# HG changeset patch
# User benoit
# Date 1271089003 0
# Node ID 90b6d031c821f28ed871691cde43b88803eeebd8
# Parent  a207cc043de8bef4e473969e54f3a78b607dd143
Extradata length checks for Huffyuv.
Patch by Michael Kaufmann hallo $(name) dash $(surname) ch

diff -r a207cc043de8 -r 90b6d031c821 huffyuv.c
--- a/huffyuv.c	Mon Apr 12 16:05:10 2010 +0000
+++ b/huffyuv.c	Mon Apr 12 16:16:43 2010 +0000
@@ -452,6 +452,9 @@
     if(s->version==2){
         int method, interlace;
 
+        if (avctx->extradata_size < 4)
+            return -1;
+
         method= ((uint8_t*)avctx->extradata)[0];
         s->decorrelate= method&64 ? 1 : 0;
         s->predictor= method&63;
@@ -462,7 +465,7 @@
         s->interlaced= (interlace==1) ? 1 : (interlace==2) ? 0 : s->interlaced;
         s->context= ((uint8_t*)avctx->extradata)[2] & 0x40 ? 1 : 0;
 
-        if(read_huffman_tables(s, ((uint8_t*)avctx->extradata)+4, avctx->extradata_size) < 0)
+        if(read_huffman_tables(s, ((uint8_t*)avctx->extradata)+4, avctx->extradata_size-4) < 0)
             return -1;
     }else{
         switch(avctx->bits_per_coded_sample&7){