From: jeanlf <jeanlf@gpac.io>
Date: Fri, 10 Dec 2021 09:02:48 +0000 (+0100)
Subject: [PATCH] fixed #1958
X-Git-Tag: archive/raspbian/1.0.1+dfsg1-4+rpi1+deb11u3^2~58
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=d4dc9a083b97f789fd47a1fbf426b7e5cb0930c0;p=gpac.git

[PATCH] fixed #1958


Gbp-Pq: Name CVE-2021-45292.patch
---

diff --git a/src/isomedia/box_funcs.c b/src/isomedia/box_funcs.c
index fd463bc..38f65dd 100644
--- a/src/isomedia/box_funcs.c
+++ b/src/isomedia/box_funcs.c
@@ -131,6 +131,7 @@ GF_Err gf_isom_box_parse_ex(GF_Box **outBox, GF_BitStream *bs, u32 parent_type,
 			} else {
 				if (!skip_logs) {
 					GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("[iso file] Read Box type %s (0x%08X) at position "LLU" has size 0 but is not at root/file level, skipping\n", gf_4cc_to_str(type), type, start));
+					return GF_EOS;
 				}
 				return GF_OK;
 			}
diff --git a/src/isomedia/hinting.c b/src/isomedia/hinting.c
index 7b01f8d..b77e3d7 100644
--- a/src/isomedia/hinting.c
+++ b/src/isomedia/hinting.c
@@ -676,6 +676,7 @@ GF_Err gf_isom_hint_rtp_read(GF_RTPPacket *ptr, GF_BitStream *bs)
 		while (tempSize < TLVsize) {
 			e = gf_isom_box_parse(&a, bs);
 			if (e) return e;
+			if (!a) continue;
 			gf_list_add(ptr->TLV, a);
 			tempSize += (u32) a->size;
 		}