avcodec: Introduce ff_get_buffer

Validate the image size there as is done in the other release
branches.

Bug-Id: CVE-2011-3935
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind

1 files changed, 2 insertions, 2 deletions

diff --git a/libavcodec/mxpegdec.c b/libavcodec/mxpegdec.c
index 6f0d0457f7..fff5c7eef9 100644
--- a/libavcodec/mxpegdec.c
+++ b/libavcodec/mxpegdec.c
@@ -249,7 +249,7 @@ static int mxpeg_decode_frame(AVCodecContext *avctx,
                     /* use stored SOF data to allocate current picture */
                     if (jpg->picture_ptr->data[0])
                         avctx->release_buffer(avctx, jpg->picture_ptr);
-                    if (avctx->get_buffer(avctx, jpg->picture_ptr) < 0) {
+                    if (ff_get_buffer(avctx, jpg->picture_ptr) < 0) {
                         av_log(avctx, AV_LOG_ERROR, "get_buffer() failed\n");
                         return AVERROR(ENOMEM);
                     }
@@ -268,7 +268,7 @@ static int mxpeg_decode_frame(AVCodecContext *avctx,
 
                     /* allocate dummy reference picture if needed */
                     if (!reference_ptr->data[0] &&
-                        avctx->get_buffer(avctx, reference_ptr) < 0) {
+                        ff_get_buffer(avctx, reference_ptr) < 0) {
                         av_log(avctx, AV_LOG_ERROR, "get_buffer() failed\n");
                         return AVERROR(ENOMEM);
                     }