[Ffmpeg-devel] Possible bug in h264 dec

Michael Niedermayer michaelni
Tue Jan 23 13:13:18 CET 2007


Hi

On Thu, Sep 29, 2005 at 03:09:03AM +0000, Francis Labonte wrote:
> Hi,
> 
> Runnning valgrind on a file, I got some invlid read.
> 
> It points to:
>   H264_CHROMA_MC8_TMPL in dsputil_h264_template_mmx.c called by
>   mc_dir_part in h264.c
> 
> In my opinion, I think it could come from here:
> 
>    if(   full_mx < 0-extra_width
>       || full_my < 0-extra_height
>       || full_mx + 16/*FIXME*/ > pic_width + extra_width
>       || full_my + 16/*FIXME*/ > pic_height + extra_height)
> 
> "<" should become "<=" for the 2 FIXME.  An index ( mx, my) ranging from 
> 0-... is compared to a size ranging from 1-,,,
> 
> Applying my modification fix my invalid.
> 
> I would like to have have some  input  to know if my analysis make sens or 
> not!

is this bug still happening if so please provide valgrind output with 
linenums (use ffmpeg_g) and provide the video file which triggers it

[...]
> NOTE: I'me not using the latest version of CVS, but this line didn't change 
> in HEAD, and a friend told me he got similar result with HEAD version.

and use latest svn or you will be ignored

[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

When the tyrant has disposed of foreign enemies by conquest or treaty, and
there is nothing more to fear from them, then he is always stirring up
some war or other, in order that the people may require a leader. -- Plato
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070123/532fdf53/attachment.pgp>



More information about the ffmpeg-devel mailing list