diff options
author | PA4WDH | 2021-07-13 19:47:04 +0200 |
---|---|---|
committer | PA4WDH | 2021-07-13 19:47:04 +0200 |
commit | 5884c94b1f92c00406d137c9f308c098e5268a59 (patch) | |
tree | 8483f1da04bf5cbed41220bafcffa502cae95eaa /media-video/mplayer/files/mplayer-1.3-CVE-2016-4352.patch | |
download | unmatched-patchwork-5884c94b1f92c00406d137c9f308c098e5268a59.tar.gz unmatched-patchwork-5884c94b1f92c00406d137c9f308c098e5268a59.tar.bz2 unmatched-patchwork-5884c94b1f92c00406d137c9f308c098e5268a59.zip |
Initial commit
Diffstat (limited to 'media-video/mplayer/files/mplayer-1.3-CVE-2016-4352.patch')
-rw-r--r-- | media-video/mplayer/files/mplayer-1.3-CVE-2016-4352.patch | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/media-video/mplayer/files/mplayer-1.3-CVE-2016-4352.patch b/media-video/mplayer/files/mplayer-1.3-CVE-2016-4352.patch new file mode 100644 index 0000000..4eabf8b --- /dev/null +++ b/media-video/mplayer/files/mplayer-1.3-CVE-2016-4352.patch @@ -0,0 +1,24 @@ +https://trac.mplayerhq.hu/ticket/2295 + +r37857 + +--- old/libmpdemux/demux_gif.c ++++ new/libmpdemux/demux_gif.c +@@ -304,6 +304,17 @@ + return NULL; + } + ++ // Validate image size, most code in this demuxer assumes w*h <= INT_MAX ++ if ((int64_t)gif->SWidth * gif->SHeight > INT_MAX) { ++ mp_msg(MSGT_DEMUX, MSGL_ERR, ++ "[demux_gif] Unsupported picture size %dx%d.\n", gif->SWidth, ++ gif->SHeight); ++ if (DGifCloseFile(gif) == GIF_ERROR) ++ print_gif_error(NULL); ++ free(priv); ++ return NULL; ++ } ++ + // create a new video stream header + sh_video = new_sh_video(demuxer, 0); + |