From 04fa2ecdf24a1c9656c37b29c73a0a4a4a4267c0 Mon Sep 17 00:00:00 2001
From: Adrian Grange <agrange@google.com>
Date: Thu, 31 May 2012 09:51:54 -0700
Subject: [PATCH] Fixed bug where invalid pointer is dereferenced

Variables m & mi were being dereferenced when they might
hold invalid values.

The fix is simply to move these dereferences to after the
point at which mb_row and mb_col are tested for validity.

Change-Id: Ib16561efa9792dc469759936189ea379d374ad20
---
 vp8/encoder/bitstream.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/vp8/encoder/bitstream.c b/vp8/encoder/bitstream.c
index d34aa91ace..f44705299f 100644
--- a/vp8/encoder/bitstream.c
+++ b/vp8/encoder/bitstream.c
@@ -872,10 +872,10 @@ static void pack_inter_mode_mvs(VP8_COMP *const cpi)
             // top-left, top-right, bottom-left, bottom-right
             for (i=0; i<4; i++)
             {
-                const MB_MODE_INFO *const mi = & m->mbmi;
-                const MV_REFERENCE_FRAME rf = mi->ref_frame;
-                const MB_PREDICTION_MODE mode = mi->mode;
-                const int segment_id = mi->segment_id;
+                MB_MODE_INFO *mi;
+                MV_REFERENCE_FRAME rf;
+                MB_PREDICTION_MODE mode;
+                int segment_id;
 
                 int dy = row_delta[i];
                 int dx = col_delta[i];
@@ -892,6 +892,11 @@ static void pack_inter_mode_mvs(VP8_COMP *const cpi)
                     continue;
                 }
 
+                mi = & m->mbmi;
+                rf = mi->ref_frame;
+                mode = mi->mode;
+                segment_id = mi->segment_id;
+
                 // Distance of Mb to the various image edges.
                 // These specified to 8th pel as they are always compared to MV
                 // values that are in 1/8th pel units
-- 
GitLab