# HG changeset patch
# User reimar
# Date 1251275924 0
# Node ID 4a53fcd622ea6e31054e0dfc546d8fda59ff5aad
# Parent  74d599c373f9f470fd57a03963f080d386b0f5e3
Check for seek failures in avi_load_index, otherwise if the index offset
is invalid (e.g. truncated file) we might end up reading the whole file
since trying to seek beyond the end of file does not set EOF.

diff -r 74d599c373f9 -r 4a53fcd622ea avidec.c
--- a/avidec.c	Tue Aug 25 19:59:38 2009 +0000
+++ b/avidec.c	Wed Aug 26 08:38:44 2009 +0000
@@ -1001,8 +1001,10 @@
     ByteIOContext *pb = s->pb;
     uint32_t tag, size;
     int64_t pos= url_ftell(pb);
+    int ret = -1;
 
-    url_fseek(pb, avi->movi_end, SEEK_SET);
+    if (url_fseek(pb, avi->movi_end, SEEK_SET) < 0)
+        goto the_end; // maybe truncated file
 #ifdef DEBUG_SEEK
     printf("movi_end=0x%"PRIx64"\n", avi->movi_end);
 #endif
@@ -1023,19 +1025,20 @@
         case MKTAG('i', 'd', 'x', '1'):
             if (avi_read_idx1(s, size) < 0)
                 goto skip;
-            else
+            ret = 0;
                 goto the_end;
             break;
         default:
         skip:
             size += (size & 1);
-            url_fskip(pb, size);
+            if (url_fseek(pb, size, SEEK_CUR) < 0)
+                goto the_end; // something is wrong here
             break;
         }
     }
  the_end:
     url_fseek(pb, pos, SEEK_SET);
-    return 0;
+    return ret;
 }
 
 static int avi_read_seek(AVFormatContext *s, int stream_index, int64_t timestamp, int flags)