From 2544195abf161c7f7922f7ed3dcc6c33198a498f Mon Sep 17 00:00:00 2001
From: Marcus Holland-Moritz <github@mhxnet.de>
Date: Wed, 19 Jul 2023 01:48:16 +0200
Subject: [PATCH] Check for invalid chunk size in WAV64

---
 src/dwarfs/categorizer/pcmaudio_categorizer.cpp | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/dwarfs/categorizer/pcmaudio_categorizer.cpp b/src/dwarfs/categorizer/pcmaudio_categorizer.cpp
index 4c9ad5d7..cb9736e1 100644
--- a/src/dwarfs/categorizer/pcmaudio_categorizer.cpp
+++ b/src/dwarfs/categorizer/pcmaudio_categorizer.cpp
@@ -240,7 +240,14 @@ class iff_parser final {
         }
       }
 
-      if constexpr (!SizeIncludesHeader) {
+      if constexpr (SizeIncludesHeader) {
+        if (c->header.size < sizeof(ChunkHeaderType)) {
+          LOG_WARN << "[" << name_ << "] " << path_
+                   << ": invalid chunk size: " << c->header.size;
+          c.reset();
+          return c;
+        }
+      } else {
         pos_ += sizeof(ChunkHeaderType);
       }
 
@@ -252,6 +259,7 @@ class iff_parser final {
                  << ", hdr.size=" << c->header.size << ", end=" << data_.size()
                  << ")";
         c.reset();
+        return c;
       }
 
       LOG_TRACE << "[" << name_ << "] " << path_ << ": `" << c->fourcc()