| Message ID | CALZjo7tK2cAZ+Wn_Tm=jBL3AAGBUUaJd2K6ns1JM6=a5wJaeAA@mail.gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [FFmpeg-devel] avfilter/opencl: Fix program_opencl for source code larger than 64kB | expand |
| Context | Check | Description |
|---|---|---|
| andriy/configure | warning | Failed to apply patch |
diff --git a/libavfilter/opencl.c b/libavfilter/opencl.c index 9c46cfdc09..8f05696e62 100644 --- a/libavfilter/opencl.c +++ b/libavfilter/opencl.c @@ -257,7 +257,7 @@ int ff_opencl_filter_load_program_from_file(AVFilterContext *avctx, goto fail; } pos += rb; - if (pos < len) + if (pos + 1 < len) break; len <<= 1;
avfilter/opencl: Fix program_opencl for source code larger than 64kB libavfilter/opencl.c:253: while (1) { rb = fread(src + pos, 1, len - pos - 1, file); if (rb == 0 && ferror(file)) { err = AVERROR(EIO); goto fail; } pos += rb; if (pos < len) break; len <<= 1; err = av_reallocp(&src, len); if (err < 0) goto fail; } In this code, the condition (pos < len) is always true and the rest of the OpenCL program code would not be read, while the maximum number of "rb" is "len - pos - 1", and then, the maximum number of the "pos" is "len - 1". Fixes: trac.ffmpeg.org/ticket/9217 --- libavfilter/opencl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) err = av_reallocp(&src, len);