[FFmpeg-cvslog] avcodec/parser: Reset *buf_size on realloc failure

[Reimar Döffinger]

ffmpeg | branch: master | Reimar Döffinger <Reimar.Doeffinger at gmx.de> | Tue Mar 12 23:06:49 2024 +0100| [605fc72f19ed975df6b36ea13d9f63b1fe9c852a] | committer: Michael Niedermayer

avcodec/parser: Reset *buf_size on realloc failure

Fixes: out of array access
Fixes: crash-0d640731c7da52415670eb47a2af701cbe2e1a3b
Fixes: crash-e745864ead6ea418959c8df56de2765571201dae

Found-by: Catena cyber <contact at catenacyber.fr>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=605fc72f19ed975df6b36ea13d9f63b1fe9c852a
---

 libavcodec/parser.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libavcodec/parser.c b/libavcodec/parser.c
index efc28b8918..af17ee9c15 100644
--- a/libavcodec/parser.c
+++ b/libavcodec/parser.c
@@ -252,6 +252,7 @@ int ff_combine_frame(ParseContext *pc, int next,
                                            AV_INPUT_BUFFER_PADDING_SIZE);
         if (!new_buffer) {
             av_log(NULL, AV_LOG_ERROR, "Failed to reallocate parser buffer to %d\n", next + pc->index + AV_INPUT_BUFFER_PADDING_SIZE);
+            *buf_size =
             pc->overread_index =
             pc->index = 0;
             return AVERROR(ENOMEM);