forked from pool/ffmpeg-5
- Add 0001-avfilter-af_stereowiden-Check-length.patch
[boo#1223437, CVE-2023-51794] OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-5?expand=0&rev=94
This commit is contained in:
parent
ccf5285d75
commit
b8335667a6
29
0001-avfilter-af_stereowiden-Check-length.patch
Normal file
29
0001-avfilter-af_stereowiden-Check-length.patch
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
From 50f0f8c53c818f73fe2d752708e2fa9d2a2d8a07 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Michael Niedermayer <michael@niedermayer.cc>
|
||||||
|
Date: Sat, 23 Dec 2023 04:03:01 +0100
|
||||||
|
Subject: [PATCH] avfilter/af_stereowiden: Check length
|
||||||
|
References: https://bugzilla.opensuse.org/1223437
|
||||||
|
References: CVE-2023-51794
|
||||||
|
|
||||||
|
Fixes: out of array access
|
||||||
|
Fixes: tickets/10746/poc13ffmpeg
|
||||||
|
|
||||||
|
Found-by: Zeng Yunxiang
|
||||||
|
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
||||||
|
---
|
||||||
|
libavfilter/af_stereowiden.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
Index: ffmpeg-4.4.4/libavfilter/af_stereowiden.c
|
||||||
|
===================================================================
|
||||||
|
--- ffmpeg-4.4.4.orig/libavfilter/af_stereowiden.c
|
||||||
|
+++ ffmpeg-4.4.4/libavfilter/af_stereowiden.c
|
||||||
|
@@ -75,6 +75,8 @@ static int config_input(AVFilterLink *in
|
||||||
|
|
||||||
|
s->length = s->delay * inlink->sample_rate / 1000;
|
||||||
|
s->length *= 2;
|
||||||
|
+ if (s->length == 0)
|
||||||
|
+ return AVERROR(EINVAL);
|
||||||
|
s->buffer = av_calloc(s->length, sizeof(*s->buffer));
|
||||||
|
if (!s->buffer)
|
||||||
|
return AVERROR(ENOMEM);
|
@ -5,6 +5,12 @@ Tue Apr 27 11:38:35 UTC 2024 - Cliff Zhao <qzhao@suse.com>
|
|||||||
Backporting e4d2666b from upstream, fixes the out of array access.
|
Backporting e4d2666b from upstream, fixes the out of array access.
|
||||||
(CVE-2023-50010 bsc#1223256)
|
(CVE-2023-50010 bsc#1223256)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Apr 26 22:16:48 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
|
||||||
|
|
||||||
|
- Add 0001-avfilter-af_stereowiden-Check-length.patch
|
||||||
|
[boo#1223437, CVE-2023-51794]
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Apr 26 12:18:26 UTC 2024 - Cliff Zhao <qzhao@suse.com>
|
Tue Apr 26 12:18:26 UTC 2024 - Cliff Zhao <qzhao@suse.com>
|
||||||
|
|
||||||
|
@ -118,6 +118,7 @@ Patch13: 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch
|
|||||||
Patch14: 0001-avfilter-avf_showspectrum-fix-off-by-1-error.patch
|
Patch14: 0001-avfilter-avf_showspectrum-fix-off-by-1-error.patch
|
||||||
Patch15: 0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch
|
Patch15: 0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch
|
||||||
Patch16: 0001-avfilter-f_reverse-Apply-PTS-compensation-only-when-.patch
|
Patch16: 0001-avfilter-f_reverse-Apply-PTS-compensation-only-when-.patch
|
||||||
|
Patch17: 0001-avfilter-af_stereowiden-Check-length.patch
|
||||||
Patch90: ffmpeg-chromium.patch
|
Patch90: ffmpeg-chromium.patch
|
||||||
Patch91: ffmpeg-dlopen-openh264.patch
|
Patch91: ffmpeg-dlopen-openh264.patch
|
||||||
Patch93: soname.diff
|
Patch93: soname.diff
|
||||||
@ -851,6 +852,7 @@ Patch13: 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch
|
|||||||
Patch14: 0001-avfilter-avf_showspectrum-fix-off-by-1-error.patch
|
Patch14: 0001-avfilter-avf_showspectrum-fix-off-by-1-error.patch
|
||||||
Patch15: 0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch
|
Patch15: 0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch
|
||||||
Patch16: 0001-avfilter-f_reverse-Apply-PTS-compensation-only-when-.patch
|
Patch16: 0001-avfilter-f_reverse-Apply-PTS-compensation-only-when-.patch
|
||||||
|
Patch17: 0001-avfilter-af_stereowiden-Check-length.patch
|
||||||
Patch90: ffmpeg-chromium.patch
|
Patch90: ffmpeg-chromium.patch
|
||||||
Patch91: ffmpeg-dlopen-openh264.patch
|
Patch91: ffmpeg-dlopen-openh264.patch
|
||||||
Patch93: soname.diff
|
Patch93: soname.diff
|
||||||
|
Loading…
Reference in New Issue
Block a user