[FFmpeg-trac] #3152(avcodec:new): Pointer overflow in libavcodec/mpegvideo.c

FFmpeg trac at avcodec.org
Tue Nov 19 23:34:17 CET 2013

#3152: Pointer overflow in libavcodec/mpegvideo.c
             Reporter:  dtzWill     |                    Owner:
                 Type:  defect      |                   Status:  new
             Priority:  normal      |                Component:  avcodec
              Version:  git-master  |               Resolution:
             Keywords:              |               Blocked By:
             Blocking:              |  Reproduced by developer:  0
Analyzed by developer:  0           |

Comment (by cehoyos):

 {{{s->current_picture.f.data[0]}}} and {{{s->mb_x}}} are both 0 when
 running {{{fate-vsynth1-svq1}}}, the line in question is:
 s->dest[0] = s->current_picture.f.data[0] + ((s->mb_x - 1) <<  mb_size);

 Does "undefined behaviour" mean that {{{s->dest[0]}}} has no defined
 content after the operation or that the operation may eat your cat?

Ticket URL: <https://ffmpeg.org/trac/ffmpeg/ticket/3152#comment:3>
FFmpeg <http://ffmpeg.org>
FFmpeg issue tracker

More information about the FFmpeg-trac mailing list