[libav-devel] libavfilter - avfilter_merge_formats heap corruption
Robert Nagy
ronag89 at gmail.com
Tue Nov 22 23:04:59 CET 2011
I have encountered a heap corruption bug with avfilter_merge_formats.
At the end of:
for (i = 0; i < a->format_count; i++)
{
for (j = 0; j < b->format_count; j++)
{
if (a->formats[i] == b->formats[j])
ret->formats[k++] = a->formats[i];
}
}
k = 49, however it has only allocated room for 16 elements in ret->formats.
This error occurs when I call "avfilter_graph_parse" with "yadif=0:-1" as
filter and then "avfilter_graph_config" where the heap corruption occurs.
I got this problem after updating to the latest revision with version
"2.49.0", it worked without problem with an older revision with version
"2.43.2".
The builds I use are from http://ffmpeg.zeranoe.com/builds/.
/Robert
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.libav.org/pipermail/libav-devel/attachments/20111122/ceb6eb7d/attachment.html>
More information about the libav-devel
mailing list