From 8b96ebc6b4e371a7ba0a1830f4d66cae752ff046 Mon Sep 17 00:00:00 2001
From: Mohamed Ali Chebbi <mohamedalichebbi@gmail.com>
Date: Fri, 3 Mar 2023 22:20:41 +0100
Subject: [PATCH] asfvideo fuzz issue : nb_headers should not exceed the max
 value of uint32

---
 src/asfvideo.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/asfvideo.cpp b/src/asfvideo.cpp
index b1482e00..2dea8250 100644
--- a/src/asfvideo.cpp
+++ b/src/asfvideo.cpp
@@ -294,6 +294,7 @@ void AsfVideo::decodeHeader() {
   io_->read(nbHeadersBuf.data(), DWORD);
 
   uint32_t nb_headers = Exiv2::getULong(nbHeadersBuf.data(), littleEndian);
+  Internal::enforce(nb_headers < std::numeric_limits<uint32_t>::max(), Exiv2::ErrorCode::kerCorruptedMetadata);
   io_->seekOrThrow(io_->tell() + BYTE * 2, BasicIo::beg,
                    ErrorCode::kerFailedToReadImageData);  // skip two reserved tags
   for (uint32_t i = 0; i < nb_headers; i++) {