From 167dad8538919815469d7acc3b61788623cd49ad Mon Sep 17 00:00:00 2001
From: jeanlf <jeanlf@gpac.io>
Date: Mon, 19 Dec 2022 12:26:02 +0100
Subject: [PATCH] [PATCH] fixed #2360

Gbp-Pq: Name CVE-2022-47663.patch
---
 src/filters/reframe_h263.c | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/src/filters/reframe_h263.c b/src/filters/reframe_h263.c
index c0f08e4..4b247d8 100644
--- a/src/filters/reframe_h263.c
+++ b/src/filters/reframe_h263.c
@@ -478,7 +478,14 @@ GF_Err h263dmx_process(GF_Filter *filter)
 		if (current>0) {
 			if (!ctx->opid) {
 				if (ctx->bytes_in_header) {
-					ctx->bytes_in_header -= current;
+					if (ctx->bytes_in_header<current) {
+						current-=ctx->bytes_in_header;
+						ctx->bytes_in_header = 0;
+						start += current;
+						remain -= current;
+					} else {
+						ctx->bytes_in_header -= current;
+					}
 				} else {
 					start += current;
 					remain -= current;
@@ -497,8 +504,16 @@ GF_Err h263dmx_process(GF_Filter *filter)
 				if (byte_offset != GF_FILTER_NO_BO) {
 					gf_filter_pck_set_byte_offset(dst_pck, byte_offset - ctx->bytes_in_header);
 				}
-				ctx->bytes_in_header -= current;
 				memcpy(pck_data, ctx->hdr_store, current);
+				//we may have a partial startcode
+				if (current>ctx->bytes_in_header) {
+					current -= ctx->bytes_in_header;
+					start += current;
+					remain -= current;
+					ctx->bytes_in_header = 0;
+				} else {
+					ctx->bytes_in_header -= current;
+				}
 			} else {
 				if (byte_offset != GF_FILTER_NO_BO) {
 					gf_filter_pck_set_byte_offset(dst_pck, byte_offset);
-- 
2.30.2