Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
No build reason found for SLE-Product-HA:x86_64
SUSE:SLE-15-SP4:Update
ffmpeg-4
ffmpeg-4-CVE-2024-7055.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ffmpeg-4-CVE-2024-7055.patch of Package ffmpeg-4
From 3faadbe2a27e74ff5bb5f7904ec27bb1f5287dc8 Mon Sep 17 00:00:00 2001 From: Michael Niedermayer <michael@niedermayer.cc> Date: Thu, 18 Jul 2024 21:12:54 +0200 Subject: [PATCH] avcodec/pnmdec: Use 64bit for input size check References: CVE-2024-7055 References: bsc#1229026 Upstream: Backport from upstream Fixes: out of array read Fixes: poc3 Reported-by: VulDB CNA Team Found-by: CookedMelon Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> --- libavcodec/pnmdec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- ffmpeg-4.4/libavcodec/pnmdec.c +++ ffmpeg-4.4_new/libavcodec/pnmdec.c @@ -256,7 +256,7 @@ } break; case AV_PIX_FMT_GBRPF32: - if (avctx->width * avctx->height * 12 > s->bytestream_end - s->bytestream) + if (avctx->width * avctx->height * 12LL > s->bytestream_end - s->bytestream) return AVERROR_INVALIDDATA; scale = 1.f / s->scale; if (s->endian) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor