[PATCH] fixed #1738

Gbp-Pq: Name CVE-2021-31262.patch

diff --git a/src/isomedia/avc_ext.c b/src/isomedia/avc_ext.c
index ca55d02dcff8d84fd18067280b6e9eab4d849767..16347cb27d7a4e30f9e29ddc3d0756112be3102e 100644 (file)
--- a/src/isomedia/avc_ext.c
+++ b/src/isomedia/avc_ext.c
@@ -1330,7 +1330,8 @@ static GF_Err gf_isom_check_mvc(GF_ISOFile *the_file, GF_TrackBox *trak, GF_MPEG
        return GF_OK;
 }
 
-static GF_AV1Config* AV1_DuplicateConfig(GF_AV1Config const * const cfg) {
+static GF_AV1Config* AV1_DuplicateConfig(GF_AV1Config const * const cfg)
+{
        u32 i = 0;
        GF_AV1Config *out = gf_malloc(sizeof(GF_AV1Config));
 
@@ -1374,7 +1375,7 @@ void AV1_RewriteESDescriptorEx(GF_MPEGVisualSampleEntryBox *av1, GF_MediaBox *md
                av1->emul_esd->decoderConfig->avgBitrate = btrt->avgBitrate;
                av1->emul_esd->decoderConfig->maxBitrate = btrt->maxBitrate;
        }
-       if (av1->av1_config) {
+       if (av1->av1_config && av1->av1_config->config) {
                GF_AV1Config *av1_cfg = AV1_DuplicateConfig(av1->av1_config->config);
                if (av1_cfg) {
                        gf_odf_av1_cfg_write(av1_cfg, &av1->emul_esd->decoderConfig->decoderSpecificInfo->data, &av1->emul_esd->decoderConfig->decoderSpecificInfo->dataLength);
@@ -2275,7 +2276,7 @@ GF_AV1Config *gf_isom_av1_config_get(GF_ISOFile *the_file, u32 trackNumber, u32
        trak = gf_isom_get_track_from_file(the_file, trackNumber);
        if (!trak || !trak->Media || !DescriptionIndex) return NULL;
        entry = (GF_MPEGVisualSampleEntryBox*)gf_list_get(trak->Media->information->sampleTable->SampleDescription->child_boxes, DescriptionIndex - 1);
-       if (!entry || !entry->av1_config) return NULL;
+       if (!entry || !entry->av1_config|| !entry->av1_config->config) return NULL;
        return AV1_DuplicateConfig(entry->av1_config->config);
 }