From 29181ac73338a9633d5a30059975fabefad98cb0 Mon Sep 17 00:00:00 2001
From: Markus Koschany <apo@debian.org>
Date: Sun, 30 Dec 2018 17:39:40 +0100
Subject: [PATCH] CVE-2017-14767

Origin: https://github.com/FFmpeg/FFmpeg/commit/c42a1388a6d1bfd8001bf6a4241d8ca27e49326d

Gbp-Pq: Name CVE-2017-14767.patch
---
 libavformat/rtpdec_h264.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/libavformat/rtpdec_h264.c b/libavformat/rtpdec_h264.c
index abf1f39..72f645f 100644
--- a/libavformat/rtpdec_h264.c
+++ b/libavformat/rtpdec_h264.c
@@ -116,6 +116,11 @@ static int sdp_parse_fmtp_config_h264(AVFormatContext *s,
         codec->extradata_size = 0;
         av_freep(&codec->extradata);
 
+        if (*value == 0 || value[strlen(value) - 1] == ',') {
+             av_log(s, AV_LOG_WARNING, "Missing PPS in sprop-parameter-sets, ignoring\n");
+             return 0;
+         }
+
         while (*value) {
             char base64packet[1024];
             uint8_t decoded_packet[1024];
-- 
2.30.2