[FFmpeg-devel] [PATCH] avcodec/nvdec_hevc: Fix off-by-one error
Timo Rothenpieler
timo at rothenpieler.org
Sat Aug 6 13:06:42 EEST 2022
On 06.08.2022 08:01, Andreas Rheinhardt wrote:
> Fixes Coverity issues #1442912, #1442913, #1442916 and #1442917.
>
> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at outlook.com>
> ---
> Given that hevc_ps.c checks these values, it is actually impossible
> for this error to be triggered.
>
> libavcodec/nvdec_hevc.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/libavcodec/nvdec_hevc.c b/libavcodec/nvdec_hevc.c
> index 590278ba04..cd549d2ef6 100644
> --- a/libavcodec/nvdec_hevc.c
> +++ b/libavcodec/nvdec_hevc.c
> @@ -204,8 +204,8 @@ static int nvdec_hevc_start_frame(AVCodecContext *avctx,
> ppc->row_height_minus1[i] = pps->row_height[i] - 1;
>
> #if NVDECAPI_CHECK_VERSION(9, 0)
> - if (pps->chroma_qp_offset_list_len_minus1 > FF_ARRAY_ELEMS(ppc->cb_qp_offset_list) ||
> - pps->chroma_qp_offset_list_len_minus1 > FF_ARRAY_ELEMS(ppc->cr_qp_offset_list)) {
> + if (pps->chroma_qp_offset_list_len_minus1 >= FF_ARRAY_ELEMS(ppc->cb_qp_offset_list) ||
> + pps->chroma_qp_offset_list_len_minus1 >= FF_ARRAY_ELEMS(ppc->cr_qp_offset_list)) {
> av_log(avctx, AV_LOG_ERROR, "Too many chroma_qp_offsets\n");
> return AVERROR(ENOSYS);
> }
LGTM
More information about the ffmpeg-devel
mailing list