Panic range end index 12 out of range for slice of length 8

[qarmin]

Code

fn check_file(path: &str) {
    let content = match fs::read(&path) {
        Ok(content) => content,
        Err(e) => {
            println!("{e}");
            return;
        }
    };
    println!("Checking file: {path}");

    let mut parser = MediaParser::new();

    // Parse unseekable
    let reader = Cursor::new(&content);
    let Ok(ms) = MediaSource::unseekable(reader) else {
        return ;
    };
    let iter: Result<ExifIter, _> = parser.parse(ms);
    if let Ok(iter) = iter {
        let _ = iter.parse_gps_info();
        for i in iter {
            let s = i;
            s.tag_code();
            s.get_value();
            let _ = s.get_result();
            s.tag();
            s.ifd_index();
            s.has_value();
        }
    }

    let reader = Cursor::new(&content);
    let Ok(ms) = MediaSource::unseekable(reader) else {
        return ;
    };
    let _: Result<TrackInfo, _> = parser.parse(ms);

    // Parse seekable
    let reader = Cursor::new(&content);
    let Ok(ms) = MediaSource::seekable(reader) else {
        return ;
    };
    let iter: Result<ExifIter, _> = parser.parse(ms);
    if let Ok(iter) = iter {
        let _ = iter.parse_gps_info();
        for i in iter {
            let s = i;
            s.tag_code();
            s.get_value();
            let _ = s.get_result();
            s.tag();
            s.ifd_index();
            s.has_value();
        }
    }

    let reader = Cursor::new(&content);
    let Ok(ms) = MediaSource::seekable(reader) else {
        return ;
    };
    let _: Result<TrackInfo, _> = parser.parse(ms);
}

panics here

thread 'main' panicked at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/bbox/tkhd.rs:129:44:
range end index 12 out of range for slice of length 8
stack backtrace:
   0: rust_begin_unwind
             at /rustc/5ec7d6eee7e0f5236ec1559499070eaf836bc608/library/std/src/panicking.rs:665:5
   1: core::panicking::panic_fmt
             at /rustc/5ec7d6eee7e0f5236ec1559499070eaf836bc608/library/core/src/panicking.rs:76:14
   2: core::slice::index::slice_end_index_len_fail::do_panic::runtime
             at /rustc/5ec7d6eee7e0f5236ec1559499070eaf836bc608/library/core/src/panic.rs:219:21
   3: core::slice::index::slice_end_index_len_fail::do_panic
             at /rustc/5ec7d6eee7e0f5236ec1559499070eaf836bc608/library/core/src/intrinsics/mod.rs:3503:9
   4: core::slice::index::slice_end_index_len_fail
             at /rustc/5ec7d6eee7e0f5236ec1559499070eaf836bc608/library/core/src/panic.rs:224:9
   5: <core::ops::range::Range<usize> as core::slice::index::SliceIndex<[T]>>::index
             at /home/runner/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/slice/index.rs:437:13
   6: core::slice::index::<impl core::ops::index::Index<I> for [T]>::index
             at /home/runner/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/slice/index.rs:16:9
   7: nom_exif::bbox::tkhd::find_video_track::{{closure}}
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/bbox/tkhd.rs:129:44
   8: nom_exif::bbox::travel_while
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/bbox.rs:204:13
   9: nom_exif::bbox::tkhd::find_video_track
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/bbox/tkhd.rs:110:21
  10: nom_exif::bbox::tkhd::parse_video_tkhd_in_moov
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/bbox/tkhd.rs:99:22
  11: nom_exif::mov::parse_mvhd_tkhd
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/mov.rs:193:29
  12: nom_exif::mov::parse_mp4
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/mov.rs:165:18
  13: nom_exif::video::parse_track_info
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/video.rs:153:54
  14: <nom_exif::video::TrackInfo as nom_exif::parser::ParseOutput<R,S>>::parse::{{closure}}
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/parser.rs:318:13
  15: nom_exif::parser::BufParser::load_and_parse::{{closure}}
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/parser.rs:168:30
  16: nom_exif::parser::BufParser::load_and_parse_with_offset
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/parser.rs:189:23
  17: nom_exif::parser::BufParser::load_and_parse
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/parser.rs:166:9
  18: <nom_exif::video::TrackInfo as nom_exif::parser::ParseOutput<R,S>>::parse
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/parser.rs:317:26
  19: nom_exif::parser::MediaParser::do_parse
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/parser.rs:458:19
  20: nom_exif::parser::MediaParser::parse
             at /home/runner/.cargo/git/checkouts/nom-exif-cf4dd29e16c043e1/d29b214/src/parser.rs:447:19
  21: nom_exif::check_file
             at /home/runner/work/Automated-Fuzzer/Automated-Fuzzer/src/crates/nom_exif/src/main.rs:63:35
  22: nom_exif::main
             at /home/runner/work/Automated-Fuzzer/Automated-Fuzzer/src/crates/nom_exif/src/main.rs:24:9
  23: core::ops::function::FnOnce::call_once
             at /home/runner/.rustup/toolchains/nightly-x86_64-unknown-linux-gnu/lib/rustlib/src/rust/library/core/src/ops/function.rs:250:5
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.

crash-3dbd73c5d6961af3cbc6cc74ceec7fcbe45c5f97_minimized.zip

nom-exif binary to test is available here - https://github.com/qarmin/Automated-Fuzzer/releases/download/Nightly/nom_exif.7z