From 074ebfacf40f187069e90e1618a95926757ed7c8 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Mon, 21 Oct 2013 16:21:14 +0200
Subject: [PATCH] avfilter/ff_insert_pad: fix order of operations

Fixes out of bounds access
Fixes CID732170
Fixes CID732169

No filter is known to use this function in a way so the issue can be reproduced.

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit ab2bfb85d49b2f8aa505816f93e75fd18ad0a361)

Conflicts:

	libavfilter/avfilter.c
---
 libavfilter/avfilter.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavfilter/avfilter.c b/libavfilter/avfilter.c
index c3228cd855..251f6ae38d 100644
--- a/libavfilter/avfilter.c
+++ b/libavfilter/avfilter.c
@@ -110,8 +110,8 @@ void ff_insert_pad(unsigned idx, unsigned *count, size_t padidx_off,
 
     (*count)++;
     for (i = idx + 1; i < *count; i++)
-        if (*links[i])
-            (*(unsigned *)((uint8_t *) *links[i] + padidx_off))++;
+        if ((*links)[i])
+            (*(unsigned *)((uint8_t *) (*links)[i] + padidx_off))++;
 }
 
 int avfilter_link(AVFilterContext *src, unsigned srcpad,