From: jeanlf <jeanlf@gpac.io>
Date: Mon, 12 Dec 2022 09:45:38 +0000 (+0100)
Subject: [PATCH] fixed #2346
X-Git-Tag: archive/raspbian/1.0.1+dfsg1-4+rpi1+deb11u3^2~24
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=0539577b731e9b80704e1dff531f9238c47d2ea3;p=gpac.git

[PATCH] fixed #2346


Gbp-Pq: Name CVE-2022-47095.patch
---

diff --git a/src/media_tools/av_parsers.c b/src/media_tools/av_parsers.c
index 71bac7f..6dc277a 100644
--- a/src/media_tools/av_parsers.c
+++ b/src/media_tools/av_parsers.c
@@ -7060,18 +7060,20 @@ static Bool hevc_parse_vps_extension(HEVC_VPS *vps, GF_BitStream *bs)
 		num_scalability_types = 16;
 	}
 	dimension_id_len[0] = 0;
-	for (i = 0; i < (num_scalability_types - splitting_flag); i++) {
-		dimension_id_len[i] = 1 + gf_bs_read_int(bs, 3);
-	}
-
-	if (splitting_flag) {
-		for (i = 0; i < num_scalability_types; i++) {
-			dim_bit_offset[i] = 0;
-			for (j = 0; j < i; j++)
-				dim_bit_offset[i] += dimension_id_len[j];
-		}
-		dimension_id_len[num_scalability_types - 1] = 1 + (5 - dim_bit_offset[num_scalability_types - 1]);
-		dim_bit_offset[num_scalability_types] = 6;
+        if (num_scalability_types) {
+	        for (i = 0; i < (num_scalability_types - splitting_flag); i++) {
+		        dimension_id_len[i] = 1 + gf_bs_read_int(bs, 3);
+	        }
+
+	        if (splitting_flag) {
+		        for (i = 0; i < num_scalability_types; i++) {
+			        dim_bit_offset[i] = 0;
+			        for (j = 0; j < i; j++)
+				        dim_bit_offset[i] += dimension_id_len[j];
+		        }
+		        dimension_id_len[num_scalability_types - 1] = 1 + (5 - dim_bit_offset[num_scalability_types - 1]);
+		        dim_bit_offset[num_scalability_types] = 6;
+                }
 	}
 
 	vps_nuh_layer_id_present_flag = gf_bs_read_int(bs, 1);