vp6dec: ensure we don't try to use a buffer with negative size

this should never happen in valid vp6 bitstream
fix issue684

Originally committed as revision 15610 to svn://svn.ffmpeg.org/ffmpeg/trunk

diff --git a/libavcodec/vp6.c b/libavcodec/vp6.c
index c1cd6fe..bea7c9e 100644 (file)
--- a/libavcodec/vp6.c
+++ b/libavcodec/vp6.c
@@ -135,6 +135,8 @@ static int vp6_parse_header(vp56_context_t *s, const uint8_t *buf, int buf_size,
     if (coeff_offset) {
         buf      += coeff_offset;
         buf_size -= coeff_offset;
+        if (buf_size < 0)
+            return 0;
         if (s->use_huffman) {
             s->parse_coeff = vp6_parse_coeff_huffman;
             init_get_bits(&s->gb, buf, buf_size<<3);