diff options
| -rw-r--r-- | meta-oe/recipes-multimedia/faad2/faad2/0001-mp4read.c-fix-stack-buffer-overflow-in-stringin-ftyp.patch | 28 | ||||
| -rw-r--r-- | meta-oe/recipes-multimedia/faad2/faad2_2.8.8.bb | 1 |
2 files changed, 29 insertions, 0 deletions
diff --git a/meta-oe/recipes-multimedia/faad2/faad2/0001-mp4read.c-fix-stack-buffer-overflow-in-stringin-ftyp.patch b/meta-oe/recipes-multimedia/faad2/faad2/0001-mp4read.c-fix-stack-buffer-overflow-in-stringin-ftyp.patch new file mode 100644 index 0000000000..3925cde545 --- /dev/null +++ b/meta-oe/recipes-multimedia/faad2/faad2/0001-mp4read.c-fix-stack-buffer-overflow-in-stringin-ftyp.patch | |||
| @@ -0,0 +1,28 @@ | |||
| 1 | From a58cf881b820bfb4544995192fe5992ae010f1d7 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Fabian Greffrath <fabian@greffrath.com> | ||
| 3 | Date: Mon, 17 Aug 2020 07:37:09 +0200 | ||
| 4 | Subject: [PATCH] mp4read.c: fix stack-buffer-overflow in stringin()/ftypin() | ||
| 5 | |||
| 6 | Terminate the string read into the stack buffer, | ||
| 7 | fixes #56. | ||
| 8 | |||
| 9 | CVE: CVE-2021-32273 | ||
| 10 | Upstream-Status: Backport [https://github.com/knik0/faad2/commit/1073aeef823cafd844704389e9a497c257768e2f] | ||
| 11 | |||
| 12 | Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> | ||
| 13 | --- | ||
| 14 | frontend/mp4read.c | 1 + | ||
| 15 | 1 file changed, 1 insertion(+) | ||
| 16 | |||
| 17 | diff --git a/frontend/mp4read.c b/frontend/mp4read.c | ||
| 18 | index 5dc36b7..a978e62 100644 | ||
| 19 | --- a/frontend/mp4read.c | ||
| 20 | +++ b/frontend/mp4read.c | ||
| 21 | @@ -91,6 +91,7 @@ static int stringin(char *txt, int sizemax) | ||
| 22 | if (!txt[size]) | ||
| 23 | break; | ||
| 24 | } | ||
| 25 | + txt[sizemax-1] = '\0'; | ||
| 26 | |||
| 27 | return size; | ||
| 28 | } | ||
diff --git a/meta-oe/recipes-multimedia/faad2/faad2_2.8.8.bb b/meta-oe/recipes-multimedia/faad2/faad2_2.8.8.bb index d70c18f43d..6ac09c19ce 100644 --- a/meta-oe/recipes-multimedia/faad2/faad2_2.8.8.bb +++ b/meta-oe/recipes-multimedia/faad2/faad2_2.8.8.bb | |||
| @@ -9,6 +9,7 @@ LICENSE_FLAGS = "commercial" | |||
| 9 | 9 | ||
| 10 | SRC_URI = "${SOURCEFORGE_MIRROR}/faac/faad2-src/faad2-2.8.0/${BP}.tar.gz \ | 10 | SRC_URI = "${SOURCEFORGE_MIRROR}/faac/faad2-src/faad2-2.8.0/${BP}.tar.gz \ |
| 11 | file://0001-fix-heap-buffer-overflow-in-mp4read.c.patch \ | 11 | file://0001-fix-heap-buffer-overflow-in-mp4read.c.patch \ |
| 12 | file://0001-mp4read.c-fix-stack-buffer-overflow-in-stringin-ftyp.patch \ | ||
| 12 | " | 13 | " |
| 13 | SRC_URI[md5sum] = "28f6116efdbe9378269f8a6221767d1f" | 14 | SRC_URI[md5sum] = "28f6116efdbe9378269f8a6221767d1f" |
| 14 | SRC_URI[sha256sum] = "985c3fadb9789d2815e50f4ff714511c79c2710ac27a4aaaf5c0c2662141426d" | 15 | SRC_URI[sha256sum] = "985c3fadb9789d2815e50f4ff714511c79c2710ac27a4aaaf5c0c2662141426d" |
