File ffmpeg-CVE-2018-1999013.patch of Package ffmpeg.27460
From a7e032a277452366771951e29fd0bf2bd5c029f0 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Tue, 3 Jul 2018 21:37:46 +0200
Subject: [PATCH] avformat/rmdec: Do not pass mime type in rm_read_multi() to
ff_rm_read_mdpr_codecdata()
Fixes: use after free()
Fixes: rmdec-crash-ffe85b4cab1597d1cfea6955705e53f1f5c8a362
Found-by: Paul Ch <paulcher@icloud.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
libavformat/rmdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/rmdec.c b/libavformat/rmdec.c
index ac61723c66a..0216003e88e 100644
--- a/libavformat/rmdec.c
+++ b/libavformat/rmdec.c
@@ -522,7 +522,7 @@ static int rm_read_multi(AVFormatContext *s, AVIOContext *pb,
size2 = avio_rb32(pb);
ret = ff_rm_read_mdpr_codecdata(s, s->pb, st2, st2->priv_data,
- size2, mime);
+ size2, NULL);
if (ret < 0)
return ret;
}