libde265: patch CVE-2023-43887

Details: https://nvd.nist.gov/vuln/detail/CVE-2023-43887 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-06-13 17:39:57 +00:00 · 2026-01-10 12:43:42 +13:00
parent c49bff1273
commit e83565b24a
2 changed files with 42 additions and 1 deletions
@@ -0,0 +1,39 @@
+From e31a5389f2a4967b9ca298a3435d1af2f9a04cda Mon Sep 17 00:00:00 2001
+From: Dirk Farin <dirk.farin@gmail.com>
+Date: Fri, 1 Sep 2023 21:18:48 +0200
+Subject: [PATCH] fix #418
+
+CVE: CVE-2023-43887
+Upstream-Status: Backport [https://github.com/strukturag/libde265/commit/63b596c915977f038eafd7647d1db25488a8c133]
+(cherry picked from commit 63b596c915977f038eafd7647d1db25488a8c133)
+Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
+---
+ libde265/decctx.cc | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/libde265/decctx.cc b/libde265/decctx.cc
+index 223a6aaf..350f7e7a 100644
+--- a/libde265/decctx.cc
+++ b/libde265/decctx.cc
+@@ -582,16 +582,17 @@ de265_error decoder_context::read_pps_NAL(bitreader& reader)
+   std::shared_ptr<pic_parameter_set> new_pps = std::make_shared<pic_parameter_set>();
+ 
+   bool success = new_pps->read(&reader,this);
+  if (!success) {
+    return DE265_WARNING_PPS_HEADER_INVALID;
+  }
+ 
+   if (param_pps_headers_fd>=0) {
+     new_pps->dump(param_pps_headers_fd);
+   }
+ 
+-  if (success) {
+-    pps[ (int)new_pps->pic_parameter_set_id ] = new_pps;
+-  }
+  pps[ (int)new_pps->pic_parameter_set_id ] = new_pps;
+ 
+-  return success ? DE265_OK : DE265_WARNING_PPS_HEADER_INVALID;
+  return DE265_OK;
+ }
+ 
+ de265_error decoder_context::read_sei_NAL(bitreader& reader, bool suffix)
@@ -8,7 +8,9 @@ LICENSE = "LGPL-3.0-only & MIT"
 LICENSE_FLAGS = "commercial"
 LIC_FILES_CHKSUM = "file://COPYING;md5=695b556799abb2435c97a113cdca512f"

-SRC_URI = "git://github.com/strukturag/libde265.git;branch=master;protocol=https"
+SRC_URI = "git://github.com/strukturag/libde265.git;branch=master;protocol=https \
+           file://CVE-2023-43887.patch \
+"
 SRCREV = "a267c84707ab264928fa9b86de2ee749c48c318c"

 S = "${WORKDIR}/git"