vp9: fix memory corruption if header decoding fails after size change.
authorRonald S. Bultje <rsbultje@gmail.com>
Sat, 25 Jan 2014 00:21:57 +0000 (19:21 -0500)
committerRonald S. Bultje <rsbultje@gmail.com>
Sat, 25 Jan 2014 00:25:26 +0000 (19:25 -0500)
libavcodec/vp9.c

index ec6ceb0..2965394 100644 (file)
@@ -3772,7 +3772,8 @@ static int vp9_decode_update_thread_context(AVCodecContext *dst, const AVCodecCo
     VP9Context *s = dst->priv_data, *ssrc = src->priv_data;
 
     // detect size changes in other threads
-    if (s->above_partition_ctx && (s->cols != ssrc->cols || s->rows != ssrc->rows)) {
+    if (s->above_partition_ctx &&
+        (!ssrc->above_partition_ctx || s->cols != ssrc->cols || s->rows != ssrc->rows)) {
         free_buffers(s);
     }