fix for out-of-bounds checks for fcurve modifier and poselib, also check for NULL members of avi structure (since they are checked for NULL later.)

source/blender/avi/intern/avi.c

@@ -734,9 +734,10 @@ AviError AVI_close(AviMovie *movie)
 
 	fclose(movie->fp);
 
-	for (i = 0; i < movie->header->Streams; i++) {
-		if (movie->streams[i].sf != NULL)
+	for (i = 0; movie->header && (i < movie->header->Streams); i++) {
+		if (movie->streams && (movie->streams[i].sf != NULL)) {
 			MEM_freeN(movie->streams[i].sf);
+		}
 	}
 
 	if (movie->header != NULL)
@@ -1081,9 +1082,10 @@ AviError AVI_close_compress(AviMovie *movie)
 
 	fclose(movie->fp);
 
-	for (i = 0; i < movie->header->Streams; i++) {
-		if (movie->streams[i].sf != NULL)
+	for (i = 0; movie->header && (i < movie->header->Streams); i++) {
+		if (movie->streams && (movie->streams[i].sf != NULL)) {
 			MEM_freeN(movie->streams[i].sf);
+		}
 	}
 	if (movie->header != NULL)
 		MEM_freeN(movie->header);

source/blender/blenkernel/intern/fmodifier.c

@@ -965,8 +965,8 @@ FModifierTypeInfo *get_fmodifier_typeinfo(int type)
 	}
 	
 	/* only return for valid types */
-	if ( (type >= FMODIFIER_TYPE_NULL) && 
-	     (type <= FMODIFIER_NUM_TYPES) )
+	if ((type >= FMODIFIER_TYPE_NULL) &&
+	    (type <  FMODIFIER_NUM_TYPES))
 	{
 		/* there shouldn't be any segfaults here... */
 		return fmodifiersTypeInfo[type];

source/blender/editors/armature/poselib.c

@@ -1006,7 +1006,7 @@ static void poselib_preview_apply(bContext *C, wmOperator *op)
 			/* get search-string */
 			index = pld->search_cursor;
 			
-			if (index >= 0 && index <= sizeof(tempstr) - 1) {
+			if (index >= 0 && index < sizeof(tempstr) - 1) {
 				memcpy(&tempstr[0], &pld->searchstr[0], index);
 				tempstr[index] = '|';
 				memcpy(&tempstr[index + 1], &pld->searchstr[index], (sizeof(tempstr) - 1) - index);