[x265] [PATCH] Fix buffer size and Frame out of bound access issue

Uthayakumar Muthu uthayakumar.muthu at multicorewareinc.com
Tue Jan 7 11:53:10 UTC 2025 

>From 3199e76b1499615d3448a93768765cdaee51aca4 Mon Sep 17 00:00:00 2001
From: Uthayakumar Muthu <uthayakumar.muthu at multicorewareinc.com>
Date: Wed, 18 Dec 2024 11:29:55 +0530
Subject: [PATCH] Fix the buffer size and frame out of bound access issue

---
 source/encoder/encoder.cpp      | 4 ++--
 source/encoder/frameencoder.cpp | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/source/encoder/encoder.cpp b/source/encoder/encoder.cpp
index 2e65cb1a9..e6619e7c7 100644
--- a/source/encoder/encoder.cpp
+++ b/source/encoder/encoder.cpp
@@ -2715,14 +2715,14 @@ char* Encoder::statsString(EncStats& stat, char* buffer, size_t bufferSize)

     if (m_param->bEnablePsnr)
     {
-        len += snprintf(buffer + len, sizeof(buffer) - len,"  PSNR Mean: Y:%.3lf U:%.3lf V:%.3lf",
+        len += snprintf(buffer + len, bufferSize - len,"  PSNR Mean: Y:%.3lf U:%.3lf V:%.3lf",
                        stat.m_psnrSumY / (double)stat.m_numPics,
                        stat.m_psnrSumU / (double)stat.m_numPics,
                        stat.m_psnrSumV / (double)stat.m_numPics);
     }
     if (m_param->bEnableSsim)
     {
-        snprintf(buffer + len, sizeof(buffer) - len, "  SSIM Mean: %.6lf (%.3lfdB)",
+        snprintf(buffer + len, bufferSize - len, "  SSIM Mean: %.6lf (%.3lfdB)",
                 stat.m_globalSsim / (double)stat.m_numPics,
                 x265_ssim2dB(stat.m_globalSsim / (double)stat.m_numPics));
     }
diff --git a/source/encoder/frameencoder.cpp b/source/encoder/frameencoder.cpp
index 5749f994e..9188f4c8c 100644
--- a/source/encoder/frameencoder.cpp
+++ b/source/encoder/frameencoder.cpp
@@ -2435,7 +2435,7 @@ void FrameEncoder::vmafFrameLevelScore()

 Frame** FrameEncoder::getEncodedPicture(NALList& output)
 {
-    if (m_frame[0] && (m_param->numLayers <= 1 || m_frame[1]))
+    if (m_frame[0] && (m_param->numLayers <= 1 || (MAX_LAYERS > 1 && m_frame[1])))
     {
         /* block here until worker thread completes */
         m_done.wait();
--
2.39.2



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.videolan.org/pipermail/x265-devel/attachments/20250107/82461d36/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-the-buffer-size-and-frame-out-of-bound-access-is.patch
Type: application/octet-stream
Size: 2008 bytes
Desc: 0001-Fix-the-buffer-size-and-frame-out-of-bound-access-is.patch
URL: <http://mailman.videolan.org/pipermail/x265-devel/attachments/20250107/82461d36/attachment-0001.obj>

More information about the x265-devel mailing list