From 110aff4b2451bf8768523f6c7f054d2c04cd2a26 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Fri, 18 Nov 2011 19:10:21 +0100
Subject: [PATCH] svq1dec: call avcodec_set_dimensions() after dimensions
 changed.

Fixes NGS00148, CVE-2011-4579

Found-by: Phillip Langlois
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

(cherry picked from commit 6e24b9488e67849a28e64a8056e05f83cf439229)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
(cherry picked from commit 0eca0da06e40b73af495cc05fbcfaa030fcf78ea)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
(cherry picked from commit 8ddc0b491d3c9c11c1e3d638fda51b4b604d32f4)

Signed-off-by: Reinhard Tartler <siretart@tauware.de>
---
 libavcodec/svq1dec.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libavcodec/svq1dec.c b/libavcodec/svq1dec.c
index 7fef10bb99..7c4e5c960c 100644
--- a/libavcodec/svq1dec.c
+++ b/libavcodec/svq1dec.c
@@ -676,6 +676,7 @@ static int svq1_decode_frame(AVCodecContext *avctx,
 #endif
     return result;
   }
+  avcodec_set_dimensions(avctx, s->width, s->height);
 
   //FIXME this avoids some confusion for "B frames" without 2 references
   //this should be removed after libavcodec can handle more flexible picture types & ordering