On Fri, Feb 2, 2024 at 3:42 PM Dale Curtis <dalecurtis@chromium.org> wrote:

> On Fri, Feb 2, 2024 at 3:20 PM Andreas Rheinhardt <
> andreas.rheinhardt@outlook.com> wrote:
>
>> Dale Curtis:
>> > +    // Clamp allocation size for `chunk_offsets` -- don't throw an
>> error for an
>> > +    // invalid count since the EOF path doesn't throw either.
>> > +    entries =
>> > +        FFMIN(entries, FFMIN(atom.size - 8, avio_size(pb) -
>> avio_tell(pb)) /
>> > +                           (atom.type == MKTAG('s', 't', 'c', 'o') ? 4
>> : 8));
>> > +
>>
>> This may call avio_size() and avio_tell() multiple times. Furthermore,
>> is it even certain that avio_size() returns a sane value?
>>
>
> I hope so since there are other usages of avio_size() throughout the file
> in a similar manner. I guess you're saying it may be invalid when
> !AVIO_SEEKABLE_NORMAL? Sticking to just atom.size is also fine.
>

Here's a version of the patch which does just that.