avcodec/pngdec: Fix off by 1 size in decode_zbuf()
authorMichael Niedermayer <michael@niedermayer.cc>
Mon, 23 Jan 2017 00:25:27 +0000 (01:25 +0100)
committerMichael Niedermayer <michael@niedermayer.cc>
Mon, 23 Jan 2017 00:43:35 +0000 (01:43 +0100)
commite371f031b942d73e02c090170975561fabd5c264
tree193b0ee9ee317163ff119195fcb250a6c762dbc5
parenta0341b4d74f4db289e15dac0d2988eaa2d18a1bb
avcodec/pngdec: Fix off by 1 size in decode_zbuf()

Fixes out of array access
Fixes: 444/fuzz-2-ffmpeg_VIDEO_AV_CODEC_ID_PNG_fuzzer

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/pngdec.c