From 7461972b10f8a9e8ebf8c1ba31dab91a50ff326a Mon Sep 17 00:00:00 2001
From: Reinhard Tartler <siretart@tauware.de>
Date: Sat, 4 Mar 2023 12:41:23 -0500
Subject: [PATCH] Fix null pointer dereference in gf_bifs_dec_sf_field,
 CVE-2022-1172

---
 debian/patches/CVE-2022-1172.patch | 18 ++++++++++++++++++
 debian/patches/series              |  1 +
 2 files changed, 19 insertions(+)
 create mode 100644 debian/patches/CVE-2022-1172.patch

diff --git a/debian/patches/CVE-2022-1172.patch b/debian/patches/CVE-2022-1172.patch
new file mode 100644
index 0000000..803d277
--- /dev/null
+++ b/debian/patches/CVE-2022-1172.patch
@@ -0,0 +1,18 @@
+commit 55a183e6b8602369c04ea3836e05436a79fbc7f8
+Author: jeanlf <jeanlf@gpac.io>
+Date:   Tue Mar 29 16:51:46 2022 +0200
+
+    fixed #2153
+
+diff --git a/src/bifs/field_decode.c b/src/bifs/field_decode.c
+index fe53c0821..5537da7d3 100644
+--- a/src/bifs/field_decode.c
++++ b/src/bifs/field_decode.c
+@@ -205,6 +205,7 @@ GF_Err gf_bifs_dec_sf_field(GF_BifsDecoder * codec, GF_BitStream *bs, GF_Node *n
+ 		if (sfcb->buffer) {
+ 			gf_free(sfcb->buffer);
+ 			sfcb->buffer = NULL;
++			sfcb->bufferSize = 0;
+ 		}
+ 		while (gf_list_count(sfcb->commandList)) {
+ 			GF_Command *com = (GF_Command*)gf_list_get(sfcb->commandList, 0);
diff --git a/debian/patches/series b/debian/patches/series
index fadec80..88f8373 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -4,3 +4,4 @@ CVE-2022-29339.patch
 CVE-2022-29340.patch
 CVE-2022-30976.patch
 CVE-2022-1035.patch
+CVE-2022-1172.patch
-- 
2.30.2