From 472ea1284e925297b08921b7189f57f6789c898c Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Mon, 11 Jul 2005 22:34:34 +0000 Subject: [PATCH] fix infinite loop (suggested change by rjayne at convera dot com) fixes bug #1160195 Originally committed as revision 4434 to svn://svn.ffmpeg.org/ffmpeg/trunk --- libavcodec/cinepak.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libavcodec/cinepak.c b/libavcodec/cinepak.c index 3c560fdc5f..3b00a1605d 100644 --- a/libavcodec/cinepak.c +++ b/libavcodec/cinepak.c @@ -274,6 +274,9 @@ static int cinepak_decode_strip (CinepakContext *s, while ((data + 4) <= eod) { chunk_id = BE_16 (&data[0]); chunk_size = BE_16 (&data[2]) - 4; + if(chunk_size < 0) + return -1; + data += 4; chunk_size = ((data + chunk_size) > eod) ? (eod - data) : chunk_size;