# HG changeset patch
# User michael
# Date 1177677715 0
# Node ID 9055ed00a295b814b63adcc8b5a648bfe2889163
# Parent  8131ccb4ea7265e0959ed221db5e5557d47f637e
fix exploitable buffer overflow

diff -r 8131ccb4ea72 -r 9055ed00a295 dca.c
--- a/dca.c	Fri Apr 27 09:32:31 2007 +0000
+++ b/dca.c	Fri Apr 27 12:41:55 2007 +0000
@@ -1089,6 +1089,9 @@
     uint16_t *ssrc = (uint16_t *) src, *sdst = (uint16_t *) dst;
     PutBitContext pb;
 
+    if((unsigned)src_size > (unsigned)max_size)
+        return -1;
+
     mrk = AV_RB32(src);
     switch (mrk) {
     case DCA_MARKER_RAW_BE: