Add ffmpeg-4-CVE-2024-32230.patch to fix CVE issue.

2024-07-31 01:59:16 +08:00 · 2024-07-31 01:59:16 +08:00 · 3208345200
commit 3208345200
parent d4a851e48e
3 changed files with 32 additions and 1 deletions
--- a/ffmpeg-4-CVE-2024-32230.patch
+++ b/ffmpeg-4-CVE-2024-32230.patch
@ -0,0 +1,23 @@
+commit 96449cfeaeb95fcfd7a2b8d9ccf7719e97471ed1
+Author: Michael Niedermayer <michael@niedermayer.cc>
+Date:   Mon Apr 8 18:38:42 2024 +0200
+
+    avcodec/mpegvideo_enc: Fix 1 line and one column images
+    
+    Fixes: Ticket10952
+    Fixes: poc21ffmpeg
+    Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+
+--- ffmpeg-4.4.4/libavcodec/mpegvideo_enc.c
+++ ffmpeg-4.4.4_new/libavcodec/mpegvideo_enc.c
+@@ -1263,8 +1263,8 @@
+                     int dst_stride = i ? s->uvlinesize : s->linesize;
+                     int h_shift = i ? h_chroma_shift : 0;
+                     int v_shift = i ? v_chroma_shift : 0;
+-                    int w = s->width  >> h_shift;
+-                    int h = s->height >> v_shift;
+                    int w = AV_CEIL_RSHIFT(s->width , h_shift);
+                    int h = AV_CEIL_RSHIFT(s->height, v_shift);
+                     uint8_t *src = pic_arg->data[i];
+                     uint8_t *dst = pic->f->data[i];
+                     int vpad = 16;
--- a/ffmpeg-4.changes
+++ b/ffmpeg-4.changes
@ -4,6 +4,13 @@ Fri Jul 26 13:19:42 UTC 2024 - Filip Kastl <filip.kastl@suse.com>
 - Add ffmpeg-c99.patch so that the package conforms to the C99
  standard and builds on i586 with GCC 14.

+-------------------------------------------------------------------
+Tue Jul  2 12:26:28 UTC 2024 - Cliff Zhao <qzhao@suse.com>
+
+- Add ffmpeg-4-CVE-2024-32230.patch:
+  Backporting 96449cfe from upstream, Fix 1 line and one column images.
+  (CVE-2024-32230, bsc#1227296)
+
 -------------------------------------------------------------------
 Tue Apr 27 11:38:35 UTC 2024 - Cliff Zhao <qzhao@suse.com>

--- a/ffmpeg-4.spec
+++ b/ffmpeg-4.spec
@ -131,7 +131,8 @@ Patch17:        ffmpeg-CVE-2023-49502.patch
 Patch18:        ffmpeg-CVE-2023-51793.patch
 Patch19:        0001-avfilter-af_stereowiden-Check-length.patch
 Patch20:        ffmpeg-CVE-2023-50010.patch
-Patch21:        ffmpeg-c99.patch
+Patch21:        ffmpeg-4-CVE-2024-32230.patch
+Patch22:        ffmpeg-c99.patch
 BuildRequires:  ladspa-devel
 BuildRequires:  libgsm-devel
 BuildRequires:  libmp3lame-devel