File ffmpeg-CVE-2020-22023.patch of Package ffmpeg.32491

From 0b567238741854b41f84f7457686b044eadfe29c Mon Sep 17 00:00:00 2001
From: Paul B Mahol <onemda@gmail.com>
Date: Fri, 11 Oct 2019 12:42:13 +0200
Subject: [PATCH] avfilter/vf_bitplanenoise: fix overreads

Fixes #8244
---
 libavfilter/vf_bitplanenoise.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libavfilter/vf_bitplanenoise.c b/libavfilter/vf_bitplanenoise.c
index 4ec3a22572..94aa24abec 100644
--- a/libavfilter/vf_bitplanenoise.c
+++ b/libavfilter/vf_bitplanenoise.c
@@ -122,7 +122,7 @@ static int filter_frame(AVFilterLink *inlink, AVFrame *in)
 
     if (s->depth <= 8) {
         for (plane = 0; plane < s->nb_planes; plane++) {
-            const int linesize = in->linesize[plane];
+            const int linesize = s->planeheight[plane] > 1 ? in->linesize[plane] : 0;
             const int dlinesize = out->linesize[plane];
             uint8_t *val = in->data[plane];
             uint8_t *dst = s->filter ? out->data[plane]: NULL;
@@ -151,7 +151,7 @@ static int filter_frame(AVFilterLink *inlink, AVFrame *in)
         }
     } else {
         for (plane = 0; plane < s->nb_planes; plane++) {
-            const int linesize = in->linesize[plane] / 2;
+            const int linesize = s->planeheight[plane] > 1 ? in->linesize[plane] / 2 : 0;
             const int dlinesize = out->linesize[plane] / 2;
             uint16_t *val = (uint16_t *)in->data[plane];
             uint16_t *dst = s->filter ? (uint16_t *)out->data[plane] : NULL;
-- 
2.31.1

openSUSE Build Service is sponsored by