# HG changeset patch
# User reimar
# Date 1246363889 0
# Node ID 003d7f830e2a81431c9755da2e33fedfba09e574
# Parent  d69eaf40d1b876f26596abbb8ede8ac54367253d
Fix nalsize check to avoid an integer overflow that made the check
incorrect for nalsize > INT_MAX - buf_index

diff -r d69eaf40d1b8 -r 003d7f830e2a h264.c
--- a/h264.c	Tue Jun 30 06:44:32 2009 +0000
+++ b/h264.c	Tue Jun 30 12:11:29 2009 +0000
@@ -7505,7 +7505,7 @@
             nalsize = 0;
             for(i = 0; i < h->nal_length_size; i++)
                 nalsize = (nalsize << 8) | buf[buf_index++];
-            if(nalsize <= 1 || (nalsize+buf_index > buf_size)){
+            if(nalsize <= 1 || nalsize > buf_size - buf_index){
                 if(nalsize == 1){
                     buf_index++;
                     continue;