1 files changed, 0 insertions, 44 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14171.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14171.patch
deleted file mode 100644
index e2ae2040cf..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14171.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From c24bcb553650b91e9eff15ef6e54ca73de2453b7 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?=E5=AD=99=E6=B5=A9=28=E6=99=93=E9=BB=91=29?=
- <tony.sh@alibaba-inc.com>
-Date: Tue, 29 Aug 2017 23:59:21 +0200
-Subject: [PATCH] avformat/nsvdec: Fix DoS due to lack of eof check in
- nsvs_file_offset loop.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-Fixes: 20170829.nsv
-Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com>
-Found-by: Xiaohei and Wangchu from Alibaba Security Team
-Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-CVE: CVE-2017-14171
-Upstream-Status: Backport
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
- libavformat/nsvdec.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-diff --git a/libavformat/nsvdec.c b/libavformat/nsvdec.c
-index c6ddb67..d8ce656 100644
--- a/libavformat/nsvdec.c
-+++ b/libavformat/nsvdec.c
-@@ -335,8 +335,11 @@ static int nsv_parse_NSVf_header(AVFormatContext *s)
-         if (!nsv->nsvs_file_offset)
-             return AVERROR(ENOMEM);
- 
-        for(i=0;i<table_entries_used;i++)
-+        for(i=0;i<table_entries_used;i++) {
-+            if (avio_feof(pb))
-+                return AVERROR_INVALIDDATA;
-             nsv->nsvs_file_offset[i] = avio_rl32(pb) + size;
-+        }
- 
-         if(table_entries > table_entries_used &&
-            avio_rl32(pb) == MKTAG('T','O','C','2')) {
-- 
-2.1.0

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14171.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14171.patch deleted file mode 100644 index e2ae2040cf..0000000000 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14171.patch +++ /dev/null
@@ -1,44 +0,0 @@
1	From c24bcb553650b91e9eff15ef6e54ca73de2453b7 Mon Sep 17 00:00:00 2001
2	From: =?UTF-8?q?=E5=AD=99=E6=B5=A9=28=E6=99=93=E9=BB=91=29?=
3	<tony.sh@alibaba-inc.com>
4	Date: Tue, 29 Aug 2017 23:59:21 +0200
5	Subject: [PATCH] avformat/nsvdec: Fix DoS due to lack of eof check in
6	nsvs_file_offset loop.
7	MIME-Version: 1.0
8	Content-Type: text/plain; charset=UTF-8
9	Content-Transfer-Encoding: 8bit
10
11	Fixes: 20170829.nsv
12
13	Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com>
14	Found-by: Xiaohei and Wangchu from Alibaba Security Team
15	Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
16
17	CVE: CVE-2017-14171
18	Upstream-Status: Backport
19
20	Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
21	---
22	libavformat/nsvdec.c \| 5 ++++-
23	1 file changed, 4 insertions(+), 1 deletion(-)
24
25	diff --git a/libavformat/nsvdec.c b/libavformat/nsvdec.c
26	index c6ddb67..d8ce656 100644
27	--- a/libavformat/nsvdec.c
28	+++ b/libavformat/nsvdec.c
29	@@ -335,8 +335,11 @@ static int nsv_parse_NSVf_header(AVFormatContext *s)
30	if (!nsv->nsvs_file_offset)
31	return AVERROR(ENOMEM);
32
33	- for(i=0;i<table_entries_used;i++)
34	+ for(i=0;i<table_entries_used;i++) {
35	+ if (avio_feof(pb))
36	+ return AVERROR_INVALIDDATA;
37	nsv->nsvs_file_offset[i] = avio_rl32(pb) + size;
38	+ }
39
40	if(table_entries > table_entries_used &&
41	avio_rl32(pb) == MKTAG('T','O','C','2')) {
42	--
43	2.1.0
44