From 380659604f2692b625928a3a76a1c046f473c9f6 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Sun, 10 Sep 2017 21:10:16 +0200
Subject: [PATCH] avcodec/shorten: Move buffer allocation and offset init to
 end of read_header()

They are time consuming operations, performing them after the other checks
improves the speed with damaged input dramatically.

Fixes: Timeout
Fixes: 2928/clusterfuzz-testcase-4992812120539136

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Paul B Mahol <onemda@gmail.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/shorten.c | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/libavcodec/shorten.c b/libavcodec/shorten.c
index 18b77300a0..49af6beec6 100644
--- a/libavcodec/shorten.c
+++ b/libavcodec/shorten.c
@@ -462,12 +462,6 @@ static int read_header(ShortenContext *s)
     }
     s->nwrap = FFMAX(NWRAP, maxnlpc);
 
-    if ((ret = allocate_buffers(s)) < 0)
-        return ret;
-
-    if ((ret = init_offset(s)) < 0)
-        return ret;
-
     if (s->version > 1)
         s->lpcqoffset = V2LPCQOFFSET;
 
@@ -504,6 +498,13 @@ static int read_header(ShortenContext *s)
     }
 
 end:
+
+    if ((ret = allocate_buffers(s)) < 0)
+        return ret;
+
+    if ((ret = init_offset(s)) < 0)
+        return ret;
+
     s->cur_chan = 0;
     s->bitshift = 0;