File ffmpeg-4-CVE-2025-7700.patch of Package A_tw-ffmpeg-4

From 35a6de137a39f274d5e01ed0e0e6c4f04d0aaf07 Mon Sep 17 00:00:00 2001
From: Jiasheng Jiang <jiashengjiangcool@gmail.com>
Date: Thu, 10 Jul 2025 16:26:39 +0000
Subject: [PATCH] libavcodec/alsdec.c: Add check for av_malloc_array() and
 av_calloc()

Add check for the return value of av_malloc_array() and av_calloc()
to avoid potential NULL pointer dereference.

Fixes: dcfd24b10c ("avcodec/alsdec: Implement floating point sample data decoding")

[Remodeled for ffmpeg-4.x - sckang@suse.com]

Index: ffmpeg-4.4.6/libavcodec/alsdec.c
===================================================================
--- ffmpeg-4.4.6.orig/libavcodec/alsdec.c
+++ ffmpeg-4.4.6/libavcodec/alsdec.c
@@ -2116,8 +2116,8 @@ static av_cold int decode_init(AVCodecCo
         ctx->nbits  = av_malloc_array(ctx->cur_frame_length, sizeof(*ctx->nbits));
         ctx->mlz    = av_mallocz(sizeof(*ctx->mlz));
 
-        if (!ctx->mlz || !ctx->acf || !ctx->shift_value || !ctx->last_shift_value
-            || !ctx->last_acf_mantissa || !ctx->raw_mantissa) {
+        if (!ctx->larray || !ctx->nbits || !ctx->mlz || !ctx->acf || !ctx->shift_value
+            || !ctx->last_shift_value || !ctx->last_acf_mantissa || !ctx->raw_mantissa) {
             av_log(avctx, AV_LOG_ERROR, "Allocating buffer memory failed.\n");
             ret = AVERROR(ENOMEM);
             goto fail;
@@ -2128,6 +2128,11 @@ static av_cold int decode_init(AVCodecCo
 
         for (c = 0; c < avctx->channels; ++c) {
             ctx->raw_mantissa[c] = av_mallocz_array(ctx->cur_frame_length, sizeof(**ctx->raw_mantissa));
+            if (!ctx->raw_mantissa[c]) {
+                av_log(avctx, AV_LOG_ERROR, "Allocating buffer memory failed.\n");
+                ret = AVERROR(ENOMEM);
+                goto fail;
+            }
         }
     }