From 84bc2cea237725de468f53dbba6d53140fae21c5 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Wed, 17 Dec 2014 21:27:37 +0100
Subject: [PATCH] avcodec/h264: Clear delayed_pic on deallocation

Fixes use of freed memory

Fixes: case5_av_frame_copy_props.mp4
Found-by: Michal Zalewski <lcamtuf@coredump.cx>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit e8714f6f93d1a32f4e4655209960afcf4c185214)

Conflicts:

	libavcodec/h264.c
---
 libavcodec/h264.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libavcodec/h264.c b/libavcodec/h264.c
index 7ea833fa83..1194fd9da9 100644
--- a/libavcodec/h264.c
+++ b/libavcodec/h264.c
@@ -1231,6 +1231,7 @@ static void free_tables(H264Context *h, int free_rbsp)
     av_buffer_pool_uninit(&h->ref_index_pool);
 
     if (free_rbsp && h->DPB) {
+        memset(h->delayed_pic, 0, sizeof(h->delayed_pic));
         for (i = 0; i < MAX_PICTURE_COUNT; i++)
             unref_picture(h, &h->DPB[i]);
         av_freep(&h->DPB);