[FFmpeg-devel] [PATCH] lavfi/perlin: Fix out of bounds stack buffer write
Stefano Sabatini
stefasab at gmail.com
Sat Jul 6 12:26:00 EEST 2024
On date Tuesday 2024-07-02 20:38:00 +0200, Marvin Scholz wrote:
> An incorrect calculation in ff_perlin_init causes a write to the
> stack array at index 256, which is out of bounds.
>
> Fixes: CID1608711
> ---
> libavfilter/perlin.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libavfilter/perlin.c b/libavfilter/perlin.c
> index 09bae7ad33..ffad8c1e4e 100644
> --- a/libavfilter/perlin.c
> +++ b/libavfilter/perlin.c
> @@ -129,7 +129,7 @@ int ff_perlin_init(FFPerlin *perlin, double period, int octaves, double persiste
> for (i = 0; i < 256; i++) {
> unsigned int random_idx = av_lfg_get(&lfg) % (256-i);
> uint8_t random_val = random_permutations[random_idx];
> - random_permutations[random_idx] = random_permutations[256-i];
> + random_permutations[random_idx] = random_permutations[255-i];
>
> perlin->permutations[i] = perlin->permutations[i+256] = random_val;
> }
Looks good, thanks.
More information about the ffmpeg-devel
mailing list