From: Ankur Tyagi <[email protected]> Details: https://nvd.nist.gov/vuln/detail/CVE-2023-47471
Signed-off-by: Ankur Tyagi <[email protected]> --- .../libde265/libde265/CVE-2023-47471.patch | 42 +++++++++++++++++++ .../libde265/libde265_1.0.12.bb | 1 + 2 files changed, 43 insertions(+) create mode 100644 meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-47471.patch diff --git a/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-47471.patch b/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-47471.patch new file mode 100644 index 0000000000..3d66758e49 --- /dev/null +++ b/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2023-47471.patch @@ -0,0 +1,42 @@ +From 78bd5752157f34e822cefd8ff8959a96a26b4841 Mon Sep 17 00:00:00 2001 +From: Dirk Farin <[email protected]> +Date: Sat, 4 Nov 2023 15:20:50 +0100 +Subject: [PATCH] null-pointer check in debug output (fixes #426) + +CVE: CVE-2023-47471 +Upstream-Status: Backport [https://github.com/strukturag/libde265/commit/e36b4a1b0bafa53df47514c419d5be3e8916ebc7] +(cherry picked from commit e36b4a1b0bafa53df47514c419d5be3e8916ebc7) +Signed-off-by: Ankur Tyagi <[email protected]> +--- + libde265/slice.cc | 11 ++++++++++- + 1 file changed, 10 insertions(+), 1 deletion(-) + +diff --git a/libde265/slice.cc b/libde265/slice.cc +index 280b7417..435123dc 100644 +--- a/libde265/slice.cc ++++ b/libde265/slice.cc +@@ -1277,14 +1277,23 @@ void slice_segment_header::dump_slice_segment_header(const decoder_context* ctx, + #define LOG3(t,d1,d2,d3) log2fh(fh, t,d1,d2,d3) + #define LOG4(t,d1,d2,d3,d4) log2fh(fh, t,d1,d2,d3,d4) + ++ LOG0("----------------- SLICE -----------------\n"); ++ + const pic_parameter_set* pps = ctx->get_pps(slice_pic_parameter_set_id); ++ if (!pps) { ++ LOG0("invalid PPS referenced\n"); ++ return; ++ } + assert(pps->pps_read); // TODO: error handling + + const seq_parameter_set* sps = ctx->get_sps((int)pps->seq_parameter_set_id); ++ if (!sps) { ++ LOG0("invalid SPS referenced\n"); ++ return; ++ } + assert(sps->sps_read); // TODO: error handling + + +- LOG0("----------------- SLICE -----------------\n"); + LOG1("first_slice_segment_in_pic_flag : %d\n", first_slice_segment_in_pic_flag); + if (ctx->get_nal_unit_type() >= NAL_UNIT_BLA_W_LP && + ctx->get_nal_unit_type() <= NAL_UNIT_RESERVED_IRAP_VCL23) { diff --git a/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.12.bb b/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.12.bb index 3466d37317..b082faa3b9 100644 --- a/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.12.bb +++ b/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.12.bb @@ -10,6 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=695b556799abb2435c97a113cdca512f" SRC_URI = "git://github.com/strukturag/libde265.git;branch=master;protocol=https \ file://CVE-2023-43887.patch \ + file://CVE-2023-47471.patch \ " SRCREV = "a267c84707ab264928fa9b86de2ee749c48c318c"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123314): https://lists.openembedded.org/g/openembedded-devel/message/123314 Mute This Topic: https://lists.openembedded.org/mt/117184749/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
