From 8add0b29d2548dad8c2101d9582603060aa763c4 Mon Sep 17 00:00:00 2001
From: jeanlf <jeanlf@gpac.io>
Date: Sat, 17 Dec 2022 12:11:34 +0100
Subject: [PATCH] [PATCH] fixed #2355

Gbp-Pq: Name CVE-2022-47657.patch
---
 src/media_tools/av_parsers.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/media_tools/av_parsers.c b/src/media_tools/av_parsers.c
index 6dc277a..50efd9e 100644
--- a/src/media_tools/av_parsers.c
+++ b/src/media_tools/av_parsers.c
@@ -7086,6 +7086,11 @@ static Bool hevc_parse_vps_extension(HEVC_VPS *vps, GF_BitStream *bs)
 		else {
 			vps->layer_id_in_nuh[i] = i;
 		}
+		if (vps->layer_id_in_nuh[i] > MAX_LHVC_LAYERS) {
+			GF_LOG(GF_LOG_ERROR, GF_LOG_CODING, ("[HEVC] %d layers in VPS ext but only %d supported in GPAC\n", vps->layer_id_in_nuh[i], MAX_LHVC_LAYERS));
+			vps->layer_id_in_nuh[i] = 0;
+			return -1;
+		}
 		vps->layer_id_in_vps[vps->layer_id_in_nuh[i]] = i;
 
 		if (!splitting_flag) {
-- 
2.30.2