From 5bcfbc8464384c915d8b82cbe94f7af3c145f6ae Mon Sep 17 00:00:00 2001
From: benoit <benoit@9553f0bf-9b14-0410-a0b8-cfaf0461ba5b>
Date: Tue, 27 Jan 2009 18:00:40 +0000
Subject: [PATCH] Check buffer is inside what is passed when probing for flac.

git-svn-id: file:///var/local/repositories/ffmpeg/trunk@16825 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b
---
 libavformat/raw.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libavformat/raw.c b/libavformat/raw.c
index fc52fe7bc..6f2a8dbc4 100644
--- a/libavformat/raw.c
+++ b/libavformat/raw.c
@@ -586,11 +586,12 @@ static int eac3_probe(AVProbeData *p)
 static int flac_probe(AVProbeData *p)
 {
     uint8_t *bufptr = p->buf;
+    uint8_t *end    = p->buf + p->buf_size;
 
     if(ff_id3v2_match(bufptr))
         bufptr += ff_id3v2_tag_len(bufptr);
 
-    if(memcmp(bufptr, "fLaC", 4)) return 0;
+    if(bufptr > end-4 || memcmp(bufptr, "fLaC", 4)) return 0;
     else                          return AVPROBE_SCORE_MAX / 2;
 }
 #endif
-- 
2.39.2