From 603fd4f771433bdddce2836dffca78c724d76dea Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Mon, 6 Jun 2016 14:32:48 +0200
Subject: avcodec/bmp_parser: Check fsize

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 43a4276c6964a2ec57e08c3c622bb94d35c0441f)

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/bmp_parser.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/libavcodec/bmp_parser.c b/libavcodec/bmp_parser.c
index d2a04ef69b..cd65f02a2e 100644
--- a/libavcodec/bmp_parser.c
+++ b/libavcodec/bmp_parser.c
@@ -53,7 +53,8 @@ restart:
             if (bpc->pc.frame_start_found == 0) {
                 if ((state >> 48) == (('B' << 8) | 'M')) {
                     bpc->fsize = av_bswap32(state >> 16);
-                    bpc->pc.frame_start_found = 1;
+                    if (bpc->fsize > 17)
+                        bpc->pc.frame_start_found = 1;
                 }
             } else if (bpc->pc.frame_start_found == 2+4+4) {
 //                 unsigned hsize = av_bswap32(state>>32);
-- 
cgit v1.2.3