Overview

File ffmpeg-4-CVE-2025-22921.patch of Package ffmpeg-4

From 7f9c7f9849a2155224711f0ff57ecdac6e4bfb57 Mon Sep 17 00:00:00 2001
From: James Almer <jamrial@gmail.com>
Date: Wed, 1 Jan 2025 23:58:39 -0300
Subject: [PATCH] avcodec/jpeg2000dec: clear array length when freeing it

Fixes NULL pointer dereferences.
Fixes ticket #11393.

Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
---
 libavcodec/jpeg2000dec.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
index e5e897a29f..b82d85d5ee 100644
--- a/libavcodec/jpeg2000dec.c
+++ b/libavcodec/jpeg2000dec.c
@@ -1521,6 +1521,7 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s, Jpeg2000Tile *tile,
                 }
             }
             av_freep(&cblk->lengthinc);
+            cblk->nb_lengthinc = 0;
         }
     }
     // Save state of stream
-- 
2.44.0
openSUSE Build Service is sponsored by
Places