# HG changeset patch
# User jbr
# Date 1237753160 0
# Node ID 8aa63f696237de7ea05211df9bec4966a41dd990
# Parent  2c3b2ce51b04cf0fda1942113f35315619cd0d1f
flacdec: move data size check to flac_decode_frame()

diff -r 2c3b2ce51b04 -r 8aa63f696237 flacdec.c
--- a/flacdec.c	Sun Mar 22 19:12:02 2009 +0000
+++ b/flacdec.c	Sun Mar 22 20:19:20 2009 +0000
@@ -480,7 +480,7 @@
     return 0;
 }
 
-static int decode_frame(FLACContext *s, int alloc_data_size)
+static int decode_frame(FLACContext *s)
 {
     int bs_code, sr_code, bps_code, i;
     int ch_mode, bps, blocksize, samplerate;
@@ -554,9 +554,6 @@
         return -1;
     }
 
-    if (blocksize * s->channels * (s->is32 ? 4 : 2) > alloc_data_size)
-        return -1;
-
     /* sample rate */
     if (sr_code == 0)
         samplerate= s->samplerate;
@@ -612,6 +609,7 @@
     int16_t *samples_16 = data;
     int32_t *samples_32 = data;
     int alloc_data_size= *data_size;
+    int output_size;
 
     *data_size=0;
 
@@ -675,15 +673,23 @@
 
     /* decode frame */
     init_get_bits(&s->gb, buf, buf_size*8);
-    if (decode_frame(s, alloc_data_size) < 0) {
+    if (decode_frame(s) < 0) {
         av_log(s->avctx, AV_LOG_ERROR, "decode_frame() failed\n");
         s->bitstream_size=0;
         s->bitstream_index=0;
         return -1;
     }
-    *data_size = s->blocksize * s->channels * (s->is32 ? 4 : 2);
     bytes_read = (get_bits_count(&s->gb)+7)/8;
 
+    /* check if allocated data size is large enough for output */
+    output_size = s->blocksize * s->channels * (s->is32 ? 4 : 2);
+    if (output_size > alloc_data_size) {
+        av_log(s->avctx, AV_LOG_ERROR, "output data size is larger than "
+                                       "allocated data size\n");
+        return -1;
+    }
+    *data_size = output_size;
+
 #define DECORRELATE(left, right)\
             assert(s->channels == 2);\
             for (i = 0; i < s->blocksize; i++) {\