From 46cef86a0ffd5f9e0bbf74c99e4ee32120823cb1 Mon Sep 17 00:00:00 2001
From: Hendi <hendi48@freenet.de>
Date: Fri, 9 Jun 2023 01:13:25 +0200
Subject: [PATCH] avformat/mov: Don't allocate unnecessarily large blocks of
 memory

mov_try_read_block is regularly called with sizes such as 48 bytes,
but would allocate 1 MiB each time, hogging more and more memory
until playback ends.

Fixes #7641 and #9243.

Signed-off-by: Hendi <hendi48@freenet.de>
---
 libavformat/mov.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index a8d004e02b..2e4df42256 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -6662,6 +6662,9 @@ static int mov_try_read_block(AVIOContext *pb, size_t size, uint8_t **data)
     while (offset < size) {
         unsigned int new_size =
             alloc_size >= INT_MAX - block_size ? INT_MAX : alloc_size + block_size;
+        if (size < new_size) {
+            new_size = size;
+        }
         uint8_t *new_buffer = av_fast_realloc(buffer, &alloc_size, new_size);
         unsigned int to_read = FFMIN(size, alloc_size) - offset;
         if (!new_buffer) {
-- 
2.40.0.windows.1