Changeset View
Changeset View
Standalone View
Standalone View
head/multimedia/mythtv/files/patch-CVE-2017-09993b
Property | Old Value | New Value |
---|---|---|
fbsd:nokeywords | null | yes \ No newline at end of property |
svn:eol-style | null | native \ No newline at end of property |
svn:mime-type | null | text/plain \ No newline at end of property |
From 5415c88e370692a3cf10b998ab230b4a02fc237f Mon Sep 17 00:00:00 2001 | |||||
From: Michael Niedermayer <michael@niedermayer.cc> | |||||
Date: Tue, 30 May 2017 21:29:20 +0200 | |||||
Subject: [PATCH] avformat/avidec: Limit formats in gab2 to srt and ass/ssa | |||||
This prevents part of one exploit leading to an information leak | |||||
Found-by: Emil Lerner and Pavel Cheremushkin | |||||
Reported-by: Thierry Foucu <tfoucu@google.com> | |||||
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> | |||||
(cherry picked from commit a5d849b149ca67ced2d271dc84db0bc95a548abb) | |||||
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> | |||||
--- | |||||
libavformat/avidec.c | 3 +++ | |||||
1 file changed, 3 insertions(+) | |||||
diff --git libavformat/avidec.c libavformat/avidec.c | |||||
index ebd14abb12c..9afac825d43 100644 | |||||
--- external/FFmpeg/libavformat/avidec.c | |||||
+++ external/FFmpeg/libavformat/avidec.c | |||||
@@ -1098,6 +1098,9 @@ static int read_gab2_sub(AVFormatContext *s, AVStream *st, AVPacket *pkt) | |||||
if (!sub_demuxer) | |||||
goto error; | |||||
+ if (strcmp(sub_demuxer->name, "srt") && strcmp(sub_demuxer->name, "ass")) | |||||
+ goto error; | |||||
+ | |||||
if (!(ast->sub_ctx = avformat_alloc_context())) | |||||
goto error; | |||||