[FFmpeg-cvslog] avfilter/vf_gblur: fix heap-buffer overflow
Paul B Mahol
git at videolan.org
Fri Apr 8 01:30:47 EEST 2022
ffmpeg | branch: release/4.2 | Paul B Mahol <onemda at gmail.com> | Wed Oct 16 12:13:04 2019 +0200| [84fdfdf8595150c04b86febd1ef2eae3878c84b8] | committer: Michael Niedermayer
avfilter/vf_gblur: fix heap-buffer overflow
Fixes #8282
(cherry picked from commit 64a805883d7223c868a683f0030837d859edd2ab)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=84fdfdf8595150c04b86febd1ef2eae3878c84b8
---
libavfilter/vf_gblur.c | 2 +-
libavfilter/x86/vf_gblur.asm | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/libavfilter/vf_gblur.c b/libavfilter/vf_gblur.c
index e71b33da80..f0d861852f 100644
--- a/libavfilter/vf_gblur.c
+++ b/libavfilter/vf_gblur.c
@@ -236,7 +236,7 @@ static int config_input(AVFilterLink *inlink)
s->nb_planes = av_pix_fmt_count_planes(inlink->format);
- s->buffer = av_malloc_array(inlink->w, inlink->h * sizeof(*s->buffer));
+ s->buffer = av_malloc_array(FFALIGN(inlink->w, 16), FFALIGN(inlink->h, 16) * sizeof(*s->buffer));
if (!s->buffer)
return AVERROR(ENOMEM);
diff --git a/libavfilter/x86/vf_gblur.asm b/libavfilter/x86/vf_gblur.asm
index 762c953c85..a25b1659f5 100644
--- a/libavfilter/x86/vf_gblur.asm
+++ b/libavfilter/x86/vf_gblur.asm
@@ -100,7 +100,7 @@ cglobal horiz_slice, 4, 9, 9, ptr, width, height, steps, nu, bscale, x, y, step,
add widthq, remainq
cmp xq, widthq
- je .end_scalar
+ jge .end_scalar
.loop_scalar:
; ptr[x] += nu * ptr[x-1]
@@ -148,7 +148,7 @@ cglobal horiz_slice, 4, 9, 9, ptr, width, height, steps, nu, bscale, x, y, step,
jg .loop_x_back
cmp xq, 0
- je .end_scalar_back
+ jle .end_scalar_back
.loop_scalar_back:
; ptr[x-1] += nu * ptr[x]
More information about the ffmpeg-cvslog
mailing list