ffmpeg | branch: release/3.1 | Andreas Cadhalpun <andreas.cadhal...@googlemail.com> | Sun Oct 30 21:18:20 2016 +0100| [5a1433b19ab396cfdc7d52d9b479a7828ce5c707] | committer: Andreas Cadhalpun
interplayacm: increase bitstream buffer size by AV_INPUT_BUFFER_PADDING_SIZE This fixes out-of-bounds reads by the bitstream reader. Reviewed-by: Paul B Mahol <one...@gmail.com> Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> (cherry picked from commit 60178e78f2fe9a7bfb9da0abc985835e2ebfd2f1) Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> > http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5a1433b19ab396cfdc7d52d9b479a7828ce5c707 --- libavcodec/interplayacm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavcodec/interplayacm.c b/libavcodec/interplayacm.c index 14cad09..8b34009 100644 --- a/libavcodec/interplayacm.c +++ b/libavcodec/interplayacm.c @@ -76,7 +76,7 @@ static av_cold int decode_init(AVCodecContext *avctx) s->block = av_calloc(s->block_len, sizeof(int)); s->wrapbuf = av_calloc(s->wrapbuf_len, sizeof(int)); s->ampbuf = av_calloc(0x10000, sizeof(int)); - s->bitstream = av_calloc(s->max_framesize, sizeof(*s->bitstream)); + s->bitstream = av_calloc(s->max_framesize + AV_INPUT_BUFFER_PADDING_SIZE / sizeof(*s->bitstream) + 1, sizeof(*s->bitstream)); if (!s->block || !s->wrapbuf || !s->ampbuf || !s->bitstream) return AVERROR(ENOMEM); _______________________________________________ ffmpeg-cvslog mailing list ffmpeg-cvslog@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-cvslog
