SHA256
1
0
forked from pool/ffmpeg-4

Accepting request 1170359 from multimedia:libs

- Add 0001-avfilter-af_stereowiden-Check-length.patch [boo#1223437, CVE-2023-51794]

OBS-URL: https://build.opensuse.org/request/show/1170359
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ffmpeg-4?expand=0&rev=66
This commit is contained in:
Ana Guerrero 2024-04-29 15:57:27 +00:00 committed by Git OBS Bridge
commit d462070bb2
3 changed files with 36 additions and 0 deletions

View File

@ -0,0 +1,29 @@
From 50f0f8c53c818f73fe2d752708e2fa9d2a2d8a07 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Sat, 23 Dec 2023 04:03:01 +0100
Subject: [PATCH] avfilter/af_stereowiden: Check length
References: https://bugzilla.opensuse.org/1223437
References: CVE-2023-51794
Fixes: out of array access
Fixes: tickets/10746/poc13ffmpeg
Found-by: Zeng Yunxiang
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
libavfilter/af_stereowiden.c | 2 ++
1 file changed, 2 insertions(+)
Index: ffmpeg-4.4.4/libavfilter/af_stereowiden.c
===================================================================
--- ffmpeg-4.4.4.orig/libavfilter/af_stereowiden.c
+++ ffmpeg-4.4.4/libavfilter/af_stereowiden.c
@@ -75,6 +75,8 @@ static int config_input(AVFilterLink *in
s->length = s->delay * inlink->sample_rate / 1000;
s->length *= 2;
+ if (s->length == 0)
+ return AVERROR(EINVAL);
s->buffer = av_calloc(s->length, sizeof(*s->buffer));
if (!s->buffer)
return AVERROR(ENOMEM);

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Fri Apr 26 22:16:48 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
- Add 0001-avfilter-af_stereowiden-Check-length.patch
[boo#1223437, CVE-2023-51794]
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Apr 23 16:14:18 UTC 2024 - Cliff Zhao <qzhao@suse.com> Thu Apr 23 16:14:18 UTC 2024 - Cliff Zhao <qzhao@suse.com>

View File

@ -129,6 +129,7 @@ Patch15: 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch
Patch16: 0001-avfilter-vf_minterpolate-Check-pts-before-division.patch Patch16: 0001-avfilter-vf_minterpolate-Check-pts-before-division.patch
Patch17: ffmpeg-CVE-2023-49502.patch Patch17: ffmpeg-CVE-2023-49502.patch
Patch18: ffmpeg-CVE-2023-51793.patch Patch18: ffmpeg-CVE-2023-51793.patch
Patch19: 0001-avfilter-af_stereowiden-Check-length.patch
BuildRequires: ladspa-devel BuildRequires: ladspa-devel
BuildRequires: libgsm-devel BuildRequires: libgsm-devel
BuildRequires: libmp3lame-devel BuildRequires: libmp3lame-devel