Add extra checks to avoid integer overflow.

BUG=425980
TEST=no crash with ASAN

Review URL: https://codereview.chromium.org/659743004

Cr-Commit-Position: refs/heads/master@{#301249}
diff --git a/media/base/container_names.cc b/media/base/container_names.cc
index 0f629f8..7b188b6 100644
--- a/media/base/container_names.cc
+++ b/media/base/container_names.cc
@@ -954,7 +954,7 @@
 
   int offset = 0;
   while (offset + 8 < buffer_size) {
-    int atomsize = Read32(buffer + offset);
+    uint32 atomsize = Read32(buffer + offset);
     uint32 atomtype = Read32(buffer + offset + 4);
     // Only need to check for ones that are valid at the top level.
     switch (atomtype) {
@@ -985,7 +985,7 @@
         break;  // Offset is way past buffer size.
       atomsize = Read32(buffer + offset + 12);
     }
-    if (atomsize <= 0)
+    if (atomsize == 0 || atomsize > static_cast<size_t>(buffer_size))
       break;  // Indicates the last atom or length too big.
     offset += atomsize;
   }