packages/ffmpeg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!131 [sync] PR-129: fix CVE-2024-32230

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @technology208 
Signed-off-by: @technology208
This commit is contained in:
openeuler-ci-bot 2024-07-12 02:21:18 +00:00 committed by Gitee
commit 87f5ac2067
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 34 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ffmpeg.spec
View File

@ -60,7 +60,7 @@
Summary: Digital VCR and streaming server
Name: ffmpeg%{?flavor}
Version: 4.2.4
Release: 14
Release: 15
License: %{ffmpeg_license}
URL: http://ffmpeg.org/
%if 0%{?date}
@ -83,6 +83,9 @@ Patch11: fix-CVE-2023-51793.patch
Patch12: fix-CVE-2023-50010.patch
Patch13: CVE-2021-38171.patch
Patch14: CVE-2021-28429.patch
Patch15: fix-CVE-2024-32230.patch
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
%{?_with_cuda:BuildRequires: cuda-minimal-build-%{_cuda_version_rpm} cuda-drivers-devel}
%{?_with_libnpp:BuildRequires: pkgconfig(nppc-%{_cuda_version})}
@ -415,6 +418,9 @@ install -pm755 tools/qt-faststart %{buildroot}%{_bindir}
%changelog
* Wed Jul 10 2024 happyworker <208suo@208suo.com> - 4.2.4-15
- Fix CVE-2024-32230
* Wed Jul 10 2024 happyworker <208suo@208suo.com> - 4.2.4-14
- The automatic compilation function is enabled for access control

27
fix-CVE-2024-32230.patch Normal file
View File

@ -0,0 +1,27 @@
From 45d322be951e826aac1ed838317e9f535ebcf045 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Fri, 5 Jul 2024 17:14:07 +0800
Subject: [PATCH] avcodec/mpegvideo_enc: Fix 1 line and one column images
---
libavcodec/mpegvideo_enc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/mpegvideo_enc.c b/libavcodec/mpegvideo_enc.c
index ae3b131..d0ad941 100644
--- a/libavcodec/mpegvideo_enc.c
+++ b/libavcodec/mpegvideo_enc.c
@@ -1234,8 +1234,8 @@ static int load_input_picture(MpegEncContext *s, const AVFrame *pic_arg)
int dst_stride = i ? s->uvlinesize : s->linesize;
int h_shift = i ? h_chroma_shift : 0;
int v_shift = i ? v_chroma_shift : 0;
- int w = s->width >> h_shift;
- int h = s->height >> v_shift;
+ int w = AV_CEIL_RSHIFT(s->width , h_shift);
+ int h = AV_CEIL_RSHIFT(s->height, v_shift);
uint8_t *src = pic_arg->data[i];
uint8_t *dst = pic->f->data[i];
int vpad = 16;
--
2.27.0