From 74668193cc1646cdc5a02e91644e5709115d44d9 Mon Sep 17 00:00:00 2001
From: Moritz Bunkus <moritz@bunkus.org>
Date: Wed, 7 Apr 2010 12:19:41 +0200
Subject: [PATCH] Abort reading Matroska files when encountering an element
 with the size 0

---
 ChangeLog               | 5 +++++
 src/common/kax_file.cpp | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 149e34e12..316942b5d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2010-04-07  Moritz Bunkus  <moritz@bunkus.org>
+
+	* mkvmerge: bug fix: Fixed a segfault when reading Matroska files
+	containing level 1 elements other than clusters with a size of 0.
+
 2010-04-03  Moritz Bunkus  <moritz@bunkus.org>
 
 	* Build system: The LINGUAS environment variable determines which
diff --git a/src/common/kax_file.cpp b/src/common/kax_file.cpp
index 574348381..a6979b28e 100644
--- a/src/common/kax_file.cpp
+++ b/src/common/kax_file.cpp
@@ -82,7 +82,7 @@ kax_file_c::read_next_level1_element_internal(uint32_t wanted_id) {
     EbmlElement *l1 = read_one_element();
 
     if (NULL != l1) {
-      bool ok = m_in->setFilePointer2(l1->GetElementPosition() + l1->ElementSize(), seek_beginning);
+      bool ok = (0 != l1->ElementSize()) && m_in->setFilePointer2(l1->GetElementPosition() + l1->ElementSize(), seek_beginning);
 
       if (m_debug_read_next)
         mxinfo(boost::format("kax_file::read_next_level1_element(): other level 1 element %1% new pos %2% fsize %3% epos %4% esize %5%\n")