[FFmpeg-devel] [PATCH 1/3] avcodec/evc_ps: Fix size of tile_(row|column) arrays
James Almer
jamrial at gmail.com
Sun Jul 16 17:39:04 EEST 2023
On 7/16/2023 11:22 AM, Andreas Rheinhardt wrote:
> Prevents out-of-bound writes when parsing tile row heights.
> Fixes Coverity issue #1538300.
>
> Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at outlook.com>
> ---
> libavcodec/evc_ps.h | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/libavcodec/evc_ps.h b/libavcodec/evc_ps.h
> index 0bbec1f138..336953b176 100644
> --- a/libavcodec/evc_ps.h
> +++ b/libavcodec/evc_ps.h
> @@ -192,8 +192,8 @@ typedef struct EVCParserPPS {
> uint32_t num_tile_columns_minus1; // ue(v)
> uint32_t num_tile_rows_minus1; // ue(v)
> uint8_t uniform_tile_spacing_flag; // u(1)
> - uint32_t tile_column_width_minus1[EVC_MAX_TILE_ROWS]; // ue(v)
> - uint32_t tile_row_height_minus1[EVC_MAX_TILE_COLUMNS]; // ue(v)
> + uint32_t tile_column_width_minus1[EVC_MAX_TILE_COLUMNS]; // ue(v)
> + uint32_t tile_row_height_minus1[EVC_MAX_TILE_ROWS]; // ue(v)
> uint8_t loop_filter_across_tiles_enabled_flag; // u(1)
> uint32_t tile_offset_len_minus1; // ue(v)
> uint8_t tile_id_len_minus1; // ue(v)
LGTM.
More information about the ffmpeg-devel
mailing list