[FFmpeg-devel] [PATCH] wmavoice: limit wmavoice_decode_packet return value to packet size
Andreas Cadhalpun
andreas.cadhalpun at googlemail.com
Sat Jun 27 20:36:15 CEST 2015
Claiming to have decoded more bytes than the packet size is wrong.
Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun at googlemail.com>
---
libavcodec/wmavoice.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/wmavoice.c b/libavcodec/wmavoice.c
index ae88d4e..6cd407a 100644
--- a/libavcodec/wmavoice.c
+++ b/libavcodec/wmavoice.c
@@ -1982,7 +1982,7 @@ static int wmavoice_decode_packet(AVCodecContext *ctx, void *data,
*got_frame_ptr) {
cnt += s->spillover_nbits;
s->skip_bits_next = cnt & 7;
- return cnt >> 3;
+ return FFMIN(cnt >> 3, avpkt->size);
} else
skip_bits_long (gb, s->spillover_nbits - cnt +
get_bits_count(gb)); // resync
@@ -2001,7 +2001,7 @@ static int wmavoice_decode_packet(AVCodecContext *ctx, void *data,
} else if (*got_frame_ptr) {
int cnt = get_bits_count(gb);
s->skip_bits_next = cnt & 7;
- return cnt >> 3;
+ return FFMIN(cnt >> 3, avpkt->size);
} else if ((s->sframe_cache_size = pos) > 0) {
/* rewind bit reader to start of last (incomplete) superframe... */
init_get_bits(gb, avpkt->data, size << 3);
--
2.1.4
More information about the ffmpeg-devel
mailing list