From e8d19536ef7aa2cacdb33463ef50e079eaa69530 Mon Sep 17 00:00:00 2001
From: jeanlf <jeanlf@gpac.io>
Date: Mon, 5 Jul 2021 16:41:49 +0200
Subject: [PATCH] [PATCH] fixed #1838

Gbp-Pq: Name CVE-2021-36412.patch
---
 src/ietf/rtp_pck_mpeg12.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/ietf/rtp_pck_mpeg12.c b/src/ietf/rtp_pck_mpeg12.c
index c108522..7f2dffa 100644
--- a/src/ietf/rtp_pck_mpeg12.c
+++ b/src/ietf/rtp_pck_mpeg12.c
@@ -123,6 +123,7 @@ GF_Err gp_rtp_builder_do_mpeg12_video(GP_RTPPacketizer *builder, u8 *data, u32 d
 
 	/*no flsuh (no aggregation)*/
 	if (!data) return GF_OK;
+	if (data_size<4) return GF_NON_COMPLIANT_BITSTREAM;
 
 	offset = 0;
 	have_seq = GF_FALSE;
@@ -152,6 +153,7 @@ GF_Err gp_rtp_builder_do_mpeg12_video(GP_RTPPacketizer *builder, u8 *data, u32 d
 	mpv_hdr[3] = 0;
 
 	if ((pic_type==2) || (pic_type== 3)) {
+		if (data_size<5) return GF_NON_COMPLIANT_BITSTREAM;
 		mpv_hdr[3] = (u8) ((((u32)payload[3]) << 5) & 0xf);
 		if ((payload[4] & 0x80) != 0) mpv_hdr[3] |= 0x10;
 		if (pic_type == 3) mpv_hdr[3] |= (payload[4] >> 3) & 0xf;
-- 
2.30.2