projects / gpac.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 79915cb)
Fix Integer Overflow, CVE-2022-2454
authorReinhard Tartler <siretart@tauware.de>
Sat, 4 Mar 2023 17:49:03 +0000 (12:49 -0500)
committerReinhard Tartler <siretart@tauware.de>
Sat, 4 Mar 2023 17:49:03 +0000 (12:49 -0500)
debian/patches/CVE-2022-2454.patch [new file with mode: 0644] patch | blob
debian/patches/series patch | blob | history

diff --git a/debian/patches/CVE-2022-2454.patch b/debian/patches/CVE-2022-2454.patch
new file mode 100644 (file)
index 0000000..cdffaac
--- /dev/null
+++ b/debian/patches/CVE-2022-2454.patch
@@ -0,0 +1,19 @@
+commit faa75edde3dfeba1e2cf6ffa48e45a50f1042096
+Author: jeanlf <jeanlf@gpac.io>
+Date:   Tue Jul 12 18:00:35 2022 +0200
+
+    fixed #2213
+
+diff --git a/src/laser/lsr_dec.c b/src/laser/lsr_dec.c
+index 99d16aaa7..488babb10 100644
+--- a/src/laser/lsr_dec.c
++++ b/src/laser/lsr_dec.c
+@@ -838,6 +838,8 @@ static void lsr_read_id(GF_LASeRCodec *lsr, GF_Node *n)
+ static Fixed lsr_translate_coords(GF_LASeRCodec *lsr, u32 val, u32 nb_bits)
+ {
++      if (!nb_bits) return 0;
++      
+ #ifdef GPAC_FIXED_POINT
+       if (val >> (nb_bits-1) ) {
+               s32 neg = (s32) val - (1<<nb_bits);
diff --git a/debian/patches/series b/debian/patches/series
index c194a429c6320cae54c1a74690f9eaab1a3d90eb..d8f4a913a0ba14b47b819546d110ff67aa38c9c1 100644 (file)
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,3 +9,4 @@ CVE-2022-1222.patch
 CVE-2022-1441.patch
 CVE-2022-1795.patch
 CVE-2022-2453.patch
+CVE-2022-2454.patch
Unnamed repository; edit this file 'description' to name the repository.