From 3d3dbf88c3db43cca608e1b3ac1c979ed9d57f86 Mon Sep 17 00:00:00 2001 From: jeanlf Date: Mon, 13 Dec 2021 13:31:01 +0100 Subject: [PATCH] [PATCH] fixed #1978 Gbp-Pq: Name CVE-2021-45762.patch --- src/bifs/com_dec.c | 3 ++- src/bifs/field_decode.c | 5 +++-- src/scenegraph/vrml_tools.c | 2 +- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/bifs/com_dec.c b/src/bifs/com_dec.c index ea63580..7b0a1ed 100644 --- a/src/bifs/com_dec.c +++ b/src/bifs/com_dec.c @@ -807,7 +807,8 @@ static GF_Err BD_DecFieldReplace(GF_BifsDecoder * codec, GF_BitStream *bs) } /*regular field*/ else if (!gf_sg_vrml_is_sf_field(field.fieldType)) { - gf_sg_vrml_mf_reset(field.far_ptr, field.fieldType); + e = gf_sg_vrml_mf_reset(field.far_ptr, field.fieldType); + if (e) return e; } /*parse the field*/ diff --git a/src/bifs/field_decode.c b/src/bifs/field_decode.c index b06a872..8527d59 100644 --- a/src/bifs/field_decode.c +++ b/src/bifs/field_decode.c @@ -498,7 +498,8 @@ GF_Err gf_bifs_dec_field(GF_BifsDecoder * codec, GF_BitStream *bs, GF_Node *node * (GF_ChildNodeItem **)field->far_ptr = NULL; } else { //remove all items of the MFField - gf_sg_vrml_mf_reset(field->far_ptr, field->fieldType); + e = gf_sg_vrml_mf_reset(field->far_ptr, field->fieldType); + if (e) return e; } } @@ -530,7 +531,7 @@ GF_Err gf_bifs_dec_field(GF_BifsDecoder * codec, GF_BitStream *bs, GF_Node *node } else { e = BD_DecMFFieldVec(codec, bs, node, field, is_mem_com); } - if (e) return e; + if (e) return codec->LastError = e; } } return GF_OK; diff --git a/src/scenegraph/vrml_tools.c b/src/scenegraph/vrml_tools.c index 26bec0e..5c0852e 100644 --- a/src/scenegraph/vrml_tools.c +++ b/src/scenegraph/vrml_tools.c @@ -1119,7 +1119,7 @@ GF_EXPORT GF_Err gf_sg_vrml_mf_reset(void *mf, u32 FieldType) { GenMFField *mffield = (GenMFField *)mf; - if (!mffield->array) return GF_OK; + if (!mffield || !mffield->array) return GF_OK; //field we can't copy if (gf_sg_vrml_is_sf_field(FieldType)) return GF_BAD_PARAM; -- 2.30.2