From cb077b7aa319caf4a11e811df93b1c2b86fff954 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Thu, 24 Jan 2008 19:31:59 +0000
Subject: [PATCH] Fix crash for CAVLC->CABAC switch caused by writing into NULL
 tables. (iam not sure if this might have been exploitable) fixes issue332 /
 CVCANLMA2_Sony_C.jsv Other solutions which waste a few bytes less are welcome
 ...

Originally committed as revision 11605 to svn://svn.ffmpeg.org/ffmpeg/trunk
---
 libavcodec/h264.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/libavcodec/h264.c b/libavcodec/h264.c
index 29909e9ae7e..66d92000088 100644
--- a/libavcodec/h264.c
+++ b/libavcodec/h264.c
@@ -2035,12 +2035,10 @@ static int alloc_tables(H264Context *h){
     CHECKED_ALLOCZ(h->slice_table_base  , (big_mb_num+s->mb_stride) * sizeof(uint8_t))
     CHECKED_ALLOCZ(h->cbp_table, big_mb_num * sizeof(uint16_t))
 
-    if( h->pps.cabac ) {
         CHECKED_ALLOCZ(h->chroma_pred_mode_table, big_mb_num * sizeof(uint8_t))
         CHECKED_ALLOCZ(h->mvd_table[0], 32*big_mb_num * sizeof(uint16_t));
         CHECKED_ALLOCZ(h->mvd_table[1], 32*big_mb_num * sizeof(uint16_t));
         CHECKED_ALLOCZ(h->direct_table, 32*big_mb_num * sizeof(uint8_t));
-    }
 
     memset(h->slice_table_base, -1, (big_mb_num+s->mb_stride)  * sizeof(uint8_t));
     h->slice_table= h->slice_table_base + s->mb_stride*2 + 1;
-- 
GitLab