ref: 36f42a3769e6f15ca4b9bd64d1bc26311ef588a5
parent: e2381829e984c58e54a7ad0580c168cb7432ef92
author: Angie Chiang <angiebird@google.com>
date: Fri Feb 8 05:25:56 EST 2019
Fix the bug for feature_score computation The visited is not set to 1 after an item is pushed into the heap. This may cause one item being pushed into the heap multiple times, which may incur buffer overflow and memory corruption. Change-Id: I443f1e5693856bb4066542403f98492d4daec69d
--- a/vp9/encoder/vp9_encoder.c
+++ b/vp9/encoder/vp9_encoder.c
@@ -6477,6 +6477,7 @@
FEATURE_SCORE_LOC *input) {int c, p;
FEATURE_SCORE_LOC *tmp;
+ input->visited = 1;
heap[*size] = input;
++*size;
c = *size - 1;
@@ -6580,8 +6581,6 @@
while (fs_loc_heap_size > 0) {FEATURE_SCORE_LOC *fs_loc;
max_heap_pop(cpi->feature_score_loc_heap, &fs_loc_heap_size, &fs_loc);
-
- fs_loc->visited = 1;
do_motion_search(cpi, td, frame_idx, ref_frame, bsize, fs_loc->mi_row,
fs_loc->mi_col);