File ffmpeg-4-CVE-2025-7700.patch of Package ffmpeg-4.39216

From fb21d63c5560724bbee401b0e4c0c6a2c4e0f1bb Mon Sep 17 00:00:00 2001
From: Jonathan Kang <jonathankang@gnome.org>
Date: Thu, 24 Jul 2025 14:51:41 +0800
Subject: [PATCH] libavcodec/alsdec.c: Add check for av_malloc_array() and
 av_calloc()

Add check for the return value of av_malloc_array() and av_calloc()
to avoid potential NULL pointer dereference.

Fixes: dcfd24b10c ("avcodec/alsdec: Implement floating point sample data decoding")
---
 libavcodec/alsdec.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/libavcodec/alsdec.c b/libavcodec/alsdec.c
index 917e7b6264..1208fbe75d 100644
--- a/libavcodec/alsdec.c
+++ b/libavcodec/alsdec.c
@@ -2116,8 +2116,8 @@ static av_cold int decode_init(AVCodecContext *avctx)
         ctx->nbits  = av_malloc_array(ctx->cur_frame_length, sizeof(*ctx->nbits));
         ctx->mlz    = av_mallocz(sizeof(*ctx->mlz));
 
-        if (!ctx->mlz || !ctx->acf || !ctx->shift_value || !ctx->last_shift_value
-            || !ctx->last_acf_mantissa || !ctx->raw_mantissa) {
+        if (!ctx->larray || !ctx->nbits || !ctx->mlz || !ctx->acf || !ctx->shift_value
+            || !ctx->last_shift_value || !ctx->last_acf_mantissa || !ctx->raw_mantissa) {
             av_log(avctx, AV_LOG_ERROR, "Allocating buffer memory failed.\n");
             ret = AVERROR(ENOMEM);
             goto fail;
@@ -2128,6 +2128,11 @@ static av_cold int decode_init(AVCodecContext *avctx)
 
         for (c = 0; c < avctx->channels; ++c) {
             ctx->raw_mantissa[c] = av_mallocz_array(ctx->cur_frame_length, sizeof(**ctx->raw_mantissa));
+            if (!ctx->raw_mantissa[c]) {
+                av_log(avctx, AV_LOG_ERROR, "Allocating buffer memory failed.\n");
+                ret = AVERROR(ENOMEM);
+                goto fail;
+            }
         }
     }
 
-- 
2.49.0