Overview

File ffmpeg-CVE-2018-1999012.patch of Package ffmpeg.8100

From 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Tue, 3 Jul 2018 22:14:42 +0200
Subject: [PATCH] avformat/pva: Check for EOF before retrying in
 read_part_of_packet()

Fixes: Infinite loop
Fixes: pva-4b1835dbc2027bf3c567005dcc78e85199240d06

Found-by: Paul Ch <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
 libavformat/pva.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libavformat/pva.c b/libavformat/pva.c
index 16381db9054..04ae8e2800c 100644
--- a/libavformat/pva.c
+++ b/libavformat/pva.c
@@ -134,6 +134,10 @@ static int read_part_of_packet(AVFormatContext *s, int64_t *pts,
             pes_flags              = avio_rb16(pb);
             pes_header_data_length = avio_r8(pb);
 
+            if (avio_feof(pb)) {
+                return AVERROR_EOF;
+            }
+
             if (pes_signal != 1 || pes_header_data_length == 0) {
                 pva_log(s, AV_LOG_WARNING, "expected non empty signaled PES packet, "
                                           "trying to recover\n");
openSUSE Build Service is sponsored by
Places