[FFmpeg-cvslog] avcodec/avpacket: clear side_data_elems

[Michael Niedermayer]

ffmpeg | branch: master | Michael Niedermayer <michael at niedermayer.cc> | Mon Sep 12 13:13:42 2016 +0200| [5e1bf9d8c0d2cdbbf17b06a5dfdf87a635b3203b] | committer: Michael Niedermayer

avcodec/avpacket: clear side_data_elems

Fixes null pointer dereference

Found-by: 连一汉 <lianyihan at 360.cn>
Signed-off-by: Michael Niedermayer <michael at niedermayer.cc>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=5e1bf9d8c0d2cdbbf17b06a5dfdf87a635b3203b
---

 libavcodec/avpacket.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/libavcodec/avpacket.c b/libavcodec/avpacket.c
index fa2844d..a485064 100644
--- a/libavcodec/avpacket.c
+++ b/libavcodec/avpacket.c
@@ -198,6 +198,7 @@ static int copy_packet_data(AVPacket *pkt, const AVPacket *src, int dup)
 {
     pkt->data      = NULL;
     pkt->side_data = NULL;
+    pkt->side_data_elems = 0;
     if (pkt->buf) {
         AVBufferRef *ref = av_buffer_ref(src->buf);
         if (!ref)
@@ -207,9 +208,11 @@ static int copy_packet_data(AVPacket *pkt, const AVPacket *src, int dup)
     } else {
         DUP_DATA(pkt->data, src->data, pkt->size, 1, ALLOC_BUF);
     }
-    if (pkt->side_data_elems && dup)
+    if (src->side_data_elems && dup) {
         pkt->side_data = src->side_data;
-    if (pkt->side_data_elems && !dup) {
+        pkt->side_data_elems = src->side_data_elems;
+    }
+    if (src->side_data_elems && !dup) {
         return av_copy_packet_side_data(pkt, src);
     }
     return 0;