Ensure that an AVIF has a ftyp box, and based on ftyp, has other appropriate toplevel boxes present as well
diff --git a/src/read.c b/src/read.c index 7780f47..632c97e 100644 --- a/src/read.c +++ b/src/read.c
@@ -2317,6 +2317,12 @@ return AVIF_RESULT_OK; } } + if (!ftypSeen) { + return AVIF_RESULT_INVALID_FTYP; + } + if ((needsMeta && !metaSeen) || (needsMoov && !moovSeen)) { + return AVIF_RESULT_TRUNCATED_DATA; + } return AVIF_RESULT_OK; }