From e1146c8b7255f18e3768a0332b9f0f30ce26af06 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Sat, 11 Jan 2020 12:09:08 +0100
Subject: [PATCH] avformat/mov: Check STCO location

Fixes: bypassing of checks and assertion failure
Fixes: asan_1003879.mp4

Found-by: Clusterfuzz + asan
Reported-by: Thomas Guilbert <tguilbert@google.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1cd41840208bce7e690a4ccc48077567418a0aa8)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/mov.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 9f3e2a8688..8ca2e90bdb 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -1980,6 +1980,10 @@ static int mov_read_stco(MOVContext *c, AVIOContext *pb, MOVAtom atom)
     MOVStreamContext *sc;
     unsigned int i, entries;
 
+    if (c->trak_index < 0) {
+        av_log(c->fc, AV_LOG_WARNING, "STCO outside TRAK\n");
+        return 0;
+    }
     if (c->fc->nb_streams < 1)
         return 0;
     st = c->fc->streams[c->fc->nb_streams-1];