diff options
author | Síle Ekaterin Liszka <sheila@vulpine.house> | 2022-01-11 15:02:31 +0000 |
---|---|---|
committer | Zach van Rijn <me@zv.io> | 2022-10-21 18:33:57 -0500 |
commit | 015ce19bce62c50f9338132e08d69b98be3ddd33 (patch) | |
tree | 1c454ad6d7fbc075c32e7aba7382a3ff13a1dbb2 /user/ffmpeg/CVE-2020-12284.patch | |
parent | 5c474b7b406afa734a80a67dbdb963925033f8f4 (diff) | |
download | packages-015ce19bce62c50f9338132e08d69b98be3ddd33.tar.gz packages-015ce19bce62c50f9338132e08d69b98be3ddd33.tar.bz2 packages-015ce19bce62c50f9338132e08d69b98be3ddd33.tar.xz packages-015ce19bce62c50f9338132e08d69b98be3ddd33.zip |
user/ffmpeg: bump { 4.2.2 --> 4.4.1 }. includes native wavpack encoder. fixes #331.
Diffstat (limited to 'user/ffmpeg/CVE-2020-12284.patch')
-rw-r--r-- | user/ffmpeg/CVE-2020-12284.patch | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/user/ffmpeg/CVE-2020-12284.patch b/user/ffmpeg/CVE-2020-12284.patch deleted file mode 100644 index 7360b5870..000000000 --- a/user/ffmpeg/CVE-2020-12284.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 1812352d767ccf5431aa440123e2e260a4db2726 Mon Sep 17 00:00:00 2001 -From: Michael Niedermayer <michael@niedermayer.cc> -Date: Sat, 7 Mar 2020 15:42:58 +0100 -Subject: [PATCH] avcodec/cbs_jpeg: Check length for SOS - -Fixes: out of array access -Fixes: 19734/clusterfuzz-testcase-minimized-ffmpeg_BSF_TRACE_HEADERS_fuzzer-5673507031875584 -Fixes: 19353/clusterfuzz-testcase-minimized-ffmpeg_BSF_TRACE_HEADERS_fuzzer-5703944462663680 - -Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg -Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> ---- - libavcodec/cbs_jpeg.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/libavcodec/cbs_jpeg.c b/libavcodec/cbs_jpeg.c -index 6bbce5f..89512a2 100644 ---- a/libavcodec/cbs_jpeg.c -+++ b/libavcodec/cbs_jpeg.c -@@ -197,6 +197,9 @@ static int cbs_jpeg_split_fragment(CodedBitstreamContext *ctx, - if (marker == JPEG_MARKER_SOS) { - length = AV_RB16(frag->data + start); - -+ if (length > end - start) -+ return AVERROR_INVALIDDATA; -+ - data_ref = NULL; - data = av_malloc(end - start + - AV_INPUT_BUFFER_PADDING_SIZE); --- -2.7.4 - |