automatic import of ffmpegopeneuler24.03_LTS

author: CoprDistGit <infra@openeuler.org> 2025-01-30 16:44:22 +0000
committer: CoprDistGit <infra@openeuler.org> 2025-01-30 16:44:22 +0000
commit: 4232f9996f1d47ba168254e50601b54041899d08 (patch)
tree: d162fd2a6ef318d8927f5065e4a7c2865a713321 /backport-CVE-2025-0518.patch
parent: 651ba008d9e5b2844835552ead82d9734b1e0037 (diff)
1 files changed, 26 insertions, 0 deletions
diff --git a/backport-CVE-2025-0518.patch b/backport-CVE-2025-0518.patch
new file mode 100644
index 0000000..6300c1c
--- /dev/null
+++ b/backport-CVE-2025-0518.patch
@@ -0,0 +1,26 @@
+From b5b6391d64807578ab872dc58fb8aa621dcfc38a Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Mon, 6 Jan 2025 22:01:39 +0100
+Subject: [PATCH] avfilter/af_pan: Fix sscanf() use
+
+Fixes: Memory Data Leak
+
+Found-by: Simcha Kosman <simcha.kosman@cyberark.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavfilter/af_pan.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libavfilter/af_pan.c b/libavfilter/af_pan.c
+index 0d20b0307b3bf..5feb2439c72e2 100644
+--- a/libavfilter/af_pan.c
++++ b/libavfilter/af_pan.c
+@@ -196,7 +196,7 @@ static av_cold int init(AVFilterContext *ctx)
+         sign = 1;
+         while (1) {
+             gain = 1;
+-            if (sscanf(arg, "%lf%n *%n", &gain, &len, &len))
++            if (sscanf(arg, "%lf%n *%n", &gain, &len, &len) >= 1)
+                 arg += len;
+             if (parse_channel_name(&arg, &in_ch_id, &named)){
+                 av_log(ctx, AV_LOG_ERROR,
author	CoprDistGit <infra@openeuler.org>	2025-01-30 16:44:22 +0000
committer	CoprDistGit <infra@openeuler.org>	2025-01-30 16:44:22 +0000
commit	4232f9996f1d47ba168254e50601b54041899d08 (patch)
tree	d162fd2a6ef318d8927f5065e4a7c2865a713321 /backport-CVE-2025-0518.patch
parent	651ba008d9e5b2844835552ead82d9734b1e0037 (diff)