From: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
Date: Thu, 15 Feb 2024 21:06:55 +0000 (+0000)
Subject: CVE-2023-49468
X-Git-Tag: archive/raspbian/1.0.11-0+deb11u4+rpi1~3
X-Git-Url: https://dgit.raspbian.org/%22http:/www.example.com/%22mailto:kde%40ewsoftware.de/%22style.css//%22node%24level1.%24level2.html/%22/%22http:/www.example.com/%22mailto:kde%40ewsoftware.de/%22style.css/%22node%24level1.%24level2.html/%22?a=commitdiff_plain;h=45b2f7e057a8bc8d66e51c35ef3ce8cb25e155f2;p=libde265.git

CVE-2023-49468

commit 3e822a3ccf88df1380b165d6ce5a00494a27ceeb
Author: Dirk Farin <dirk.farin@gmail.com>
Date:   Thu Nov 23 19:11:34 2023 +0100

    fix #432 (undefined IPM)


Gbp-Pq: Name CVE-2023-49468.patch
---

diff --git a/libde265/image.h b/libde265/image.h
index 0b53605..0a0c0e3 100644
--- a/libde265/image.h
+++ b/libde265/image.h
@@ -624,7 +624,14 @@ public:
 
   enum IntraPredMode get_IntraPredMode(int x,int y) const
   {
-    return (enum IntraPredMode)intraPredMode.get(x,y);
+    uint8_t ipm = intraPredMode.get(x,y);
+
+    // sanitize values if IPM is uninitialized (because of earlier read error)
+    if (ipm > 34) {
+      ipm = 0;
+    }
+
+    return static_cast<enum IntraPredMode>(ipm);
   }
 
   enum IntraPredMode get_IntraPredMode_atIndex(int idx) const