summaryrefslogtreecommitdiffstats
path: root/meta/recipes-multimedia
diff options
context:
space:
mode:
authorVirendra Thakur <virendra.thakur@kpit.com>2022-05-31 17:55:27 +0530
committerRichard Purdie <richard.purdie@linuxfoundation.org>2022-06-04 12:16:58 +0100
commit38b588a1a12faa62fb09d55f5fbcf891915262c9 (patch)
tree55f116d6681fb8bd5432b97eed031ec33279970c /meta/recipes-multimedia
parentf0d18846de3b5c69d85334e47b74c8d085b058de (diff)
downloadpoky-38b588a1a12faa62fb09d55f5fbcf891915262c9.tar.gz
ffmpeg: Fix for CVE-2022-1475
Add patch to fix CVE-2022-1475 (From OE-Core rev: 2a97ba89f236b751b333622fbbc14180e9b72245) Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-multimedia')
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch36
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb1
2 files changed, 37 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch
new file mode 100644
index 0000000000..bd8a08a216
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch
@@ -0,0 +1,36 @@
1From: Michael Niedermayer <michael@niedermayer.cc>
2Date: Sun, 27 Feb 2022 14:43:04 +0100
3Subject: [PATCH] avcodec/g729_parser: Check channels
4
5Fixes: signed integer overflow: 10 * 808464428 cannot be represented in type 'int'
6Fixes: assertion failure
7Fixes: ticket9651
8
9Reviewed-by: Paul B Mahol <onemda@gmail.com>
10Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
11(cherry picked from commit 757da974b21833529cc41bdcc9684c29660cdfa8)
12Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
13
14CVE: CVE-2022-1475
15Upstream-Status: Backport [https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=e9e2ddbc6c78cc18b76093617f82c920e58a8d1f]
16Comment: Patch is refreshed as per ffmpeg codebase
17Signed-off-by: Virendra Thakur <virendra.thakur@kpit.com>
18
19---
20 libavcodec/g729_parser.c | 3 +++
21 1 file changed, 3 insertions(+)
22
23Index: ffmpeg-4.2.2/libavcodec/g729_parser.c
24===================================================================
25--- a/libavcodec/g729_parser.c
26+++ b/libavcodec/g729_parser.c
27@@ -48,6 +48,9 @@ static int g729_parse(AVCodecParserConte
28 av_assert1(avctx->codec_id == AV_CODEC_ID_G729);
29 /* FIXME: replace this heuristic block_size with more precise estimate */
30 s->block_size = (avctx->bit_rate < 8000) ? G729D_6K4_BLOCK_SIZE : G729_8K_BLOCK_SIZE;
31+ // channels > 2 is invalid, we pass the packet on unchanged
32+ if (avctx->channels > 2)
33+ s->block_size = 0;
34 s->block_size *= avctx->channels;
35 s->duration = avctx->frame_size;
36 }
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb
index 1d6f2e528b..cbfdbf0563 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb
@@ -29,6 +29,7 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
29 file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \ 29 file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \
30 file://CVE-2021-3566.patch \ 30 file://CVE-2021-3566.patch \
31 file://CVE-2021-38291.patch \ 31 file://CVE-2021-38291.patch \
32 file://CVE-2022-1475.patch \
32 " 33 "
33SRC_URI[md5sum] = "348956fc2faa57a2f79bbb84ded9fbc3" 34SRC_URI[md5sum] = "348956fc2faa57a2f79bbb84ded9fbc3"
34SRC_URI[sha256sum] = "cb754255ab0ee2ea5f66f8850e1bd6ad5cac1cd855d0a2f4990fb8c668b0d29c" 35SRC_URI[sha256sum] = "cb754255ab0ee2ea5f66f8850e1bd6ad5cac1cd855d0a2f4990fb8c668b0d29c"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-25 13:01:43 +0000