From 0af49a63c7f87876486ab09482d5b26b95abce60 Mon Sep 17 00:00:00 2001
From: Anton Khirnov <anton@khirnov.net>
Date: Fri, 28 Sep 2012 15:42:29 +0200
Subject: avidec: use actually read size instead of requested size

Fixes CVE-2012-2788
---
 libavformat/avidec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'libavformat/avidec.c')

diff --git a/libavformat/avidec.c b/libavformat/avidec.c
index b70367fb30..b2a06edd8c 100644
--- a/libavformat/avidec.c
+++ b/libavformat/avidec.c
@@ -1116,7 +1116,7 @@ resync:
             }
             ast->frame_offset += get_duration(ast, pkt->size);
         }
-        ast->remaining -= size;
+        ast->remaining -= err;
         if(!ast->remaining){
             avi->stream_index= -1;
             ast->packet_size= 0;
-- 
cgit v1.2.3