check to detect nonsense fragment size

git-svn-id: file:///var/local/repositories/ffmpeg/trunk@7653 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b

check to detect nonsense fragment size
git-svn-id: file:///var/local/repositories/ffmpeg/trunk@7653 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b
ccf7aee2 · michael · ebfa38c3 · ccf7aee2
Commit ccf7aee2 authored Jan 22, 2007 by michael
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 0 deletions

libavformat/asf.c libavformat/asf.c +4 -0

No files found.
--- a/libavformat/asf.c
+++ b/libavformat/asf.c
@@ -571,6 +571,10 @@ static int asf_read_frame_header(AVFormatContext *s){
    }
    if (asf->packet_flags & 0x01) {
        DO_2BITS(asf->packet_segsizetype >> 6, asf->packet_frag_size, 0); // 0 is illegal
+        if(asf->packet_frag_size > asf->packet_size_left - rsize){
+            av_log(s, AV_LOG_ERROR, "packet_frag_size is invalid\n");
+            return -1;
+        }
        //printf("Fragsize %d\n", asf->packet_frag_size);
    } else {
        asf->packet_frag_size = asf->packet_size_left - rsize;