From 6e29e26ec330243e7cd9c31317110153d22369ea Mon Sep 17 00:00:00 2001
From: Arnaud Bienner <abien@dolby.com>
Date: Wed, 5 Aug 2020 14:29:08 +0200
Subject: Fix read of stack buffer after it went out of scope

---
 src/h__Writer.cpp | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'src/h__Writer.cpp')

diff --git a/src/h__Writer.cpp b/src/h__Writer.cpp
index fc7f060..0c56b4c 100755
--- a/src/h__Writer.cpp
+++ b/src/h__Writer.cpp
@@ -374,6 +374,15 @@ ASDCP::Write_EKLV_Packet(Kumu::FileWriter& File, const ASDCP::Dictionary& Dict,
 
   byte_t overhead[128];
   Kumu::MemIOWriter Overhead(overhead, 128);
+  // We declare HMACOverhead and its buffer in the outer scope, even though it is not used on
+  // unencrypted content: the reason is that File.Writev(const byte_t* buf, ui32_t buf_len) doesn't
+  // write data right away but saves a pointer on the buffer. And we write all the buffers at the end
+  // when calling File.writev().
+  // Declaring the buffer variable in an inner scope means the buffer will go out of scope
+  // before the data it contains has been actually written, which means its content could be
+  // overwritten/get corrupted.
+  byte_t hmoverhead[512];
+  Kumu::MemIOWriter HMACOverhead(hmoverhead, 512);
 
   if ( FrameBuf.Size() == 0 )
     {
@@ -455,9 +464,6 @@ ASDCP::Write_EKLV_Packet(Kumu::FileWriter& File, const ASDCP::Dictionary& Dict,
 	{
 	  StreamOffset += CtFrameBuf.Size();
 
-	  byte_t hmoverhead[512];
-	  Kumu::MemIOWriter HMACOverhead(hmoverhead, 512);
-
 	  // write the HMAC
 	  if ( Info.UsesHMAC )
 	    {
-- 
cgit v1.2.3