[FFmpeg-cvslog] avcodec/snow: split block clipping checks

Michael Niedermayer git at videolan.org
Sun Feb 23 17:46:54 CET 2014


ffmpeg | branch: release/2.1 | Michael Niedermayer <michaelni at gmx.at> | Tue Feb 18 02:53:14 2014 +0100| [a94f367424051567995829d5e4a6a04977e2ecad] | committer: Michael Niedermayer

avcodec/snow: split block clipping checks

Fixes out of array read
Fixes: d4476f68ca1c1c57afbc45806f581963-asan_heap-oob_2266b27_8607_cov_4044577381_snow_chroma_bug.avi
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
(cherry picked from commit 61d59703c91869f4e5cdacd8d6be52f8b89d4ba4)

Signed-off-by: Michael Niedermayer <michaelni at gmx.at>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=a94f367424051567995829d5e4a6a04977e2ecad
---

 libavcodec/snow.h |    6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/libavcodec/snow.h b/libavcodec/snow.h
index 1222a77..60b0062 100644
--- a/libavcodec/snow.h
+++ b/libavcodec/snow.h
@@ -318,7 +318,8 @@ static av_always_inline void add_yblock(SnowContext *s, int sliced, slice_buffer
         if(!sliced && !offset_dst)
             dst -= src_x;
         src_x=0;
-    }else if(src_x + b_w > w){
+    }
+    if(src_x + b_w > w){
         b_w = w - src_x;
     }
     if(src_y<0){
@@ -327,7 +328,8 @@ static av_always_inline void add_yblock(SnowContext *s, int sliced, slice_buffer
         if(!sliced && !offset_dst)
             dst -= src_y*dst_stride;
         src_y=0;
-    }else if(src_y + b_h> h){
+    }
+    if(src_y + b_h> h){
         b_h = h - src_y;
     }
 



More information about the ffmpeg-cvslog mailing list