mpeg12dec: reset data size after parsing extradata.

This ended up corrupting data structures and may possibly lead to a double free. Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
author: Michael Niedermayer <michaelni@gmx.at> 2012-04-22 20:03:53 +0200
committer: Michael Niedermayer <michaelni@gmx.at> 2012-04-22 20:03:53 +0200
commit: 951cbea56fdc03ef96d07fbd7e5bed755d42ac8a (patch)
tree: 538f937bd39cd621575c369076167ccf666df0c8 /libavcodec
parent: 41abc9da50ba7a7b68bbbf6622475ce7a3c72e3f (diff)
download: ffmpeg-951cbea56fdc03ef96d07fbd7e5bed755d42ac8a.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/libavcodec/mpeg12.c b/libavcodec/mpeg12.c
index ea19b819cc..b66d535e28 100644
--- a/libavcodec/mpeg12.c
+++ b/libavcodec/mpeg12.c
@@ -2289,6 +2289,7 @@ static int mpeg_decode_frame(AVCodecContext *avctx,
 
     if (avctx->extradata && !avctx->frame_number) {
         int ret = decode_chunks(avctx, picture, data_size, avctx->extradata, avctx->extradata_size);
+        *data_size = 0;
         if (ret < 0 && (avctx->err_recognition & AV_EF_EXPLODE))
             return ret;
     }
author	Michael Niedermayer <michaelni@gmx.at>	2012-04-22 20:03:53 +0200
committer	Michael Niedermayer <michaelni@gmx.at>	2012-04-22 20:03:53 +0200
commit	951cbea56fdc03ef96d07fbd7e5bed755d42ac8a (patch)
tree	538f937bd39cd621575c369076167ccf666df0c8 /libavcodec
parent	41abc9da50ba7a7b68bbbf6622475ce7a3c72e3f (diff)
download	ffmpeg-951cbea56fdc03ef96d07fbd7e5bed755d42ac8a.tar.gz