From 99b51c93f7447d78eab80b7ecbe6da34ce40cf87 Mon Sep 17 00:00:00 2001
From: Reinhard Tartler <siretart@tauware.de>
Date: Fri, 15 Feb 2019 06:37:15 -0500
Subject: [PATCH] Add CVE-2018-20760.patch

---
 debian/patches/CVE-2018-20760.patch | 18 ++++++++++++++++++
 debian/patches/series               |  1 +
 2 files changed, 19 insertions(+)
 create mode 100644 debian/patches/CVE-2018-20760.patch

diff --git a/debian/patches/CVE-2018-20760.patch b/debian/patches/CVE-2018-20760.patch
new file mode 100644
index 0000000..b112264
--- /dev/null
+++ b/debian/patches/CVE-2018-20760.patch
@@ -0,0 +1,18 @@
+commit 4c1360818fc8948e9307059fba4dc47ba8ad255d
+Author: Aurelien David <aurelien.david@telecom-paristech.fr>
+Date:   Thu Dec 13 14:39:21 2018 +0100
+Description: CVE-2018-20760
+
+    check error code on call to gf_utf8_wcstombs (#1177)
+
+--- a/src/media_tools/text_import.c
++++ b/src/media_tools/text_import.c
+@@ -292,6 +292,8 @@ char *gf_text_get_utf8_line(char *szLine
+ 	}
+ 	sptr = (u16 *)szLine;
+ 	i = (u32) gf_utf8_wcstombs(szLineConv, 1024, (const unsigned short **) &sptr);
++	if (i >= (u32)ARRAY_LENGTH(szLineConv))
++		return NULL;
+ 	szLineConv[i] = 0;
+ 	strcpy(szLine, szLineConv);
+ 	/*this is ugly indeed: since input is UTF16-LE, there are many chances the fgets never reads the \0 after a \n*/
diff --git a/debian/patches/series b/debian/patches/series
index 5dadc4b..4b5131a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,3 +9,4 @@ fix_makefile_install.patch
 CVE-2018-7752.patch
 CVE-2018-20762.patch
 CVE-2018-20763.patch
+CVE-2018-20760.patch
-- 
2.30.2