summaryrefslogtreecommitdiffstats
path: root/import-layers/yocto-poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14059.patch
diff options
context:
space:
mode:
Diffstat (limited to 'import-layers/yocto-poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14059.patch')
-rw-r--r--import-layers/yocto-poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14059.patch40
1 files changed, 0 insertions, 40 deletions
diff --git a/import-layers/yocto-poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14059.patch b/import-layers/yocto-poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14059.patch
deleted file mode 100644
index 34fde0be7..000000000
--- a/import-layers/yocto-poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2017-14059.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 7e80b63ecd259d69d383623e75b318bf2bd491f6 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?=E5=AD=99=E6=B5=A9=20and=20=E5=BC=A0=E6=B4=AA=E4=BA=AE=28?=
- =?UTF-8?q?=E6=9C=9B=E5=88=9D=29?= <tony.sh and wangchu.zhl@alibaba-inc.com>
-Date: Fri, 25 Aug 2017 01:15:27 +0200
-Subject: [PATCH] avformat/cinedec: Fix DoS due to lack of eof check
-
-Fixes: loop.cine
-
-Found-by: Xiaohei and Wangchu from Alibaba Security Team
-Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
-CVE: CVE-2017-14059
-Upstream-Status: Backport
-
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
----
- libavformat/cinedec.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/libavformat/cinedec.c b/libavformat/cinedec.c
-index 763b93b..de34fb9 100644
---- a/libavformat/cinedec.c
-+++ b/libavformat/cinedec.c
-@@ -267,8 +267,12 @@ static int cine_read_header(AVFormatContext *avctx)
-
- /* parse image offsets */
- avio_seek(pb, offImageOffsets, SEEK_SET);
-- for (i = 0; i < st->duration; i++)
-+ for (i = 0; i < st->duration; i++) {
-+ if (avio_feof(pb))
-+ return AVERROR_INVALIDDATA;
-+
- av_add_index_entry(st, avio_rl64(pb), i, 0, 0, AVINDEX_KEYFRAME);
-+ }
-
- return 0;
- }
---
-2.1.0
-
OpenPOWER on IntegriCloud