summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTony Tascioglu <tony.tascioglu@windriver.com>2021-07-27 16:20:42 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-07-28 23:47:00 +0100
commit7de4c20e62a0fccede641232a504f2818c05b366 (patch)
treef67532e9e83ac5db220bc4fefc8034ec7e726e28
parentc31188d721d02ee4a61280426ab6f328c2c7f059 (diff)
downloadpoky-7de4c20e62a0fccede641232a504f2818c05b366.tar.gz
ffmpeg: fix-CVE-2020-20446
avcodec/aacpsy: Avoid floating point division by 0 of norm_fac Fixes: Ticket7995 Fixes: CVE-2020-20446 (From OE-Core rev: d3806b2add3060649c2d488fb9208a106573d523) Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> CVE: CVE-2020-20446 Upstream-Status: Backport [223b5e8ac9f6461bb13ed365419ec485c5b2b002] Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch35
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb1
2 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch
new file mode 100644
index 0000000000..f048c2e715
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch
@@ -0,0 +1,35 @@
1From 223b5e8ac9f6461bb13ed365419ec485c5b2b002 Mon Sep 17 00:00:00 2001
2From: Michael Niedermayer <michael@niedermayer.cc>
3Date: Fri, 28 May 2021 20:18:25 +0200
4Subject: [PATCH] avcodec/aacpsy: Avoid floating point division by 0 of
5 norm_fac
6
7Fixes: Ticket7995
8Fixes: CVE-2020-20446
9
10Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
11
12CVE: CVE-2020-20446
13Upstream-Status: Backport [223b5e8ac9f6461bb13ed365419ec485c5b2b002]
14
15Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
16---
17 libavcodec/aacpsy.c | 2 +-
18 1 file changed, 1 insertion(+), 1 deletion(-)
19
20diff --git a/libavcodec/aacpsy.c b/libavcodec/aacpsy.c
21index 482113d427..e51d29750b 100644
22--- a/libavcodec/aacpsy.c
23+++ b/libavcodec/aacpsy.c
24@@ -794,7 +794,7 @@ static void psy_3gpp_analyze_channel(FFPsyContext *ctx, int channel,
25
26 if (pe < 1.15f * desired_pe) {
27 /* 6.6.1.3.6 "Final threshold modification by linearization" */
28- norm_fac = 1.0f / norm_fac;
29+ norm_fac = norm_fac ? 1.0f / norm_fac : 0;
30 for (w = 0; w < wi->num_windows*16; w += 16) {
31 for (g = 0; g < num_bands; g++) {
32 AacPsyBand *band = &pch->band[w+g];
33--
342.32.0
35
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb
index 3ed009bbb7..00640f3cb3 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb
@@ -25,6 +25,7 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
25 25
26SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \ 26SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
27 file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \ 27 file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \
28 file://fix-CVE-2020-20446.patch \
28 " 29 "
29SRC_URI[sha256sum] = "06b10a183ce5371f915c6bb15b7b1fffbe046e8275099c96affc29e17645d909" 30SRC_URI[sha256sum] = "06b10a183ce5371f915c6bb15b7b1fffbe046e8275099c96affc29e17645d909"
30 31