From dcc3a30b58c51babcba85905a9617c64090c95ab Mon Sep 17 00:00:00 2001
From: Mean <fixounet@free.fr>
Date: Sun, 29 Apr 2007 23:18:39 +0000
Subject: [PATCH] prevent going out of the buffer if the nal size does not fit
 in the buffer. Patch by Mean % fixounet A free P fr % Original thread: Date:
 Apr 29, 2007 2:00 PM Subject: Re: [Ffmpeg-devel] [patch] h264.c, dont go
 beyond buffer in h264_decode_nal_unit

Originally committed as revision 8858 to svn://svn.ffmpeg.org/ffmpeg/trunk
---
 libavcodec/h264.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/h264.c b/libavcodec/h264.c
index b5bd0a8..40dbb96 100644
--- a/libavcodec/h264.c
+++ b/libavcodec/h264.c
@@ -8122,7 +8122,7 @@ static int decode_nal_units(H264Context *h, uint8_t *buf, int buf_size){
         nalsize = 0;
         for(i = 0; i < h->nal_length_size; i++)
             nalsize = (nalsize << 8) | buf[buf_index++];
-        if(nalsize <= 1 || nalsize > buf_size){
+        if(nalsize <= 1 || (nalsize+buf_index > buf_size)){
             if(nalsize == 1){
                 buf_index++;
                 continue;
-- 
2.7.4