avcodec/sanm: Reset sizes in destroy_buffers()
authorMichael Niedermayer <michael@niedermayer.cc>
Mon, 13 Jul 2015 14:05:21 +0000 (16:05 +0200)
committerMichael Niedermayer <michael@niedermayer.cc>
Mon, 13 Jul 2015 14:06:37 +0000 (16:06 +0200)
Fixes crash in 1288a2fe8e9ae6b00ca40e089d08ca65_signal_sigsegv_7ffff71426a7_354_accident.san with allocation limit 65536

Found-by: Samuel GroƟ, Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
libavcodec/sanm.c

index 9e5ec54..2547abb 100644 (file)
@@ -457,6 +457,7 @@ static void destroy_buffers(SANMVideoContext *ctx)
     ctx->frm0_size =
     ctx->frm1_size =
     ctx->frm2_size = 0;
+    init_sizes(ctx, 0, 0);
 }
 
 static av_cold int init_buffers(SANMVideoContext *ctx)