Check buffer is inside what is passed when probing for flac.

git-svn-id: file:///var/local/repositories/ffmpeg/trunk@16825 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b

diff --git a/libavformat/raw.c b/libavformat/raw.c
index fc52fe7bc43e838e4608d43d579db01e36edc3ec..6f2a8dbc4bf128ef6166d181488379264eb7a8bc 100644 (file)
--- a/libavformat/raw.c
+++ b/libavformat/raw.c
@@ -586,11 +586,12 @@ static int eac3_probe(AVProbeData *p)
 static int flac_probe(AVProbeData *p)
 {
     uint8_t *bufptr = p->buf;
+    uint8_t *end    = p->buf + p->buf_size;
 
     if(ff_id3v2_match(bufptr))
         bufptr += ff_id3v2_tag_len(bufptr);
 
-    if(memcmp(bufptr, "fLaC", 4)) return 0;
+    if(bufptr > end-4 || memcmp(bufptr, "fLaC", 4)) return 0;
     else                          return AVPROBE_SCORE_MAX / 2;
 }
 #endif