diff mbox series

[FFmpeg-devel] avfilter/opencl: Fix program_opencl for source code larger than 64kB

Message ID CALZjo7tK2cAZ+Wn_Tm=jBL3AAGBUUaJd2K6ns1JM6=a5wJaeAA@mail.gmail.com
State New
Headers show
Series [FFmpeg-devel] avfilter/opencl: Fix program_opencl for source code larger than 64kB
Related show

Checks

Context Check Description
andriy/configure warning Failed to apply patch
andriy/configure warning Failed to apply patch

Commit Message

Tsutomu Seki May 6, 2021, 5:13 a.m. UTC
avfilter/opencl: Fix program_opencl for source code larger than 64kB

libavfilter/opencl.c:253:

    while (1) {
        rb = fread(src + pos, 1, len - pos - 1, file);
        if (rb == 0 && ferror(file)) {
            err = AVERROR(EIO);
            goto fail;
        }
        pos += rb;
        if (pos < len)
            break;
        len <<= 1;
        err = av_reallocp(&src, len);
        if (err < 0)
            goto fail;
    }

In this code, the condition (pos < len) is always true and the
rest of the OpenCL program code would not be read, while
the maximum number of "rb" is "len - pos - 1", and then, the
maximum number of the "pos" is "len - 1".

Fixes: trac.ffmpeg.org/ticket/9217
---
 libavfilter/opencl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

         err = av_reallocp(&src, len);
diff mbox series

Patch

diff --git a/libavfilter/opencl.c b/libavfilter/opencl.c
index 9c46cfdc09..8f05696e62 100644
--- a/libavfilter/opencl.c
+++ b/libavfilter/opencl.c
@@ -257,7 +257,7 @@  int
ff_opencl_filter_load_program_from_file(AVFilterContext *avctx,
             goto fail;
         }
         pos += rb;
-        if (pos < len)
+        if (pos + 1 < len)
             break;
         len <<= 1;