[FFmpeg-trac] #7327(undetermined:new): libavcodec/dxva2.c:ff_dxva2_commit_buffer()function has a potential Uninitialized variable use
FFmpeg
trac at avcodec.org
Thu Jul 26 12:38:49 EEST 2018
#7327: libavcodec/dxva2.c:ff_dxva2_commit_buffer()function has a potential
Uninitialized variable use
-------------------------------------+-------------------------------------
Reporter: fisher | Type: defect
Status: new | Priority: normal
Component: | Version:
undetermined | unspecified
Keywords: | Blocked By:
Blocking: | Reproduced by developer: 0
Analyzed by developer: 0 |
-------------------------------------+-------------------------------------
here is the code snippet of ff_dxva2_commit_buffer()function.In the
function,if CONFIG_D3D11VA and CONFIG_DXVA2 are false, |dxva_data| and
|dxva_size| will be used without be assigned a value. In memcpy(dxva_data,
data, size); code,it may write value to some uncontroled address.
int ff_dxva2_commit_buffer(AVCodecContext *avctx,
AVDXVAContext *ctx,
DECODER_BUFFER_DESC *dsc,
unsigned type, const void *data, unsigned size,
unsigned mb_count)
{
void *dxva_data;
unsigned dxva_size;
int result;
HRESULT hr = 0;
#if CONFIG_D3D11VA
if (ff_dxva2_is_d3d11(avctx))
hr =
ID3D11VideoContext_GetDecoderBuffer(D3D11VA_CONTEXT(ctx)->video_context,
D3D11VA_CONTEXT(ctx)->decoder,
type,
&dxva_size, &dxva_data);
#endif
#if CONFIG_DXVA2
if (avctx->pix_fmt == AV_PIX_FMT_DXVA2_VLD)
hr = IDirectXVideoDecoder_GetBuffer(DXVA2_CONTEXT(ctx)->decoder,
type,
&dxva_data, &dxva_size);
#endif
if (FAILED(hr)) {
av_log(avctx, AV_LOG_ERROR, "Failed to get a buffer for %u:
0x%x\n",
type, (unsigned)hr);
return -1;
}
if (size <= dxva_size) {
memcpy(dxva_data, data, size);
--
Ticket URL: <https://trac.ffmpeg.org/ticket/7327>
FFmpeg <https://ffmpeg.org>
FFmpeg issue tracker
More information about the FFmpeg-trac
mailing list