File ffmpeg-7-CVE-2025-22921.patch of Package ffmpeg-7

30
 
1
From 7f9c7f9849a2155224711f0ff57ecdac6e4bfb57 Mon Sep 17 00:00:00 2001
2
From: James Almer <jamrial@gmail.com>
3
Date: Wed, 1 Jan 2025 23:58:39 -0300
4
Subject: [PATCH] avcodec/jpeg2000dec: clear array length when freeing it
5
6
Fixes NULL pointer dereferences.
7
Fixes ticket #11393.
8
9
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
10
Signed-off-by: James Almer <jamrial@gmail.com>
11
---
12
 libavcodec/jpeg2000dec.c | 1 +
13
 1 file changed, 1 insertion(+)
14
15
diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
16
index e5e897a29f..b82d85d5ee 100644
17
--- a/libavcodec/jpeg2000dec.c
18
+++ b/libavcodec/jpeg2000dec.c
19
@@ -1521,6 +1521,7 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s, Jpeg2000Tile *tile,
20
                 }
21
             }
22
             av_freep(&cblk->lengthinc);
23
+            cblk->nb_lengthinc = 0;
24
         }
25
     }
26
     // Save state of stream
27
--
28
2.44.0
29
30
Locations
Help
Contact