dfa: fix out of array write in decode_wdlt()

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

libavcodec/dfa.c

@@ -242,6 +242,8 @@ static int decode_wdlt(GetByteContext *gb, uint8_t *frame, int width, int height
             frame    += delta;
             segments = bytestream2_get_le16(gb);
         }
+        if (frame_end <= frame)
+            return -1;
         if (segments & 0x8000) {
             frame[width - 1] = segments & 0xFF;
             segments = bytestream2_get_le16(gb);