ref: 95b4cf059cc2cb71ff49b818df4d285ced299cfc
parent: 7748d833e8dc61c6169529dc105aacea006ee455
author: Adrian Grange <agrange@google.com>
date: Fri Dec 9 07:47:57 EST 2011
Fix out of bounds read in update_mbgraph_frame_stats update_mbgraph_frame_stats used xd->mode_info_context before it had been setup, resulting in potentially random accesses of uninitialized memory. This fix allocates a local MODE_INFO structure to hold the data generated in the function. Change-Id: Ic9e75610008ce0e2d690e8e583c21582fee6fc45
--- a/vp8/encoder/mbgraph.c
+++ b/vp8/encoder/mbgraph.c
@@ -331,6 +331,7 @@
int mb_col, mb_row, offset = 0;
int mb_y_offset = 0, arf_y_offset = 0, gld_y_offset = 0;
int_mv arf_top_mv, gld_top_mv;
+ MODE_INFO mi_local;
// Set up limit values for motion vectors to prevent them extending outside the UMV borders
arf_top_mv.as_int = 0;
@@ -341,6 +342,7 @@
xd->dst.y_stride = buf->y_stride;
xd->pre.y_stride = buf->y_stride;
xd->dst.uv_stride = buf->uv_stride;
+ xd->mode_info_context = &mi_local;
for (mb_row = 0; mb_row < cm->mb_rows; mb_row++)
{