From 4c626da8b07a5c14de96526176f5bad0dc047c76 Mon Sep 17 00:00:00 2001
From: Markus Koschany <apo@debian.org>
Date: Sun, 6 Jan 2019 16:05:17 +0100
Subject: [PATCH] CVE-2018-6621

Origin: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/118e1b0b3370dd1c0da442901b486689efd1654b

Gbp-Pq: Name CVE-2018-6621.patch
---
 libavcodec/utvideodec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/utvideodec.c b/libavcodec/utvideodec.c
index 553f45d..63556b8 100644
--- a/libavcodec/utvideodec.c
+++ b/libavcodec/utvideodec.c
@@ -362,7 +362,7 @@ static int decode_frame(AVCodecContext *avctx, void *data, int *got_frame,
             slice_end   = bytestream2_get_le32u(&gb);
             slice_size  = slice_end - slice_start;
             if (slice_end < 0 || slice_size < 0 ||
-                bytestream2_get_bytes_left(&gb) < slice_end) {
+                bytestream2_get_bytes_left(&gb) < slice_end + 1024LL) {
                 av_log(avctx, AV_LOG_ERROR, "Incorrect slice size\n");
                 return AVERROR_INVALIDDATA;
             }
-- 
2.30.2