From 6063e11c5e02aefa0f095ec6afacef1c00db1b18 Mon Sep 17 00:00:00 2001
From: jeanlf <jeanlf@gpac.io>
Date: Wed, 4 Jan 2023 11:25:11 +0100
Subject: [PATCH] [PATCH] fixed #2364

Gbp-Pq: Name CVE-2023-23144.patch
---
 src/bifs/unquantize.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/bifs/unquantize.c b/src/bifs/unquantize.c
index a4bfcbf..160e9fe 100644
--- a/src/bifs/unquantize.c
+++ b/src/bifs/unquantize.c
@@ -2,7 +2,7 @@
  *			GPAC - Multimedia Framework C SDK
  *
  *			Authors: Jean Le Feuvre
- *			Copyright (c) Telecom ParisTech 2000-2012
+ *			Copyright (c) Telecom ParisTech 2000-2023
  *					All rights reserved
  *
  *  This file is part of GPAC / BIFS codec sub-project
@@ -284,7 +284,7 @@ GF_Err Q_DecCoordOnUnitSphere(GF_BifsDecoder *codec, GF_BitStream *bs, u32 NbBit
 	s32 value;
 	Fixed tang[4], delta;
 	s32 dir;
-
+	if (NbBits>32) return GF_NON_COMPLIANT_BITSTREAM;
 	if (NbComp != 2 && NbComp != 3) return GF_BAD_PARAM;
 
 	//only 2 or 3 comp in the quantized version
-- 
2.30.2