From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 9CF15477E0 for ; Fri, 22 Dec 2023 21:45:12 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 1172C68D2CB; Fri, 22 Dec 2023 23:45:10 +0200 (EET) Received: from relay6-d.mail.gandi.net (relay6-d.mail.gandi.net [217.70.183.198]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id E46AC68D280 for ; Fri, 22 Dec 2023 23:45:03 +0200 (EET) Received: by mail.gandi.net (Postfix) with ESMTPSA id 25462C0004 for ; Fri, 22 Dec 2023 21:45:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=niedermayer.cc; s=gm1; t=1703281503; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=sskTwQX8km64gT0Xe46T6NoMIKTpPQd1hYWXWnKnSFs=; b=mcFqL0P0KqfMJXC6MPFVdkWL5OG3+7hOh8yefkkoX+UOmG8kPzf5k5jsPTTzXrhr22F1OI +wNSlxQLKB4XPxZ4mjbVyV9YdgVOy732lujDvJz8+Mg9oHBlhVVow2bLzQgjucmwDOT54u fC1wAejeB6qY1ZrnYadoIHTzvPUDH1N6VHu3hp69CwDPAJf4DDEnVtGKn+5OtX+6w6vpep 84TcyVe/tTyKuY6Se9BEE+flNBpMfNtKCNHTlGPnZjpwMaXBUyLGpeegvykZr9HPGrMdVT CwDI6DEoi2Aet3eGSmPZlfqDNkVFVl4YDbCbOohViPnRSfUIerjHGOLoM29tCQ== From: Michael Niedermayer To: FFmpeg development discussions and patches Date: Fri, 22 Dec 2023 22:44:59 +0100 Message-Id: <20231222214502.24596-1-michael@niedermayer.cc> X-Mailer: git-send-email 2.17.1 X-GND-Sasl: michael@niedermayer.cc Subject: [FFmpeg-devel] [PATCH 1/4] avfilter/af_alimiter: Check nextpos before use X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Fixes: out of array read Fixes: tickets/10744/poc11ffmpeg Found-by: Li Zeyuan and Zeng Yunxiang. Signed-off-by: Michael Niedermayer --- libavfilter/af_alimiter.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/libavfilter/af_alimiter.c b/libavfilter/af_alimiter.c index f08893229de..9a867047643 100644 --- a/libavfilter/af_alimiter.c +++ b/libavfilter/af_alimiter.c @@ -195,9 +195,10 @@ static int filter_frame(AVFilterLink *inlink, AVFrame *in) int j = i % buffer_size; double ppeak = 0, pdelta; - for (c = 0; c < channels; c++) { - ppeak = FFMAX(ppeak, fabs(buffer[nextpos[j] + c])); - } + if (nextpos[j] >= 0) + for (c = 0; c < channels; c++) { + ppeak = FFMAX(ppeak, fabs(buffer[nextpos[j] + c])); + } pdelta = (limit / peak - limit / ppeak) / (((buffer_size - nextpos[j] + s->pos) % buffer_size) / channels); if (pdelta < nextdelta[j]) { nextdelta[j] = pdelta; -- 2.17.1 _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".