avcodec/dxv: Subtract 12 earlier in dxv_decompress_cocg()

the data_start is after reading 12 bytes and if its subtracted at the very end the intermediate might overflow Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> (cherry picked from commit dd9e6d077ea3259cc6c1896334bbbc7f948979b7) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
author: Michael Niedermayer <michael@niedermayer.cc> 2019-09-24 12:40:35 +0200
committer: Michael Niedermayer <michael@niedermayer.cc> 2019-11-11 20:18:48 +0100
commit: 3d55f7782db375add5a1f21dbd3ab46034c556a9 (patch)
tree: 3204b0b8163d446e8aa4c240d2ac2eaa862ceedd
parent: 30265f277823cf316d5751a27dc1fb20719dd060 (diff)
download: ffmpeg-3d55f7782db375add5a1f21dbd3ab46034c556a9.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavcodec/dxv.c b/libavcodec/dxv.c
index 7c0fc4567a..ed6ed3bb35 100644
--- a/libavcodec/dxv.c
+++ b/libavcodec/dxv.c
@@ -781,7 +781,7 @@ static int dxv_decompress_cocg(DXVContext *ctx, GetByteContext *gb,
             return ret;
     }
 
-    bytestream2_seek(gb, data_start + op_offset + skip0 + skip1 - 12, SEEK_SET);
+    bytestream2_seek(gb, data_start - 12 + op_offset + skip0 + skip1, SEEK_SET);
 
     return 0;
 }
author	Michael Niedermayer <michael@niedermayer.cc>	2019-09-24 12:40:35 +0200
committer	Michael Niedermayer <michael@niedermayer.cc>	2019-11-11 20:18:48 +0100
commit	3d55f7782db375add5a1f21dbd3ab46034c556a9 (patch)
tree	3204b0b8163d446e8aa4c240d2ac2eaa862ceedd
parent	30265f277823cf316d5751a27dc1fb20719dd060 (diff)
download	ffmpeg-3d55f7782db375add5a1f21dbd3ab46034c556a9.tar.gz