[FFmpeg-cvslog] shorten: pad the internal bitstream buffer
Anton Khirnov
git at videolan.org
Fri Mar 7 03:59:08 CET 2014
ffmpeg | branch: release/1.1 | Anton Khirnov <anton at khirnov.net> | Thu Nov 28 10:54:35 2013 +0100| [f1a7bfea41e56067c3bf4864159c87cdda613c19] | committer: Reinhard Tartler
shorten: pad the internal bitstream buffer
Fixes invalid reads.
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
CC:libav-stable at libav.org
(cherry picked from commit 1713eec29add37b654ec6bf262b843d139c1ffc6)
> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=f1a7bfea41e56067c3bf4864159c87cdda613c19
---
libavcodec/shorten.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/shorten.c b/libavcodec/shorten.c
index 22976e0..31bd943 100644
--- a/libavcodec/shorten.c
+++ b/libavcodec/shorten.c
@@ -441,7 +441,7 @@ static int shorten_decode_frame(AVCodecContext *avctx, void *data,
void *tmp_ptr;
s->max_framesize = 1024; // should hopefully be enough for the first header
tmp_ptr = av_fast_realloc(s->bitstream, &s->allocated_bitstream_size,
- s->max_framesize);
+ s->max_framesize + FF_INPUT_BUFFER_PADDING_SIZE);
if (!tmp_ptr) {
av_log(avctx, AV_LOG_ERROR, "error allocating bitstream buffer\n");
return AVERROR(ENOMEM);
More information about the ffmpeg-cvslog
mailing list