[FFmpeg-devel] [PATCH] interplayacm: increase bitstream buffer size by AV_INPUT_BUFFER_PADDING_SIZE
Andreas Cadhalpun
andreas.cadhalpun at googlemail.com
Sun Oct 30 22:24:09 EET 2016
This fixes out-of-bounds reads by the bitstream reader.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
---
libavcodec/interplayacm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/interplayacm.c b/libavcodec/interplayacm.c
index 0486e00..f4a3446 100644
--- a/libavcodec/interplayacm.c
+++ b/libavcodec/interplayacm.c
@@ -72,7 +72,7 @@ static av_cold int decode_init(AVCodecContext *avctx)
s->block = av_calloc(s->block_len, sizeof(int));
s->wrapbuf = av_calloc(s->wrapbuf_len, sizeof(int));
s->ampbuf = av_calloc(0x10000, sizeof(int));
- s->bitstream = av_calloc(s->max_framesize, sizeof(*s->bitstream));
+ s->bitstream = av_calloc(s->max_framesize + AV_INPUT_BUFFER_PADDING_SIZE / sizeof(*s->bitstream) + 1, sizeof(*s->bitstream));
if (!s->block || !s->wrapbuf || !s->ampbuf || !s->bitstream)
return AVERROR(ENOMEM);
--
2.10.1
More information about the ffmpeg-devel
mailing list