[FFmpeg-cvslog] avformat/mov: set array entry count after the array is allocated in heif_add_stream()

[James Almer]

ffmpeg | branch: master | James Almer <jamrial at gmail.com> | Fri Jun 20 13:25:15 2025 -0300| [64e6f5d5fa2d78ed5653bea46276099c9e8116a8] | committer: James Almer

avformat/mov: set array entry count after the array is allocated in heif_add_stream()

Ensures no bogus values being preserved after returning.

Signed-off-by: James Almer <jamrial at gmail.com>

> http://git.videolan.org/gitweb.cgi/ffmpeg.git/?a=commit;h=64e6f5d5fa2d78ed5653bea46276099c9e8116a8
---

 libavformat/mov.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/libavformat/mov.c b/libavformat/mov.c
index 8a094b1ea0..a2a9c10f20 100644
--- a/libavformat/mov.c
+++ b/libavformat/mov.c
@@ -5430,18 +5430,18 @@ static int heif_add_stream(MOVContext *c, HEIFItem *item)
     sc->stsc_data[0].first = 1;
     sc->stsc_data[0].count = 1;
     sc->stsc_data[0].id = 1;
-    sc->chunk_count = 1;
     sc->chunk_offsets = av_malloc_array(1, sizeof(*sc->chunk_offsets));
     if (!sc->chunk_offsets)
         return AVERROR(ENOMEM);
-    sc->sample_count = 1;
+    sc->chunk_count = 1;
     sc->sample_sizes = av_malloc_array(1, sizeof(*sc->sample_sizes));
     if (!sc->sample_sizes)
         return AVERROR(ENOMEM);
-    sc->stts_count = 1;
+    sc->sample_count = 1;
     sc->stts_data = av_malloc_array(1, sizeof(*sc->stts_data));
     if (!sc->stts_data)
         return AVERROR(ENOMEM);
+    sc->stts_count = 1;
     sc->stts_data[0].count = 1;
     // Not used for still images. But needed by mov_build_index.
     sc->stts_data[0].duration = 0;