From: jeanlf Date: Mon, 30 Aug 2021 15:15:34 +0000 (+0200) Subject: [PATCH] fixed #1899 X-Git-Tag: archive/raspbian/1.0.1+dfsg1-4+rpi1+deb11u3^2~80 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=6f9d0397ebe6a0a28a8e8a81ed4012527842cd2d;p=gpac.git [PATCH] fixed #1899 Gbp-Pq: Name CVE-2021-40570.patch --- diff --git a/src/media_tools/av_parsers.c b/src/media_tools/av_parsers.c index aa9eda1..85668bb 100644 --- a/src/media_tools/av_parsers.c +++ b/src/media_tools/av_parsers.c @@ -5087,6 +5087,7 @@ static s32 gf_media_avc_read_sps_bs_internal(GF_BitStream *bs, AVCState *avc, u3 sps->offset_for_top_to_bottom_field = gf_bs_get_se(bs); sps->poc_cycle_length = gf_bs_get_ue(bs); if (sps->poc_cycle_length > GF_ARRAY_LENGTH(sps->offset_for_ref_frame)) { + sps->poc_cycle_length = 255; GF_LOG(GF_LOG_ERROR, GF_LOG_CODING, ("[avc-h264] offset_for_ref_frame overflow from poc_cycle_length\n")); return -1; }