ffmpeg: upgrade 5.0.1 -> 5.0.3

Refreshed CVE-2024-36613.patch against to the current version Removed below patches since already fixed in this version 0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch [1] 0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch [2] 0001-avcodec-vp3-Add-missing-check-for-av_malloc.patch [3] 0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch [4] CVE-2022-48434.patch [5] [1] 1eb002596e [2] 293dc39bca [3] 2cdddcd6ec [4] 481e81be12 [5] 3bc28e9d1a (From OE-Core rev: dadb16481810ebda8091b36e3ee03713c90b5e7e) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2026-04-20 09:32:13 +02:00 · 2025-06-04 16:46:56 +05:30
parent 179c5dc17f
commit 9f5df97f5c
2 changed files with 10 additions and 15 deletions
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36613.patch
@@ -1,8 +1,7 @@
 From 1f6fcc64179377114b4ecc3b9f63bd5774a64edf Mon Sep 17 00:00:00 2001
 From: Michael Niedermayer <michael@niedermayer.cc>
 Date: Sat, 30 Sep 2023 00:51:29 +0200
-Subject: [PATCH 2/4] avformat/dxa: Adjust order of operations around block
- align
+Subject: [PATCH] avformat/dxa: Adjust order of operations around block  align

 Fixes: 51896/clusterfuzz-testcase-minimized-ffmpeg_dem_DXA_fuzzer-5730576523198464
 Fixes: signed integer overflow: 2147483566 + 82 cannot be represented in type 'int'
@@ -22,17 +21,18 @@ Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
 1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/libavformat/dxa.c b/libavformat/dxa.c
-index 16fbb08..53747c8 100644
+index 474b852..b4d9d00 100644
 --- a/libavformat/dxa.c
 +++ b/libavformat/dxa.c
-@@ -120,7 +120,7 @@ static int dxa_read_header(AVFormatContext *s)
-         }
-         c->bpc = (fsize + c->frames - 1) / c->frames;
-         if(ast->codecpar->block_align)
+@@ -122,7 +122,7 @@ static int dxa_read_header(AVFormatContext *s)
+         if(ast->codecpar->block_align) {
+             if (c->bpc > INT_MAX - ast->codecpar->block_align + 1)
+                 return AVERROR_INVALIDDATA;
 -            c->bpc = ((c->bpc + ast->codecpar->block_align - 1) / ast->codecpar->block_align) * ast->codecpar->block_align;
 +            c->bpc = ((c->bpc - 1 + ast->codecpar->block_align) / ast->codecpar->block_align) * ast->codecpar->block_align;
+         }
         c->bytes_left = fsize;
         c->wavpos = avio_tell(pb);
-         avio_seek(pb, c->vidpos, SEEK_SET);
--
+-- 
 2.40.0
+
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
@@ -24,11 +24,6 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \

 SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
           file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \
-           file://0001-avcodec-rpzaenc-stop-accessing-out-of-bounds-frame.patch \
-           file://0001-avcodec-smcenc-stop-accessing-out-of-bounds-frame.patch \
-           file://0001-avcodec-vp3-Add-missing-check-for-av_malloc.patch \
-           file://0001-avformat-nutdec-Add-check-for-avformat_new_stream.patch \
-           file://CVE-2022-48434.patch \
           file://CVE-2024-32230.patch \
           file://CVE-2023-51793.patch \
           file://CVE-2023-50008.patch \
@@ -53,7 +48,7 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
           file://CVE-2025-25473.patch \
          "

-SRC_URI[sha256sum] = "ef2efae259ce80a240de48ec85ecb062cecca26e4352ffb3fda562c21a93007b"
+SRC_URI[sha256sum] = "04c70c377de233a4b217c2fdf76b19aeb225a287daeb2348bccd978c47b1a1db"

 # CVE-2023-39018 issue belongs to ffmpeg-cli-wrapper (Java wrapper around the FFmpeg CLI)
 # and not ffmepg itself.