freebsd-ports/multimedia/mythtv/files/patch-CVE-2017-09996b

From 7f3a671ece8fd711e2ebc71a4e08cda591d810a8 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Mon, 8 May 2017 11:46:03 +0200
Subject: [PATCH] avcodec/cdxl: Check format for BGR24

Fixes: out of array access
Fixes: 1427/clusterfuzz-testcase-minimized-5020737339392000

Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/targets/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
(cherry picked from commit 1e42736b95065c69a7481d0cf55247024f54b660)
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavcodec/cdxl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git libavcodec/cdxl.c libavcodec/cdxl.c
index 5c0ecb279c7..78f5d50102f 100644
--- external/FFmpeg/libavcodec/cdxl.c
+++ external/FFmpeg/libavcodec/cdxl.c
@@ -279,7 +279,7 @@ static int cdxl_decode_frame(AVCodecContext *avctx, void *data,
         return AVERROR_INVALIDDATA;
     if (!encoding && c->palette_size && c->bpp <= 8 && c->format != CHUNKY) {
         avctx->pix_fmt = AV_PIX_FMT_PAL8;
-    } else if (encoding == 1 && (c->bpp == 6 || c->bpp == 8)) {
+    } else if (encoding == 1 && (c->bpp == 6 || c->bpp == 8) && c->format != CHUNKY) {
         if (c->palette_size != (1 << (c->bpp - 1)))
             return AVERROR_INVALIDDATA;
         avctx->pix_fmt = AV_PIX_FMT_BGR24;