From 641dccc2aa5e0bf6b3c06998f9a7f24a5cf725e7 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Thu, 19 May 2016 00:19:52 +0200
Subject: [PATCH] avcodec/h264: Check init_get_bits8() for failure

Fixes CID1361935

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/h264.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/libavcodec/h264.c b/libavcodec/h264.c
index eb4ad78a0e..b870a72d38 100644
--- a/libavcodec/h264.c
+++ b/libavcodec/h264.c
@@ -1007,6 +1007,7 @@ static int get_last_needed_nal(H264Context *h)
     int nals_needed = 0;
     int first_slice = 0;
     int i;
+    int ret;
 
     for (i = 0; i < h->pkt.nb_nals; i++) {
         H2645NAL *nal = &h->pkt.nals[i];
@@ -1024,7 +1025,9 @@ static int get_last_needed_nal(H264Context *h)
         case NAL_DPA:
         case NAL_IDR_SLICE:
         case NAL_SLICE:
-            init_get_bits8(&gb, nal->data + 1, (nal->size - 1));
+            ret = init_get_bits8(&gb, nal->data + 1, (nal->size - 1));
+            if (ret < 0)
+                return ret;
             if (!get_ue_golomb_long(&gb) ||  // first_mb_in_slice
                 !first_slice ||
                 first_slice != nal->type)
@@ -1076,6 +1079,8 @@ static int decode_nal_units(H264Context *h, const uint8_t *buf, int buf_size,
 
     if (avctx->active_thread_type & FF_THREAD_FRAME)
         nals_needed = get_last_needed_nal(h);
+    if (nals_needed < 0)
+        return nals_needed;
 
     for (i = 0; i < h->pkt.nb_nals; i++) {
         H2645NAL *nal = &h->pkt.nals[i];