asfdec: check avio_skip in asf_read_simple_index

author Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>

Thu, 7 Jan 2016 09:22:00 +0000 (10:22 +0100)

committer Luca Barbato <lu_zero@gentoo.org>

Sun, 7 Feb 2016 02:12:33 +0000 (03:12 +0100)
author Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>
Thu, 7 Jan 2016 09:22:00 +0000 (10:22 +0100)
committer Luca Barbato <lu_zero@gentoo.org>
Sun, 7 Feb 2016 02:12:33 +0000 (03:12 +0100)
diff --git a/libavformat/asfdec.c b/libavformat/asfdec.c

index 460df2a..aef61bb 100644 (file)
--- a/libavformat/asfdec.c
+++ b/libavformat/asfdec.c
@@ -970,7 +970,7 @@ static int asf_read_simple_index(AVFormatContext *s, const GUIDParseTable *g)
      uint64_t interval; // index entry time interval in 100 ns units, usually it's 1s
      uint32_t pkt_num, nb_entries;
      int32_t prev_pkt_num = -1;
-    int i;
+    int i, ret;
      uint64_t size = avio_rl64(pb);
  
      // simple index objects should be ordered by stream number, this loop tries to find
@@ -992,7 +992,11 @@ static int asf_read_simple_index(AVFormatContext *s, const GUIDParseTable *g)
      nb_entries = avio_rl32(pb);
      for (i = 0; i < nb_entries; i++) {
          pkt_num = avio_rl32(pb);
-        avio_skip(pb, 2);
+        ret = avio_skip(pb, 2);
+        if (ret < 0) {
+            av_log(s, AV_LOG_ERROR, "Skipping failed in asf_read_simple_index.\n");
+            return ret;
+        }
          if (prev_pkt_num != pkt_num) {
              av_add_index_entry(st, asf->first_packet_offset + asf->packet_size *
                                 pkt_num, av_rescale(interval, i, 10000),
author	Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>
	Thu, 7 Jan 2016 09:22:00 +0000 (10:22 +0100)
committer	Luca Barbato <lu_zero@gentoo.org>
	Sun, 7 Feb 2016 02:12:33 +0000 (03:12 +0100)