[FFmpeg-cvslog] avutil/frame: Use av_realloc_array(), improve overflow check

[Andreas Rheinhardt]

ffmpeg | branch: master | Andreas Rheinhardt <andreas.rheinhardt at outlook.com> | Fri Mar 22 15:24:47 2024 +0100| [d11b5e6096b888caa7e6c4d159f6c0c44d0ca83d] | committer: Andreas Rheinhardt

avutil/frame: Use av_realloc_array(), improve overflow check

Also use sizeof of the proper type, namely sizeof(**sd)
and not sizeof(*sd).

Reviewed-by: Jan Ekström <jeebjp at gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt at outlook.com>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=d11b5e6096b888caa7e6c4d159f6c0c44d0ca83d
---

 libavutil/frame.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/libavutil/frame.c b/libavutil/frame.c
index 7dd37e5490..d7a32cdc92 100644
--- a/libavutil/frame.c
+++ b/libavutil/frame.c
@@ -721,10 +721,11 @@ static AVFrameSideData *add_side_data_from_buf(AVFrameSideData ***sd,
     if (!buf)
         return NULL;
 
-    if (*nb_sd > INT_MAX / sizeof(*sd) - 1)
+    // *nb_sd + 1 needs to fit into an int and a size_t.
+    if ((unsigned)*nb_sd >= FFMIN(INT_MAX, SIZE_MAX))
         return NULL;
 
-    tmp = av_realloc(*sd, (*nb_sd + 1) * sizeof(*sd));
+    tmp = av_realloc_array(*sd, sizeof(**sd), *nb_sd + 1);
     if (!tmp)
         return NULL;
     *sd = tmp;