[Libva] [PATCH] vc1: fix bitplane buffer size (SNB, IVB).
Gwenole Beauchesne
gb.devel at gmail.com
Thu Feb 23 01:18:15 PST 2012
This fixes buffer overflow in the newly allocated Gen buffer that holds
VC-1 bitplanes.
Signed-off-by: Gwenole Beauchesne <gwenole.beauchesne at intel.com>
Pushed as obvious.
Regards,
Gwenole.
---
NEWS | 1 +
src/gen6_mfd.c | 2 +-
src/gen7_mfd.c | 2 +-
3 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/NEWS b/NEWS
index 8c5ac97..806ad43 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,7 @@ libva-driver-intel NEWS -- summary of changes. 2012-02-DD
Copyright (C) 2009-2011 Intel Corporation
Version 1.0.16 - DD.Feb.2012
+* Fix VC-1 bitplane buffer size (SNB, IVB)
* Fix VC-1 motion vector modes for Ivy Bridge
* Fix MFX_QM_STATE for H.264 flat scaling lists (IVB)
* Fix and simplify AVC_REF_IDX_STATE setup (ILK, SNB, IVB)
diff --git a/src/gen6_mfd.c b/src/gen6_mfd.c
index 8280771..c87a65f 100644
--- a/src/gen6_mfd.c
+++ b/src/gen6_mfd.c
@@ -1502,7 +1502,7 @@ gen6_mfd_vc1_decode_init(VADriverContextP ctx,
bo = dri_bo_alloc(i965->intel.bufmgr,
"VC-1 Bitplane",
- bitplane_width * bitplane_width,
+ bitplane_width * height_in_mbs,
0x1000);
assert(bo);
gen6_mfd_context->bitplane_read_buffer.bo = bo;
diff --git a/src/gen7_mfd.c b/src/gen7_mfd.c
index 02047c1..7b89e1c 100644
--- a/src/gen7_mfd.c
+++ b/src/gen7_mfd.c
@@ -1469,7 +1469,7 @@ gen7_mfd_vc1_decode_init(VADriverContextP ctx,
bo = dri_bo_alloc(i965->intel.bufmgr,
"VC-1 Bitplane",
- bitplane_width * bitplane_width,
+ bitplane_width * height_in_mbs,
0x1000);
assert(bo);
gen7_mfd_context->bitplane_read_buffer.bo = bo;
--
1.7.5.4
More information about the Libva
mailing list