x/ffmpeg
1
0
Fork 0
mirror of https://git.ffmpeg.org/ffmpeg.git synced 2026-06-11 08:13:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

avcodec/diracdec: fix heap buffer overflow in edge_emu_buffer

Browse Source 
Fixes: poc_dirac_v2_*
This commit is contained in:
Anthony Hurtado
2026-06-03 23:37:46 +00:00
committed by michaelni
co-authored by michaelni
parent 92804c9e25
commit 495b402f27
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
libavcodec/diracdec.c
+2 -2
View File
@@ -339,7 +339,7 @@ static int alloc_buffers(DiracContext *s, int stride)
av_freep(&s->mctmp);
av_freep(&s->mcscratch);
s->edge_emu_buffer_base = av_malloc_array(stride, MAX_BLOCKSIZE);
s->edge_emu_buffer_base = av_malloc_array(stride, 4 * MAX_BLOCKSIZE);
s->mctmp = av_malloc_array((stride+MAX_BLOCKSIZE), (h + 5*MAX_BLOCKSIZE) * sizeof(*s->mctmp));
s->mcscratch = av_malloc_array(stride, MAX_BLOCKSIZE);
@@ -1895,7 +1895,7 @@ static int dirac_decode_frame_internal(DiracContext *s)
/* FIXME: small resolutions */
for (i = 0; i < 4; i++)
s->edge_emu_buffer[i] = s->edge_emu_buffer_base + i*FFALIGN(p->width, 16);
s->edge_emu_buffer[i] = s->edge_emu_buffer_base + i*s->buffer_stride*MAX_BLOCKSIZE;
if (!s->zero_res && !s->low_delay)
{