GNOME Bugzilla – Bug 633837
videoscale: invalid reads after conversion to orc linear scaling
Last modified: 2011-04-24 13:23:57 UTC
~/gst/git/gst-plugins-base/tests/check$ make elements/videoscale.valgrind Running suite(s): videoscale ==17342== Invalid read of size 8 ==17342== at 0x402E5B0: ??? (in /tmp/orcexec.exteya (deleted)) ==17342== by 0x8442967: gst_videoscale_orc_resample_bilinear_u32 (tmp-orc.c:1252) ==17342== by 0x843A5DA: vs_image_scale_linear_RGBA (vs_image.c:110) ==17342== Address 0x7479010 is 0 bytes inside a block of size 4 alloc'd ==17342== ==17344== Invalid read of size 1 ==17344== at 0x843CC18: vs_scanline_resample_4tap_RGBA (vs_4tap.c:339) ==17344== by 0x843CECC: vs_image_scale_4tap_RGBA (vs_4tap.c:407) ==17344== Address 0x7467c94 is 0 bytes after a block of size 4 alloc'd ==17344== ==17344== Invalid read of size 1 ==17344== at 0x843D2E8: vs_scanline_resample_4tap_RGB (vs_4tap.c:462) ==17344== by 0x843D57C: vs_image_scale_4tap_RGB (vs_4tap.c:530) ==17344== Address 0x7df9294 is 0 bytes after a block of size 4 alloc'd ==17344== ==17344== Invalid read of size 1 ==17344== at 0x843DDAE: vs_scanline_resample_4tap_YUYV (vs_4tap.c:643) ==17344== by 0x843E27C: vs_image_scale_4tap_YUYV (vs_4tap.c:728) ==17344== Address 0x772b884 is 0 bytes after a block of size 4 alloc'd ==17344== ==17344== etc.
Oops, forgot to fix this. Patch shortly.
I have a simple patch for some of the invalid reads which are actually errors. There's a much larger set of invalid reads which are reading past the end of the array, but multiplying that number by 0. These are straightforward to fix, but will require a rather invasive patch.
Created attachment 186529 [details] [review] patch
Created attachment 186530 [details] [review] protect 4tap from out of bounds reads
Created attachment 186533 [details] [review] videoscale: hack to fix invalid reads in linear I figured out a different way that is minimally invasive. With these three patches, the videoscale test is valgrind-clean.
Cool, thanks: commit d4dbebc606bdae6a765eada22e49787b47e277f1 Author: David Schleef <ds@schleef.org> Date: Sat Apr 23 13:42:23 2011 -0700 videoscale: hack to fix invalid reads in linear https://bugzilla.gnome.org/show_bug.cgi?id=633837 commit ce9406f4d631ab90446107772e3cee6b9edaf4f1 Author: David Schleef <ds@schleef.org> Date: Sat Apr 23 12:46:09 2011 -0700 videoscale: protect 4tap from out-of-bounds reads https://bugzilla.gnome.org/show_bug.cgi?id=633837 commit 8264d59aab396c287c86e24d6b5096ca83c472b9 Author: David Schleef <ds@schleef.org> Date: Sat Apr 23 12:44:50 2011 -0700 videoscale: use simpler scaling method for small images https://bugzilla.gnome.org/show_bug.cgi?id=633837