summaryrefslogtreecommitdiffstats
path: root/meta/recipes-multimedia
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-multimedia')
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch18
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb (renamed from meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb)7
2 files changed, 10 insertions, 15 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch
index 300b8d1e49..8dc43c3b68 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch
@@ -1,8 +1,7 @@
1From 1f6fcc64179377114b4ecc3b9f63bd5774a64edf Mon Sep 17 00:00:00 2001 1From 1f6fcc64179377114b4ecc3b9f63bd5774a64edf Mon Sep 17 00:00:00 2001
2From: Michael Niedermayer <michael@niedermayer.cc> 2From: Michael Niedermayer <michael@niedermayer.cc>
3Date: Sat, 30 Sep 2023 00:51:29 +0200 3Date: Sat, 30 Sep 2023 00:51:29 +0200
4Subject: [PATCH 2/4] avformat/dxa: Adjust order of operations around block 4Subject: [PATCH] avformat/dxa: Adjust order of operations around block align
5 align
6 5
7Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-5730576523198464 6Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-5730576523198464
8Fixes: signed integer overflow: 2147483566 + 82 cannot be represented in type 'int' 7Fixes: signed integer overflow: 2147483566 + 82 cannot be represented in type 'int'
@@ -22,17 +21,18 @@ Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
22 1 file changed, 1 insertion(+), 1 deletion(-) 21 1 file changed, 1 insertion(+), 1 deletion(-)
23 22
24diff --git a/libavformat/dxa.c b/libavformat/dxa.c 23diff --git a/libavformat/dxa.c b/libavformat/dxa.c
25index 16fbb08..53747c8 100644 24index 474b852..b4d9d00 100644
26--- a/libavformat/dxa.c 25--- a/libavformat/dxa.c
27+++ b/libavformat/dxa.c 26+++ b/libavformat/dxa.c
28@@ -120,7 +120,7 @@ static int dxa_read_header(AVFormatContext *s) 27@@ -122,7 +122,7 @@ static int dxa_read_header(AVFormatContext *s)
29 } 28 if(ast->codecpar->block_align) {
30 c->bpc = (fsize + c->frames - 1) / c->frames; 29 if (c->bpc > INT_MAX - ast->codecpar->block_align + 1)
31 if(ast->codecpar->block_align) 30 return AVERROR_INVALIDDATA;
32- c->bpc = ((c->bpc + ast->codecpar->block_align - 1) / ast->codecpar->block_align) * ast->codecpar->block_align; 31- c->bpc = ((c->bpc + ast->codecpar->block_align - 1) / ast->codecpar->block_align) * ast->codecpar->block_align;
33+ c->bpc = ((c->bpc - 1 + ast->codecpar->block_align) / ast->codecpar->block_align) * ast->codecpar->block_align; 32+ c->bpc = ((c->bpc - 1 + ast->codecpar->block_align) / ast->codecpar->block_align) * ast->codecpar->block_align;
33 }
34 c->bytes_left = fsize; 34 c->bytes_left = fsize;
35 c->wavpos = avio_tell(pb); 35 c->wavpos = avio_tell(pb);
36 avio_seek(pb, c->vidpos, SEEK_SET); 36--
37--
382.40.0 372.40.0
38
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
index 4b99c0fa21..127552396d 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
@@ -24,11 +24,6 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
24 24
25SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \ 25SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
26 file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \ 26 file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \
27 file://0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch \
28 file://0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch \
29 file://0001-avcodec-vp3-Add-missing-check-for-av_malloc.patch \
30 file://0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch \
31 file://CVE-2022-48434.patch \
32 file://CVE-2024-32230.patch \ 27 file://CVE-2024-32230.patch \
33 file://CVE-2023-51793.patch \ 28 file://CVE-2023-51793.patch \
34 file://CVE-2023-50008.patch \ 29 file://CVE-2023-50008.patch \
@@ -53,7 +48,7 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
53 file://CVE-2025-25473.patch \ 48 file://CVE-2025-25473.patch \
54 " 49 "
55 50
56SRC_URI[sha256sum] = "ef2efae259ce80a240de48ec85ecb062cecca26e4352ffb3fda562c21a93007b" 51SRC_URI[sha256sum] = "04c70c377de233a4b217c2fdf76b19aeb225a287daeb2348bccd978c47b1a1db"
57 52
58# CVE-2023-39018 issue belongs to ffmpeg-cli-wrapper (Java wrapper around the FFmpeg CLI) 53# CVE-2023-39018 issue belongs to ffmpeg-cli-wrapper (Java wrapper around the FFmpeg CLI)
59# and not ffmepg itself. 54# and not ffmepg itself.