From 668e16a0dd1ff56d4beeff5c658d8a2a08dbfac8 Mon Sep 17 00:00:00 2001
From: Anton Khirnov <anton@khirnov.net>
Date: Thu, 14 Feb 2013 11:43:20 +0100
Subject: [PATCH] h264: on reference overflow, reset the reference count to 0,
 not 1.

Since decode_slice_header() returns before the reference lists are
constructed, there are zero valid references.

CC:libav-stable@libav.org
---
 libavcodec/h264.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/h264.c b/libavcodec/h264.c
index d816835cbf1..7d24df261e0 100644
--- a/libavcodec/h264.c
+++ b/libavcodec/h264.c
@@ -3391,7 +3391,7 @@ static int decode_slice_header(H264Context *h, H264Context *h0)
 
     if (h->ref_count[0] > max_refs || h->ref_count[1] > max_refs) {
         av_log(h->avctx, AV_LOG_ERROR, "reference overflow\n");
-        h->ref_count[0] = h->ref_count[1] = 1;
+        h->ref_count[0] = h->ref_count[1] = 0;
         return AVERROR_INVALIDDATA;
     }
 
-- 
GitLab