From 1bbe01a119de60b2abefac779b378587aa8a9934 Mon Sep 17 00:00:00 2001
From: Abhinav Badola <mail.abu.to@gmail.com>
Date: Wed, 13 Mar 2013 20:52:36 +0000
Subject: [PATCH] #890: Corrected the case of Infinite loop in
 RiffVideo::nikonTagsHandler()

---
 src/riffvideo.cpp | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/riffvideo.cpp b/src/riffvideo.cpp
index 1eb571e3..29e54d79 100644
--- a/src/riffvideo.cpp
+++ b/src/riffvideo.cpp
@@ -744,7 +744,7 @@ namespace Exiv2 {
         double denominator = 1;
         io_->read(buf.pData_, 4); tempSize -= 4;
 
-        while(tempSize > 0) {
+        while((long)tempSize > 0) {
             std::memset(buf.pData_, 0x0, buf.size_);
             io_->read(buf.pData_, 4);
             io_->read(buf2.pData_, 4);
@@ -752,7 +752,7 @@ namespace Exiv2 {
             internal_pos = io_->tell(); tempSize -= (internal_size + 8);
 
             if(equalsRiffTag(buf, "NCVR")) {
-                while(temp > 3) {
+                while((long)temp > 3) {
                     std::memset(buf.pData_, 0x0, buf.size_);
                     io_->read(buf.pData_, 2);
                     tagID = Exiv2::getULong(buf.pData_, littleEndian);
@@ -775,7 +775,7 @@ namespace Exiv2 {
                 }
             }
             else if(equalsRiffTag(buf, "NCTG")) {
-                while(temp > 3) {
+                while((long)temp > 3) {
                     std::memset(buf.pData_, 0x0, buf.size_);
                     io_->read(buf.pData_, 2);
                     tagID = Exiv2::getULong(buf.pData_, littleEndian);
@@ -820,7 +820,13 @@ namespace Exiv2 {
 
             io_->seek(internal_pos + internal_size, BasicIo::beg);
         }
-        io_->seek(cur_pos + size, BasicIo::beg);
+
+        if (size ==0) {
+            io_->seek(cur_pos + 4, BasicIo::beg);
+        }
+        else {
+            io_->seek(cur_pos + size, BasicIo::beg);
+        }
     } // RiffVideo::nikonTagsHandler
 
     void RiffVideo::infoTagsHandler()