From a8343bfb6a3f00777943b94ff2969422f578f246 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Tue, 5 Feb 2013 18:31:27 +0100
Subject: [PATCH] riff: fix infinite loop

Fixes Ticket2241

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
---
 libavformat/riff.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/libavformat/riff.c b/libavformat/riff.c
index 508beb1f0bb..0df5c8c7e3e 100644
--- a/libavformat/riff.c
+++ b/libavformat/riff.c
@@ -818,7 +818,13 @@ int ff_read_riff_info(AVFormatContext *s, int64_t size)
 
         chunk_code = avio_rl32(pb);
         chunk_size = avio_rl32(pb);
-
+        if (url_feof(pb)) {
+            if (chunk_code || chunk_size) {
+                av_log(s, AV_LOG_WARNING, "INFO subchunk truncated\n");
+                return AVERROR_INVALIDDATA;
+            }
+            break;
+        }
         if (chunk_size > end || end - chunk_size < cur || chunk_size == UINT_MAX) {
             avio_seek(pb, -9, SEEK_CUR);
             chunk_code = avio_rl32(pb);
-- 
GitLab