mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-02 13:29:49 +00:00
Code Issues Projects Releases Wiki Activity

ffmpeg: fix for CVE-2022-3341

Browse Source 
avformat/nutdec: Add check for avformat_new_stream
Check for failure of avformat_new_stream() and propagate
the error code.

Upstream-Status: Backport [https://git.yoctoproject.org/poky/commit/?h=kirkstone&id=bba70ce34115151362bfdc49a545ee708eb297ca]

(From OE-Core rev: e17ddd0fafb562ed7ebe7708dac9bcef2d6cecc1)

(From OE-Core rev: 0c68435a7c0ff1c417119dbd408e75443c09afcb)

Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bba70ce341)
Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Bhabu Bindu
2023-04-10 13:43:25 +05:30
committed by Steve Sakoman
parent fcb3d9a63e
commit 0c1e54eee1
2 changed files with 68 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-3341.patch
+67
View File
@@ -0,0 +1,67 @@
From 9cf652cef49d74afe3d454f27d49eb1a1394951e Mon Sep 17 00:00:00 2001
From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Date: Wed, 23 Feb 2022 10:31:59 +0800
Subject: [PATCH] avformat/nutdec: Add check for avformat_new_stream
Check for failure of avformat_new_stream() and propagate
the error code.
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
CVE: CVE-2022-3341
Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/9cf652cef49d74afe3d454f27d49eb1a1394951e]
Comments: Refreshed Hunk
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
---
libavformat/nutdec.c | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/libavformat/nutdec.c b/libavformat/nutdec.c
index 0a8a700acf..f9ad2c0af1 100644
--- a/libavformat/nutdec.c
+++ b/libavformat/nutdec.c
@@ -351,8 +351,12 @@ static int decode_main_header(NUTContext *nut)
ret = AVERROR(ENOMEM);
goto fail;
}
- for (i = 0; i < stream_count; i++)
- avformat_new_stream(s, NULL);
+ for (i = 0; i < stream_count; i++) {
+ if (!avformat_new_stream(s, NULL)) {
+ ret = AVERROR(ENOMEM);
+ goto fail;
+ }
+ }
return 0;
fail:
@@ -793,19 +793,23 @@
NUTContext *nut = s->priv_data;
AVIOContext *bc = s->pb;
int64_t pos;
- int initialized_stream_count;
+ int initialized_stream_count, ret;
nut->avf = s;
/* main header */
pos = 0;
+ ret = 0;
do {
+ if (ret == AVERROR(ENOMEM))
+ return ret;
+
pos = find_startcode(bc, MAIN_STARTCODE, pos) + 1;
if (pos < 0 + 1) {
av_log(s, AV_LOG_ERROR, "No main startcode found.\n");
goto fail;
}
- } while (decode_main_header(nut) < 0);
+ } while ((ret = decode_main_header(nut)) < 0);
/* stream headers */
pos = 0;
meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb
+1
View File
@@ -31,6 +31,7 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://CVE-2021-38291.patch \
file://CVE-2022-1475.patch \
file://CVE-2022-3109.patch \
file://CVE-2022-3341.patch \
"
SRC_URI[md5sum] = "348956fc2faa57a2f79bbb84ded9fbc3"
SRC_URI[sha256sum] = "cb754255ab0ee2ea5f66f8850e1bd6ad5cac1cd855d0a2f4990fb8c668b0d29c"