avformat/mov: Check if hoov is at the end

Fixes: Timeout, probably infinite loop
Fixes: 26559/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5391165484171264
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 710a15dea897348c5ac783eeb73c8d5ef11d0c62..c6a2d9c388d6d3a1b0459649494a88cc74e502b8 100644 (file)
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -7006,6 +7006,8 @@ static int mov_read_default(MOVContext *c, AVIOContext *pb, MOVAtom atom)
                 uint32_t type;
                 avio_skip(pb, 4);
                 type = avio_rl32(pb);
+                if (avio_feof(pb))
+                    break;
                 avio_seek(pb, -8, SEEK_CUR);
                 if (type == MKTAG('m','v','h','d') ||
                     type == MKTAG('c','m','o','v')) {