forked from jengelh/ffmpeg-6
Accepting request 1170107 from home:qzhao:branches:multimedia:libs
Add ffmpeg-CVE-2023-50007.patch ffmpeg-CVE-2023-50008.patch to fix CVE bugs. OBS-URL: https://build.opensuse.org/request/show/1170107 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-6?expand=0&rev=34
This commit is contained in:
parent
fea91b2355
commit
f667a2bdbf
@ -1,3 +1,17 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Apr 23 14:05:28 UTC 2024 - Cliff Zhao <qzhao@suse.com>
|
||||||
|
|
||||||
|
- Add ffmpeg-CVE-2023-50008.patch:
|
||||||
|
Backporting 5f87a68c from upstream, Fix memory leaks.
|
||||||
|
(CVE-2023-50008 bsc#1223254)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Apr 23 12:22:53 UTC 2024 - Cliff Zhao <qzhao@suse.com>
|
||||||
|
|
||||||
|
- Add ffmpeg-CVE-2023-50007.patch:
|
||||||
|
Backporting b1942734 from upstream, Fix crash with EOF handling.
|
||||||
|
(CVE-2023-50007 bsc#1223253)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Apr 22 12:41:55 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
|
Mon Apr 22 12:41:55 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
|
||||||
|
|
||||||
|
@ -120,7 +120,10 @@ Patch12: 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch
|
|||||||
Patch13: 0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch
|
Patch13: 0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch
|
||||||
Patch90: ffmpeg-chromium.patch
|
Patch90: ffmpeg-chromium.patch
|
||||||
Patch91: ffmpeg-dlopen-openh264.patch
|
Patch91: ffmpeg-dlopen-openh264.patch
|
||||||
|
# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-50007.patch CVE-2023-50007 bsc#1223253 qzhao@suse.com -- Fix crash with EOF handling.
|
||||||
|
Patch92: ffmpeg-CVE-2023-50007.patch
|
||||||
|
# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-50008.patch CVE-2023-50008 bsc#1223254 qzhao@suse.com -- Fix memory leaks.
|
||||||
|
Patch93: ffmpeg-CVE-2023-50008.patch
|
||||||
BuildRequires: ladspa-devel
|
BuildRequires: ladspa-devel
|
||||||
BuildRequires: libgsm-devel
|
BuildRequires: libgsm-devel
|
||||||
BuildRequires: libmp3lame-devel >= 3.98.3
|
BuildRequires: libmp3lame-devel >= 3.98.3
|
||||||
@ -841,6 +844,10 @@ Patch12: 0001-avutil-hwcontext-Don-t-assume-frames_uninit-is-reent.patch
|
|||||||
Patch13: 0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch
|
Patch13: 0001-avfilter-vf_codecview-fix-heap-buffer-overflow.patch
|
||||||
Patch90: ffmpeg-chromium.patch
|
Patch90: ffmpeg-chromium.patch
|
||||||
Patch91: ffmpeg-dlopen-openh264.patch
|
Patch91: ffmpeg-dlopen-openh264.patch
|
||||||
|
# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-50007.patch CVE-2023-50007 bsc#1223253 qzhao@suse.com -- Fix crash with EOF handling.
|
||||||
|
Patch92: ffmpeg-CVE-2023-50007.patch
|
||||||
|
# PATCH-FIX-UPSTREAM ffmpeg-CVE-2023-50008.patch CVE-2023-50008 bsc#1223254 qzhao@suse.com -- Fix memory leaks.
|
||||||
|
Patch93: ffmpeg-CVE-2023-50008.patch
|
||||||
BuildRequires: c_compiler
|
BuildRequires: c_compiler
|
||||||
Requires: this-is-only-for-build-envs
|
Requires: this-is-only-for-build-envs
|
||||||
|
|
||||||
|
67
ffmpeg-CVE-2023-50007.patch
Normal file
67
ffmpeg-CVE-2023-50007.patch
Normal file
@ -0,0 +1,67 @@
|
|||||||
|
commit b1942734c7cbcdc9034034373abcc9ecb9644c47
|
||||||
|
Author: Paul B Mahol <onemda@gmail.com>
|
||||||
|
Date: Mon Nov 27 11:45:34 2023 +0100
|
||||||
|
|
||||||
|
avfilter/af_afwtdn: fix crash with EOF handling
|
||||||
|
|
||||||
|
diff -Nura ffmpeg-6.1.1/libavfilter/af_afwtdn.c ffmpeg-6.1.1_new/libavfilter/af_afwtdn.c
|
||||||
|
--- ffmpeg-6.1.1/libavfilter/af_afwtdn.c 2023-11-11 08:25:17.000000000 +0800
|
||||||
|
+++ ffmpeg-6.1.1_new/libavfilter/af_afwtdn.c 2024-04-25 14:15:23.737350315 +0800
|
||||||
|
@@ -408,6 +408,7 @@
|
||||||
|
|
||||||
|
uint64_t sn;
|
||||||
|
int64_t eof_pts;
|
||||||
|
+ int eof;
|
||||||
|
|
||||||
|
int wavelet_type;
|
||||||
|
int channels;
|
||||||
|
@@ -1069,7 +1070,7 @@
|
||||||
|
s->drop_samples = 0;
|
||||||
|
} else {
|
||||||
|
if (s->padd_samples < 0 && eof) {
|
||||||
|
- out->nb_samples += s->padd_samples;
|
||||||
|
+ out->nb_samples = FFMAX(0, out->nb_samples + s->padd_samples);
|
||||||
|
s->padd_samples = 0;
|
||||||
|
}
|
||||||
|
if (!eof)
|
||||||
|
@@ -1208,23 +1209,26 @@
|
||||||
|
|
||||||
|
FF_FILTER_FORWARD_STATUS_BACK(outlink, inlink);
|
||||||
|
|
||||||
|
- ret = ff_inlink_consume_samples(inlink, s->nb_samples, s->nb_samples, &in);
|
||||||
|
- if (ret < 0)
|
||||||
|
- return ret;
|
||||||
|
- if (ret > 0)
|
||||||
|
- return filter_frame(inlink, in);
|
||||||
|
+ if (!s->eof) {
|
||||||
|
+ ret = ff_inlink_consume_samples(inlink, s->nb_samples, s->nb_samples, &in);
|
||||||
|
+ if (ret < 0)
|
||||||
|
+ return ret;
|
||||||
|
+ if (ret > 0)
|
||||||
|
+ return filter_frame(inlink, in);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (ff_inlink_acknowledge_status(inlink, &status, &pts)) {
|
||||||
|
- if (status == AVERROR_EOF) {
|
||||||
|
- while (s->padd_samples != 0) {
|
||||||
|
- ret = filter_frame(inlink, NULL);
|
||||||
|
- if (ret < 0)
|
||||||
|
- return ret;
|
||||||
|
- }
|
||||||
|
- ff_outlink_set_status(outlink, status, pts);
|
||||||
|
- return ret;
|
||||||
|
- }
|
||||||
|
+ if (status == AVERROR_EOF)
|
||||||
|
+ s->eof = 1;
|
||||||
|
}
|
||||||
|
+
|
||||||
|
+ if (s->eof && s->padd_samples != 0) {
|
||||||
|
+ return filter_frame(inlink, NULL);
|
||||||
|
+ } else if (s->eof) {
|
||||||
|
+ ff_outlink_set_status(outlink, AVERROR_EOF, s->eof_pts);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
FF_FILTER_FORWARD_WANTED(outlink, inlink);
|
||||||
|
|
||||||
|
return FFERROR_NOT_READY;
|
18
ffmpeg-CVE-2023-50008.patch
Normal file
18
ffmpeg-CVE-2023-50008.patch
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
commit 5f87a68cf70dafeab2fb89b42e41a4c29053b89b
|
||||||
|
Author: Paul B Mahol <onemda@gmail.com>
|
||||||
|
Date: Mon Nov 27 12:08:20 2023 +0100
|
||||||
|
|
||||||
|
avfilter/vf_colorcorrect: fix memory leaks
|
||||||
|
|
||||||
|
diff -Nura ffmpeg-6.1.1/libavfilter/vf_colorcorrect.c ffmpeg-6.1.1_new/libavfilter/vf_colorcorrect.c
|
||||||
|
--- ffmpeg-6.1.1/libavfilter/vf_colorcorrect.c 2023-11-11 08:25:17.000000000 +0800
|
||||||
|
+++ ffmpeg-6.1.1_new/libavfilter/vf_colorcorrect.c 2024-04-25 14:35:29.717468737 +0800
|
||||||
|
@@ -497,6 +497,8 @@
|
||||||
|
ColorCorrectContext *s = ctx->priv;
|
||||||
|
|
||||||
|
av_freep(&s->analyzeret);
|
||||||
|
+ av_freep(&s->uhistogram);
|
||||||
|
+ av_freep(&s->vhistogram);
|
||||||
|
}
|
||||||
|
|
||||||
|
static const AVFilterPad colorcorrect_inputs[] = {
|
Loading…
Reference in New Issue
Block a user