Fix remotely exploitable arbitrary code execution vulnerability.

      Found by Tobias Klein / tk // trapkit / de /
See: http://www.trapkit.de/advisories/TKADV2009-004.txt

Originally committed as revision 16846 to svn://svn.ffmpeg.org/ffmpeg/trunk