On Mon, Dec 6, 2021 at 7:37 PM Andreas Rheinhardt <
andreas.rheinha...@outlook.com> wrote:
> av_image_copy() expects an array of four pointers and linesizes
> according to its declaration; it currently only pointers that are
> actually in use (depending upon the pixel format), but this might
> change at any time. It has already happened for the linesizes in
> d7bc52bf456deba0f32d9fe5c288ec441f1ebef5 and so increasing their
> array fixes a stack-buffer overread.
>
> This fixes a -Wstringop-overflow= and -Wstringop-overread warning
> from GCC 11.2.
>
> Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@outlook.com>
> ---
> libavcodec/libopenh264dec.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/libavcodec/libopenh264dec.c b/libavcodec/libopenh264dec.c
> index ea70a8e143..7f5e85402a 100644
> --- a/libavcodec/libopenh264dec.c
> +++ b/libavcodec/libopenh264dec.c
> @@ -91,8 +91,8 @@ static int svc_decode_frame(AVCodecContext *avctx, void
> *data,
> {
> SVCContext *s = avctx->priv_data;
> SBufferInfo info = { 0 };
> - uint8_t* ptrs[3];
> - int ret, linesize[3];
> + uint8_t *ptrs[4] = { NULL };
> + int ret, linesize[4];
> AVFrame *avframe = data;
> DECODING_STATE state;
> #if OPENH264_VER_AT_LEAST(1, 7)
> @@ -140,6 +140,7 @@ static int svc_decode_frame(AVCodecContext *avctx,
> void *data,
>
> linesize[0] = info.UsrData.sSystemBuffer.iStride[0];
> linesize[1] = linesize[2] = info.UsrData.sSystemBuffer.iStride[1];
> + linesize[3] = 0;
> av_image_copy(avframe->data, avframe->linesize, (const uint8_t **)
> ptrs, linesize, avctx->pix_fmt, avctx->width, avctx->height);
>
> avframe->pts = info.uiOutYuvTimeStamp;
> --
> 2.32.0
>
lgtm. (guess the title is referring to "avcodec/libopenh264dec: xxx" ?)
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
