matroskadec: Fix buffer overread in matroska_ebmlnum_uint

Based on a Chromium patch Originally committed as revision 23168 to svn://svn.ffmpeg.org/ffmpeg/trunk
author: David Conrad <lessen42@gmail.com> 2010-05-18 21:21:32 +0000
committer: David Conrad <lessen42@gmail.com> 2010-05-18 21:21:32 +0000
commit: 465c28b6b43be2563e0b644ec22cf641fe374d8d (patch)
tree: 7acd2e84dc71033ad13c926bc0e85b3d04acd6f2 /libavformat/matroskadec.c
parent: d98bd80ed3ac2c7274654247daa7b821e2ed6478 (diff)
download: ffmpeg-465c28b6b43be2563e0b644ec22cf641fe374d8d.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/libavformat/matroskadec.c b/libavformat/matroskadec.c
index 4d18d99e15..9126717df2 100644
--- a/libavformat/matroskadec.c
+++ b/libavformat/matroskadec.c
@@ -679,7 +679,7 @@ static int matroska_ebmlnum_uint(MatroskaDemuxContext *matroska,
 {
     ByteIOContext pb;
     init_put_byte(&pb, data, size, 0, NULL, NULL, NULL, NULL);
-    return ebml_read_num(matroska, &pb, 8, num);
+    return ebml_read_num(matroska, &pb, FFMIN(size, 8), num);
 }
 
 /*
author	David Conrad <lessen42@gmail.com>	2010-05-18 21:21:32 +0000
committer	David Conrad <lessen42@gmail.com>	2010-05-18 21:21:32 +0000
commit	465c28b6b43be2563e0b644ec22cf641fe374d8d (patch)
tree	7acd2e84dc71033ad13c926bc0e85b3d04acd6f2 /libavformat/matroskadec.c
parent	d98bd80ed3ac2c7274654247daa7b821e2ed6478 (diff)
download	ffmpeg-465c28b6b43be2563e0b644ec22cf641fe374d8d.tar.gz