From df0003030a979d7790180b3aa7e265e6f2b2fb1c Mon Sep 17 00:00:00 2001
From: Andreas Cadhalpun <andreas.cadhalpun@googlemail.com>
Date: Mon, 4 May 2015 23:01:45 +0200
Subject: [PATCH] avidec: avoid infinite loop due to negative ast->sample_size

If max in clean_index is set to a negative ast->sample_size, the
following loop never ends:
        while (max < 1024)
            max += max;

Thus set ast->sample_size to 0 if it would otherwise be negative.

Signed-off-by: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit ca234639ac49a0dc073ac1f10977979acdb94f97)

Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
---
 libavformat/avidec.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libavformat/avidec.c b/libavformat/avidec.c
index a73bf98474..d6dea6e9bf 100644
--- a/libavformat/avidec.c
+++ b/libavformat/avidec.c
@@ -685,6 +685,7 @@ static int avi_read_header(AVFormatContext *s)
             default:
                 av_log(s, AV_LOG_INFO, "unknown stream type %X\n", tag1);
             }
+            ast->sample_size = FFMAX(ast->sample_size, 0);
             if (ast->sample_size == 0) {
                 st->duration = st->nb_frames;
                 if (st->duration > 0 && avi->io_fsize > 0 && avi->riff_end > avi->io_fsize) {