fix: SHM padding covers both alignment adjustments (PR #4788)

mem_size only reserved 64 bytes of slack for the 64-byte alignment of shared_images, but the code subsequently rounds image_pixelformats up to alignof(AVPixelFormat) too. In the worst case shared_images shifts by 63 bytes and image_pixelformats shifts by alignof(AVPixelFormat)-1 more, which could push image_pixelformats / alarm_image_pixelformat past the end of the mapped region. Reserve 63 + (alignof(AVPixelFormat) - 1) bytes so both adjustments fit. refs #4788 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-06-23 04:59:37 -04:00 · 2026-05-31 08:27:12 -04:00
parent f794e260cc
commit fb7b1d1c77
1 changed files with 8 additions and 1 deletions
--- a/src/zm_monitor.cpp
+++ b/src/zm_monitor.cpp
@@ -1019,7 +1019,14 @@ bool Monitor::connect() {
             + (image_buffer_count*image_size) // alarm_images
             + (image_buffer_count*sizeof(AVPixelFormat)) // per-slot capture pix fmt
             + sizeof(AVPixelFormat) // alarm_image pix fmt (cross-process sync)
-             + 64; /* Padding used to permit aligning the images buffer to 64 byte boundary */
+             // Padding covers two independent alignment adjustments:
+             //   * up to 63 bytes to push shared_images to a 64-byte boundary
+             //   * up to alignof(AVPixelFormat)-1 bytes to push
+             //     image_pixelformats to its required alignment after the
+             //     image_size-stride run of bytes.
+             // Reserve the worst case so neither adjustment can run past the
+             // mapped region.
+             + 63 + (alignof(AVPixelFormat) - 1);

  Debug(1,
        "SharedData=%zu "