File ffmpeg-4-CVE-2025-59728.patch of Package ffmpeg-4

Index: ffmpeg-4.4.6/libavformat/dashdec.c
===================================================================
--- ffmpeg-4.4.6.orig/libavformat/dashdec.c
+++ ffmpeg-4.4.6/libavformat/dashdec.c
@@ -730,7 +730,7 @@ static int resolve_content_path(AVFormat
     }
 
     tmp_max_url_size = aligned(tmp_max_url_size);
-    text = av_mallocz(tmp_max_url_size);
+    text = av_mallocz(tmp_max_url_size + 1);
     if (!text) {
         updated = AVERROR(ENOMEM);
         goto end;
@@ -742,7 +742,7 @@ static int resolve_content_path(AVFormat
     }
     av_free(text);
 
-    path = av_mallocz(tmp_max_url_size);
+    path = av_mallocz(tmp_max_url_size + 2);
     tmp_str = av_mallocz(tmp_max_url_size);
     if (!tmp_str || !path) {
         updated = AVERROR(ENOMEM);
@@ -764,6 +764,15 @@ static int resolve_content_path(AVFormat
 
     node = baseurl_nodes[rootId];
     baseurl = xmlNodeGetContent(node);
+    if (baseurl) {
+        size_t len = xmlStrlen(baseurl)+2;
+        char *tmp = xmlRealloc(baseurl, len);
+        if (!tmp) {
+            updated = AVERROR(ENOMEM);
+            goto end;
+        }
+        baseurl = tmp;
+    }
     root_url = (av_strcasecmp(baseurl, "")) ? baseurl : path;
     if (node) {
         xmlNodeSetContent(node, root_url);