[FFmpeg-devel] libx264.c:encode_nals can overwrite buffers
Jason Garrett-Glaser
jason
Fri Dec 31 23:58:17 CET 2010
> --- libx264.c ? ?2010-12-31 22:28:07.000000000 +0000
> +++ libx264.c~ ? ?2010-12-26 16:32:46.000000000 +0000
> @@ -60,13 +60,8 @@
>
> ? ? /* Write the SEI as part of the first frame. */
> ? ? if (x4->sei_size > 0 && nnal > 0) {
> - ? ?if (size < x4->sei_size){
> - ? ? ? ?av_log(ctx, AV_LOG_ERROR, "supplied buffer too small\n");
> - ? ? ? ?return 0;
> - ? ?}
> ? ? ? ? memcpy(p, x4->sei, x4->sei_size);
> ? ? ? ? p += x4->sei_size;
> - ? ?size -= ?x4->sei_size;
> ? ? ? ? x4->sei_size = 0;
> ? ? }
>
> @@ -78,13 +73,8 @@
> ? ? ? ? ? ? memcpy(x4->sei, nals[i].p_payload, nals[i].i_payload);
> ? ? ? ? ? ? continue;
> ? ? ? ? }
> - ? ?if (size < nals[i].i_payload){
> - ? ? ? ?av_log(ctx, AV_LOG_ERROR, "supplied buffer too small\n");
> - ? ? ? ?return p - buf;
> - ? ?}
> ? ? ? ? memcpy(p, nals[i].p_payload, nals[i].i_payload);
> ? ? ? ? p += nals[i].i_payload;
> - ? ?size -= nals[i].i_payload;
> ? ? }
>
> ? ? return p - buf;
>
Your patch looks inverted.
Jason
More information about the ffmpeg-devel
mailing list