From 684e3d2e1ce96625eeef63f2564aab66f6715d05 Mon Sep 17 00:00:00 2001
From: Janne Grunau <janne-libav@jannau.net>
Date: Sun, 10 Mar 2013 22:09:24 +0100
Subject: [PATCH] ra144: check buffer size before requesting a buffer

Return an error on incomplete frames.
---
 libavcodec/ra144dec.c | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/libavcodec/ra144dec.c b/libavcodec/ra144dec.c
index e2d116c201..15162c30b2 100644
--- a/libavcodec/ra144dec.c
+++ b/libavcodec/ra144dec.c
@@ -76,6 +76,13 @@ static int ra144_decode_frame(AVCodecContext * avctx, void *data,
     RA144Context *ractx = avctx->priv_data;
     GetBitContext gb;
 
+    if (buf_size < FRAMESIZE) {
+        av_log(avctx, AV_LOG_ERROR,
+               "Frame too small (%d bytes). Truncated file?\n", buf_size);
+        *got_frame_ptr = 0;
+        return AVERROR_INVALIDDATA;
+    }
+
     /* get output buffer */
     frame->nb_samples = NBLOCKS * BLOCKSIZE;
     if ((ret = ff_get_buffer(avctx, frame, 0)) < 0) {
@@ -84,12 +91,6 @@ static int ra144_decode_frame(AVCodecContext * avctx, void *data,
     }
     samples = (int16_t *)frame->data[0];
 
-    if(buf_size < FRAMESIZE) {
-        av_log(avctx, AV_LOG_ERROR,
-               "Frame too small (%d bytes). Truncated file?\n", buf_size);
-        *got_frame_ptr = 0;
-        return buf_size;
-    }
     init_get_bits(&gb, buf, FRAMESIZE * 8);
 
     for (i = 0; i < LPC_ORDER; i++)