From 85461b82720f678a8a343e4e4d9c1c6e2924e883 Mon Sep 17 00:00:00 2001
From: Jensenn <neil.jensen@pluto.tv>
Date: Mon, 25 Sep 2023 15:24:14 -0600
Subject: [PATCH] Prevent possible subtraction underflow

---
 src/mp4box/senc.rs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/mp4box/senc.rs b/src/mp4box/senc.rs
index ff4d164..5905b5b 100644
--- a/src/mp4box/senc.rs
+++ b/src/mp4box/senc.rs
@@ -103,7 +103,9 @@ impl<R: Read + Seek> ReadBox<&mut R> for SencBox {
         // the senc box cannot be properly parsed without IV_size
         // which is only available from other boxes. Store the raw
         // data for parsing with member functions later
-        let data_size = start + size - reader.stream_position()?;
+        let data_size = (start + size)
+            .checked_sub(reader.stream_position()?)
+            .ok_or(Error::InvalidData("senc size too small"))?;
         let mut sample_data = vec![0; data_size as usize];
         reader.read_exact(&mut sample_data)?;