ref: 52add5896661d186dec284ed646a4b33b607d2c7
parent: 276cafb7a764cd476c5167a77660984a9cf98ad5
author: Jerome Jiang <[email protected]>
date: Wed May 23 11:43:00 EDT 2018
VP8: Fix use-after-free in postproc. The pointer in vp8 postproc refers to show_frame_mi which is only updated on show frame. However, when there is a no-show frame which also changes the size (thus new frame buffers allocated), show_frame_mi is not updated with new frame buffer memory. Change the pointer in postproc to mi which is always updated. Bug: 842265 Change-Id: I33874f2112b39f74562cba528432b5f239e6a7bd
--- a/vp8/common/postproc.c
+++ b/vp8/common/postproc.c
@@ -65,7 +65,7 @@
double level = 6.0e-05 * q * q * q - .0067 * q * q + .306 * q + .0065;
int ppl = (int)(level + .5);
- const MODE_INFO *mode_info_context = cm->show_frame_mi;
+ const MODE_INFO *mode_info_context = cm->mi;
int mbr, mbc;
/* The pixel thresholds are adjusted according to if or not the macroblock