lavc/avpacket: fill padding area on side data split.

The padding data is assumed to be 0 in several places, notably in
subtitles. This problem was not detected with fate-sub-srt test because
the first element of the side data (x1) is 0 in the test, so the
trailing side data present in the packet wasn't read by the decoder. The
issue can be observed with a large enough x1.

It is also noted in FF_INPUT_BUFFER_PADDING_SIZE doxy that MPEG
bitstreams require that padding with 0, so it might fix other issues.

libavcodec/avpacket.c

@@ -356,7 +356,7 @@ int av_packet_merge_side_data(AVPacket *pkt){
 int av_packet_split_side_data(AVPacket *pkt){
     if (!pkt->side_data_elems && pkt->size >12 && AV_RB64(pkt->data + pkt->size - 8) == FF_MERGE_MARKER){
         int i;
-        unsigned int size;
+        unsigned int size, orig_pktsize = pkt->size;
         uint8_t *p;
 
         p = pkt->data + pkt->size - 8 - 5;
@@ -389,6 +389,13 @@ int av_packet_split_side_data(AVPacket *pkt){
             p-= size+5;
         }
         pkt->size -= 8;
+        /* FFMIN() prevents overflow in case the packet wasn't allocated with
+         * proper padding.
+         * If the side data is smaller than the buffer padding size, the
+         * remaining bytes should have already been filled with zeros by the
+         * original packet allocation anyway. */
+        memset(pkt->data + pkt->size, 0,
+               FFMIN(orig_pktsize - pkt->size, FF_INPUT_BUFFER_PADDING_SIZE));
         pkt->side_data_elems = i+1;
         return 1;
     }