Commit eea2f032 authored by Baptiste Coudurier's avatar Baptiste Coudurier

return error if frame_offset is negative, prevent segfault

Originally committed as revision 13420 to svn://svn.ffmpeg.org/ffmpeg/trunk
parent e5ece183
...@@ -104,7 +104,7 @@ static int ffm_read_data(AVFormatContext *s, ...@@ -104,7 +104,7 @@ static int ffm_read_data(AVFormatContext *s,
frame_offset = get_be16(pb); frame_offset = get_be16(pb);
get_buffer(pb, ffm->packet, ffm->packet_size - FFM_HEADER_SIZE); get_buffer(pb, ffm->packet, ffm->packet_size - FFM_HEADER_SIZE);
ffm->packet_end = ffm->packet + (ffm->packet_size - FFM_HEADER_SIZE - fill_size); ffm->packet_end = ffm->packet + (ffm->packet_size - FFM_HEADER_SIZE - fill_size);
if (ffm->packet_end < ffm->packet) if (ffm->packet_end < ffm->packet || frame_offset < 0)
return -1; return -1;
/* if first packet or resynchronization packet, we must /* if first packet or resynchronization packet, we must
handle it specifically */ handle it specifically */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment