From f7739f3708f786a0b071d8d8b59331525b0ccfd8 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michaelni@gmx.at>
Date: Sat, 3 May 2008 21:06:55 +0000
Subject: [PATCH] Output buffer overflow.

Originally committed as revision 13052 to svn://svn.ffmpeg.org/ffmpeg/trunk
---
 libavcodec/alac.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libavcodec/alac.c b/libavcodec/alac.c
index c5a9b767c8..65a74d76e6 100644
--- a/libavcodec/alac.c
+++ b/libavcodec/alac.c
@@ -465,6 +465,11 @@ static int alac_decode_frame(AVCodecContext *avctx,
     } else
         outputsamples = alac->setinfo_max_samples_per_frame;
 
+    if(outputsamples > *outputsize / alac->bytespersample){
+        av_log(avctx, AV_LOG_ERROR, "sample buffer too small\n");
+        return -1;
+    }
+
     *outputsize = outputsamples * alac->bytespersample;
     readsamplesize = alac->setinfo_sample_size - (wasted_bytes * 8) + channels - 1;