# HG changeset patch
# User reimar
# Date 1307872627 0
# Node ID d30b183c3fdc8aad82bc8dcdc2d60620f08b34ac
# Parent  36c1cffd17e57d5c78622649643225bf1c37b83a
Make mp_dvdnav_save_smpi more robust and ensure consistency of nav buffer.

It seems that in_size could be negative sometimes, this would
cause crashes if the malloc somehow succeeded.

diff -r 36c1cffd17e5 -r d30b183c3fdc mplayer.c
--- a/mplayer.c	Sun Jun 12 09:17:05 2011 +0000
+++ b/mplayer.c	Sun Jun 12 09:57:07 2011 +0000
@@ -2080,12 +2080,17 @@
         return;
 
     free(mpctx->nav_buffer);
-
+    mpctx->nav_buffer  = NULL;
+    mpctx->nav_start   = NULL;
+    mpctx->nav_in_size = -1;
+
+    if (in_size > 0)
     mpctx->nav_buffer  = malloc(in_size);
+    if (mpctx->nav_buffer) {
     mpctx->nav_start   = start;
-    mpctx->nav_in_size = mpctx->nav_buffer ? in_size : -1;
-    if (mpctx->nav_buffer)
+        mpctx->nav_in_size = in_size;
         memcpy(mpctx->nav_buffer, start, in_size);
+    }
 
     if (decoded_frame && mpctx->nav_smpi != decoded_frame)
         mpctx->nav_smpi = mp_dvdnav_copy_mpi(mpctx->nav_smpi, decoded_frame);