[FFmpeg-devel] [PATCH 3/3] vp9: recon: Use emulated edge to prevent buffer overflows
Michael Niedermayer
michael at niedermayer.cc
Fri Dec 20 20:51:08 EET 2024
Hi Janne
On Thu, Dec 19, 2024 at 10:12:23PM +0100, Janne Grunau wrote:
> The arm/aarch64 horizontal filter reads one additional pixel beyond what
> the filter uses. This can become an issue if the application does not
> allocate larger buffers than what's required for the pixel data. If the
> motion vector points to the bottom right edge of the picture this
> becomes a read buffer overflow. This triggers segfaults in Firefox for
> video resolutions which result in a page aligned picture size like
> 1280x640.
> Prevent this by using emulated edge in this case.
>
> Fixes: https://bugzilla.mozilla.org/show_bug.cgi?id=1881185
> Signed-off-by: Janne Grunau <janne-ffmpeg at jannau.net>
> ---
> libavcodec/vp9recon.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
patch LGTM
maybe could have ARCH_... && added to avoid evaluating the extra condition
when not needed
thx
PS: nice to see you again and merry christmess
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
If you drop bombs on a foreign country and kill a hundred thousand
innocent people, expect your government to call the consequence
"unprovoked inhuman terrorist attacks" and use it to justify dropping
more bombs and killing more people. The technology changed, the idea is old.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <https://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20241220/72d77551/attachment.sig>
More information about the ffmpeg-devel
mailing list