avformat/sctp: Check size in sctp_write()

Fixes: out of array access
No testcase

Found-by: Joshua Rogers <joshua@joshua.hu> with ZeroPath
Reviewed-by: Joshua Rogers <joshua@joshua.hu>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 5b98cea4bff2cbbb251b621a2b6c3ab76f814efa)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

libavformat/sctp.c

@@ -334,6 +334,9 @@ static int sctp_write(URLContext *h, const uint8_t *buf, int size)
     }
 
     if (s->max_streams) {
+        if (size < 2)
+            return AVERROR(EINVAL);
+
         /*StreamId is introduced as a 2byte code into the stream*/
         struct sctp_sndrcvinfo info = { 0 };
         info.sinfo_stream           = AV_RB16(buf);