Alloc extra bytes for bits buf for parse optimzation
Without this extra allocation, if a nal fills entire bits
buffer, there will be out of bound memory read access.
Bug: 65719872
Test: ran poc before/after on ASAN of master
Change-Id: I1c36821505bdc4fe6c23f30a02ab2fb0fb657946
(cherry picked from commit 4cf597a518436abf964b020bb97f97e490f80065)
diff --git a/decoder/ihevcd_api.c b/decoder/ihevcd_api.c
index 51e9670..2ae90b0 100644
--- a/decoder/ihevcd_api.c
+++ b/decoder/ihevcd_api.c
@@ -1215,7 +1215,7 @@
/* Request memory for static bitstream buffer which holds bitstream after emulation prevention */
size = MIN_BITSBUF_SIZE;
- pv_buf = pf_aligned_alloc(pv_mem_ctxt, 128, size);
+ pv_buf = pf_aligned_alloc(pv_mem_ctxt, 128, size + 16); //Alloc extra for parse optimization
RETURN_IF((NULL == pv_buf), IV_FAIL);
ps_codec->pu1_bitsbuf_static = pv_buf;
ps_codec->u4_bitsbuf_size_static = size;
@@ -1908,7 +1908,7 @@
size = wd * ht;
if(size > MIN_BITSBUF_SIZE)
{
- pv_buf = ps_codec->pf_aligned_alloc(pv_mem_ctxt, 128, size);
+ pv_buf = ps_codec->pf_aligned_alloc(pv_mem_ctxt, 128, size + 16); //Alloc extra for parse optimization
RETURN_IF((NULL == pv_buf), IV_FAIL);
ps_codec->pu1_bitsbuf_dynamic = pv_buf;
ps_codec->u4_bitsbuf_size_dynamic = size;
