[Ffmpeg-devel] Possible bug in h264 dec
Thu Sep 29 05:09:03 CEST 2005
Runnning valgrind on a file, I got some invlid read.
It points to:
H264_CHROMA_MC8_TMPL in dsputil_h264_template_mmx.c called by
mc_dir_part in h264.c
In my opinion, I think it could come from here:
if( full_mx < 0-extra_width
|| full_my < 0-extra_height
|| full_mx + 16/*FIXME*/ > pic_width + extra_width
|| full_my + 16/*FIXME*/ > pic_height + extra_height)
"<" should become "<=" for the 2 FIXME. An index ( mx, my) ranging from
0-... is compared to a size ranging from 1-,,,
Applying my modification fix my invalid.
I would like to have have some input to know if my analysis make sens or
NOTE: I'me not using the latest version of CVS, but this line didn't change
in HEAD, and a friend told me he got similar result with HEAD version.
More information about the ffmpeg-devel