* Fix several overflows in box and track processing
* Use size_of::<Type>() instead of magic numbers
* Fix a panic in Mp4Track::read_sample() for one-past-the-end
This appears to be a bug unmasked by other changes. read_sample() calls
sample_offset() then sample_size(), and assumes that if the former returns Ok
then the latter does as well. However, if the sample_id is one past the end,
sample_offset() might succeed (it only checks samples _up to_ the given
sample_id but not _including_ it) while sample_size() fails (because the sample
doesn't exist). read_sample() will then panic.
Fix this by duplicating the error propagation (that is currently done for
sample_offset) for sample_size, instead of unwrapping. This is a cautious
change that fixes the bug; alternatively, having sample_offset() call
sample_size() on the given sample_id and propagate any error might also work.
* Account for header size in box processing overflow fixes
* Ensure that boxes aren't bigger than their containers
Together with the entry_count checks, this eliminates several OOMs when reading
incorrect mp4 files.
* Fix order of arithmetic operations
This was due to an incorrect transcription when switching to checked
arithmetic, and fixes a bug that could cause attempted lookups of the wrong
chunk_id.
* Add Mp4Box traits for getting json or text summary for each box.
* fix test and serde version.
* skip serializing entries
* skip serializing sample_sizes
* Add custom serializer for FixedPoint types.