From d74b13aca50f80e0955fc40739265e254ea905c6 Mon Sep 17 00:00:00 2001
From: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Date: Tue, 24 Jan 2023 21:39:16 +0000
Subject: [PATCH] fix invalid memory access after unavailable reference frame
 insertion

Origin: https://github.com/strukturag/libde265/commit/ee8e09a7f6f65b7c409c7801ad64918a2925ed9b
Reviewed-by: Tobias Frost <tobi@debian.org>
Last-Update: 2023-01-24 <YYYY-MM-DD, last update of the meta-information, optional>

Needed to avoid asan errors for the version at hand, otherwise the crash even
happens before the pocs triggers.
Last-Update: 2023-01-24 <YYYY-MM-DD, last update of the meta-information, optional>
Gbp-Pq: Name fix-invalid-memory-access.patch
---
 libde265/decctx.cc | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/libde265/decctx.cc b/libde265/decctx.cc
index 62cf20e..edebb71 100644
--- a/libde265/decctx.cc
+++ b/libde265/decctx.cc
@@ -1648,9 +1648,8 @@ void decoder_context::process_reference_picture_set(slice_segment_header* hdr)
                                                                     PocStCurrBefore[i], false);
       RefPicSetStCurrBefore[i] = k = concealedPicture;
 
-	  if (concealedPicture < picInAnyList.size()) {
-		  picInAnyList[concealedPicture] = true;
-	  }
+      picInAnyList.resize(dpb.size(), false); // adjust size of array to hold new picture
+      picInAnyList[concealedPicture] = true;
 
       //printf("  concealed: %d\n", concealedPicture);
     }
@@ -1671,6 +1670,9 @@ void decoder_context::process_reference_picture_set(slice_segment_header* hdr)
       int concealedPicture = generate_unavailable_reference_picture(current_sps.get(),
                                                                     PocStCurrAfter[i], false);
       RefPicSetStCurrAfter[i] = k = concealedPicture;
+
+
+      picInAnyList.resize(dpb.size(), false); // adjust size of array to hold new picture
       picInAnyList[concealedPicture]=true;
 
       //printf("  concealed: %d\n", concealedPicture);
-- 
2.30.2