fix CVE-2024-32230

2024-07-02 02:58:29 +00:00 · 2024-07-02 02:58:29 +00:00 · 7f23d937c8
commit 7f23d937c8
parent 0f80fe6bb2
2 changed files with 36 additions and 1 deletions
--- a/ffmpeg.spec
+++ b/ffmpeg.spec
@ -59,7 +59,7 @@ ExclusiveArch: armv7hnl
 Summary:        Digital VCR and streaming server
 Name:           ffmpeg%{?flavor}
 Version:        6.1.1
-Release:        8
+Release:        9
 License:        GPL-3.0-or-later
 URL:            http://ffmpeg.org/
 Source0:        http://ffmpeg.org/releases/ffmpeg-%{version}.tar.xz
@ -72,6 +72,8 @@ Patch4:		fix-CVE-2024-31582.patch
 Patch5:         fix_libsvgdec_compile_error.patch
 Patch6:         CVE-2023-49528.patch
 Patch7:         fix-CVE-2023-49502.patch
+Patch8:         fix-CVE-2024-32230.patch
+
 Requires:       %{name}-libs%{?_isa} = %{version}-%{release}
 %{?_with_cuda:BuildRequires: cuda-minimal-build-%{_cuda_version_rpm} cuda-drivers-devel}
 %{?_with_libnpp:BuildRequires: pkgconfig(nppc-%{_cuda_version})}
@ -399,6 +401,9 @@ install -pm755 tools/qt-faststart %{buildroot}%{_bindir}


 %changelog
+* Tue Jul 02 2024 wangziliang <wangziliang@kylinos.cn> - 6.1.1-9
+- fix-CVE-2024-32230.patch
+
 * Mon Jun 24 2024 happyworker <208suo@208suo.com> - 6.1.1-8
 - fix-CVE-2023-49502.patch

--- a/fix-CVE-2024-32230.patch
+++ b/fix-CVE-2024-32230.patch
@ -0,0 +1,30 @@
+From 96449cfeaeb95fcfd7a2b8d9ccf7719e97471ed1 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Mon, 8 Apr 2024 18:38:42 +0200
+Subject: [PATCH] avcodec/mpegvideo_enc: Fix 1 line and one column images
+
+Fixes: Ticket10952
+Fixes: poc21ffmpeg
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavcodec/mpegvideo_enc.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libavcodec/mpegvideo_enc.c b/libavcodec/mpegvideo_enc.c
+index 0e3255c0fb..2a75973ac4 100644
+--- a/libavcodec/mpegvideo_enc.c
+++ b/libavcodec/mpegvideo_enc.c
+@@ -1198,8 +1198,8 @@ static int load_input_picture(MpegEncContext *s, const AVFrame *pic_arg)
+                 int dst_stride = i ? s->uvlinesize : s->linesize;
+                 int h_shift = i ? s->chroma_x_shift : 0;
+                 int v_shift = i ? s->chroma_y_shift : 0;
+-                int w = s->width  >> h_shift;
+-                int h = s->height >> v_shift;
+                int w = AV_CEIL_RSHIFT(s->width , h_shift);
+                int h = AV_CEIL_RSHIFT(s->height, v_shift);
+                 const uint8_t *src = pic_arg->data[i];
+                 uint8_t *dst = pic->f->data[i];
+                 int vpad = 16;
+-- 
+2.33.0
+