checkasm/sw_scale: Fix stack-buffer-overflow
authorAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Tue, 19 May 2020 06:30:05 +0000 (08:30 +0200)
committerAndreas Rheinhardt <andreas.rheinhardt@gmail.com>
Wed, 20 May 2020 21:18:50 +0000 (23:18 +0200)
A buffer whose size is not a multiple of four has been initialized using
consecutive writes of 32bits. This results in a stack-buffer-overflow
reported by ASAN in the checkasm-sw_scale FATE-test.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
tests/checkasm/sw_scale.c

index 2680e47..9efa2b4 100644 (file)
@@ -53,7 +53,7 @@ static void check_hscale(void)
     struct SwsContext *ctx;
 
     // padded
-    LOCAL_ALIGNED_32(uint8_t, src, [SRC_PIXELS + MAX_FILTER_WIDTH - 1]);
+    LOCAL_ALIGNED_32(uint8_t, src, [FFALIGN(SRC_PIXELS + MAX_FILTER_WIDTH - 1, 4)]);
     LOCAL_ALIGNED_32(uint32_t, dst0, [SRC_PIXELS]);
     LOCAL_ALIGNED_32(uint32_t, dst1, [SRC_PIXELS]);