From c4ce8709676a6f0b41761093b0da08de72799ba9 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Mon, 16 Apr 2012 12:01:55 +0200 Subject: [PATCH] flvdec: allocate large enough buffer so get_bits() doesnt overread Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer --- libavformat/flvdec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavformat/flvdec.c b/libavformat/flvdec.c index c44464105a..3d23b67c29 100644 --- a/libavformat/flvdec.c +++ b/libavformat/flvdec.c @@ -112,7 +112,7 @@ static int flv_set_video_codec(AVFormatContext *s, AVStream *vstream, int flv_co vcodec->codec_id = CODEC_ID_VP6A; if(vcodec->extradata_size != 1) { vcodec->extradata_size = 1; - vcodec->extradata = av_malloc(1); + vcodec->extradata = av_malloc(1 + FF_INPUT_BUFFER_PADDING_SIZE); } vcodec->extradata[0] = avio_r8(s->pb); return 1; // 1 byte body size adjustment for flv_read_packet()