From 624f6df19f79f319faf19718c24a9471fa36f61c Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Sat, 19 Sep 2020 00:11:59 +0200
Subject: [PATCH] avformat/3dostr: Check remaining buffer in probe before 8
 byte step

Fixes: segfault
Fixes: signal_sigabrt_7ffff6ae7cc9_7213_0d6457b9d6897fa7c78507fa5de53510.ts
Regression since: 3ac45bf66561a667260cac37223c0393f7333fca

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/3dostr.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/libavformat/3dostr.c b/libavformat/3dostr.c
index 2d92b46570..2a35d661c3 100644
--- a/libavformat/3dostr.c
+++ b/libavformat/3dostr.c
@@ -29,10 +29,9 @@ static int threedostr_probe(const AVProbeData *p)
         unsigned chunk = AV_RL32(p->buf + i);
         unsigned size  = AV_RB32(p->buf + i + 4);
 
-        i += 8;
         if (size < 8 || p->buf_size - i < size)
             return 0;
-
+        i += 8;
         size -= 8;
         switch (chunk) {
         case MKTAG('C','T','R','L'):