RepoMirrors
/
mpv
mirror of https://github.com/mpv-player/mpv
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix buffer size sanity check to match what is actually required. 

git-svn-id: svn://svn.mplayerhq.hu/mplayer/trunk@19398 b3059339-0415-0410-9bf9-f77b7e298cf2
This commit is contained in:
uau 2006-08-14 17:37:47 +00:00
parent 1e7ea68b2e
commit 77760ff64e
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libmpcodecs/dec_audio.c
View File

@ -374,7 +374,12 @@ int decode_audio(sh_audio_t *sh_audio,unsigned char *buf,int minlen,int maxlen)
mp_msg(MSGT_DECAUDIO,MSGL_DBG2,"decaudio: decoding %d bytes, max: %d (%d)\n",
len, maxlen, sh_audio->audio_out_minsize);
if(maxlen<sh_audio->audio_out_minsize) break; // don't overflow buffer!
// When a decoder sets audio_out_minsize that should guarantee it can
// write up to audio_out_minsize bytes at a time until total >= minlen
// without checking maxlen. Thus maxlen must be at least minlen +
// audio_out_minsize. Check that to guard against buffer overflows.
if (maxlen < len + sh_audio->audio_out_minsize)
break;
// not enough decoded data waiting, decode 'len' bytes more:
len=mpadec->decode_audio(sh_audio,
sh_audio->a_buffer+sh_audio->a_buffer_len, len, maxlen);