From: jeanlf <jeanlf@gpac.io>
Date: Mon, 30 Aug 2021 13:55:13 +0000 (+0200)
Subject: [PATCH] fixed #1890
X-Git-Tag: archive/raspbian/1.0.1+dfsg1-4+rpi1+deb11u3^2~81
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=72d297781bb38cddc3d6ffc579049e13249785c1;p=gpac.git

[PATCH] fixed #1890


Gbp-Pq: Name CVE-2021-40569.patch
---

diff --git a/src/isomedia/box_code_meta.c b/src/isomedia/box_code_meta.c
index 1d54fa6..6c571c4 100644
--- a/src/isomedia/box_code_meta.c
+++ b/src/isomedia/box_code_meta.c
@@ -285,7 +285,8 @@ GF_Err iloc_box_read(GF_Box *s, GF_BitStream *bs)
 	}
 
 	for (i = 0; i < item_count; i++) {
-		GF_ItemLocationEntry *location_entry = (GF_ItemLocationEntry *)gf_malloc(sizeof(GF_ItemLocationEntry));
+		GF_ItemLocationEntry *location_entry;
+		GF_SAFEALLOC(location_entry, GF_ItemLocationEntry);
 		if (!location_entry) return GF_OUT_OF_MEM;
 
 		gf_list_add(ptr->location_entries, location_entry);
@@ -314,7 +315,8 @@ GF_Err iloc_box_read(GF_Box *s, GF_BitStream *bs)
 		extent_count = gf_bs_read_u16(bs);
 		location_entry->extent_entries = gf_list_new();
 		for (j = 0; j < extent_count; j++) {
-			GF_ItemExtentEntry *extent_entry = (GF_ItemExtentEntry *)gf_malloc(sizeof(GF_ItemExtentEntry));
+			GF_ItemExtentEntry *extent_entry;
+			GF_SAFEALLOC(extent_entry, GF_ItemExtentEntry);
 			if (!extent_entry) return GF_OUT_OF_MEM;
 			
 			gf_list_add(location_entry->extent_entries, extent_entry);