Projects
Essentials
A_sr-ffmpeg-4
ffmpeg-4-CVE-2024-7055.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ffmpeg-4-CVE-2024-7055.patch of Package A_sr-ffmpeg-4
From 3faadbe2a27e74ff5bb5f7904ec27bb1f5287dc8 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer <michael@niedermayer.cc> Date: Thu, 18 Jul 2024 21:12:54 +0200 Subject: [PATCH] avcodec/pnmdec: Use 64bit for input size check References: CVE-2024-7055 References: bsc#1229026 Upstream: Backport from upstream Fixes: out of array read Fixes: poc3 Reported-by: VulDB CNA Team Found-by: CookedMelon Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/pnmdec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- ffmpeg-4.4.4/libavcodec/pnmdec.c +++ ffmpeg-4.4.4_new/libavcodec/pnmdec.c @@ -256,7 +256,7 @@ } break; case AV_PIX_FMT_GBRPF32: - if (avctx->width * avctx->height * 12 > s->bytestream_end - s->bytestream) + if (avctx->width * avctx->height * 12LL > s->bytestream_end - s->bytestream) return AVERROR_INVALIDDATA; scale = 1.f / s->scale; if (s->endian) {
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.