1 files changed, 38 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14223.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14223.patch
new file mode 100644
index 0000000000..d1fef6b144
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14223.patch
@@ -0,0 +1,38 @@
+From afc9c683ed9db01edb357bc8c19edad4282b3a97 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Tue, 5 Sep 2017 00:16:29 +0200
+Subject: [PATCH] avformat/asfdec: Fix DoS in asf_build_simple_index()
+Fixes: Missing EOF check in loop
+No testcase
+Found-by: Xiaohei and Wangchu from Alibaba Security Team
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+CVE: CVE-2017-14223
+Upstream-Status: Backport
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ libavformat/asfdec_f.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+diff --git a/libavformat/asfdec_f.c b/libavformat/asfdec_f.c
+index f3acbae..cc648b9 100644
+--- a/libavformat/asfdec_f.c
+++ b/libavformat/asfdec_f.c
+@@ -1610,6 +1610,11 @@ static int asf_build_simple_index(AVFormatContext *s, int stream_index)
+             int64_t pos       = s->internal->data_offset + s->packet_size * (int64_t)pktnum;
+             int64_t index_pts = FFMAX(av_rescale(itime, i, 10000) - asf->hdr.preroll, 0);
+ 
+            if (avio_feof(s->pb)) {
+                ret = AVERROR_INVALIDDATA;
+                goto end;
+            }
+
+             if (pos != last_pos) {
+                 av_log(s, AV_LOG_DEBUG, "pktnum:%d, pktct:%d  pts: %"PRId64"\n",
+                        pktnum, pktct, index_pts);
+-- 
+2.1.0

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14223.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14223.patch new file mode 100644 index 0000000000..d1fef6b144 --- /dev/null +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14223.patch
@@ -0,0 +1,38 @@
	1	From afc9c683ed9db01edb357bc8c19edad4282b3a97 Mon Sep 17 00:00:00 2001
	2	From: Michael Niedermayer <michael@niedermayer.cc>
	3	Date: Tue, 5 Sep 2017 00:16:29 +0200
	4	Subject: [PATCH] avformat/asfdec: Fix DoS in asf_build_simple_index()
	5
	6	Fixes: Missing EOF check in loop
	7	No testcase
	8
	9	Found-by: Xiaohei and Wangchu from Alibaba Security Team
	10	Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
	11
	12	CVE: CVE-2017-14223
	13	Upstream-Status: Backport
	14
	15	Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
	16	---
	17	libavformat/asfdec_f.c \| 5 +++++
	18	1 file changed, 5 insertions(+)
	19
	20	diff --git a/libavformat/asfdec_f.c b/libavformat/asfdec_f.c
	21	index f3acbae..cc648b9 100644
	22	--- a/libavformat/asfdec_f.c
	23	+++ b/libavformat/asfdec_f.c
	24	@@ -1610,6 +1610,11 @@ static int asf_build_simple_index(AVFormatContext *s, int stream_index)
	25	int64_t pos = s->internal->data_offset + s->packet_size * (int64_t)pktnum;
	26	int64_t index_pts = FFMAX(av_rescale(itime, i, 10000) - asf->hdr.preroll, 0);
	27
	28	+ if (avio_feof(s->pb)) {
	29	+ ret = AVERROR_INVALIDDATA;
	30	+ goto end;
	31	+ }
	32	+
	33	if (pos != last_pos) {
	34	av_log(s, AV_LOG_DEBUG, "pktnum:%d, pktct:%d pts: %"PRId64"\n",
	35	pktnum, pktct, index_pts);
	36	--
	37	2.1.0
	38