From 88b675d0027666e480a5c38dc3bac7ac4c1ba9b1 Mon Sep 17 00:00:00 2001
From: Dirk Farin <dirk.farin@gmail.com>
Date: Sat, 4 Mar 2023 10:32:43 +0100
Subject: [PATCH] [PATCH] check whether referenced PPS exists (fixes #393)

Gbp-Pq: Name CVE-2023-27102.patch
---
 libde265/decctx.cc | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/libde265/decctx.cc b/libde265/decctx.cc
index 8881c0c..3eb5daa 100644
--- a/libde265/decctx.cc
+++ b/libde265/decctx.cc
@@ -2276,9 +2276,10 @@ bool decoder_context::process_slice_segment_header(slice_segment_header* hdr,
   // get PPS and SPS for this slice
 
   int pps_id = hdr->slice_pic_parameter_set_id;
-  if (pps[pps_id]->pps_read==false) {
+  if (pps[pps_id]==nullptr || pps[pps_id]->pps_read==false) {
     logerror(LogHeaders, "PPS %d has not been read\n", pps_id);
-    assert(false); // TODO
+    img->decctx->add_warning(DE265_WARNING_NONEXISTING_PPS_REFERENCED, false);
+    return false;
   }
 
   current_pps = pps[pps_id];
-- 
2.30.2