From 0c798c8771aea9b9ae6e3e3fcd49ce42489d7377 Mon Sep 17 00:00:00 2001 From: Dylan Yip Date: Fri, 7 Feb 2020 00:13:49 -0800 Subject: [PATCH] h265parse: Fix offset by one error in pic timing SEI Offset by one error causes a free/malloc error when parsing pic timing SEI messages. --- gst-libs/gst/codecparsers/gsth265parser.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gst-libs/gst/codecparsers/gsth265parser.c b/gst-libs/gst/codecparsers/gsth265parser.c index ddf265b..b8e92eb 100644 --- a/gst-libs/gst/codecparsers/gsth265parser.c +++ b/gst-libs/gst/codecparsers/gsth265parser.c @@ -1144,7 +1144,7 @@ gst_h265_parser_parse_pic_timing (GstH265Parser * parser, tim->du_cpb_removal_delay_increment_minus1 = g_new0 (guint8, (tim->num_decoding_units_minus1 + 1)); - for (i = 0; i <= (tim->num_decoding_units_minus1 + 1); i++) { + for (i = 0; i <= tim->num_decoding_units_minus1; i++) { READ_UE (nr, tim->num_nalus_in_du_minus1[i]); if (!tim->du_common_cpb_removal_delay_flag -- 2.7.4