@@ -2034,16 +2034,17 @@ static int decode_frame(AVCodecContext *avctx,
return AVERROR_PATCHWELCOME;
}
- if (avpkt->size < 20 + avctx->width * avctx->height / 16) {
- av_log(avctx, AV_LOG_ERROR, "Input packet too small\n");
- return AVERROR_INVALIDDATA;
- }
-
if (s->format != format) {
- if (ret < 0)
+ if (ret < 0) {
+ s->format = 0;
return ret;
+ }
s->format = format;
}
+ if (avpkt->size < 20 + avctx->width * avctx->height / 16) {
+ av_log(avctx, AV_LOG_ERROR, "Input packet too small\n");
+ return AVERROR_INVALIDDATA;
+ }
p->pict_type = AV_PICTURE_TYPE_I;
p->key_frame = 1;
This has happened if the format changed midstream and if the new packet is so small that it is instantaneously rejected: In this case the VLC tables were for the new format, although the context says that they are still the ones for the old format. It can also happen if the format changed midstream and the allocation of the new tables fails. If the next packet is a packet for the old format, the decoder thinks it already has the correct VLC tables, leading to a segfault. Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com> --- libavcodec/sheervideo.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-)