From d6c77964c07fd909c192c1a3bdbe5ba5856a8d10 Mon Sep 17 00:00:00 2001
From: "liu.haibin" <liu.haibin@navercorp.com>
Date: Mon, 19 Jul 2021 14:17:53 +0800
Subject: [PATCH] libobs: Fix stack buffer overflow in build_current_order_info

---
 libobs/obs-scene.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/libobs/obs-scene.c b/libobs/obs-scene.c
index fab6f4b36..862105f7e 100644
--- a/libobs/obs-scene.c
+++ b/libobs/obs-scene.c
@@ -3211,7 +3211,9 @@ build_current_order_info(obs_scene_t *scene,
 
 	obs_sceneitem_t *item = scene->first_item;
 	while (item) {
-		da_push_back(items, &item);
+		struct obs_sceneitem_order_info info = {0};
+		info.item = item;
+		da_push_back(items, &info);
 
 		if (item->is_group) {
 			obs_scene_t *sub_scene = item->source->context.data;
@@ -3221,7 +3223,9 @@ build_current_order_info(obs_scene_t *scene,
 			obs_sceneitem_t *sub_item = sub_scene->first_item;
 
 			while (sub_item) {
-				da_push_back(items, &item);
+				info.group = item;
+				info.item = sub_item;
+				da_push_back(items, &info);
 
 				sub_item = sub_item->next;
 			}