From: Reinhard Tartler <siretart@tauware.de>
Date: Sat, 4 Mar 2023 17:40:10 +0000 (-0500)
Subject: fix segfault in MP4Box, CVE-2022-1035
X-Git-Tag: archive/raspbian/2.0.0+dfsg1-4+rpi1^2~38
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=ed1524120d534d7625367ee9c5345f1dac776388;p=gpac.git

fix segfault in MP4Box, CVE-2022-1035
---

diff --git a/debian/patches/CVE-2022-1035.patch b/debian/patches/CVE-2022-1035.patch
new file mode 100644
index 0000000..f85d5a5
--- /dev/null
+++ b/debian/patches/CVE-2022-1035.patch
@@ -0,0 +1,20 @@
+commit 3718d583c6ade191dc7979c64f48c001ca6f0243
+Author: jeanlf <jeanlf@gpac.io>
+Date:   Thu Mar 17 12:00:55 2022 +0100
+
+    fixed #2146
+
+diff --git a/src/scene_manager/scene_dump.c b/src/scene_manager/scene_dump.c
+index 3104d23c3..6fe250f52 100644
+--- a/src/scene_manager/scene_dump.c
++++ b/src/scene_manager/scene_dump.c
+@@ -755,8 +755,7 @@ static void gf_dump_vrml_simple_field(GF_SceneDumper *sdump, GF_FieldInfo field,
+ 
+ 	switch (field.fieldType) {
+ 	case GF_SG_VRML_SFNODE:
+-		assert ( *(GF_Node **)field.far_ptr);
+-		gf_dump_vrml_node(sdump, *(GF_Node **)field.far_ptr, 0, NULL);
++		gf_dump_vrml_node(sdump, field.far_ptr ? *(GF_Node **)field.far_ptr : NULL, 0, NULL);
+ 		return;
+ 	case GF_SG_VRML_MFNODE:
+ 		list = * ((GF_ChildNodeItem **) field.far_ptr);
diff --git a/debian/patches/series b/debian/patches/series
index 68e6b04..fadec80 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -3,3 +3,4 @@ dont-err-build-on-uknown-system.patch
 CVE-2022-29339.patch
 CVE-2022-29340.patch
 CVE-2022-30976.patch
+CVE-2022-1035.patch