From 17adcc40adf1f30cba55c9727dabc1365944d32b Mon Sep 17 00:00:00 2001
From: Aaron Colwell <acolwell@google.com>
Date: Fri, 27 Jan 2017 09:33:29 -0800
Subject: [PATCH] mov: Fix spherical metadata_source parsing

Signed-off-by: James Almer <jamrial@gmail.com>
---
 libavformat/mov.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 5c9f85c738..d5de5d6b13 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -3252,7 +3252,7 @@ static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom)
     }
 
     size = avio_rb32(pb);
-    if (size > atom.size)
+    if (size <= 12 || size > atom.size)
         return AVERROR_INVALIDDATA;
 
     tag = avio_rl32(pb);
@@ -3261,7 +3261,7 @@ static int mov_read_sv3d(MOVContext *c, AVIOContext *pb, MOVAtom atom)
         return 0;
     }
     avio_skip(pb, 4); /*  version + flags */
-    avio_skip(pb, avio_r8(pb)); /* metadata_source */
+    avio_skip(pb, size - 12); /* metadata_source */
 
     size = avio_rb32(pb);
     if (size > atom.size)