On 10/30/16, Andreas Cadhalpun <andreas.cadhal...@googlemail.com> wrote: > This fixes out-of-bounds reads by the bitstream reader. > > Signed-off-by: Andreas Cadhalpun <andreas.cadhal...@googlemail.com> > --- > libavcodec/interplayacm.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libavcodec/interplayacm.c b/libavcodec/interplayacm.c > index 0486e00..f4a3446 100644 > --- a/libavcodec/interplayacm.c > +++ b/libavcodec/interplayacm.c > @@ -72,7 +72,7 @@ static av_cold int decode_init(AVCodecContext *avctx) > s->block = av_calloc(s->block_len, sizeof(int)); > s->wrapbuf = av_calloc(s->wrapbuf_len, sizeof(int)); > s->ampbuf = av_calloc(0x10000, sizeof(int)); > - s->bitstream = av_calloc(s->max_framesize, sizeof(*s->bitstream)); > + s->bitstream = av_calloc(s->max_framesize + > AV_INPUT_BUFFER_PADDING_SIZE / sizeof(*s->bitstream) + 1,
How did you came up with this fix? Little background would help. > sizeof(*s->bitstream)); > if (!s->block || !s->wrapbuf || !s->ampbuf || !s->bitstream) > return AVERROR(ENOMEM); > > -- > 2.10.1 > _______________________________________________ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > http://ffmpeg.org/mailman/listinfo/ffmpeg-devel > _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
