James Almer

avfilter/vf_edgedetect: fix heap-buffer overflow

Fixes #8275

(cherry picked from commit de598f82f8c3f8000e1948548e8088148e2b1f44)
Signed-off-by: James Almer <jamrial at gmail.com>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ac5a7d5a67afb6b26460412d51f026ecf22c2193
---

 libavfilter/vf_edgedetect.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/libavfilter/vf_edgedetect.c b/libavfilter/vf_edgedetect.c
index 11a31fa4ff..25ae6dfacc 100644
--- a/libavfilter/vf_edgedetect.c
+++ b/libavfilter/vf_edgedetect.c
@@ -154,7 +154,8 @@ static void gaussian_blur(AVFilterContext *ctx, int w, int h,
         memcpy(dst, src, w); dst += dst_linesize; src += src_linesize;
     for (j = 2; j < h - 2; j++) {
         dst[0] = src[0];
-        dst[1] = src[1];
+        if (w > 1)
+            dst[1] = src[1];
         for (i = 2; i < w - 2; i++) {
             /* Gaussian mask of size 5x5 with sigma = 1.4 */
             dst[i] = ((src[-2*src_linesize + i-2] + src[2*src_linesize + i-2]) * 2
@@ -175,8 +176,10 @@ static void gaussian_blur(AVFilterContext *ctx, int w, int h,
                     + src[i+1] * 12
                     + src[i+2] *  5) / 159;
         }
-        dst[i    ] = src[i    ];
-        dst[i + 1] = src[i + 1];
+        if (w > 2)
+            dst[i    ] = src[i    ];
+        if (w > 3)
+            dst[i + 1] = src[i + 1];
 
         dst += dst_linesize;
         src += src_linesize;



More information about the ffmpeg-cvslog mailing list