File ffmpeg-CVE-2018-1999013.patch of Package ffmpeg.35185

Overview Repositories Revisions Requests Users Attributes Meta

File ffmpeg-CVE-2018-1999013.patch of Package ffmpeg.35185

From a7e032a277452366771951e29fd0bf2bd5c029f0 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Tue, 3 Jul 2018 21:37:46 +0200
Subject: [PATCH] avformat/rmdec: Do not pass mime type in rm_read_multi() to
 ff_rm_read_mdpr_codecdata()

Fixes: use after free()
Fixes: rmdec-crash-ffe85b4cab1597d1cfea6955705e53f1f5c8a362

Found-by: Paul Ch <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/rmdec.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libavformat/rmdec.c b/libavformat/rmdec.c
index ac61723c66a..0216003e88e 100644
--- a/libavformat/rmdec.c
+++ b/libavformat/rmdec.c
@@ -522,7 +522,7 @@ static int rm_read_multi(AVFormatContext *s, AVIOContext *pb,
 
         size2 = avio_rb32(pb);
         ret = ff_rm_read_mdpr_codecdata(s, s->pb, st2, st2->priv_data,
-                                        size2, mime);
+                                        size2, NULL);
         if (ret < 0)
             return ret;
     }

Places

File ffmpeg-CVE-2018-1999013.patch of Package ffmpeg.35185

Places