fix segfault in MP4Box, CVE-2022-1035

diff --git a/debian/patches/CVE-2022-1035.patch b/debian/patches/CVE-2022-1035.patch
new file mode 100644 (file)
index 0000000..f85d5a5
--- /dev/null
+++ b/debian/patches/CVE-2022-1035.patch
@@ -0,0 +1,20 @@
+commit 3718d583c6ade191dc7979c64f48c001ca6f0243
+Author: jeanlf <jeanlf@gpac.io>
+Date:   Thu Mar 17 12:00:55 2022 +0100
+
+    fixed #2146
+
+diff --git a/src/scene_manager/scene_dump.c b/src/scene_manager/scene_dump.c
+index 3104d23c3..6fe250f52 100644
+--- a/src/scene_manager/scene_dump.c
++++ b/src/scene_manager/scene_dump.c
+@@ -755,8 +755,7 @@ static void gf_dump_vrml_simple_field(GF_SceneDumper *sdump, GF_FieldInfo field,
+ 
+       switch (field.fieldType) {
+       case GF_SG_VRML_SFNODE:
+-              assert ( *(GF_Node **)field.far_ptr);
+-              gf_dump_vrml_node(sdump, *(GF_Node **)field.far_ptr, 0, NULL);
++              gf_dump_vrml_node(sdump, field.far_ptr ? *(GF_Node **)field.far_ptr : NULL, 0, NULL);
+               return;
+       case GF_SG_VRML_MFNODE:
+               list = * ((GF_ChildNodeItem **) field.far_ptr);

diff --git a/debian/patches/series b/debian/patches/series
index 68e6b0482bfbb6fa7d1591a9f4e98f5a62263f15..fadec8015226db6bad1141d64884f51949c19de7 100644 (file)
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -3,3 +3,4 @@ dont-err-build-on-uknown-system.patch
 CVE-2022-29339.patch
 CVE-2022-29340.patch
 CVE-2022-30976.patch
+CVE-2022-1035.patch