Browse code
avfilter/vf_scale_npp: fix out-of-bounds reads
Fixes CIDs 1396414 and 1396415
Timo Rothenpieler authored on 2017/06/11 21:56:44Showing 1 changed files
| ... | ... |
@@ -400,7 +400,7 @@ static int nppscale_resize(AVFilterContext *ctx, NPPScaleStageContext *stage, |
| 400 | 400 |
NppStatus err; |
| 401 | 401 |
int i; |
| 402 | 402 |
|
| 403 |
- for (i = 0; i < FF_ARRAY_ELEMS(in->data) && in->data[i]; i++) {
|
|
| 403 |
+ for (i = 0; i < FF_ARRAY_ELEMS(stage->planes_in) && i < FF_ARRAY_ELEMS(in->data) && in->data[i]; i++) {
|
|
| 404 | 404 |
int iw = stage->planes_in[i].width; |
| 405 | 405 |
int ih = stage->planes_in[i].height; |
| 406 | 406 |
int ow = stage->planes_out[i].width; |