From e9f8a95ea17733764be617dd03be6605745370ef Mon Sep 17 00:00:00 2001
From: Martin Pulec <martin.pulec@cesnet.cz>
Date: Thu, 28 Apr 2022 10:43:20 +0200
Subject: [PATCH] dump display: fixed a crash

For opaque codecs (H.264), the allocated size was actually smaller than
(maximal) data len set. That is usually not an issue, but when
destroying, the invalid maximum is exported (because PUTF_DISCARD with
unmodified frame). Steps to reproduce:

    uv -t testcard:size=1280x128 -c libavcodec:codec=H.264 -d dump
---
 src/video_display/dump.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/video_display/dump.cpp b/src/video_display/dump.cpp
index 8afb9885b..ee12dd39c 100644
--- a/src/video_display/dump.cpp
+++ b/src/video_display/dump.cpp
@@ -173,10 +173,10 @@ static int display_dump_reconfigure(void *state, struct video_desc desc)
         s->f->decoder_overrides_data_len = is_codec_opaque(desc.color_spec) != 0 ? TRUE : FALSE;
         s->max_tile_data_len = MIN(8 * desc.width * desc.height, 1000000UL);
         for (unsigned int i = 0; i < s->f->tile_count; ++i) {
-                s->f->tiles[i].data = (char *) malloc(s->f->tiles[i].data_len);
                 if (is_codec_opaque(desc.color_spec)) {
                         s->f->tiles[i].data_len = s->max_tile_data_len;
                 }
+                s->f->tiles[i].data = (char *) malloc(s->f->tiles[i].data_len);
         }
         s->f->callbacks.data_deleter = vf_data_deleter;