diff options
author | Tony Tascioglu <tony.tascioglu@windriver.com> | 2021-07-27 16:20:42 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-07-28 23:46:56 +0100 |
commit | d3806b2add3060649c2d488fb9208a106573d523 (patch) | |
tree | 89c28c75ccbdc55300fb50fc90e65fe46a3b07c9 | |
parent | 96b1d483ccf2166bf577e73075d5fe57c45bbfdf (diff) | |
download | openembedded-core-contrib-d3806b2add3060649c2d488fb9208a106573d523.tar.gz |
ffmpeg: fix-CVE-2020-20446
avcodec/aacpsy: Avoid floating point division by 0 of norm_fac
Fixes: Ticket7995
Fixes: CVE-2020-20446
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
CVE: CVE-2020-20446
Upstream-Status: Backport [223b5e8ac9f6461bb13ed365419ec485c5b2b002]
Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch | 35 | ||||
-rw-r--r-- | meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb | 1 |
2 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch new file mode 100644 index 0000000000..f048c2e715 --- /dev/null +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch @@ -0,0 +1,35 @@ +From 223b5e8ac9f6461bb13ed365419ec485c5b2b002 Mon Sep 17 00:00:00 2001 +From: Michael Niedermayer <michael@niedermayer.cc> +Date: Fri, 28 May 2021 20:18:25 +0200 +Subject: [PATCH] avcodec/aacpsy: Avoid floating point division by 0 of + norm_fac + +Fixes: Ticket7995 +Fixes: CVE-2020-20446 + +Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> + +CVE: CVE-2020-20446 +Upstream-Status: Backport [223b5e8ac9f6461bb13ed365419ec485c5b2b002] + +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> +--- + libavcodec/aacpsy.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libavcodec/aacpsy.c b/libavcodec/aacpsy.c +index 482113d427..e51d29750b 100644 +--- a/libavcodec/aacpsy.c ++++ b/libavcodec/aacpsy.c +@@ -794,7 +794,7 @@ static void psy_3gpp_analyze_channel(FFPsyContext *ctx, int channel, + + if (pe < 1.15f * desired_pe) { + /* 6.6.1.3.6 "Final threshold modification by linearization" */ +- norm_fac = 1.0f / norm_fac; ++ norm_fac = norm_fac ? 1.0f / norm_fac : 0; + for (w = 0; w < wi->num_windows*16; w += 16) { + for (g = 0; g < num_bands; g++) { + AacPsyBand *band = &pch->band[w+g]; +-- +2.32.0 + diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb index 3ed009bbb7..00640f3cb3 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.4.bb @@ -25,6 +25,7 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \ file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \ + file://fix-CVE-2020-20446.patch \ " SRC_URI[sha256sum] = "06b10a183ce5371f915c6bb15b7b1fffbe046e8275099c96affc29e17645d909" |