summaryrefslogtreecommitdiff
path: root/multimedia/mythtv/files/patch-CVE-2017-09993b
diff options
context:
space:
mode:
Diffstat (limited to 'multimedia/mythtv/files/patch-CVE-2017-09993b')
-rw-r--r--multimedia/mythtv/files/patch-CVE-2017-09993b31
1 files changed, 31 insertions, 0 deletions
diff --git a/multimedia/mythtv/files/patch-CVE-2017-09993b b/multimedia/mythtv/files/patch-CVE-2017-09993b
new file mode 100644
index 000000000000..91d207be3d92
--- /dev/null
+++ b/multimedia/mythtv/files/patch-CVE-2017-09993b
@@ -0,0 +1,31 @@
+From 5415c88e370692a3cf10b998ab230b4a02fc237f Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Tue, 30 May 2017 21:29:20 +0200
+Subject: [PATCH] avformat/avidec: Limit formats in gab2 to srt and ass/ssa
+
+This prevents part of one exploit leading to an information leak
+
+Found-by: Emil Lerner and Pavel Cheremushkin
+Reported-by: Thierry Foucu <tfoucu@google.com>
+
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+(cherry picked from commit a5d849b149ca67ced2d271dc84db0bc95a548abb)
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavformat/avidec.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git libavformat/avidec.c libavformat/avidec.c
+index ebd14abb12c..9afac825d43 100644
+--- external/FFmpeg/libavformat/avidec.c
++++ external/FFmpeg/libavformat/avidec.c
+@@ -1098,6 +1098,9 @@ static int read_gab2_sub(AVFormatContext *s, AVStream *st, AVPacket *pkt)
+ if (!sub_demuxer)
+ goto error;
+
++ if (strcmp(sub_demuxer->name, "srt") && strcmp(sub_demuxer->name, "ass"))
++ goto error;
++
+ if (!(ast->sub_ctx = avformat_alloc_context()))
+ goto error;
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-24 16:54:29 +0000