summaryrefslogtreecommitdiff
path: root/multimedia/mythtv/files/patch-CVE-2017-14171
diff options
context:
space:
mode:
Diffstat (limited to 'multimedia/mythtv/files/patch-CVE-2017-14171')
-rw-r--r--multimedia/mythtv/files/patch-CVE-2017-1417138
1 files changed, 38 insertions, 0 deletions
diff --git a/multimedia/mythtv/files/patch-CVE-2017-14171 b/multimedia/mythtv/files/patch-CVE-2017-14171
new file mode 100644
index 000000000000..a5b729aea2af
--- /dev/null
+++ b/multimedia/mythtv/files/patch-CVE-2017-14171
@@ -0,0 +1,38 @@
+From a051de092e9c709b69d24d94b66a382909be67d5 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?=E5=AD=99=E6=B5=A9=28=E6=99=93=E9=BB=91=29?=
+ <tony.sh@alibaba-inc.com>
+Date: Tue, 29 Aug 2017 23:59:21 +0200
+Subject: [PATCH] avformat/nsvdec: Fix DoS due to lack of eof check in
+ nsvs_file_offset loop.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fixes: 20170829.nsv
+
+Co-Author: 张洪亮(望初)" <wangchu.zhl@alibaba-inc.com>
+Found-by: Xiaohei and Wangchu from Alibaba Security Team
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+(cherry picked from commit c24bcb553650b91e9eff15ef6e54ca73de2453b7)
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavformat/nsvdec.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git libavformat/nsvdec.c libavformat/nsvdec.c
+index 507fb396a51..16d2fa59e21 100644
+--- external/FFmpeg/libavformat/nsvdec.c
++++ external/FFmpeg/libavformat/nsvdec.c
+@@ -350,8 +350,11 @@ static int nsv_parse_NSVf_header(AVFormatContext *s)
+ if (!nsv->nsvs_file_offset)
+ return AVERROR(ENOMEM);
+
+- for(i=0;i<table_entries_used;i++)
++ for(i=0;i<table_entries_used;i++) {
++ if (avio_feof(pb))
++ return AVERROR_INVALIDDATA;
+ nsv->nsvs_file_offset[i] = avio_rl32(pb) + size;
++ }
+
+ if(table_entries > table_entries_used &&
+ avio_rl32(pb) == MKTAG('T','O','C','2')) {
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-27 17:59:10 +0000