| commit | 91f55e4dec9c3382815041a5f0e376bebafe3df0 | [log] [tgz] |
|---|---|---|
| author | Austin Orion <auorion@microsoft.com> | Fri Jan 07 23:05:07 2022 |
| committer | WebRTC LUCI CQ <webrtc-scoped@luci-project-accounts.iam.gserviceaccount.com> | Mon Jan 10 20:52:24 2022 |
| tree | 9727286a3bdcd8037e18e53ee16177301660cb4f | |
| parent | b7fb538abb20d3d5dc64ecb201a1d933ac0f8e39 [diff] |
Avoid container-overflow in WgcCaptureSession::GetFrame ASAN is throwing a container-overflow because we are accessing a region in the vector that is valid but does not have an element. We can avoid this by using resize instead of reserve. See the documentation for container-overflow for more details: https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow#:~:text=One%20kind%20of%20bugs%20that%20AddressSanitizer%20can%20find,outside%20of%20the%20current%20container%20bounds.%20Simplest%20example%3A Bug: webrtc:13541 Change-Id: Id11def90ef8c2cfec9c20f38384547ce6c37b980 Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/244861 Reviewed-by: Alexander Cooper <alcooper@chromium.org> Commit-Queue: Austin Orion <auorion@microsoft.com> Cr-Commit-Position: refs/heads/main@{#35654}
diff --git a/modules/desktop_capture/win/wgc_capture_session.cc b/modules/desktop_capture/win/wgc_capture_session.cc index 22dbf90..09c336f 100644 --- a/modules/desktop_capture/win/wgc_capture_session.cc +++ b/modules/desktop_capture/win/wgc_capture_session.cc
@@ -290,7 +290,7 @@ // unmap our texture. uint8_t* src_data = static_cast<uint8_t*>(map_info.pData); std::vector<uint8_t> image_data; - image_data.reserve(image_height * row_data_length); + image_data.resize(image_height * row_data_length); uint8_t* image_data_ptr = image_data.data(); for (int i = 0; i < image_height; i++) { memcpy(image_data_ptr, src_data, row_data_length);