roqvideodec: fix a potential infinite loop in roqvideo_decode_frame().

When there is just 1 byte remanining in the buffer, nothing will be read and the loop will continue forever. Check that there are at least 8 bytes, which are always read at the beginning. CC:libav-stable@libav.org

roqvideodec: fix a potential infinite loop in roqvideo_decode_frame().
When there is just 1 byte remanining in the buffer, nothing will be read and the loop will continue forever. Check that there are at least 8 bytes, which are always read at the beginning. CC:libav-stable@libav.org
3e2f2002 · Anton Khirnov · 8a49d2bc · 3e2f2002
Commit 3e2f2002 authored Mar 06, 2013 by Anton Khirnov
Show whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

roqvideodec.c libavcodec/roqvideodec.c +1 -1

No files found.
--- a/libavcodec/roqvideodec.c
+++ b/libavcodec/roqvideodec.c
@@ -44,7 +44,7 @@ static void roqvideo_decode_frame(RoqContext *ri)
    roq_qcell *qcell;
    int64_t chunk_start;
-    while (bytestream2_get_bytes_left(&ri->gb) > 0) {
+    while (bytestream2_get_bytes_left(&ri->gb) >= 8) {
        chunk_id   = bytestream2_get_le16(&ri->gb);
        chunk_size = bytestream2_get_le32(&ri->gb);
        chunk_arg  = bytestream2_get_le16(&ri->gb);