Accepting request 921459 from home:AZhou:branches:multimedia:libs
- Add ffmpeg-CVE-2020-22037.patch: Backport from upstream to fix denial of service vulnerability exists due to a memory leak in avcodec_alloc_context3 at options.c (bsc#1186756). OBS-URL: https://build.opensuse.org/request/show/921459 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-4?expand=0&rev=170
This commit is contained in:
parent
691f3202a0
commit
163fe1db7e
@ -1,3 +1,10 @@
|
||||
-------------------------------------------------------------------
|
||||
Sun Sep 26 02:44:57 UTC 2021 - Alynx Zhou <alynx.zhou@suse.com>
|
||||
|
||||
- Add ffmpeg-CVE-2020-22037.patch: Backport from upstream to fix
|
||||
denial of service vulnerability exists due to a memory leak in
|
||||
avcodec_alloc_context3 at options.c (bsc#1186756).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 27 07:09:15 UTC 2021 - Alynx Zhou <alynx.zhou@suse.com>
|
||||
|
||||
|
@ -121,6 +121,7 @@ Patch9: ffmpeg-4.4-CVE-2020-22046.patch
|
||||
Patch10: ffmpeg-CVE-2021-33815.patch
|
||||
Patch11: ffmpeg-CVE-2021-38114.patch
|
||||
Patch12: ffmpeg-CVE-2021-38171.patch
|
||||
Patch13: ffmpeg-CVE-2020-22037.patch
|
||||
BuildRequires: ladspa-devel
|
||||
BuildRequires: libgsm-devel
|
||||
BuildRequires: libmp3lame-devel
|
||||
|
56
ffmpeg-CVE-2020-22037.patch
Normal file
56
ffmpeg-CVE-2020-22037.patch
Normal file
@ -0,0 +1,56 @@
|
||||
diff --unified --recursive --text --new-file --color ffmpeg-4.4.old/libavcodec/frame_thread_encoder.c ffmpeg-4.4.new/libavcodec/frame_thread_encoder.c
|
||||
--- ffmpeg-4.4.old/libavcodec/frame_thread_encoder.c 2021-04-09 05:28:39.000000000 +0800
|
||||
+++ ffmpeg-4.4.new/libavcodec/frame_thread_encoder.c 2021-09-26 10:51:25.616140633 +0800
|
||||
@@ -124,7 +124,7 @@
|
||||
int ff_frame_thread_encoder_init(AVCodecContext *avctx, AVDictionary *options){
|
||||
int i=0;
|
||||
ThreadContext *c;
|
||||
-
|
||||
+ AVCodecContext *thread_avctx = NULL;
|
||||
|
||||
if( !(avctx->thread_type & FF_THREAD_FRAME)
|
||||
|| !(avctx->codec->capabilities & AV_CODEC_CAP_FRAME_THREADS))
|
||||
@@ -205,16 +205,17 @@
|
||||
AVDictionary *tmp = NULL;
|
||||
int ret;
|
||||
void *tmpv;
|
||||
- AVCodecContext *thread_avctx = avcodec_alloc_context3(avctx->codec);
|
||||
+ thread_avctx = avcodec_alloc_context3(avctx->codec);
|
||||
if(!thread_avctx)
|
||||
goto fail;
|
||||
tmpv = thread_avctx->priv_data;
|
||||
*thread_avctx = *avctx;
|
||||
+ thread_avctx->priv_data = tmpv;
|
||||
+ thread_avctx->internal = NULL;
|
||||
+ thread_avctx->hw_frames_ctx = NULL;
|
||||
ret = av_opt_copy(thread_avctx, avctx);
|
||||
if (ret < 0)
|
||||
goto fail;
|
||||
- thread_avctx->priv_data = tmpv;
|
||||
- thread_avctx->internal = NULL;
|
||||
if (avctx->codec->priv_class) {
|
||||
int ret = av_opt_copy(thread_avctx->priv_data, avctx->priv_data);
|
||||
if (ret < 0)
|
||||
@@ -243,6 +244,8 @@
|
||||
|
||||
return 0;
|
||||
fail:
|
||||
+ avcodec_close(thread_avctx);
|
||||
+ av_freep(&thread_avctx);
|
||||
avctx->thread_count = i;
|
||||
av_log(avctx, AV_LOG_ERROR, "ff_frame_thread_encoder_init failed\n");
|
||||
ff_frame_thread_encoder_free(avctx);
|
||||
diff --unified --recursive --text --new-file --color ffmpeg-4.4.old/libavcodec/frame_thread_encoder.h ffmpeg-4.4.new/libavcodec/frame_thread_encoder.h
|
||||
--- ffmpeg-4.4.old/libavcodec/frame_thread_encoder.h 2021-04-09 05:28:39.000000000 +0800
|
||||
+++ ffmpeg-4.4.new/libavcodec/frame_thread_encoder.h 2021-09-26 10:52:37.122774657 +0800
|
||||
@@ -23,6 +23,10 @@
|
||||
|
||||
#include "avcodec.h"
|
||||
|
||||
+/**
|
||||
+ * Initialize frame thread encoder.
|
||||
+ * @note hardware encoders are not supported
|
||||
+ */
|
||||
int ff_frame_thread_encoder_init(AVCodecContext *avctx, AVDictionary *options);
|
||||
void ff_frame_thread_encoder_free(AVCodecContext *avctx);
|
||||
int ff_thread_video_encode_frame(AVCodecContext *avctx, AVPacket *pkt,
|
Loading…
Reference in New Issue
Block a user