ffmpeg: add image size check to codec_get_buffer()

Fixes CVE-2011-3935

Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>

ffmpeg.c

@@ -546,6 +546,9 @@ static int codec_get_buffer(AVCodecContext *s, AVFrame *frame)
     FrameBuffer *buf;
     int ret, i;
 
+    if(av_image_check_size(s->width, s->height, 0, s))
+        return -1;
+
     if (!ist->buffer_pool && (ret = alloc_buffer(s, ist, &ist->buffer_pool)) < 0)
         return ret;