falkTX
/
FFmpeg
mirror of https://github.com/falkTX/FFmpeg.git
1
0
Fork 0
Code Issues 0 Releases 338 Wiki Activity
Browse Source

avcodec/mjpegdec: use the correct linesize in the flipping code 

Fixes out of array access
No releases should be affected
Depends on 7c3700cd1d8683966b21fffbf02e326d0bd14e06, do not backport without this one

Fixes: asan_heap-oob_14a37fe_9111_cov_1692584941_test4.amv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
tags/n2.2-rc1
Michael Niedermayer 11 years ago
parent
f58eab1512
commit
19b41f8645
1 changed files with 3 additions and 3 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -3
      libavcodec/mjpegdec.c

+ 3
- 3
libavcodec/mjpegdec.c View File

@@ -2052,12 +2052,12 @@ the_end:
h = FF_CEIL_RSHIFT(h, vshift);
}
if(dst){
uint8_t *dst2 = dst + s->linesize[index]*(h-1);
uint8_t *dst2 = dst + s->picture_ptr->linesize[index]*(h-1);
for (i=0; i<h/2; i++) {
for (j=0; j<w; j++)
FFSWAP(int, dst[j], dst2[j]);
dst += s->linesize[index];
dst2 -= s->linesize[index];
dst += s->picture_ptr->linesize[index];
dst2 -= s->picture_ptr->linesize[index];
}
}
}


Write Preview
Loading…
Cancel
Save