diff options
| author | Mark Felder <feld@FreeBSD.org> | 2015-07-16 20:05:07 +0000 |
|---|---|---|
| committer | Mark Felder <feld@FreeBSD.org> | 2015-07-16 20:05:07 +0000 |
| commit | 80f422dad616bc3a5aed7fca7f606c5515f2bdfb (patch) | |
| tree | 87f70c6f7a76568c44dddbc1948dccaaba778fee /multimedia/libav | |
| parent | 301953df6f2d5fbaa49ade5d24d305b668205bd5 (diff) | |
| download | ports-80f422dad616bc3a5aed7fca7f606c5515f2bdfb.tar.gz ports-80f422dad616bc3a5aed7fca7f606c5515f2bdfb.zip | |
Add patch to resolve divide-by-zero CVE
Security: CVE-2015-5479
Security: a928960a-2bdc-11e5-86ff-14dae9d210b8
Notes
Notes:
svn path=/head/; revision=392316
Diffstat (limited to 'multimedia/libav')
| -rw-r--r-- | multimedia/libav/Makefile | 2 | ||||
| -rw-r--r-- | multimedia/libav/files/patch-CVE-2015-5479 | 51 |
2 files changed, 52 insertions, 1 deletions
diff --git a/multimedia/libav/Makefile b/multimedia/libav/Makefile index 5b2ae051ebe6..11a964990924 100644 --- a/multimedia/libav/Makefile +++ b/multimedia/libav/Makefile @@ -2,7 +2,7 @@ PORTNAME= libav PORTVERSION= 11.3 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= multimedia audio ipv6 net MASTER_SITES= http://libav.org/releases/ diff --git a/multimedia/libav/files/patch-CVE-2015-5479 b/multimedia/libav/files/patch-CVE-2015-5479 new file mode 100644 index 000000000000..aa7c191ad4cf --- /dev/null +++ b/multimedia/libav/files/patch-CVE-2015-5479 @@ -0,0 +1,51 @@ +From: Luca Barbato <lu_zero@gentoo.org> +Date: Fri, 26 Jun 2015 13:57:16 +0000 (+0200) +Subject: h263: Always check both dimensions +X-Git-Url: https://git.libav.org/?p=libav.git;a=commitdiff_plain;h=0a49a62f998747cfa564d98d36a459fe70d3299b;hp=6f4cd33efb5a9ec75db1677d5f7846c60337129f + +h263: Always check both dimensions + +CC: libav-stable@libav.org +Found-By: ago@gentoo.org +--- + +diff --git a/libavcodec/ituh263dec.c b/libavcodec/ituh263dec.c +index b1da22f..b9189b2 100644 +--- libavcodec/ituh263dec.c.orig ++++ libavcodec/ituh263dec.c +@@ -30,6 +30,7 @@ + #include <limits.h> + + #include "libavutil/attributes.h" ++#include "libavutil/imgutils.h" + #include "libavutil/internal.h" + #include "libavutil/mathematics.h" + #include "avcodec.h" +@@ -868,7 +869,7 @@ end: + /* most is hardcoded. should extend to handle all h263 streams */ + int ff_h263_decode_picture_header(MpegEncContext *s) + { +- int format, width, height, i; ++ int format, width, height, i, ret; + uint32_t startcode; + + align_get_bits(&s->gb); +@@ -919,8 +920,6 @@ int ff_h263_decode_picture_header(MpegEncContext *s) + /* H.263v1 */ + width = ff_h263_format[format][0]; + height = ff_h263_format[format][1]; +- if (!width) +- return -1; + + s->pict_type = AV_PICTURE_TYPE_I + get_bits1(&s->gb); + +@@ -1073,6 +1072,9 @@ int ff_h263_decode_picture_header(MpegEncContext *s) + s->qscale = get_bits(&s->gb, 5); + } + ++ if ((ret = av_image_check_size(s->width, s->height, 0, s)) < 0) ++ return ret; ++ + s->mb_width = (s->width + 15) / 16; + s->mb_height = (s->height + 15) / 16; + s->mb_num = s->mb_width * s->mb_height; |