movdec: Check count of stts/ctts elements instead of just the pointer.

Fixes overreading the array Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
author: Michael Niedermayer <michaelni@gmx.at> 2012-05-29 19:28:09 +0200
committer: Michael Niedermayer <michaelni@gmx.at> 2012-05-29 19:56:07 +0200
commit: 5880d788734d9c4e2dc53c6cdec343ee978d3a3f (patch)
tree: 0581309aa3f23c7750cb0f99cf32e43d3862ae48 /libavformat/mov.c
parent: 1b8741a6843f3f4667c81c2d63d3182858aa534f (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/libavformat/mov.c b/libavformat/mov.c
index 222166eb72..a7bb0762c2 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -1874,7 +1874,7 @@ static void mov_build_index(MOVContext *mov, AVStream *st)
             sc->empty_duration = av_rescale(sc->empty_duration, sc->time_scale, mov->time_scale);
         sc->time_offset = sc->start_time - sc->empty_duration;
         current_dts = -sc->time_offset;
-        if (sc->ctts_data && sc->stts_data &&
+        if (sc->ctts_count>0 && sc->stts_count>0 &&
             sc->ctts_data[0].duration / FFMAX(sc->stts_data[0].duration, 1) > 16) {
             /* more than 16 frames delay, dts are likely wrong
                this happens with files created by iMovie */
author	Michael Niedermayer <michaelni@gmx.at>	2012-05-29 19:28:09 +0200
committer	Michael Niedermayer <michaelni@gmx.at>	2012-05-29 19:56:07 +0200
commit	5880d788734d9c4e2dc53c6cdec343ee978d3a3f (patch)
tree	0581309aa3f23c7750cb0f99cf32e43d3862ae48 /libavformat/mov.c
parent	1b8741a6843f3f4667c81c2d63d3182858aa534f (diff)