db032688df
Convert multimedia/mythtv-frontend to a slave port of multimedia/mythtv which should make future updates much easier. Upstream security patches have been added to address known vulnerabilities in the bundled ffmpeg 3.2. PR: 225652 (initial patches to update to 29.0) [1] Submitted by: <lucylangthorne55@gmail.com> [1] Differential Revision: https://reviews.freebsd.org/D14563
33 lines
1.3 KiB
Text
33 lines
1.3 KiB
Text
From 816f7337bf3ed3e08afdc28278668d8eb81910cb Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?=E5=AD=99=E6=B5=A9=28=E6=99=93=E9=BB=91=29?=
|
|
<tony.sh@alibaba-inc.com>
|
|
Date: Tue, 29 Aug 2017 23:59:21 +0200
|
|
Subject: [PATCH] avformat/mxfdec: Fix Sign error in mxf_read_primer_pack()
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Fixes: 20170829B.mxf
|
|
|
|
Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com>
|
|
Found-by: Xiaohei and Wangchu from Alibaba Security Team
|
|
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
(cherry picked from commit 9d00fb9d70ee8c0cc7002b89318c5be00f1bbdad)
|
|
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
|
|
---
|
|
libavformat/mxfdec.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git libavformat/mxfdec.c libavformat/mxfdec.c
|
|
index e2e34b246f7..0e9153847e8 100644
|
|
--- external/FFmpeg/libavformat/mxfdec.c
|
|
+++ external/FFmpeg/libavformat/mxfdec.c
|
|
@@ -500,7 +500,7 @@ static int mxf_read_primer_pack(void *arg, AVIOContext *pb, int tag, int size, U
|
|
avpriv_request_sample(pb, "Primer pack item length %d", item_len);
|
|
return AVERROR_PATCHWELCOME;
|
|
}
|
|
- if (item_num > 65536) {
|
|
+ if (item_num > 65536 || item_num < 0) {
|
|
av_log(mxf->fc, AV_LOG_ERROR, "item_num %d is too large\n", item_num);
|
|
return AVERROR_INVALIDDATA;
|
|
}
|