From f2953365d1c1da8c1e586270c6eb2c7437c77a9f Mon Sep 17 00:00:00 2001
From: Daniel Kang <daniel.d.kang@gmail.com>
Date: Fri, 7 Jan 2011 21:54:52 +0000
Subject: [PATCH] Check if buffer is large enough for given resolution. Fixes
 issue 2501.

Patch by Daniel Kang, daniel.d.kang at gmail

Originally committed as revision 26258 to svn://svn.ffmpeg.org/ffmpeg/trunk
---
 libavcodec/cljr.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libavcodec/cljr.c b/libavcodec/cljr.c
index 47809c0ce4..96c9bdf08a 100644
--- a/libavcodec/cljr.c
+++ b/libavcodec/cljr.c
@@ -54,6 +54,11 @@ static int decode_frame(AVCodecContext *avctx,
     if(p->data[0])
         avctx->release_buffer(avctx, p);
 
+    if(buf_size/avctx->height < avctx->width) {
+        av_log(avctx, AV_LOG_ERROR, "Resolution larger than buffer size. Invalid header?\n");
+        return -1;
+    }
+
     p->reference= 0;
     if(avctx->get_buffer(avctx, p) < 0){
         av_log(avctx, AV_LOG_ERROR, "get_buffer() failed\n");