Headline
CVE-2021-40562: fixed #1901 · gpac/gpac@5dd71c7
A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.
@@ -1352,9 +1352,9 @@ void naludmx_create_avc_decoder_config(GF_NALUDmxCtx *ctx, u8 **dsi, u32 *dsi_si
else
DeltaTfiDivisorIdx = (ctx->avc_state->sei.pic_timing.pic_struct+1) / 2;
}
if (!ctx->timescale) {
if (!ctx->timescale && sps->vui.time_scale && sps->vui.num_units_in_tick) {
ctx->cur_fps.num = 2 * sps->vui.time_scale;
ctx->cur_fps.den = 2 * sps->vui.num_units_in_tick * DeltaTfiDivisorIdx;
ctx->cur_fps.den = 2 * sps->vui.num_units_in_tick * DeltaTfiDivisorIdx;
if (!ctx->fps.num && ctx->dts==ctx->fps.den)
ctx->dts = ctx->cur_fps.den;