From: jeanlf <jeanlf@github.com>
Date: Thu, 9 Sep 2021 13:04:12 +0000 (+0200)
Subject: [PATCH] fixed #1912
X-Git-Tag: archive/raspbian/1.0.1+dfsg1-4+rpi1+deb11u3^2~68
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=d07b4938f2f84252d7f90ae41027fcabba2bcd0b;p=gpac.git

[PATCH] fixed #1912


Gbp-Pq: Name CVE-2021-41459.patch
---

diff --git a/src/filters/dmx_nhml.c b/src/filters/dmx_nhml.c
index bbb5130..084339f 100644
--- a/src/filters/dmx_nhml.c
+++ b/src/filters/dmx_nhml.c
@@ -1021,8 +1021,14 @@ static GF_Err nhmldmx_send_sample(GF_Filter *filter, GF_NHMLDmxCtx *ctx)
 					}
 				}
 			}
-			else if (!stricmp(att->name, "xmlFrom")) strcpy(szXmlFrom, att->value);
-			else if (!stricmp(att->name, "xmlTo")) strcpy(szXmlTo, att->value);
+			else if (!stricmp(att->name, "xmlFrom")) {
+				strncpy(szXmlFrom, att->value, 999);
+				szXmlFrom[999]=0;
+			}
+			else if (!stricmp(att->name, "xmlTo")) {
+				strncpy(szXmlTo, att->value, 999);
+				szXmlTo[999]=0;
+			}
 			/*DIMS flags*/
 			else if (!stricmp(att->name, "is-Scene") && !stricmp(att->value, "yes"))
 				dims_flags |= GF_DIMS_UNIT_S;