Changeset View
Changeset View
Standalone View
Standalone View
head/multimedia/mythtv/files/patch-CVE-2017-14222
| Property | Old Value | New Value |
|---|---|---|
| fbsd:nokeywords | null | yes \ No newline at end of property |
| svn:eol-style | null | native \ No newline at end of property |
| svn:mime-type | null | text/plain \ No newline at end of property |
| From c9527df274ada02a19c2f973b29d1d5b7069d4bf Mon Sep 17 00:00:00 2001 | |||||
| From: Michael Niedermayer <michael@niedermayer.cc> | |||||
| Date: Tue, 5 Sep 2017 00:16:29 +0200 | |||||
| Subject: [PATCH] avformat/mov: Fix DoS in read_tfra() | |||||
| Fixes: Missing EOF check in loop | |||||
| No testcase | |||||
| Found-by: Xiaohei and Wangchu from Alibaba Security Team | |||||
| Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> | |||||
| (cherry picked from commit 9cb4eb772839c5e1de2855d126bf74ff16d13382) | |||||
| Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> | |||||
| --- | |||||
| libavformat/mov.c | 7 +++++++ | |||||
| 1 file changed, 7 insertions(+) | |||||
| diff --git libavformat/mov.c libavformat/mov.c | |||||
| index 405476fd712..b97aa001a37 100644 | |||||
| --- external/FFmpeg/libavformat/mov.c | |||||
| +++ external/FFmpeg/libavformat/mov.c | |||||
| @@ -5394,6 +5394,13 @@ static int read_tfra(MOVContext *mov, AVIOContext *f) | |||||
| } | |||||
| for (i = 0; i < index->item_count; i++) { | |||||
| int64_t time, offset; | |||||
| + | |||||
| + if (avio_feof(f)) { | |||||
| + index->item_count = 0; | |||||
| + av_freep(&index->items); | |||||
| + return AVERROR_INVALIDDATA; | |||||
| + } | |||||
| + | |||||
| if (version == 1) { | |||||
| time = avio_rb64(f); | |||||
| offset = avio_rb64(f); | |||||