From f68b19fc28df0a15fa6134726954365d70dec74f Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Thu, 15 Dec 2011 20:25:50 +0100
Subject: [PATCH] westwooddemuxer: Fix 1gb alloc Fixes Ticket765 Bug Found by:
 Diana Elena Muscalu

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
---
 libavformat/westwood.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/libavformat/westwood.c b/libavformat/westwood.c
index d39c4c695e..5632650b67 100644
--- a/libavformat/westwood.c
+++ b/libavformat/westwood.c
@@ -320,8 +320,15 @@ static int wsvqa_read_packet(AVFormatContext *s,
     int skip_byte;
 
     while (avio_read(pb, preamble, VQA_PREAMBLE_SIZE) == VQA_PREAMBLE_SIZE) {
+        int64_t filesize= avio_size(s->pb);
         chunk_type = AV_RB32(&preamble[0]);
         chunk_size = AV_RB32(&preamble[4]);
+
+        if(chunk_size > filesize){
+            av_log(s, AV_LOG_ERROR, "Chunk with size %d truncated\n", chunk_size);
+            chunk_size= filesize;
+        }
+
         skip_byte = chunk_size & 0x01;
 
         if ((chunk_type == SND1_TAG) || (chunk_type == SND2_TAG) || (chunk_type == VQFR_TAG)) {