ffmpeg-4/ffmpeg-CVE-2020-22046.patch

From 097c917c147661f5378dae8fe3f7e46f43236426 Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
Date: Thu, 17 Oct 2019 11:11:55 +0200
Subject: [PATCH] avcodec/ac3enc: Fix memleak

Fixes ticket #8294.

Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
---
 libavcodec/ac3enc.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/libavcodec/ac3enc.c b/libavcodec/ac3enc.c
index 76872a8fe0..25318f8631 100644
--- a/libavcodec/ac3enc.c
+++ b/libavcodec/ac3enc.c
@@ -2051,7 +2051,8 @@ av_cold int ff_ac3_encode_close(AVCodecContext *avctx)
         av_freep(&block->cpl_coord_mant);
     }
 
-    s->mdct_end(s);
+    if (s->mdct_end)
+        s->mdct_end(s);
 
     return 0;
 }
@@ -2433,7 +2434,7 @@ av_cold int ff_ac3_encode_init(AVCodecContext *avctx)
 
     ret = validate_options(s);
     if (ret)
-        return ret;
+        goto init_fail;
 
     avctx->frame_size = AC3_BLOCK_SIZE * s->num_blocks;
     avctx->initial_padding = AC3_BLOCK_SIZE;
-- 
2.32.0
Accepting request 904700 from home:AZhou:branches:multimedia:libs - Add ffmpeg-CVE-2020-22046.patch: Backport from upstream to fix a denial of service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c (bsc#1186849). - Add ffmpeg-CVE-2021-33815.patch: Backport from upstream to fix dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked (bsc#1186865). OBS-URL: https://build.opensuse.org/request/show/904700 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-4?expand=0&rev=166 2021-07-08 15:26:34 +02:00			`From 097c917c147661f5378dae8fe3f7e46f43236426 Mon Sep 17 00:00:00 2001`
			`From: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>`
			`Date: Thu, 17 Oct 2019 11:11:55 +0200`
			`Subject: [PATCH] avcodec/ac3enc: Fix memleak`

			`Fixes ticket #8294.`

			`Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>`
			`---`
			`libavcodec/ac3enc.c \| 5 +++--`
			`1 file changed, 3 insertions(+), 2 deletions(-)`

			`diff --git a/libavcodec/ac3enc.c b/libavcodec/ac3enc.c`
			`index 76872a8fe0..25318f8631 100644`
			`--- a/libavcodec/ac3enc.c`
			`+++ b/libavcodec/ac3enc.c`
			`@@ -2051,7 +2051,8 @@ av_cold int ff_ac3_encode_close(AVCodecContext *avctx)`
			`av_freep(&block->cpl_coord_mant);`
			`}`

			`- s->mdct_end(s);`
			`+ if (s->mdct_end)`
			`+ s->mdct_end(s);`

			`return 0;`
			`}`
			`@@ -2433,7 +2434,7 @@ av_cold int ff_ac3_encode_init(AVCodecContext *avctx)`

			`ret = validate_options(s);`
			`if (ret)`
			`- return ret;`
			`+ goto init_fail;`

			`avctx->frame_size = AC3_BLOCK_SIZE * s->num_blocks;`
			`avctx->initial_padding = AC3_BLOCK_SIZE;`
			`--`
			`2.32.0`