Merge commit '0ebb523f072322972ea446616676fff32e9603c6'

* commit '0ebb523f072322972ea446616676fff32e9603c6':
  asfdec: check ff_get_guid() return values during seeking

Conflicts:
	libavformat/asfdec.c

The code that pretends that a truncated index is correct and complete is not merged
as it obviously would cause problems if a really truncated index is encountered
If someone has samples that work better with that hack, please share them / mail me

also the bug this apparently attempts to fix isnt reproducable before this in ffmpeg

Merged-by: Michael Niedermayer <michaelni@gmx.at>

diff --cc libavformat/asfdec.c
index 1f8b25c,e754cb2..8d6de4a
--- 1/libavformat/asfdec.c
--- 2/libavformat/asfdec.c
+++ b/libavformat/asfdec.c
@@@ -1461,33 -1392,30 +1461,34 @@@ static int asf_build_simple_index(AVFor
      ff_asf_guid g;
      ASFContext *asf     = s->priv_data;
      int64_t current_pos = avio_tell(s->pb);
 -    int i, ret = 0;
++    int ret = 0;
 +
 +    if(avio_seek(s->pb, asf->data_object_offset + asf->data_object_size, SEEK_SET) < 0) {
-         asf->index_read= -1;
-         return;
++        return AVERROR_INVALIDDATA;
 +    }
  
-     ff_get_guid(s->pb, &g);
 -    avio_seek(s->pb, asf->data_object_offset + asf->data_object_size, SEEK_SET);
+     if ((ret = ff_get_guid(s->pb, &g)) < 0)
+         goto end;
  
      /* the data object can be followed by other top-level objects,
       * skip them until the simple index object is reached */
 -    while (ff_guidcmp(&g, &index_guid)) {
 +    while (ff_guidcmp(&g, &ff_asf_simple_index_header)) {
          int64_t gsize = avio_rl64(s->pb);
 -        if (gsize < 24 || s->pb->eof_reached) {
 +        if (gsize < 24 || url_feof(s->pb)) {
-             avio_seek(s->pb, current_pos, SEEK_SET);
-             asf->index_read= -1;
-             return;
+             goto end;
          }
          avio_skip(s->pb, gsize - 24);
-         ff_get_guid(s->pb, &g);
+         if ((ret = ff_get_guid(s->pb, &g)) < 0)
+             goto end;
      }
  
      {
          int64_t itime, last_pos = -1;
          int pct, ict;
 +        int i;
          int64_t av_unused gsize = avio_rl64(s->pb);
-         ff_get_guid(s->pb, &g);
+         if ((ret = ff_get_guid(s->pb, &g)) < 0)
+             goto end;
          itime = avio_rl64(s->pb);
          pct   = avio_rl32(s->pb);
          ict   = avio_rl32(s->pb);
@@@ -1508,9 -1436,13 +1509,14 @@@
                  last_pos = pos;
              }
          }
 -        asf->index_read = ict > 0;
 +        asf->index_read = ict > 1;
      }
 -    if (s->pb->eof_reached)
 -        ret = 0;
+ end:
++//     if (url_feof(s->pb)) {
++//         ret = 0;
++//     }
      avio_seek(s->pb, current_pos, SEEK_SET);
+     return ret;
  }
  
  static int asf_read_seek(AVFormatContext *s, int stream_index,
@@@ -1518,6 -1450,8 +1524,7 @@@
  {
      ASFContext *asf = s->priv_data;
      AVStream *st    = s->streams[stream_index];
 -    int64_t pos;
 -    int index, ret = 0;
++    int ret = 0;
  
      if (s->packet_size <= 0)
          return -1;
@@@ -1531,14 -1465,14 +1538,17 @@@
              return ret;
      }
  
--    if (!asf->index_read)
-         asf_build_simple_index(s, stream_index);
++    if (!asf->index_read) {
+         ret = asf_build_simple_index(s, stream_index);
++        if (ret < 0)
++            asf->index_read = -1;
++    }
  
-     if ((asf->index_read > 0 && st->index_entries)) {
 -    if (!ret && asf->index_read && st->index_entries) {
 -        index = av_index_search_timestamp(st, pts, flags);
++    if (asf->index_read > 0 && st->index_entries) {
 +        int index = av_index_search_timestamp(st, pts, flags);
          if (index >= 0) {
              /* find the position */
 -            pos = st->index_entries[index].pos;
 +            uint64_t pos = st->index_entries[index].pos;
  
              /* do the seek */
              av_log(s, AV_LOG_DEBUG, "SEEKTO: %"PRId64"\n", pos);