[FFmpeg-cvslog] avfilter/vf_gblur: fix heap-buffer overflow

Paul B Mahol git at videolan.org
Wed Oct 16 13:20:55 EEST 2019


ffmpeg | branch: master | Paul B Mahol <onemda at gmail.com> | Wed Oct 16 12:13:04 2019 +0200| [64a805883d7223c868a683f0030837d859edd2ab] | committer: Paul B Mahol

avfilter/vf_gblur: fix heap-buffer overflow

Fixes #8282

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=64a805883d7223c868a683f0030837d859edd2ab
---

 libavfilter/vf_gblur.c       | 2 +-
 libavfilter/x86/vf_gblur.asm | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/libavfilter/vf_gblur.c b/libavfilter/vf_gblur.c
index 1957d79e0f..9b3e168b1d 100644
--- a/libavfilter/vf_gblur.c
+++ b/libavfilter/vf_gblur.c
@@ -236,7 +236,7 @@ static int config_input(AVFilterLink *inlink)
 
     s->nb_planes = av_pix_fmt_count_planes(inlink->format);
 
-    s->buffer = av_malloc_array(inlink->w, inlink->h * sizeof(*s->buffer));
+    s->buffer = av_malloc_array(FFALIGN(inlink->w, 16), FFALIGN(inlink->h, 16) * sizeof(*s->buffer));
     if (!s->buffer)
         return AVERROR(ENOMEM);
 
diff --git a/libavfilter/x86/vf_gblur.asm b/libavfilter/x86/vf_gblur.asm
index 762c953c85..a25b1659f5 100644
--- a/libavfilter/x86/vf_gblur.asm
+++ b/libavfilter/x86/vf_gblur.asm
@@ -100,7 +100,7 @@ cglobal horiz_slice, 4, 9, 9, ptr, width, height, steps, nu, bscale, x, y, step,
 
         add widthq, remainq
         cmp xq, widthq
-        je .end_scalar
+        jge .end_scalar
 
         .loop_scalar:
             ; ptr[x] += nu * ptr[x-1]
@@ -148,7 +148,7 @@ cglobal horiz_slice, 4, 9, 9, ptr, width, height, steps, nu, bscale, x, y, step,
             jg .loop_x_back
 
         cmp xq, 0
-        je .end_scalar_back
+        jle .end_scalar_back
 
         .loop_scalar_back:
             ; ptr[x-1] += nu * ptr[x]



More information about the ffmpeg-cvslog mailing list