1 files changed, 32 insertions, 0 deletions

diff --git a/multimedia/mythtv/files/patch-CVE-2017-14223 b/multimedia/mythtv/files/patch-CVE-2017-14223
new file mode 100644
index 000000000000..3b3237d60168
--- /dev/null
+++ b/multimedia/mythtv/files/patch-CVE-2017-14223
@@ -0,0 +1,32 @@
+From 4e4177dde23be77a97887f409f237e17ef53f329 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Tue, 5 Sep 2017 00:16:29 +0200
+Subject: [PATCH] avformat/asfdec: Fix DoS in asf_build_simple_index()
+
+Fixes: Missing EOF check in loop
+No testcase
+
+Found-by: Xiaohei and Wangchu from Alibaba Security Team
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+(cherry picked from commit afc9c683ed9db01edb357bc8c19edad4282b3a97)
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavformat/asfdec_f.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git libavformat/asfdec_f.c libavformat/asfdec_f.c
+index 2cacafe50d5..d9dfbf0fa33 100644
+--- external/FFmpeg/libavformat/asfdec_f.c
++++ external/FFmpeg/libavformat/asfdec_f.c
+@@ -1610,6 +1610,11 @@ static int asf_build_simple_index(AVFormatContext *s, int stream_index)
+             int64_t pos       = s->internal->data_offset + s->packet_size * (int64_t)pktnum;
+             int64_t index_pts = FFMAX(av_rescale(itime, i, 10000) - asf->hdr.preroll, 0);
+ 
++            if (avio_feof(s->pb)) {
++                ret = AVERROR_INVALIDDATA;
++                goto end;
++            }
++
+             if (pos != last_pos) {
+                 av_log(s, AV_LOG_DEBUG, "pktnum:%d, pktct:%d  pts: %"PRId64"\n",
+                        pktnum, pktct, index_pts);