From: Aurelien David <aurelien.david@telecom-paristech.fr>
Date: Thu, 11 Apr 2019 12:54:53 +0000 (+0200)
Subject: [PATCH] fix buffer overrun in gf_bin128_parse
X-Git-Tag: archive/raspbian/1.0.1+dfsg1-4+rpi1~1^2^2^2~1
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=8ae0fed7e08adef61961cfa254743303dd0ed642;p=gpac.git

[PATCH] fix buffer overrun in gf_bin128_parse

closes #1204
closes #1205

Gbp-Pq: Name CVE-2019-11222.patch
---

diff --git a/src/utils/os_divers.c b/src/utils/os_divers.c
index d44f095..1411fe9 100644
--- a/src/utils/os_divers.c
+++ b/src/utils/os_divers.c
@@ -1969,6 +1969,11 @@ GF_Err gf_bin128_parse(char *string, bin128 value)
 			sscanf(szV, "%x", &v);
 			value[i] = v;
 			i++;
+			if (i > 15) {
+				// force error check below
+				i++;
+				break;
+			}
 		}
 	}
 	if (i != 16) {