From 83f7bd6dcf00875725c5f3b7e1bedac5a6b3c77d Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Tue, 26 Nov 2013 23:27:21 +0100
Subject: [PATCH] avcodec/g2meet: fix stride calculation, use correct format
 field

Fixes out of array accesses
Fixes: asan_heap-oob_ae5f63_5415_g2m4.wmv
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
---
 libavcodec/g2meet.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/g2meet.c b/libavcodec/g2meet.c
index acd9b19cc6..663028fdf9 100644
--- a/libavcodec/g2meet.c
+++ b/libavcodec/g2meet.c
@@ -490,7 +490,7 @@ static int g2m_load_cursor(AVCodecContext *avctx, G2MContext *c,
     cursor_hot_y  = bytestream2_get_byte(gb);
     cursor_fmt    = bytestream2_get_byte(gb);
 
-    cursor_stride = FFALIGN(cursor_w, c->cursor_fmt==1 ? 32 : 1) * 4;
+    cursor_stride = FFALIGN(cursor_w, cursor_fmt==1 ? 32 : 1) * 4;
 
     if (cursor_w < 1 || cursor_w > 256 ||
         cursor_h < 1 || cursor_h > 256) {