SSIM360Context.ssim360_hist is an array of four pointers to double;
so sizeof(*ssim360_hist[0]) (=sizeof(double)) is the correct size
to use to calculate the amount of memory to allocate, not
sizeof(*ssim360_hist) (which is sizeof(double*)).
Use FF_ALLOCZ_TYPED_ARRAY to avoid this issue altogether.
Fixes Coverity issue #1520671.
Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@outlook.com>
---
libavfilter/vf_ssim360.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavfilter/vf_ssim360.c b/libavfilter/vf_ssim360.c
index 3eb8e43bbc..f8ce0744f2 100644
--- a/libavfilter/vf_ssim360.c
+++ b/libavfilter/vf_ssim360.c
@@ -1624,7 +1624,7 @@ static int config_output(AVFilterLink *outlink)
memset(s->ssim360_percentile_sum, 0,
sizeof(s->ssim360_percentile_sum));
for (int i = 0; i < s->nb_components; i++) {
- s->ssim360_hist[i] = av_calloc(SSIM360_HIST_SIZE,
sizeof(*s->ssim360_hist));
+ FF_ALLOCZ_TYPED_ARRAY(s->ssim360_hist[i], SSIM360_HIST_SIZE);
if (!s->ssim360_hist[i])
return AVERROR(ENOMEM);
}
--
2.34.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
