[FFmpeg-cvslog] shorten: allocate space for padding
Michael Niedermayer
git at videolan.org
Thu Jan 16 02:46:58 CET 2014
ffmpeg | branch: release/1.2 | Michael Niedermayer <michaelni at gmx.at> | Tue May 7 19:57:10 2013 +0200| [ca7f64e0ac205da95c9a113bd3b68956e9231b61] | committer: Michael Niedermayer
shorten: allocate space for padding
Fixes array overread
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
(cherry picked from commit 89d998f1c1eddac3a1256e28ac00ccfdf4d3edd1)
Signed-off-by: Michael Niedermayer <michaelni at gmx.at>
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=ca7f64e0ac205da95c9a113bd3b68956e9231b61
---
libavcodec/shorten.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/shorten.c b/libavcodec/shorten.c
index 3a6d634..5765fa4 100644
--- a/libavcodec/shorten.c
+++ b/libavcodec/shorten.c
@@ -424,7 +424,7 @@ static int shorten_decode_frame(AVCodecContext *avctx, void *data,
void *tmp_ptr;
s->max_framesize = 8192; // should hopefully be enough for the first header
tmp_ptr = av_fast_realloc(s->bitstream, &s->allocated_bitstream_size,
- s->max_framesize);
+ s->max_framesize + FF_INPUT_BUFFER_PADDING_SIZE);
if (!tmp_ptr) {
av_log(avctx, AV_LOG_ERROR, "error allocating bitstream buffer\n");
return AVERROR(ENOMEM);
More information about the ffmpeg-cvslog
mailing list