From 6381da354b269cbe4a42f0861828791748d05411 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Thu, 11 Jul 2024 22:37:54 +0200
Subject: [PATCH] avformat/xmv: Check this_packet_size

Fixes: CID1604489 Overflowed constant

Sponsored-by: Sovereign Tech Fund
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 696685df0ccf437083d15f40358a6ec86f5748ac)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/xmv.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libavformat/xmv.c b/libavformat/xmv.c
index 4bff63297a..1a8b6903bb 100644
--- a/libavformat/xmv.c
+++ b/libavformat/xmv.c
@@ -219,6 +219,8 @@ static int xmv_read_header(AVFormatContext *s)
     /* Initialize the packet context */
 
     xmv->next_packet_offset = avio_tell(pb);
+    if (this_packet_size < xmv->next_packet_offset)
+        return AVERROR_INVALIDDATA;
     xmv->next_packet_size   = this_packet_size - xmv->next_packet_offset;
     xmv->stream_count       = xmv->audio_track_count + 1;