Commit 0a41a8bf authored by Michael Niedermayer's avatar Michael Niedermayer

avformat/utils: Fix potential integer overflow in extract_extradata()

Signed-off-by: 's avatarMichael Niedermayer <michael@niedermayer.cc>
parent b4a1ccfc
...@@ -3544,6 +3544,8 @@ static int extract_extradata(AVStream *st, AVPacket *pkt) ...@@ -3544,6 +3544,8 @@ static int extract_extradata(AVStream *st, AVPacket *pkt)
&extradata_size); &extradata_size);
if (extradata) { if (extradata) {
av_assert0(!sti->avctx->extradata);
if ((unsigned)extradata_size < FF_MAX_EXTRADATA_SIZE)
sti->avctx->extradata = av_mallocz(extradata_size + AV_INPUT_BUFFER_PADDING_SIZE); sti->avctx->extradata = av_mallocz(extradata_size + AV_INPUT_BUFFER_PADDING_SIZE);
if (!sti->avctx->extradata) { if (!sti->avctx->extradata) {
av_packet_unref(pkt_ref); av_packet_unref(pkt_ref);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment