[FFmpeg-cvslog] avformat/utils: check for overflow before reallocating side data

[James Almer]

ffmpeg | branch: master | James Almer <jamrial at gmail.com> | Sat Nov 19 14:33:10 2016 -0300| [0ffea3565700c9b3093ead285f729bb319a2163e] | committer: James Almer

avformat/utils: check for overflow before reallocating side data

This makes av_stream_add_side_data() consistent with av_packet_add_side_data().

Reviewed-by: Michael Niedermayer <michael at niedermayer.cc>
Signed-off-by: James Almer <jamrial at gmail.com>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=0ffea3565700c9b3093ead285f729bb319a2163e
---

 libavformat/utils.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libavformat/utils.c b/libavformat/utils.c
index 19bb8bd..9d01bab 100644
--- a/libavformat/utils.c
+++ b/libavformat/utils.c
@@ -5121,7 +5121,10 @@ int av_stream_add_side_data(AVStream *st, enum AVPacketSideDataType type,
         }
     }
 
-    tmp = av_realloc_array(st->side_data, st->nb_side_data + 1, sizeof(*tmp));
+    if ((unsigned)st->nb_side_data + 1 >= INT_MAX / sizeof(*st->side_data))
+        return AVERROR(ERANGE);
+
+    tmp = av_realloc(st->side_data, st->nb_side_data + 1 * sizeof(*tmp));
     if (!tmp) {
         return AVERROR(ENOMEM);
     }