Check if there is enough bytes before reading the buffer in the EA ADPCM

decoder. Fix issue 990. Originally committed as revision 18707 to svn://svn.ffmpeg.org/ffmpeg/trunk

Check if there is enough bytes before reading the buffer in the EA ADPCM
decoder. Fix issue 990. Originally committed as revision 18707 to svn://svn.ffmpeg.org/ffmpeg/trunk
6cf92f6d · Vitor Sessak · 8a06cb14 · 6cf92f6d
Commit 6cf92f6d authored Apr 27, 2009 by Vitor Sessak
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

adpcm.c libavcodec/adpcm.c +2 -2

No files found.
--- a/libavcodec/adpcm.c
+++ b/libavcodec/adpcm.c
@@ -1209,11 +1209,11 @@ static int adpcm_decode_frame(AVCodecContext *avctx,
        }
        break;
    case CODEC_ID_ADPCM_EA:
-        samples_in_chunk = AV_RL32(src);
-        if (samples_in_chunk >= ((buf_size - 12) * 2)) {
+        if (buf_size < 4 || AV_RL32(src) >= ((buf_size - 12) * 2)) {
            src += buf_size;
            break;
        }
+        samples_in_chunk = AV_RL32(src);
        src += 4;
        current_left_sample   = (int16_t)bytestream_get_le16(&src);
        previous_left_sample  = (int16_t)bytestream_get_le16(&src);