[FFmpeg-cvslog] avcodec/hevc: clear tab_slice_address in hevc_frame_start()

Fri Feb 7 04:53:29 CET 2014

ffmpeg | branch: master | Michael Niedermayer <michaelni at gmx.at> | Fri Feb  7 02:37:18 2014 +0100| [56985d26d7054079cbe8865532c4a2cff123f596] | committer: Michael Niedermayer

avcodec/hevc: clear tab_slice_address in hevc_frame_start()

Fixes inconsistencies
Fixes use of uninitilaized memory
Fixes part of  cb307d24befbd109c6f054008d6777b5/asan_static-oob_124a175_1445_cov_2355279992_DBLK_D_VIXS_1.bit
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=56985d26d7054079cbe8865532c4a2cff123f596
---

 libavcodec/hevc.c |    3 +++
 1 file changed, 3 insertions(+)

diff --git a/libavcodec/hevc.c b/libavcodec/hevc.c
index 666a28c..8e8adf1 100644
--- a/libavcodec/hevc.c
+++ b/libavcodec/hevc.c
@@ -2199,12 +2199,15 @@ static int set_side_data(HEVCContext *s)
 static int hevc_frame_start(HEVCContext *s)
 {
     HEVCLocalContext *lc = s->HEVClc;
+    int pic_size_in_ctb  = ((s->sps->width  >> s->sps->log2_min_cb_size) + 1) *
+                           ((s->sps->height >> s->sps->log2_min_cb_size) + 1);
     int ret;
 
     memset(s->horizontal_bs, 0, 2 * s->bs_width * (s->bs_height + 1));
     memset(s->vertical_bs,   0, 2 * s->bs_width * (s->bs_height + 1));
     memset(s->cbf_luma,      0, s->sps->min_tb_width * s->sps->min_tb_height);
     memset(s->is_pcm,        0, s->sps->min_pu_width * s->sps->min_pu_height);
+    memset(s->tab_slice_address, -1, pic_size_in_ctb * sizeof(*s->tab_slice_address));
 
     lc->start_of_tiles_x = 0;
     s->is_decoded        = 0;

