--- /dev/null
+commit 4e56ad72ac1afb4e049a10f2d99e7512d7141f9d
+Author: jeanlf <jeanlf@gpac.io>
+Date: Tue Jul 12 18:29:36 2022 +0200
+
+ fixed #2216
+
+Index: gpac/src/odf/desc_private.c
+===================================================================
+--- gpac.orig/src/odf/desc_private.c
++++ gpac/src/odf/desc_private.c
+@@ -273,7 +273,7 @@ GF_Err gf_odf_delete_descriptor(GF_Descr
+ //
+ // READERS
+ //
+-GF_Err gf_odf_read_descriptor(GF_BitStream *bs, GF_Descriptor *desc, u32 DescSize)
++static GF_Err gf_odf_read_descriptor_internal(GF_BitStream *bs, GF_Descriptor *desc, u32 DescSize)
+ {
+ switch (desc->tag) {
+ case GF_ODF_IOD_TAG :
+@@ -368,7 +368,17 @@ GF_Err gf_odf_read_descriptor(GF_BitStre
+ return GF_OK;
+ }
+
+-
++GF_Err gf_odf_read_descriptor(GF_BitStream *bs, GF_Descriptor *desc, u32 DescSize)
++{
++ u64 cookie = gf_bs_get_cookie(bs);
++ //we allow 100 max desc in a hierarchy - see issue 2216
++ if (cookie>100)
++ return GF_NON_COMPLIANT_BITSTREAM;
++ gf_bs_set_cookie(bs, cookie+1);
++ GF_Err e = gf_odf_read_descriptor_internal(bs, desc, DescSize);
++ gf_bs_set_cookie(bs, cookie);
++ return e;
++}
+
+
+
+Index: gpac/applications/mp4box/main.c
+===================================================================
+--- gpac.orig/applications/mp4box/main.c
++++ gpac/applications/mp4box/main.c
+@@ -3602,7 +3602,7 @@ GF_Err HintFile(GF_ISOFile *file, u32 MT
+
+ if (e) {
+ M4_LOG(GF_LOG_ERROR, ("Error while hinting (%s)\n", gf_error_to_string(e)));
+- if (!nb_done) return e;
++ return e;
+ }
+ init_payt++;
+ nb_done ++;
projects / gpac.git / commitdiff