1 files changed, 33 insertions, 0 deletions

diff --git a/multimedia/mythtv/files/patch-CVE-2017-17081b b/multimedia/mythtv/files/patch-CVE-2017-17081b
new file mode 100644
index 000000000000..b077b12eef69
--- /dev/null
+++ b/multimedia/mythtv/files/patch-CVE-2017-17081b
@@ -0,0 +1,33 @@
+From b51f515c5c837351f2104b43c0e2a0562a759086 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Mon, 13 Nov 2017 20:47:48 +0100
+Subject: [PATCH] avcodec/x86/mpegvideodsp: Fix signedness bug in need_emu
+
+Fixes: out of array read
+Fixes: 3516/attachment-311488.dat
+
+Found-by: Insu Yun, Georgia Tech.
+Tested-by: wuninsu@gmail.com
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+(cherry picked from commit 58cf31cee7a456057f337b3102a03206d833d5e8)
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavcodec/x86/mpegvideodsp.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git libavcodec/x86/mpegvideodsp.c libavcodec/x86/mpegvideodsp.c
+index e0498f38496..6009b64e076 100644
+--- external/FFmpeg/libavcodec/x86/mpegvideodsp.c
++++ external/FFmpeg/libavcodec/x86/mpegvideodsp.c
+@@ -52,8 +52,9 @@ static void gmc_mmx(uint8_t *dst, uint8_t *src,
+     const int dyh = (dyy - (1 << (16 + shift))) * (h - 1);
+     const int dxh = dxy * (h - 1);
+     const int dyw = dyx * (w - 1);
+-    int need_emu  =  (unsigned) ix >= width  - w ||
+-                     (unsigned) iy >= height - h;
++    int need_emu  =  (unsigned) ix >= width  - w || width < w ||
++                     (unsigned) iy >= height - h || height< h
++                     ;
+ 
+     if ( // non-constant fullpel offset (3% of blocks)
+         ((ox ^ (ox + dxw)) | (ox ^ (ox + dxh)) | (ox ^ (ox + dxw + dxh)) |