Protect against passing invalid (0 byte) samples to codecs Fixes oss-fuzz issue: 23940

commit: 11f2a5e9d9a90d2e07f85c7aa04aa7eee1325b10 [log] [tgz]
author: Joe Drago <jdrago@netflix.com> Mon Jul 06 10:49:00 2020 -0700
committer: Joe Drago <jdrago@netflix.com> Mon Jul 06 10:49:00 2020 -0700
tree: 0fdcf1baebcb4c24ad43f8ec03f77616ebc1c4ac
parent: e181ef59ec28612f2d08112b0511c1f1efa54549 [diff]
diff --git a/src/read.c b/src/read.c
index c83ce86..6e4212e 100644
--- a/src/read.c
+++ b/src/read.c

@@ -2312,6 +2312,18 @@
         decoder->alphaPresent = (alphaOBUItem != NULL);
     }
 
+    // Sanity check tiles
+    for (uint32_t tileIndex = 0; tileIndex < data->tiles.count; ++tileIndex) {
+        avifTile * tile = &data->tiles.tile[tileIndex];
+        for (uint32_t sampleIndex = 0; sampleIndex < tile->input->samples.count; ++sampleIndex) {
+            avifDecodeSample * sample = &tile->input->samples.sample[0];
+            if (!sample->data.data || !sample->data.size) {
+                // Every sample must have some data
+                return AVIF_RESULT_BMFF_PARSE_FAILED;
+            }
+        }
+    }
+
     const avifProperty * colrProp = avifPropertyArrayFind(colorProperties, "colr");
     if (colrProp) {
         if (colrProp->u.colr.hasICC) {
commit	11f2a5e9d9a90d2e07f85c7aa04aa7eee1325b10	[log] [tgz]
author	Joe Drago <jdrago@netflix.com>	Mon Jul 06 10:49:00 2020 -0700
committer	Joe Drago <jdrago@netflix.com>	Mon Jul 06 10:49:00 2020 -0700
tree	0fdcf1baebcb4c24ad43f8ec03f77616ebc1c4ac
parent	e181ef59ec28612f2d08112b0511c1f1efa54549 [diff]