From c8d36d254e298a51ea569b2557451d26499d0f88 Mon Sep 17 00:00:00 2001
From: Justin Ruggles <justin.ruggles@gmail.com>
Date: Thu, 27 Oct 2011 14:36:41 -0400
Subject: [PATCH] g726: pre-calculate the number of output samples.

Allows for checking output buffer size and simplification of decoding loop.
---
 libavcodec/g726.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/libavcodec/g726.c b/libavcodec/g726.c
index 6cd8c936ac2..6ff3288a673 100644
--- a/libavcodec/g726.c
+++ b/libavcodec/g726.c
@@ -377,16 +377,24 @@ static int g726_decode_frame(AVCodecContext *avctx,
     G726Context *c = avctx->priv_data;
     int16_t *samples = data;
     GetBitContext gb;
+    int out_samples, out_size;
+
+    out_samples = buf_size * 8 / c->code_size;
+    out_size    = out_samples * av_get_bytes_per_sample(avctx->sample_fmt);
+    if (*data_size < out_size) {
+        av_log(avctx, AV_LOG_ERROR, "Output buffer is too small\n");
+        return AVERROR(EINVAL);
+    }
 
     init_get_bits(&gb, buf, buf_size * 8);
 
-    while (get_bits_count(&gb) + c->code_size <= buf_size*8)
+    while (out_samples--)
         *samples++ = g726_decode(c, get_bits(&gb, c->code_size));
 
-    if(buf_size*8 != get_bits_count(&gb))
+    if (get_bits_left(&gb) > 0)
         av_log(avctx, AV_LOG_ERROR, "Frame invalidly split, missing parser?\n");
 
-    *data_size = (uint8_t*)samples - (uint8_t*)data;
+    *data_size = out_size;
     return buf_size;
 }
 
-- 
GitLab