# HG changeset patch
# User michael
# Date 1121121274 0
# Node ID af90d5dc83f00498dc3f5e54947ce868c5cded5f
# Parent  ee07e99e034fb0a86bc0b867bae18b8e506b6b56
fix infinite loop (suggested change by rjayne at convera dot com)
fixes bug #1160195

diff -r ee07e99e034f -r af90d5dc83f0 cinepak.c
--- a/cinepak.c	Mon Jul 11 22:15:03 2005 +0000
+++ b/cinepak.c	Mon Jul 11 22:34:34 2005 +0000
@@ -274,6 +274,9 @@
     while ((data + 4) <= eod) {
         chunk_id   = BE_16 (&data[0]);
         chunk_size = BE_16 (&data[2]) - 4;
+        if(chunk_size < 0)
+            return -1;
+
         data      += 4;
         chunk_size = ((data + chunk_size) > eod) ? (eod - data) : chunk_size;