From: jeanlf <jeanlf@gpac.io>
Date: Mon, 10 May 2021 09:31:19 +0000 (+0200)
Subject: [PATCH] fixed #1786 (fuzz)
X-Git-Tag: archive/raspbian/1.0.1+dfsg1-4+rpi1+deb11u3^2~66
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=d361b56fd55a8c60410a48e25a8bbf6620c5f5c5;p=gpac.git

[PATCH] fixed #1786 (fuzz)


Gbp-Pq: Name CVE-2021-33363.patch
---

diff --git a/src/isomedia/box_code_meta.c b/src/isomedia/box_code_meta.c
index 6c571c4..cdec9cf 100644
--- a/src/isomedia/box_code_meta.c
+++ b/src/isomedia/box_code_meta.c
@@ -568,10 +568,13 @@ GF_Err infe_box_read(GF_Box *s, GF_BitStream *bs)
 				ptr->content_type = (char*)gf_malloc(sizeof(char)*string_len);
 				if (!ptr->content_type) return GF_OUT_OF_MEM;
 				memcpy(ptr->content_type, buf+string_start, string_len);
-			} else {
+			} else if (!ptr->content_encoding) {
 				ptr->content_encoding = (char*)gf_malloc(sizeof(char)*string_len);
 				if (!ptr->content_encoding) return GF_OUT_OF_MEM;
 				memcpy(ptr->content_encoding, buf+string_start, string_len);
+			} else {
+				//we could throw an error but we silently accept this infe
+				break;
 			}
 			string_start += string_len;
 			string_len = 0;