diff options
| author | Randy MacLeod <randy.macleod@windriver.com> | 2021-03-10 13:54:51 -0500 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-03-11 14:00:36 +0000 |
| commit | 7bf522c752431159855bb69d090bc407bb197266 (patch) | |
| tree | c239929b04b040ae166f8986de4da39ec0daff8b /meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35965.patch | |
| parent | c6f7c7989be89c8fa1edc036dad053e8e0acf4ad (diff) | |
| download | poky-7bf522c752431159855bb69d090bc407bb197266.tar.gz | |
ffmpeg: upgrade 4.3.1 -> 4.3.2
Remove 2 patches that are included in the n4.3.2 tag.
The commits were cherry-picked back to the 4.3 branch so they
have different commit ids than in the patches:
6d886b6586 lavf/srt: fix build fail when used the libsrt 1.4.1
a53ffb15d8 avcodec/exr: Check ymin vs. h
4f0bdff292 avformat/vividas: improve extradata packing checks in track_header()
(From OE-Core rev: ffdce193f3ab5b8cb16979ee9ae29322b7294c38)
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35965.patch')
| -rw-r--r-- | meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35965.patch | 35 |
1 files changed, 0 insertions, 35 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35965.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35965.patch deleted file mode 100644 index ddab8e9aca..0000000000 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35965.patch +++ /dev/null | |||
| @@ -1,35 +0,0 @@ | |||
| 1 | From 3e5959b3457f7f1856d997261e6ac672bba49e8b Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Michael Niedermayer <michael@niedermayer.cc> | ||
| 3 | Date: Sat, 24 Oct 2020 22:21:48 +0200 | ||
| 4 | Subject: [PATCH] avcodec/exr: Check ymin vs. h | ||
| 5 | |||
| 6 | Fixes: out of array access | ||
| 7 | Fixes: 26532/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5613925708857344 | ||
| 8 | Fixes: 27443/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5631239813595136 | ||
| 9 | |||
| 10 | Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg | ||
| 11 | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> | ||
| 12 | |||
| 13 | Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/3e5959b3457f7f1856d997261e6ac672bba49e8b] | ||
| 14 | |||
| 15 | CVE: CVE-2020-35965 | ||
| 16 | |||
| 17 | Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> | ||
| 18 | Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> | ||
| 19 | --- | ||
| 20 | libavcodec/exr.c | 2 +- | ||
| 21 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
| 22 | |||
| 23 | diff --git a/libavcodec/exr.c b/libavcodec/exr.c | ||
| 24 | index e907c5c46401..8b701d1cd298 100644 | ||
| 25 | --- a/libavcodec/exr.c | ||
| 26 | +++ b/libavcodec/exr.c | ||
| 27 | @@ -1830,7 +1830,7 @@ static int decode_frame(AVCodecContext *avctx, void *data, | ||
| 28 | // Zero out the start if ymin is not 0 | ||
| 29 | for (i = 0; i < planes; i++) { | ||
| 30 | ptr = picture->data[i]; | ||
| 31 | - for (y = 0; y < s->ymin; y++) { | ||
| 32 | + for (y = 0; y < FFMIN(s->ymin, s->h); y++) { | ||
| 33 | memset(ptr, 0, out_line_size); | ||
| 34 | ptr += picture->linesize[i]; | ||
| 35 | } | ||