block: Fix buffer total size in block_Alloc()

The total size of the buffer (i_size) was initialized with the whole
allocated size for the block. This fooled block_Realloc() in the case of
resizing to slightly larger, with the extra size in range from
32 to 32 + 80 bytes. block_Realloc() assumed it had enough space left in
the buffer padding to avoid reallocating memory.

Consequently, the block ended up with a i_buffer field with a value
larger than the allocated memory around p_buffer.

In the end, this could cause memory corruptions in all sorts of cases.
In my case, vlc was crashing while encoutering a corrupted mp3 file.
Signed-off-by: Rémi Denis-Courmont <remi@remlab.net>

src/misc/block.c

@@ -133,7 +133,7 @@ block_t *block_Alloc (size_t size)
     if (unlikely(b == NULL))
         return NULL;
 
-    block_Init (b, b + 1, alloc);
+    block_Init (b, b + 1, alloc - sizeof (*b));
     static_assert ((BLOCK_PADDING % BLOCK_ALIGN) == 0,
                    "BLOCK_PADDING must be a multiple of BLOCK_ALIGN");
     b->p_buffer += BLOCK_PADDING + BLOCK_ALIGN - 1;