Plugins (alphablend): Fix blending and associated crashes due to buffer overruns #383
Conversation
| uint8_t *dest_row_ptr = visual_video_get_pixels (dest); | ||
|
|
||
| uint8_t alpha = progress * 255; | ||
| BlendFunc blend_func = get_blend_func (depth); |
There was a problem hiding this comment.
get_blend_func can return NULL. If we keep allowing it to, we likely need a check for NULL somewhere around here?
There was a problem hiding this comment.
The default case is unreachable and largely included to silence compiler warnings about enum values unaccounted for (e.g. VISUAL_VIDEO_DEPTH_NONE and VISUAL_DEPTH_NONE_ALL).
We don't have unreachable() in C99 or C11 so I returned a NULL instead. Would you prefer abort()?
There was a problem hiding this comment.
@kaixiong I would favor some flavor of abort or assert — something with a message —, yes, maybe using libvisual's log_and_exit? (Maybe we need one more check for that for lv_checks.h.)
There was a problem hiding this comment.
@hartwork I've added a critical log message followed by abort().
I spent some time thinking about the general approach of a portable unreachable() function that defaults to log-and-abort in debug builds... but I've ultimately concluded that for now, we should keep the change small for this PR 😄
kaixiong
force-pushed
the
fix-alphablend-blending
branch
from
f587e7b to
bc7775b
Compare
… the given pixel count.
… to `n` to mirror similar functions.
kaixiong
force-pushed
the
fix-alphablend-blending
branch
from
bc7775b to
aba8a84
Compare
The alphablend morph uses the blending routines
visual_alpha_blend_nn()wrongly. It passes the pixel buffer size in bytes instead of pixel count for thesizeparameter. Since buffer size is always equal or greater than pixel count (bytes per pixel >= 1 and row padding >= 0), this causes buffer overruns.