From 7a7b1f5c4d4127ff78bed67e786d03560a9cc199 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Fri, 2 Mar 2012 02:32:14 +0100
Subject: [PATCH] roqvideodec: improve end of input buffer check

This fixes a out of array read.

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
---
 libavcodec/roqvideodec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavcodec/roqvideodec.c b/libavcodec/roqvideodec.c
index 161e7da08a..6085f4a7d0 100644
--- a/libavcodec/roqvideodec.c
+++ b/libavcodec/roqvideodec.c
@@ -44,7 +44,7 @@ static void roqvideo_decode_frame(RoqContext *ri)
     const unsigned char *buf = ri->buf;
     const unsigned char *buf_end = ri->buf + ri->size;
 
-    while (buf < buf_end) {
+    while (buf + 8 <= buf_end) {
         chunk_id = bytestream_get_le16(&buf);
         chunk_size = bytestream_get_le32(&buf);
         chunk_arg = bytestream_get_le16(&buf);