From 82ee37f1f3b9fe08e149e2aedfc800dab3e7aab8 Mon Sep 17 00:00:00 2001
From: Paul B Mahol <onemda@gmail.com>
Date: Sat, 9 Apr 2016 15:57:41 +0200
Subject: [PATCH] avcodec/shorten: fix decoding of very large (>2048) block
 sizes

Signed-off-by: Paul B Mahol <onemda@gmail.com>
---
 libavcodec/shorten.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/libavcodec/shorten.c b/libavcodec/shorten.c
index 0dc879a58c..fefe4708a5 100644
--- a/libavcodec/shorten.c
+++ b/libavcodec/shorten.c
@@ -474,9 +474,23 @@ static int shorten_decode_frame(AVCodecContext *avctx, void *data,
 
     /* process header or next subblock */
     if (!s->got_header) {
+
         if ((ret = read_header(s)) < 0)
             return ret;
+
         if (avpkt->size) {
+            int max_framesize;
+            void *tmp_ptr;
+
+            max_framesize = FFMAX(s->max_framesize, s->blocksize * s->channels * 2);
+            tmp_ptr = av_fast_realloc(s->bitstream, &s->allocated_bitstream_size,
+                                      max_framesize + AV_INPUT_BUFFER_PADDING_SIZE);
+            if (!tmp_ptr) {
+                av_log(avctx, AV_LOG_ERROR, "error allocating bitstream buffer\n");
+                return AVERROR(ENOMEM);
+            }
+            s->bitstream = tmp_ptr;
+            s->max_framesize = max_framesize;
             *got_frame_ptr = 0;
             goto finish_frame;
         }
-- 
2.11.0