OBS/obs-studio
OBS/obs-studio
1
0
Fork 0
mirror of https://github.com/obsproject/obs-studio.git synced 2024-07-19 17:49:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

win-capture/graphics-hook: Fix memory offset calculation

Browse source 
Fixes an issue where align_pos could be smaller than
sizeof(struct shmem_data), potentially overwriting memory of the header.

References jp9000/obs-studio#1202
This commit is contained in:
jp9000 2018-02-24 21:45:30 -08:00
parent d603ffc401
commit 8a16fa8341
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
plugins/win-capture/graphics-hook/graphics-hook.c
View file

@ -690,7 +690,7 @@ bool capture_init_shmem(struct shmem_data **data, HWND window,
uint32_t tex_size = cy * pitch;
uint32_t aligned_header = ALIGN(sizeof(struct shmem_data), 32);
uint32_t aligned_tex = ALIGN(tex_size, 32);
uint32_t total_size = aligned_header + aligned_tex * 2;
uint32_t total_size = aligned_header + aligned_tex * 2 + 32;
uintptr_t align_pos;
if (!init_shared_info(total_size)) {
@ -706,6 +706,9 @@ bool capture_init_shmem(struct shmem_data **data, HWND window,
align_pos &= ~(32 - 1);
align_pos -= (uintptr_t)shmem_info;
if (align_pos < sizeof(struct shmem_data))
align_pos += 32;
(*data)->last_tex = -1;
(*data)->tex1_offset = (uint32_t)align_pos;
(*data)->tex2_offset = (*data)->tex1_offset + aligned_tex;