$NetBSD: patch-ab,v 1.6 2009/09/25 11:10:21 tron Exp $

Patch for the vulnerability reported in SA36760, taken from here:

http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=ebbccbaa5e925c2ddb212559f82c29ef526cc17e
http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=7798d31bee361724e0a6ede4e2fd67228f24040b

--- libavformat/sierravmd.c.orig	2009-02-16 14:45:05.000000000 +0000
+++ libavformat/sierravmd.c	2009-09-25 11:49:56.000000000 +0100
@@ -154,7 +154,7 @@
     vmd->frame_table = NULL;
     sound_buffers = AV_RL16(&vmd->vmd_header[808]);
     raw_frame_table_size = vmd->frame_count * 6;
-    if(vmd->frame_count * vmd->frames_per_block  >= UINT_MAX / sizeof(vmd_frame)){
+    if(vmd->frame_count * vmd->frames_per_block >= UINT_MAX / sizeof(vmd_frame) - sound_buffers){
         av_log(s, AV_LOG_ERROR, "vmd->frame_count * vmd->frames_per_block too large\n");
         return -1;
     }
