From 978805b2c518aae480d26e4b44beede300c9a862 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Tue, 25 Mar 2008 10:15:17 +0000 Subject: [PATCH] Fix possible heap overflow caused by av_fast_realloc() Originally committed as revision 12579 to svn://svn.ffmpeg.org/ffmpeg/trunk --- libavcodec/utils.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/libavcodec/utils.c b/libavcodec/utils.c index d6522fe702..a264297207 100644 --- a/libavcodec/utils.c +++ b/libavcodec/utils.c @@ -66,7 +66,11 @@ void *av_fast_realloc(void *ptr, unsigned int *size, unsigned int min_size) *size= FFMAX(17*min_size/16 + 32, min_size); - return av_realloc(ptr, *size); + ptr= av_realloc(ptr, *size); + if(!ptr) //we could set this to the unmodified min_size but this is safer if the user lost the ptr and uses NULL now + *size= 0; + + return ptr; } static unsigned int last_static = 0;