From: Reinhard Tartler <siretart@tauware.de>
Date: Sat, 4 Mar 2023 17:41:23 +0000 (-0500)
Subject: Fix null pointer dereference in gf_bifs_dec_sf_field, CVE-2022-1172
X-Git-Tag: archive/raspbian/2.0.0+dfsg1-4+rpi1^2~37
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=7461972b10f8a9e8ebf8c1ba31dab91a50ff326a;p=gpac.git

Fix null pointer dereference in gf_bifs_dec_sf_field, CVE-2022-1172
---

diff --git a/debian/patches/CVE-2022-1172.patch b/debian/patches/CVE-2022-1172.patch
new file mode 100644
index 0000000..803d277
--- /dev/null
+++ b/debian/patches/CVE-2022-1172.patch
@@ -0,0 +1,18 @@
+commit 55a183e6b8602369c04ea3836e05436a79fbc7f8
+Author: jeanlf <jeanlf@gpac.io>
+Date:   Tue Mar 29 16:51:46 2022 +0200
+
+    fixed #2153
+
+diff --git a/src/bifs/field_decode.c b/src/bifs/field_decode.c
+index fe53c0821..5537da7d3 100644
+--- a/src/bifs/field_decode.c
++++ b/src/bifs/field_decode.c
+@@ -205,6 +205,7 @@ GF_Err gf_bifs_dec_sf_field(GF_BifsDecoder * codec, GF_BitStream *bs, GF_Node *n
+ 		if (sfcb->buffer) {
+ 			gf_free(sfcb->buffer);
+ 			sfcb->buffer = NULL;
++			sfcb->bufferSize = 0;
+ 		}
+ 		while (gf_list_count(sfcb->commandList)) {
+ 			GF_Command *com = (GF_Command*)gf_list_get(sfcb->commandList, 0);
diff --git a/debian/patches/series b/debian/patches/series
index fadec80..88f8373 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,4 @@ CVE-2022-29339.patch
 CVE-2022-29340.patch
 CVE-2022-30976.patch
 CVE-2022-1035.patch
+CVE-2022-1172.patch