forked from jengelh/ffmpeg-4
Jan Engelhardt
eb61ca7811
- Add ffmpeg-CVE-2022-3341.patch: Backport from upstream to fix null pointer dereference in decode_main_header() in libavformat/nutdec.c (bsc#1206778). OBS-URL: https://build.opensuse.org/request/show/1059895 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-4?expand=0&rev=192
45 lines
1.3 KiB
Diff
45 lines
1.3 KiB
Diff
diff --unified --recursive --text --new-file --color ffmpeg-4.4.3.old/libavformat/nutdec.c ffmpeg-4.4.3.new/libavformat/nutdec.c
|
|
--- ffmpeg-4.4.3.old/libavformat/nutdec.c 2022-10-10 03:04:43.000000000 +0800
|
|
+++ ffmpeg-4.4.3.new/libavformat/nutdec.c 2023-01-20 15:33:38.060002545 +0800
|
|
@@ -358,8 +358,12 @@
|
|
ret = AVERROR(ENOMEM);
|
|
goto fail;
|
|
}
|
|
- for (i = 0; i < stream_count; i++)
|
|
- avformat_new_stream(s, NULL);
|
|
+ for (i = 0; i < stream_count; i++) {
|
|
+ if (!avformat_new_stream(s, NULL)) {
|
|
+ ret = AVERROR(ENOMEM);
|
|
+ goto fail;
|
|
+ }
|
|
+ }
|
|
|
|
return 0;
|
|
fail:
|
|
@@ -807,19 +811,23 @@
|
|
NUTContext *nut = s->priv_data;
|
|
AVIOContext *bc = s->pb;
|
|
int64_t pos;
|
|
- int initialized_stream_count;
|
|
+ int initialized_stream_count, ret;
|
|
|
|
nut->avf = s;
|
|
|
|
/* main header */
|
|
pos = 0;
|
|
+ ret = 0;
|
|
do {
|
|
+ if (ret == AVERROR(ENOMEM))
|
|
+ return ret;
|
|
+
|
|
pos = find_startcode(bc, MAIN_STARTCODE, pos) + 1;
|
|
if (pos < 0 + 1) {
|
|
av_log(s, AV_LOG_ERROR, "No main startcode found.\n");
|
|
goto fail;
|
|
}
|
|
- } while (decode_main_header(nut) < 0);
|
|
+ } while ((ret = decode_main_header(nut)) < 0);
|
|
|
|
/* stream headers */
|
|
pos = 0;
|