Zeroing the padding has been forgotten.
Signed-off-by: Andreas Rheinhardt <andreas.rheinha...@gmail.com>
---
libavformat/apngdec.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/libavformat/apngdec.c b/libavformat/apngdec.c
index c8db9c6e1f..b5696e069c 100644
--- a/libavformat/apngdec.c
+++ b/libavformat/apngdec.c
@@ -127,13 +127,14 @@ static int append_extradata(AVCodecParameters *par,
AVIOContext *pb, int len)
int new_size, ret;
uint8_t *new_extradata;
- if (previous_size > INT_MAX - len)
+ if (previous_size > INT_MAX - AV_INPUT_BUFFER_PADDING_SIZE - len)
return AVERROR_INVALIDDATA;
new_size = previous_size + len;
new_extradata = av_realloc(par->extradata, new_size +
AV_INPUT_BUFFER_PADDING_SIZE);
if (!new_extradata)
return AVERROR(ENOMEM);
+ memset(new_extradata + new_size, 0, AV_INPUT_BUFFER_PADDING_SIZE);
par->extradata = new_extradata;
par->extradata_size = new_size;
@@ -177,10 +178,9 @@ static int apng_read_header(AVFormatContext *s)
return ret;
/* extradata will contain every chunk up to the first fcTL (excluded) */
- st->codecpar->extradata = av_malloc(len + 12 +
AV_INPUT_BUFFER_PADDING_SIZE);
- if (!st->codecpar->extradata)
- return AVERROR(ENOMEM);
- st->codecpar->extradata_size = len + 12;
+ ret = ff_alloc_extradata(st->codecpar, len + 12);
+ if (ret < 0)
+ return ret;
AV_WB32(st->codecpar->extradata, len);
AV_WL32(st->codecpar->extradata+4, tag);
AV_WB32(st->codecpar->extradata+8, st->codecpar->width);
--
2.20.1
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
