[FFmpeg-cvslog] avfilter/af_alimiter: Check nextpos before use
Michael Niedermayer
git at videolan.org
Sun Apr 14 19:34:57 EEST 2024
ffmpeg | branch: release/6.0 | Michael Niedermayer <michael at niedermayer.cc> | Fri Dec 22 21:49:48 2023 +0100| [4df8f9fa2b226988551354b153ac1bfa0c1a9646] | committer: Michael Niedermayer
avfilter/af_alimiter: Check nextpos before use
Fixes: out of array read
Fixes: tickets/10744/poc11ffmpeg
Found-by: Li Zeyuan and Zeng Yunxiang.
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
(cherry picked from commit a88b06f9ee8c88f78bdd614fc25283225223e858)
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=4df8f9fa2b226988551354b153ac1bfa0c1a9646
---
libavfilter/af_alimiter.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/libavfilter/af_alimiter.c b/libavfilter/af_alimiter.c
index c683c4bcf4..f4318b6d7b 100644
--- a/libavfilter/af_alimiter.c
+++ b/libavfilter/af_alimiter.c
@@ -196,9 +196,10 @@ static int filter_frame(AVFilterLink *inlink, AVFrame *in)
int j = i % buffer_size;
double ppeak = 0, pdelta;
- for (c = 0; c < channels; c++) {
- ppeak = FFMAX(ppeak, fabs(buffer[nextpos[j] + c]));
- }
+ if (nextpos[j] >= 0)
+ for (c = 0; c < channels; c++) {
+ ppeak = FFMAX(ppeak, fabs(buffer[nextpos[j] + c]));
+ }
pdelta = (limit / peak - limit / ppeak) / (((buffer_size - nextpos[j] + s->pos) % buffer_size) / channels);
if (pdelta < nextdelta[j]) {
nextdelta[j] = pdelta;
More information about the ffmpeg-cvslog
mailing list