[PATCH] fixed #1838

author jeanlf <jeanlf@gpac.io>

Mon, 5 Jul 2021 14:41:49 +0000 (16:41 +0200)

committer Moritz Mühlenhoff <jmm@debian.org>

Mon, 19 Jun 2023 21:46:06 +0000 (22:46 +0100)
author jeanlf <jeanlf@gpac.io>
Mon, 5 Jul 2021 14:41:49 +0000 (16:41 +0200)
committer Moritz Mühlenhoff <jmm@debian.org>
Mon, 19 Jun 2023 21:46:06 +0000 (22:46 +0100)
diff --git a/src/ietf/rtp_pck_mpeg12.c b/src/ietf/rtp_pck_mpeg12.c

index c108522b9dd2f60b794efabc6a57ff08d4823fa4..7f2dffa83a14c4dfaf10ab970cc2501b889e5735 100644 (file)
--- a/src/ietf/rtp_pck_mpeg12.c
+++ b/src/ietf/rtp_pck_mpeg12.c
@@ -123,6 +123,7 @@ GF_Err gp_rtp_builder_do_mpeg12_video(GP_RTPPacketizer *builder, u8 *data, u32 d
  
         /*no flsuh (no aggregation)*/
         if (!data) return GF_OK;
+       if (data_size<4) return GF_NON_COMPLIANT_BITSTREAM;
  
         offset = 0;
         have_seq = GF_FALSE;
@@ -152,6 +153,7 @@ GF_Err gp_rtp_builder_do_mpeg12_video(GP_RTPPacketizer *builder, u8 *data, u32 d
         mpv_hdr[3] = 0;
  
         if ((pic_type==2) || (pic_type== 3)) {
+               if (data_size<5) return GF_NON_COMPLIANT_BITSTREAM;
                 mpv_hdr[3] = (u8) ((((u32)payload[3]) << 5) & 0xf);
                 if ((payload[4] & 0x80) != 0) mpv_hdr[3] |= 0x10;
                 if (pic_type == 3) mpv_hdr[3] |= (payload[4] >> 3) & 0xf;
author	jeanlf <jeanlf@gpac.io>
	Mon, 5 Jul 2021 14:41:49 +0000 (16:41 +0200)
committer	Moritz Mühlenhoff <jmm@debian.org>
	Mon, 19 Jun 2023 21:46:06 +0000 (22:46 +0100)