ffmpeg: fix CVE-2024-31582

(From OE-Core rev: 617a9cdba6e2f0bd3ccc24e7bb2fe84e9573fecd) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Archana Polampalli <archana.polampalli@windriver.com> 2024-08-06 06:35:37 +0000
committer: Steve Sakoman <steve@sakoman.com> 2024-08-10 06:34:25 -0700
commit: 0c1651298dcc522486809c147d56f730f4e33205 (patch)
tree: 8a5006402b8a19664ed6ee72f4e46bbdbb237914
parent: c0af0a839b0d021687110c5cc7a04fcbf6443f68 (diff)
download: poky-0c1651298dcc522486809c147d56f730f4e33205.tar.gz
2 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch
new file mode 100644
index 0000000000..2ade3ab6b1
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch
@@ -0,0 +1,34 @@
+From 1d1a05b393ece9fa3df825bfef3724b7370aefdc Mon Sep 17 00:00:00 2001
+From: Zhao Zhili <zhilizhao@tencent.com>
+Date: Fri, 29 Dec 2023 05:56:43 +0800
+Subject: [PATCH] avfilter/vf_codecview: fix heap buffer overflow
+And improve the performance by a little bit.
+Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
+CVE: CVE-2024-31582
+Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/99debe5f823f45a482e1dc08de35879aa9c74bd2]
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ libavfilter/vf_codecview.c | 3 ---
+ 1 file changed, 3 deletions(-)
+diff --git a/libavfilter/vf_codecview.c b/libavfilter/vf_codecview.c
+index 55d9c8c..f65ccbd 100644
+--- a/libavfilter/vf_codecview.c
+++ b/libavfilter/vf_codecview.c
+@@ -216,9 +216,6 @@ static void draw_block_rectangle(uint8_t *buf, int sx, int sy, int w, int h, ptr
+         buf[sx + w - 1] = color;
+         buf += stride;
+     }
+-
+-    for (int x = sx; x < sx + w; x++)
+-        buf[x] = color;
+ }
+ static int filter_frame(AVFilterLink *inlink, AVFrame *frame)
+--
+2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
index 06bd36e2e2..05919e6ffd 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
@@ -29,6 +29,7 @@ SRC_URI = " \
    file://vulkan_fix_gcc14.patch \
    file://CVE-2023-49502.patch \
    file://CVE-2024-31578.patch \
+    file://CVE-2024-31582.patch \
 "
 SRC_URI[sha256sum] = "8684f4b00f94b85461884c3719382f1261f0d9eb3d59640a1f4ac0873616f968"
author	Archana Polampalli <archana.polampalli@windriver.com>	2024-08-06 06:35:37 +0000
committer	Steve Sakoman <steve@sakoman.com>	2024-08-10 06:34:25 -0700
commit	0c1651298dcc522486809c147d56f730f4e33205 (patch)
tree	8a5006402b8a19664ed6ee72f4e46bbdbb237914
parent	c0af0a839b0d021687110c5cc7a04fcbf6443f68 (diff)
download	poky-0c1651298dcc522486809c147d56f730f4e33205.tar.gz

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch new file mode 100644 index 0000000000..2ade3ab6b1 --- /dev/null +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch
@@ -0,0 +1,34 @@
		1	From 1d1a05b393ece9fa3df825bfef3724b7370aefdc Mon Sep 17 00:00:00 2001
		2	From: Zhao Zhili <zhilizhao@tencent.com>
		3	Date: Fri, 29 Dec 2023 05:56:43 +0800
		4	Subject: [PATCH] avfilter/vf_codecview: fix heap buffer overflow
		5
		6	And improve the performance by a little bit.
		7
		8	Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
		9
		10	CVE: CVE-2024-31582
		11
		12	Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/99debe5f823f45a482e1dc08de35879aa9c74bd2]
		13
		14	Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
		15	---
		16	libavfilter/vf_codecview.c \| 3 ---
		17	1 file changed, 3 deletions(-)
		18
		19	diff --git a/libavfilter/vf_codecview.c b/libavfilter/vf_codecview.c
		20	index 55d9c8c..f65ccbd 100644
		21	--- a/libavfilter/vf_codecview.c
		22	+++ b/libavfilter/vf_codecview.c
		23	@@ -216,9 +216,6 @@ static void draw_block_rectangle(uint8_t *buf, int sx, int sy, int w, int h, ptr
		24	buf[sx + w - 1] = color;
		25	buf += stride;
		26	}
		27	-
		28	- for (int x = sx; x < sx + w; x++)
		29	- buf[x] = color;
		30	}
		31
		32	static int filter_frame(AVFilterLink inlink, AVFrame frame)
		33	--
		34	2.40.0


diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb index 06bd36e2e2..05919e6ffd 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.1.bb
@@ -29,6 +29,7 @@ SRC_URI = " \
29	file://vulkan_fix_gcc14.patch \	29	file://vulkan_fix_gcc14.patch \
30	file://CVE-2023-49502.patch \	30	file://CVE-2023-49502.patch \
31	file://CVE-2024-31578.patch \	31	file://CVE-2024-31578.patch \
		32	file://CVE-2024-31582.patch \
32	"	33	"
33		34
34	SRC_URI[sha256sum] = "8684f4b00f94b85461884c3719382f1261f0d9eb3d59640a1f4ac0873616f968"	35	SRC_URI[sha256sum] = "8684f4b00f94b85461884c3719382f1261f0d9eb3d59640a1f4ac0873616f968"