From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ffbox0-bg.mplayerhq.hu (ffbox0-bg.ffmpeg.org [79.124.17.100]) by master.gitmailbox.com (Postfix) with ESMTP id 8E07D4334F for ; Wed, 1 Jun 2022 18:32:59 +0000 (UTC) Received: from [127.0.1.1] (localhost [127.0.0.1]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTP id 9275168B7AD; Wed, 1 Jun 2022 21:32:58 +0300 (EEST) Received: from mail-ej1-f47.google.com (mail-ej1-f47.google.com [209.85.218.47]) by ffbox0-bg.mplayerhq.hu (Postfix) with ESMTPS id D7E4168B6E6 for ; Wed, 1 Jun 2022 21:32:51 +0300 (EEST) Received: by mail-ej1-f47.google.com with SMTP id q1so5486359ejz.9 for ; Wed, 01 Jun 2022 11:32:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=0YAy1I9PSExoCH+nFBflJ0HNIKiNmkN5DTo9m06EPHk=; b=AoWLqC9NkXzRKVPUHIvmTnH6Tf71XEM+a8S/rDEYkbip5dQzhcpgnqhsqEdk1LBfUN oAT3Q13BDUd04R62aFxv/RIdBD8Cm/a6Iuhr2otfDX6j4bgg3XB4jtL143jU7bOw5Ngc 6iSlrbeQyzo/HayprNfDlGgLYdhNTpecZAzowUc8aW0CxIB4B8KNgIAQoIoF6m6X+oMO L4iuHl6xyu9Z8pUieM4ll9sQPsH4G6wceCbwgo07KRGcOBUGcgTiubLxy7OAq/fd03vb H4c832aqLWFU/0kjR8Og+vrDBa6ZoxVLd2oirmSxia1JUK5jnpa5/EdvWedgDA8VWGrV awoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=0YAy1I9PSExoCH+nFBflJ0HNIKiNmkN5DTo9m06EPHk=; b=CtpacUey0LH8CsilOo8FkqWHxu4XvbxyV84bynKljl+RxAgiVcuVv2K2vE+eINA42W f9UvEAs+gUvOcybrpFjh6/+dIwW8ZKeAfhcIfXM+5nEqrNAmG60DunXhLqhJlp+AYise LEgkUpVFrgRBvTaigzmKqXmesYHqDY/z9p4n4DQ0A0CMgK9C4DdYfjlCmW9O+1psWylk iJ1MJSSu58ShslyKGu+PGeFcbvC6tcUNjU8QDUHIboLhk66bn561OCd9owhWivGgJAU1 5LPXVvIVPIXI9Pu3gcexPK8F7HwsvwV5Z9MXgJWr3OZdod0nN3X36BHuHTngvppNyO0N xhUQ== X-Gm-Message-State: AOAM5331qDrHr2h040JJY5v65UafuuVtrvxAph9hUDw5G+AQKtaYrb5l Rsz4OfvHWyvTRhKKSRpEcr+LI6RWUrauyZfssowG9qfo X-Google-Smtp-Source: ABdhPJyjI/uY0Uu7eCGChFEaOgWAgItgW02KnnTtocHWaNNENycudwuVQlw91Z+6LDkYcmwvzdeXS4p1zDqvvqWA9kM= X-Received: by 2002:a17:906:478b:b0:6f8:5850:4da9 with SMTP id cw11-20020a170906478b00b006f858504da9mr758276ejc.619.1654108370371; Wed, 01 Jun 2022 11:32:50 -0700 (PDT) MIME-Version: 1.0 References: <20220531124104.56189-1-rsbultje@gmail.com> <20220531132130.60467-1-rsbultje@gmail.com> In-Reply-To: <20220531132130.60467-1-rsbultje@gmail.com> From: "Ronald S. Bultje" Date: Wed, 1 Jun 2022 14:32:37 -0400 Message-ID: To: FFmpeg development discussions and patches X-Content-Filtered-By: Mailman/MimeDel 2.1.29 Subject: Re: [FFmpeg-devel] [PATCH] vp9: don't overread by 4 pixels in ff_vp9_avg4_mmxext(). X-BeenThere: ffmpeg-devel@ffmpeg.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: FFmpeg development discussions and patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: FFmpeg development discussions and patches Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: ffmpeg-devel-bounces@ffmpeg.org Sender: "ffmpeg-devel" Archived-At: List-Archive: List-Post: Hi, On Tue, May 31, 2022 at 9:21 AM Ronald S. Bultje wrote: > If the block is at the end of the allocated buffer and there is no > padding, this will over-read, which may cause crashes. Reported by > Firefox. > --- > libavcodec/x86/vp9mc.asm | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/libavcodec/x86/vp9mc.asm b/libavcodec/x86/vp9mc.asm > index f64161b2c2..efc4cfbef1 100644 > --- a/libavcodec/x86/vp9mc.asm > +++ b/libavcodec/x86/vp9mc.asm > @@ -604,7 +604,12 @@ cglobal vp9_%1%2 %+ %%szsuf, 5, 5, %8, dst, dstride, > src, sstride, h > %%pavg m0, [dstq] > %%pavg m1, [dstq+d%3] > %%pavg m2, [dstq+d%4] > +%if %2 == 4 > + %%srcfn m4, [dstq+d%5] > + %%pavg m3, m4 > +%else > %%pavg m3, [dstq+d%5] > +%endif > %if %2/mmsize == 8 > %%pavg m4, [dstq+mmsize*4] > %%pavg m5, [dstq+mmsize*5] > -- > 2.34.1 > Merged. Ronald _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".