Commit 11736c4f for libheif

commit 11736c4fbeaa4267acfac0c1470768624ca63e24
Author: Dirk Farin <dirk.farin@gmail.com>
Date:   Wed Apr 8 01:28:47 2026 +0200

    Prevent concurrent decoding of the same image item in crafted grid images

diff --git a/libheif/image-items/image_item.cc b/libheif/image-items/image_item.cc
index 50df0b92..3409d6fa 100644
--- a/libheif/image-items/image_item.cc
+++ b/libheif/image-items/image_item.cc
@@ -707,6 +707,8 @@ Result<std::shared_ptr<HeifPixelImage>> ImageItem::decode_image(const heif_decod
                                                                 bool decode_tile_only, uint32_t tile_x0, uint32_t tile_y0,
                                                                 std::set<heif_item_id> processed_ids) const
 {
+  std::lock_guard<std::mutex> lock(m_decode_mutex);
+
   // --- check whether image size (according to 'ispe') exceeds maximum

   if (!decode_tile_only) {
diff --git a/libheif/image-items/image_item.h b/libheif/image-items/image_item.h
index 389ff747..e1f66fa1 100644
--- a/libheif/image-items/image_item.h
+++ b/libheif/image-items/image_item.h
@@ -27,6 +27,7 @@
 #include <string>
 #include <vector>
 #include <memory>
+#include <mutex>
 #include <utility>
 #include <set>

@@ -443,6 +444,8 @@ private:

   std::vector<Error> m_decoding_warnings;

+  mutable std::mutex m_decode_mutex;
+
   std::vector<heif_item_id> m_text_item_ids;

   void generate_property_boxes_for_ImageExtraData();