[Ffmpeg-devel] Possible bug in h264 dec
Tue Jan 23 13:13:18 CET 2007
On Thu, Sep 29, 2005 at 03:09:03AM +0000, Francis Labonte wrote:
> Runnning valgrind on a file, I got some invlid read.
> It points to:
> H264_CHROMA_MC8_TMPL in dsputil_h264_template_mmx.c called by
> mc_dir_part in h264.c
> In my opinion, I think it could come from here:
> if( full_mx < 0-extra_width
> || full_my < 0-extra_height
> || full_mx + 16/*FIXME*/ > pic_width + extra_width
> || full_my + 16/*FIXME*/ > pic_height + extra_height)
> "<" should become "<=" for the 2 FIXME. An index ( mx, my) ranging from
> 0-... is compared to a size ranging from 1-,,,
> Applying my modification fix my invalid.
> I would like to have have some input to know if my analysis make sens or
is this bug still happening if so please provide valgrind output with
linenums (use ffmpeg_g) and provide the video file which triggers it
> NOTE: I'me not using the latest version of CVS, but this line didn't change
> in HEAD, and a friend told me he got similar result with HEAD version.
and use latest svn or you will be ignored
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
When the tyrant has disposed of foreign enemies by conquest or treaty, and
there is nothing more to fear from them, then he is always stirring up
some war or other, in order that the people may require a leader. -- Plato
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the ffmpeg-devel