electronicarts: do not fail on zero-sized chunks

At least one FATE sample contains such chunks and happens to work simply
by accident (due to find_stream_info() swallowing the error).

CC: libav-stable@libav.org
(cherry picked from commit 4d6c5152849e23a4cc0f6a6ac2880c01ebcd301b)
Signed-off-by: Anton Khirnov <anton@khirnov.net>

diff --git a/libavformat/electronicarts.c b/libavformat/electronicarts.c
index 879ed97..adcd45a 100644 (file)
--- a/libavformat/electronicarts.c
+++ b/libavformat/electronicarts.c
@@ -522,7 +522,7 @@ static int ea_read_packet(AVFormatContext *s, AVPacket *pkt)
     while (!packet_read) {
         chunk_type = avio_rl32(pb);
         chunk_size = ea->big_endian ? avio_rb32(pb) : avio_rl32(pb);
-        if (chunk_size <= 8)
+        if (chunk_size < 8)
             return AVERROR_INVALIDDATA;
         chunk_size -= 8;
 
@@ -547,6 +547,9 @@ static int ea_read_packet(AVFormatContext *s, AVPacket *pkt)
                 avio_skip(pb, 8);
                 chunk_size -= 12;
             }
+            if (!chunk_size)
+                continue;
+
             ret = av_get_packet(pb, pkt, chunk_size);
             if (ret < 0)
                 return ret;
@@ -607,6 +610,9 @@ static int ea_read_packet(AVFormatContext *s, AVPacket *pkt)
             goto get_video_packet;
 
         case mTCD_TAG:
+            if (chunk_size < 8)
+                return AVERROR_INVALIDDATA;
+
             avio_skip(pb, 8);               // skip ea DCT header
             chunk_size -= 8;
             goto get_video_packet;
@@ -617,6 +623,9 @@ static int ea_read_packet(AVFormatContext *s, AVPacket *pkt)
             key = AV_PKT_FLAG_KEY;
         case MV0F_TAG:
 get_video_packet:
+            if (!chunk_size)
+                continue;
+
             ret = av_get_packet(pb, pkt, chunk_size);
             if (ret < 0)
                 return ret;