From 4faadfbd22120ab7e0957985d2d7b25d44da679a Mon Sep 17 00:00:00 2001
From: chenzhaohui <chenzhaohui14@huawei.com>
Date: Wed, 6 Aug 2025 17:29:48 +0800
Subject: [PATCH] fix heif stream use after free

Signed-off-by: chenzhaohui <chenzhaohui14@huawei.com>
Change-Id: I375ac99515adafd2ad3793be79b8a88e5795188a
---
 .../libextplugin/src/heif_impl/heif_parser/heif_stream.cpp      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/common/libs/image/libextplugin/src/heif_impl/heif_parser/heif_stream.cpp b/plugins/common/libs/image/libextplugin/src/heif_impl/heif_parser/heif_stream.cpp
index a0b630f50..9077d1761 100644
--- a/plugins/common/libs/image/libextplugin/src/heif_impl/heif_parser/heif_stream.cpp
+++ b/plugins/common/libs/image/libextplugin/src/heif_impl/heif_parser/heif_stream.cpp
@@ -301,9 +301,9 @@ void HeifStreamWriter::Insert(size_t insertSize)
         return;
     }
     size_t sizeToMove = data_.size() - position_;
+    data_.resize(data_.size() + insertSize);
     void *pCurrent = data_.data() + position_;
     void *pAfterMove = reinterpret_cast<uint8_t*>(pCurrent) + insertSize;
-    data_.resize(data_.size() + insertSize);
     if (EOK != memmove_s(pAfterMove, sizeToMove, pCurrent, sizeToMove)) {
         return;
     }
-- 
Gitee