nixpkgs/pkgs/development/libraries/libheif/1.4.0-CVE-2019-11471.patch

Adapted from upstream commit 995a4283d8ed2d0d2c1ceb1a577b993df2f0e014
--- a/libheif/heif_context.cc
+++ b/libheif/heif_context.cc
@@ -571,6 +571,11 @@
             image->set_is_alpha_channel_of(refs[0]);
 
             auto master_iter = m_all_images.find(refs[0]);
+            if (master_iter == m_all_images.end()) {
+              return Error(heif_error_Invalid_input,
+                           heif_suberror_Nonexisting_item_referenced,
+                           "Non-existing alpha image referenced");
+            }
             master_iter->second->set_alpha_channel(image);
           }