[FFmpeg-devel] [PATCH] [mov] Avoid OOM for invalid STCO / CO64 constructions.

[Andreas Rheinhardt]

Dale Curtis:
> +    // Clamp allocation size for `chunk_offsets` -- don't throw an error for an
> +    // invalid count since the EOF path doesn't throw either.
> +    entries =
> +        FFMIN(entries, FFMIN(atom.size - 8, avio_size(pb) - avio_tell(pb)) /
> +                           (atom.type == MKTAG('s', 't', 'c', 'o') ? 4 : 8));
> +

This may call avio_size() and avio_tell() multiple times. Furthermore,
is it even certain that avio_size() returns a sane value?

- Andreas