From 26df396615a4b417fc887d041e18b8839555f061 Mon Sep 17 00:00:00 2001
From: Victor Loh <vloh@fb.com>
Date: Mon, 1 Apr 2024 21:19:40 -0700
Subject: [PATCH] Add boundary checks for Ap4StsdAtom

Same problem as before, underflow of bytes_available results in some potential
attack
---
 Source/C++/Core/Ap4StsdAtom.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Source/C++/Core/Ap4StsdAtom.cpp b/Source/C++/Core/Ap4StsdAtom.cpp
index e70972627..68f4a047c 100644
--- a/Source/C++/Core/Ap4StsdAtom.cpp
+++ b/Source/C++/Core/Ap4StsdAtom.cpp
@@ -87,6 +87,7 @@ AP4_StsdAtom::AP4_StsdAtom(AP4_UI32         size,
                            AP4_AtomFactory& atom_factory) :
     AP4_ContainerAtom(AP4_ATOM_TYPE_STSD, size, false, version, flags)
 {
+    if (size < AP4_FULL_ATOM_HEADER_SIZE + 4) return;
     // read the number of entries
     AP4_UI32 entry_count;
     stream.ReadUI32(entry_count);