From ab78ddd4c1c017d8b0e4090361c83875c81dc208 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Sun, 1 Aug 2021 20:42:53 +0200
Subject: avformat/wtvdec: Check for EOF before seeking back in
 parse_media_type()

Fixes: Infinite loop
Fixes: 36311/clusterfuzz-testcase-minimized-ffmpeg_dem_WTV_fuzzer-4889181296918528

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Reviewed-by: Peter Ross <pross@xvid.org>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 89505d38de989bddd579ce3b841f1c011f1d7bf2)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/wtvdec.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libavformat/wtvdec.c b/libavformat/wtvdec.c
index 9e4e435221..58187b9184 100644
--- a/libavformat/wtvdec.c
+++ b/libavformat/wtvdec.c
@@ -661,6 +661,8 @@ static AVStream * parse_media_type(AVFormatContext *s, AVStream *st, int sid,
         avio_skip(pb, size - 32);
         ff_get_guid(pb, &actual_subtype);
         ff_get_guid(pb, &actual_formattype);
+        if (avio_feof(pb))
+            return NULL;
         avio_seek(pb, -size, SEEK_CUR);
 
         st = parse_media_type(s, st, sid, mediatype, actual_subtype, actual_formattype, size - 32);
-- 
cgit v1.2.3