On 16/10/15 14:40, Vittorio Giovara wrote: > Previously the message was cut off at 256th byte. > > Signed-off-by: Vittorio Giovara <[email protected]> > --- > libavcodec/h264_sei.c | 14 ++++++++------ > 1 file changed, 8 insertions(+), 6 deletions(-) > > diff --git a/libavcodec/h264_sei.c b/libavcodec/h264_sei.c > index ddf1b6f..9f694fa 100644 > --- a/libavcodec/h264_sei.c > +++ b/libavcodec/h264_sei.c > @@ -215,13 +215,17 @@ static int decode_registered_user_data(H264Context *h, > int size) > > static int decode_unregistered_user_data(H264Context *h, int size) > { > - uint8_t user_data[16 + 256]; > + uint8_t *user_data; > int e, build, i; > > - if (size < 16) > + if (size < 16 || size >= INT_MAX - 16) > return AVERROR_INVALIDDATA; > > - for (i = 0; i < sizeof(user_data) - 1 && i < size; i++) > + user_data = av_malloc(16 + size + 1);
mallocz maybe? I recall there are some pending patches on this area now... lu _______________________________________________ libav-devel mailing list [email protected] https://lists.libav.org/mailman/listinfo/libav-devel
