Fixes: signed integer overflow: 175 + 2147483571 cannot be represented in type 'int'
Fixes: 26833/clusterfuzz-testcase-minimized-ffmpeg_dem_IMAGE2_fuzzer-5969501214212096
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
If avio_read() returns a value of bytes read that's lower than the
expected, return an error instead. And when there are zero bytes in
the prefetch buffer, return 0 in order for the frame merge bsf to
drain all potentially buffered packets.
Missed by mistake when amending and committing 9a7bdb6d71.
Signed-off-by: James Almer <jamrial@gmail.com>
The current approach has two different calls to av_bsf_send_packet():
A normal one, sending a packet; and an extraordinary one just for
flushing. These can be unified into one by making use of the newly
documented fact that av_bsf_send_packet() allows to signal flushing via
empty packets (i.e. packets without data and side-data).
This also fixes CID 1455685 which resulted from the fact that the call
for flushing was not checked given that it couldn't fail.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Signed-off-by: James Almer <jamrial@gmail.com>