From: jeanlf <jeanlf@gpac.io>
Date: Fri, 12 Mar 2021 10:46:56 +0000 (+0100)
Subject: [PATCH] fixed #1705
X-Git-Tag: archive/raspbian/1.0.1+dfsg1-5+rpi1^2~12
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=1b4ab0384eec40b62831dab6de39b2207f61d5ee;p=gpac.git

[PATCH] fixed #1705


Gbp-Pq: Name CVE-2021-31256.patch
---

diff --git a/src/isomedia/stbl_read.c b/src/isomedia/stbl_read.c
index a105e84..b2f222b 100644
--- a/src/isomedia/stbl_read.c
+++ b/src/isomedia/stbl_read.c
@@ -419,11 +419,13 @@ GF_Err stbl_GetSampleInfos(GF_SampleTableBox *stbl, u32 sampleNumber, u64 *offse
 		if ( stbl->ChunkOffset->type == GF_ISOM_BOX_TYPE_STCO) {
 			stco = (GF_ChunkOffsetBox *)stbl->ChunkOffset;
 			if (!stco->offsets) return GF_ISOM_INVALID_FILE;
+			if (stco->nb_entries < sampleNumber) return GF_ISOM_INVALID_FILE;
 
 			(*offset) = (u64) stco->offsets[sampleNumber - 1];
 		} else {
 			co64 = (GF_ChunkLargeOffsetBox *)stbl->ChunkOffset;
 			if (!co64->offsets) return GF_ISOM_INVALID_FILE;
+			if (co64->nb_entries < sampleNumber) return GF_ISOM_INVALID_FILE;
 
 			(*offset) = co64->offsets[sampleNumber - 1];
 		}