mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-21 12:32:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

ffmpeg: fix CVE-2020-20446

Browse Source 
avcodec/aacpsy: Avoid floating point division by 0 of norm_fac

Fixes: Ticket7995
Fixes: CVE-2020-20446

(From OE-Core rev: f95b512e0bd506339c83081071c83000604dd105)

Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>

CVE: CVE-2020-20446
Upstream-Status: Backport [223b5e8ac9f6461bb13ed365419ec485c5b2b002]

Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Tony Tascioglu
2021-08-20 14:31:53 -07:00
committed by Richard Purdie
parent e35dc77f77
commit 5dffafd6c9
2 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
meta/recipes-multimedia/ffmpeg/ffmpeg/fix-CVE-2020-20446.patch Normal file
View File

@@ -0,0 +1,35 @@
From 073bad2fcae5be78c11a1623a20319107dfae9f8 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Fri, 28 May 2021 20:18:25 +0200
Subject: [PATCH 1/5] avcodec/aacpsy: Avoid floating point division by 0 of
norm_fac
Fixes: Ticket7995
Fixes: CVE-2020-20446
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
CVE: CVE-2020-20446
Upstream-Status: Backport [223b5e8ac9f6461bb13ed365419ec485c5b2b002]
Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
---
libavcodec/aacpsy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavcodec/aacpsy.c b/libavcodec/aacpsy.c
index fca692cb15..bd444fecdc 100644
--- a/libavcodec/aacpsy.c
+++ b/libavcodec/aacpsy.c
@@ -794,7 +794,7 @@ static void psy_3gpp_analyze_channel(FFPsyContext *ctx, int channel,
if (pe < 1.15f * desired_pe) {
/* 6.6.1.3.6 "Final threshold modification by linearization" */
- norm_fac = 1.0f / norm_fac;
+ norm_fac = norm_fac ? 1.0f / norm_fac : 0;
for (w = 0; w < wi->num_windows*16; w += 16) {
for (g = 0; g < num_bands; g++) {
AacPsyBand *band = &pch->band[w+g];
--
2.32.0

1
meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
View File

@@ -26,6 +26,7 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://mips64_cpu_detection.patch \
file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \
file://fix-CVE-2020-20446.patch \
"
SRC_URI[sha256sum] = "46e4e64f1dd0233cbc0934b9f1c0da676008cad34725113fb7f802cfa84ccddb"