From d14697112864f385e0a341cde6533f9e22d04c36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philip=20J=C3=A4genstedt?= <philipj@opera.com>
Date: Wed, 12 May 2010 14:30:18 +0200
Subject: [PATCH] matroskademux: Ignore unexpected CodecState

Because GstMatroskaTrackContext *stream is set up in the first
SimpleBlock or Block, a rogue CodecState otherwise causes a segfault on
derefencing the NULL pointer. Test case:
bug_s5506167_r0.001____gst_matroska_demux_parse_blockgroup_or_simpleblock.webm
---
 gst/matroska/matroska-demux.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
index 3e7280fb2a..0e1bbf740f 100644
--- a/gst/matroska/matroska-demux.c
+++ b/gst/matroska/matroska-demux.c
@@ -4531,6 +4531,12 @@ gst_matroska_demux_parse_blockgroup_or_simpleblock (GstMatroskaDemux * demux,
                     &data_len)) != GST_FLOW_OK)
           break;
 
+        if (G_UNLIKELY (stream == NULL)) {
+          GST_WARNING_OBJECT (demux,
+              "Unexpected CodecState subelement - ignoring");
+          break;
+        }
+
         g_free (stream->codec_state);
         stream->codec_state = data;
         stream->codec_state_size = data_len;