queuearray: fix expanding size of queue from 1

Without we would not actually expand and access
memory beyond the allocated region for the array.

https://bugzilla.gnome.org/show_bug.cgi?id=731349

diff --git a/libs/gst/base/gstqueuearray.c b/libs/gst/base/gstqueuearray.c
index 8061ff1..d37535d 100644 (file)
--- a/libs/gst/base/gstqueuearray.c
+++ b/libs/gst/base/gstqueuearray.c
@@ -145,7 +145,7 @@ gst_queue_array_push_tail (GstQueueArray * array, gpointer data)
   /* Check if we need to make room */
   if (G_UNLIKELY (array->length == array->size)) {
     /* newsize is 50% bigger */
-    guint newsize = (3 * array->size) / 2;
+    guint newsize = MAX ((3 * array->size) / 2, array->size + 1);
 
     /* copy over data */
     if (array->tail != 0) {