[FFmpeg-devel] [PATCH] lavc/vvc: Increase IntraEdgeParams buffer size
Frank Plowman
post at frankplowman.com
Tue Jan 30 01:22:00 EET 2024
The reference line buffers are used with indices in the range
-MAX_TB_SIZE - 3 to refw + FFMAX(1, w/h) * ref_idx + 1, which is
at most 5*MAX_TB_SIZE + 1.
Fixes buffer overflows.
http://fate.ffmpeg.org/report.cgi?slot=armv7-linux-gcc-9&time=20240124051736
---
libavcodec/vvc/vvcdsp.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/libavcodec/vvc/vvcdsp.c b/libavcodec/vvc/vvcdsp.c
index c82ea7be30..56e71d5163 100644
--- a/libavcodec/vvc/vvcdsp.c
+++ b/libavcodec/vvc/vvcdsp.c
@@ -87,10 +87,10 @@ typedef struct IntraEdgeParams {
uint8_t* left;
int filter_flag;
- uint16_t left_array[3 * MAX_TB_SIZE + 3];
- uint16_t filtered_left_array[3 * MAX_TB_SIZE + 3];
- uint16_t top_array[3 * MAX_TB_SIZE + 3];
- uint16_t filtered_top_array[3 * MAX_TB_SIZE + 3];
+ uint16_t left_array[6 * MAX_TB_SIZE + 5];
+ uint16_t filtered_left_array[6 * MAX_TB_SIZE + 5];
+ uint16_t top_array[6 * MAX_TB_SIZE + 5];
+ uint16_t filtered_top_array[6 * MAX_TB_SIZE + 5];
} IntraEdgeParams;
#define PROF_BORDER_EXT 1
--
2.43.0
More information about the ffmpeg-devel
mailing list