1
0
mirror of https://github.com/mpv-player/mpv synced 2025-01-27 18:13:15 +00:00
mpv/sub
Dudemanguy d1d2370d07 draw_bmp: ensure last slice width is less than total width
e97819f88e corrected a special case
condition that lead to an out of bounds access if the total width
happened to be an integer multiple of SLICE_W (256) which could cause a
crash in software VOs. However, it turns out that the functions in this
file evaluate quite differently when using encoding mode (and presumably
libmpv as well according to reports although I could not independently
verify it).

The logic here gets complicated but what ends up happening is that, in
blend_overlay_with_video, the value of x + w can be greater than p->w in
certain cases in encoding mode. The x is the positional value of the
slice which remained unchanged from before, but w can take the full
value of SLICE_W (256) which is not necessarily correct. The width of
the final slice here should be the total remaining width. We can handle
this in mark_rect by simply always adjusting x1 of the last slice to be
equal to total width - SLICE_W * x so it can never extend beyond where
it should be. In practice, this value should be the maximum allowed
here. I'm not sure if the existing x1 value can possibly already be
lower than SLICE_W, but just MPMIN it to be on the safe side.
Fixes #10908.
2023-01-03 01:08:46 +00:00
..
ass_mp.c sub: rename SUBBITMAP_RGBA to SUBBITMAP_BGRA 2022-01-11 23:45:08 +02:00
ass_mp.h command: extend osd-overlay command with bounds reporting 2020-03-06 18:20:11 +01:00
dec_sub.c options: only apply sub-visibility to primary subs 2022-01-22 16:22:25 +00:00
dec_sub.h options: only apply sub-visibility to primary subs 2022-01-22 16:22:25 +00:00
draw_bmp.c draw_bmp: ensure last slice width is less than total width 2023-01-03 01:08:46 +00:00
draw_bmp.h draw_bmp: make another small guarantee to users 2020-05-13 22:46:29 +02:00
filter_jsre.c sub: jsre filter: abort init early on empty filter list 2022-06-09 14:38:24 +03:00
filter_regex.c sub: sub-filter-regex and jsre: support ass-to-plaintext 2021-08-05 21:32:22 +03:00
filter_sdh.c various: remove trailing whitespace 2022-05-14 14:51:34 +00:00
img_convert.c
img_convert.h
lavc_conv.c ffmpeg: update to handle deprecation of av_init_packet 2022-12-03 14:44:18 -08:00
osd_font.otf osc: use custom symbols for window controls 2019-12-11 13:53:10 -08:00
osd_libass.c sub: use Unicode linebreaking for non-ASS subs and OSD 2022-09-19 15:56:38 +02:00
osd_state.h sub/osd: use atomic for osd_state.force_video_pts 2022-04-02 21:41:58 +03:00
osd.c sub/osd: use atomic for osd_state.force_video_pts 2022-04-02 21:41:58 +03:00
osd.h sub: rename SUBBITMAP_RGBA to SUBBITMAP_BGRA 2022-01-11 23:45:08 +02:00
sd_ass.c sd_ass: never mangle colours on RGB video 2022-11-05 09:32:05 -04:00
sd_lavc.c ffmpeg: update to handle deprecation of av_init_packet 2022-12-03 14:44:18 -08:00
sd.h sub: sub-filter-regex and jsre: support ass-to-plaintext 2021-08-05 21:32:22 +03:00