From: jeanlf <jeanlf@gpac.io>
Date: Tue, 19 Apr 2022 07:08:45 +0000 (+0200)
Subject: [PATCH] fixed #2173
X-Git-Tag: archive/raspbian/1.0.1+dfsg1-4+rpi1+deb11u2^2~30
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=541a3250d23148d1c278004707e6d7c4abf939ad;p=gpac.git

[PATCH] fixed #2173


Gbp-Pq: Name CVE-2022-29537.patch
---

diff --git a/src/ietf/rtp_pck_mpeg4.c b/src/ietf/rtp_pck_mpeg4.c
index c449fe2..9212ac3 100644
--- a/src/ietf/rtp_pck_mpeg4.c
+++ b/src/ietf/rtp_pck_mpeg4.c
@@ -421,6 +421,7 @@ GF_Err gp_rtp_builder_do_avc(GP_RTPPacketizer *builder, u8 *nalu, u32 nalu_size,
 	}
 
 	if (!nalu) return GF_OK;
+	if (nalu_size<1) return GF_NON_COMPLIANT_BITSTREAM;
 
 	/*need a new RTP packet*/
 	if (!builder->bytesInPacket) {
@@ -559,6 +560,7 @@ GF_Err gp_rtp_builder_do_hevc(GP_RTPPacketizer *builder, u8 *nalu, u32 nalu_size
 	}
 
 	if (!nalu) return GF_OK;
+	if (nalu_size<2) return GF_NON_COMPLIANT_BITSTREAM;
 
 	/*need a new RTP packet*/
 	if (!builder->bytesInPacket) {