From a899d6ca101d0ed735e13dc4c57b0b8fc0465d37 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Wed, 6 Jan 2021 23:24:49 +0100
Subject: [PATCH] avformat: Change avpriv_new_chapter() from O(n) to (1) in the
 common case

Fixes: timeout (slow -> 300ms)
Fixes: 28876/clusterfuzz-testcase-minimized-ffmpeg_dem_MOV_fuzzer-5664824587583488

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/internal.h |  5 +++++
 libavformat/utils.c    | 11 ++++++++---
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/libavformat/internal.h b/libavformat/internal.h
index 49e82bfbca..f45b1cd6b4 100644
--- a/libavformat/internal.h
+++ b/libavformat/internal.h
@@ -142,6 +142,11 @@ struct AVFormatInternal {
      * Prefer the codec framerate for avg_frame_rate computation.
      */
     int prefer_codec_framerate;
+
+    /**
+     * Set if chapter ids are strictly monotonic.
+     */
+    int chapter_ids_monotonic;
 };
 
 struct AVStreamInternal {
diff --git a/libavformat/utils.c b/libavformat/utils.c
index 1ec71691e5..9dab4fc96f 100644
--- a/libavformat/utils.c
+++ b/libavformat/utils.c
@@ -4614,9 +4614,14 @@ AVChapter *avpriv_new_chapter(AVFormatContext *s, int id, AVRational time_base,
         return NULL;
     }
 
-    for (i = 0; i < s->nb_chapters; i++)
-        if (s->chapters[i]->id == id)
-            chapter = s->chapters[i];
+    if (!s->nb_chapters) {
+        s->internal->chapter_ids_monotonic = 1;
+    } else if (!s->internal->chapter_ids_monotonic || s->chapters[s->nb_chapters-1]->id >= id) {
+        s->internal->chapter_ids_monotonic = 0;
+        for (i = 0; i < s->nb_chapters; i++)
+            if (s->chapters[i]->id == id)
+                chapter = s->chapters[i];
+    }
 
     if (!chapter) {
         chapter = av_mallocz(sizeof(AVChapter));