# HG changeset patch
# User lu_zero
# Date 1244645810 0
# Node ID 7734b5d0fc6cfc70953a5a47ccdf51b5560d824a
# Parent  5cf7e033989d14f4f3ff0ea31e1c06de475def1a
Make sure buffer end remains constant within the loop

otherwise ff_find_start_code could read over the buffer size

diff -r 5cf7e033989d -r 7734b5d0fc6c rtp_mpv.c
--- a/rtp_mpv.c	Tue Jun 09 20:58:32 2009 +0000
+++ b/rtp_mpv.c	Wed Jun 10 14:56:50 2009 +0000
@@ -31,6 +31,7 @@
     RTPMuxContext *s = s1->priv_data;
     int len, h, max_packet_size;
     uint8_t *q;
+    const uint8_t *end = buf1 + size;
     int begin_of_slice, end_of_slice, frame_type, temporal_reference;
 
     max_packet_size = s->max_payload_size;
@@ -55,7 +56,7 @@
             r1 = buf1;
             while (1) {
                 start_code = -1;
-                r = ff_find_start_code(r1, buf1 + size, &start_code);
+                r = ff_find_start_code(r1, end, &start_code);
                 if((start_code & 0xFFFFFF00) == 0x100) {
                     /* New start code found */
                     if (start_code == 0x100) {