Headline
CVE-2021-40571: fixed #1895 · gpac/gpac@a69b567
The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges.
Permalink
Browse files
fixed #1895
- Loading branch information
jeanlf committed
Aug 30, 2021
1 parent 86c1566 commit a69b567b8c95c72f9560c873c5ab348be058f340
Showing with 1 addition and 0 deletions.
- +1 −0 src/odf/descriptors.c
1 src/odf/descriptors.c
Show comments View file
@@ -1613,6 +1613,7 @@ GF_AV1Config *gf_odf_av1_cfg_read_bs_size(GF_BitStream *bs, u32 size)
size -= (u32) obu_size;
}
gf_av1_reset_state(& state, GF_TRUE);
gf_bs_align(bs);
return cfg;
#else
return NULL;
0 comments on commit a69b567
Please sign in to comment.