From ba51caf5f4928dc013bf6549b136a316c062ad93 Mon Sep 17 00:00:00 2001
From: invario <67800603+invario@users.noreply.github.com>
Date: Fri, 5 Sep 2025 09:32:37 -0400
Subject: [PATCH] Fix(previews): prevent infinite loop in case of bad video
 file

Signed-off-by: invario <67800603+invario@users.noreply.github.com>
---
 lib/private/Preview/Movie.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/private/Preview/Movie.php b/lib/private/Preview/Movie.php
index 0e25afe41f494..6f0b0d70497e2 100644
--- a/lib/private/Preview/Movie.php
+++ b/lib/private/Preview/Movie.php
@@ -164,6 +164,10 @@ private function getSparseFile(File $file, int $size): string|false {
 					// size of the atom. Needed for large atoms like 'mdat' (the video data)
 					if ($atomSize === 1) {
 						$atomSize = (int)hexdec(bin2hex(stream_get_contents($content, 8, (int)($offset + 8))));
+						// 0 in the 64 bit field should not occur in a valid file, stop processing
+						if ($atomSize === 0) {
+							return false;
+						}
 					}
 				}
 				// Found the 'moov' atom, store its location and size
@@ -194,9 +198,9 @@ private function getSparseFile(File $file, int $size): string|false {
 			// Copy first $size bytes of video into new file
 			stream_copy_to_stream($content, $sparseFile, $size, 0);
 
-			// If 'moov' is located before $size in the video, it was already streamed,
+			// If 'moov' is located entirely before $size in the video, it was already streamed,
 			// so no need to download it again.
-			if ($moovOffset >= $size) {
+			if ($moovOffset + $moovSize >= $size) {
 				// Seek to where 'moov' atom needs to be placed
 				fseek($content, (int)$moovOffset);
 				fseek($sparseFile, (int)$moovOffset);