CVE-2023-43887

commit 63b596c915977f038eafd7647d1db25488a8c133
Author: Dirk Farin <dirk.farin@gmail.com>
Date:   Fri Sep 1 21:18:48 2023 +0200

    fix #418

Gbp-Pq: Name CVE-2023-43887.patch

diff --git a/libde265/decctx.cc b/libde265/decctx.cc
index 3eb5daa5f9761a35597ade31a58944769295abca..0747c6908024775d3ef4b1a66493bba2db1015da 100644 (file)
--- a/libde265/decctx.cc
+++ b/libde265/decctx.cc
@@ -854,16 +854,17 @@ de265_error decoder_context::read_pps_NAL(bitreader& reader)
   std::shared_ptr<pic_parameter_set> new_pps = std::make_shared<pic_parameter_set>();
 
   bool success = new_pps->read(&reader,this);
+  if (!success) {
+    return DE265_WARNING_PPS_HEADER_INVALID;
+  }
 
   if (param_pps_headers_fd>=0) {
     new_pps->dump(param_pps_headers_fd);
   }
 
-  if (success) {
-    pps[ (int)new_pps->pic_parameter_set_id ] = new_pps;
-  }
+  pps[ (int)new_pps->pic_parameter_set_id ] = new_pps;
 
-  return success ? DE265_OK : DE265_WARNING_PPS_HEADER_INVALID;
+  return DE265_OK;
 }
 
 de265_error decoder_context::read_sei_NAL(bitreader& reader, bool suffix)