Check opus header size for overflow.

We cast a size to a u32 for the capi data return. Our serialization
routine will never produce a large header, but be defensive and
make sure we're not writing the wrong size when we cast down,
as we do with the other, less-controlled headers.

Author: rillian

mp4parse_capi/src/lib.rs

@@ -469,6 +469,9 @@ pub unsafe extern fn mp4parse_get_track_audio_info(parser: *mut mp4parse_parser,
                     match header.get(&track_index) {
                         None => {}
                         Some(v) => {
+                            if v.len() > std::u32::MAX as usize {
+                                return MP4PARSE_ERROR_INVALID;
+                            }
                             (*info).codec_specific_config.length = v.len() as u32;
                             (*info).codec_specific_config.data = v.as_ptr();
                         }