From dadb16481810ebda8091b36e3ee03713c90b5e7e Mon Sep 17 00:00:00 2001 From: Archana Polampalli Date: Wed, 4 Jun 2025 16:46:56 +0530 Subject: [PATCH] ffmpeg: upgrade 5.0.1 -> 5.0.3 Refreshed CVE-2024-36613.patch against to the current version Removed below patches since already fixed in this version 0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch [1] 0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch [2] 0001-avcodec-vp3-Add-missing-check-for-av_malloc.patch [3] 0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch [4] CVE-2022-48434.patch [5] [1] https://github.com/FFmpeg/FFmpeg/commit/1eb002596e3761d88de4aeea3158692b82fb6307 [2] https://github.com/FFmpeg/FFmpeg/commit/293dc39bcaa99f213c6b7a703e11f146abf5d3be [3] https://github.com/FFmpeg/FFmpeg/commit/2cdddcd6ec90c7a248ffe792d85faa4d89eab9f7 [4] https://github.com/FFmpeg/FFmpeg/commit/481e81be1271ac9a0124ee615700390c2371bd89 [5] https://github.com/FFmpeg/FFmpeg/commit/3bc28e9d1ab33627cea3c632dd6b0c33e22e93ba Signed-off-by: Archana Polampalli Signed-off-by: Steve Sakoman --- .../ffmpeg/ffmpeg/CVE-2024-36613.patch | 18 +++++++++--------- .../{ffmpeg_5.0.1.bb => ffmpeg_5.0.3.bb} | 7 +------ 2 files changed, 10 insertions(+), 15 deletions(-) rename meta/recipes-multimedia/ffmpeg/{ffmpeg_5.0.1.bb => ffmpeg_5.0.3.bb} (96%) diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch index 300b8d1e49..8dc43c3b68 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch @@ -1,8 +1,7 @@ From 1f6fcc64179377114b4ecc3b9f63bd5774a64edf Mon Sep 17 00:00:00 2001 From: Michael Niedermayer Date: Sat, 30 Sep 2023 00:51:29 +0200 -Subject: [PATCH 2/4] avformat/dxa: Adjust order of operations around block - align +Subject: [PATCH] avformat/dxa: Adjust order of operations around block align Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-5730576523198464 Fixes: signed integer overflow: 2147483566 + 82 cannot be represented in type 'int' @@ -22,17 +21,18 @@ Signed-off-by: Archana Polampalli 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libavformat/dxa.c b/libavformat/dxa.c -index 16fbb08..53747c8 100644 +index 474b852..b4d9d00 100644 --- a/libavformat/dxa.c +++ b/libavformat/dxa.c -@@ -120,7 +120,7 @@ static int dxa_read_header(AVFormatContext *s) - } - c->bpc = (fsize + c->frames - 1) / c->frames; - if(ast->codecpar->block_align) +@@ -122,7 +122,7 @@ static int dxa_read_header(AVFormatContext *s) + if(ast->codecpar->block_align) { + if (c->bpc > INT_MAX - ast->codecpar->block_align + 1) + return AVERROR_INVALIDDATA; - c->bpc = ((c->bpc + ast->codecpar->block_align - 1) / ast->codecpar->block_align) * ast->codecpar->block_align; + c->bpc = ((c->bpc - 1 + ast->codecpar->block_align) / ast->codecpar->block_align) * ast->codecpar->block_align; + } c->bytes_left = fsize; c->wavpos = avio_tell(pb); - avio_seek(pb, c->vidpos, SEEK_SET); --- +-- 2.40.0 + diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb similarity index 96% rename from meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb rename to meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb index 4b99c0fa21..127552396d 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb @@ -24,11 +24,6 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \ file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \ - file://0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch \ - file://0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch \ - file://0001-avcodec-vp3-Add-missing-check-for-av_malloc.patch \ - file://0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch \ - file://CVE-2022-48434.patch \ file://CVE-2024-32230.patch \ file://CVE-2023-51793.patch \ file://CVE-2023-50008.patch \ @@ -53,7 +48,7 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \ file://CVE-2025-25473.patch \ " -SRC_URI[sha256sum] = "ef2efae259ce80a240de48ec85ecb062cecca26e4352ffb3fda562c21a93007b" +SRC_URI[sha256sum] = "04c70c377de233a4b217c2fdf76b19aeb225a287daeb2348bccd978c47b1a1db" # CVE-2023-39018 issue belongs to ffmpeg-cli-wrapper (Java wrapper around the FFmpeg CLI) # and not ffmepg itself. -- 2.47.2