--- src/demuxers/demux_aiff.orig	2004/06/13 21:28:52	1.39
+++ src/demuxers/demux_aiff.c	2004/12/15 21:03:02	1.40
@@ -120,6 +120,12 @@
     }
     chunk_type = BE_32(&preamble[0]);
     chunk_size = BE_32(&preamble[4]);
+    
+    if (chunk_size > sizeof(buffer) / sizeof(buffer[0])) {
+      /* the chunk is too large to fit in the buffer -> this cannot be an aiff chunk */
+      this->status = DEMUX_FINISHED;
+      return 0;
+    }
 
     if (chunk_type == COMM_TAG) {
       if (this->input->read(this->input, buffer, chunk_size) !=