[FFmpeg-cvslog] avcodec/hevc/hevcdec: Don't add to null pointer
Vitaly Buka
git at videolan.org
Thu Jan 30 16:35:51 EET 2025
ffmpeg | branch: master | Vitaly Buka <vitalybuka at google.com> | Thu Jan 16 15:49:19 2025 -0800| [c5287178b4dc373e763f7cd49703a6e3192aab3a] | committer: James Almer
avcodec/hevc/hevcdec: Don't add to null pointer
`POS(1,` and `POS(2,` may trigger UBSAN report:
"runtime error: applying non-zero offset 304 to null pointer"
Looks like values are not used without `chroma_format_idc`,
so maybe there is no other issues than the UB.
Can't reproduce with "fate".
Signed-off-by: Vitaly Buka <vitalybuka at google.com>
Signed-off-by: James Almer <jamrial at gmail.com>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=c5287178b4dc373e763f7cd49703a6e3192aab3a
---
libavcodec/hevc/hevcdec.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/libavcodec/hevc/hevcdec.c b/libavcodec/hevc/hevcdec.c
index 3655ed0039..7d3e844945 100644
--- a/libavcodec/hevc/hevcdec.c
+++ b/libavcodec/hevc/hevcdec.c
@@ -2040,9 +2040,10 @@ static void hls_prediction_unit(HEVCLocalContext *lc,
int x0, int y0, int nPbW, int nPbH,
int log2_cb_size, int partIdx, int idx)
{
-#define POS(c_idx, x, y) \
+#define POS(c_idx, x, y) \
+ &s->cur_frame->f->data[c_idx] ? \
&s->cur_frame->f->data[c_idx][((y) >> sps->vshift[c_idx]) * linesize[c_idx] + \
- (((x) >> sps->hshift[c_idx]) << sps->pixel_shift)]
+ (((x) >> sps->hshift[c_idx]) << sps->pixel_shift)] : NULL
const HEVCContext *const s = lc->parent;
int merge_idx = 0;
struct MvField current_mv = {{{ 0 }}};
More information about the ffmpeg-cvslog
mailing list