Opened 2 years ago

Closed 2 years ago

#9495 closed defect (invalid)

Does commit 4a71da0f3a need to be reapplied?

Reported by: msbit Owned by:
Priority: normal Component: avcodec
Version: git-master Keywords:
Cc: Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

I was looking over the repository as part of answering:

https://stackoverflow.com/questions/69839445/seemingly-missing-changes-in-a-git-commit/69840265#69840265

and it does appear that part of the contents of:

https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/4a71da0f3a

were not applied, namely the following diff:

diff --git a/libavcodec/ac3enc_combined.c b/libavcodec/ac3enc_combined.c
index a3f1d27bc5..db832f1f03 100644
--- a/libavcodec/ac3enc_combined.c
+++ b/libavcodec/ac3enc_combined.c
@@ -19,24 +19,6 @@ typedef struct CombineContext{
 #define AC3ENC_TYPE_EAC3        2
 
 #define AC3ENC_TYPE 12354
-
-/* common option values */
-#define AC3ENC_OPT_NONE            -1
-#define AC3ENC_OPT_AUTO            -1
-#define AC3ENC_OPT_OFF              0
-#define AC3ENC_OPT_ON               1
-#define AC3ENC_OPT_NOT_INDICATED    0
-#define AC3ENC_OPT_MODE_ON          1
-#define AC3ENC_OPT_MODE_OFF         2
-
-/* specific option values */
-#define AC3ENC_OPT_LARGE_ROOM       1
-#define AC3ENC_OPT_SMALL_ROOM       2
-#define AC3ENC_OPT_DOWNMIX_LTRT     1
-#define AC3ENC_OPT_DOWNMIX_LORO     2
-#define AC3ENC_OPT_ADCONV_STANDARD  0
-#define AC3ENC_OPT_ADCONV_HDCD      1
-
 #include "ac3enc_opts_template.c"
 
 static AVClass ac3enc_class = { "AC-3 Encoder", av_default_item_name,
diff --git a/libavcodec/cavsdec.c b/libavcodec/cavsdec.c
index fedee8bf72..1b8fedf2b1 100644
--- a/libavcodec/cavsdec.c
+++ b/libavcodec/cavsdec.c
@@ -133,12 +133,14 @@ static int decode_residual_block(AVSContext *h, GetBitContext *gb,
                 r++;
             mask = -(level_code & 1);
             level = (level^mask) - mask;
-        } else {
+        } else if (level_code >= 0) {
             level = r->rltab[level_code][0];
             if(!level) //end of block signal
                 break;
             run   = r->rltab[level_code][1];
             r += r->rltab[level_code][2];
+        } else {
+            break;
         }
         level_buf[i] = level;
         run_buf[i] = run;

prepared by running:

git checkout d912e449b6^1
git merge --no-edit --no-ff d912e449b6^2
git diff d912e449b6 HEAD > 4a71da0f3a.patch

This doesn't apply cleaning onto master, due to libavcodec/ac3enc_combined.c being removed as part of:

https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/9f4d37f450

but the #defines are present in libavcodec/ac3enc.h.

Attachments (1)

4a71da0f3a.patch (1.6 KB ) - added by msbit 2 years ago.
Associated patch, as shown in body

Download all attachments as: .zip

Change History (4)

by msbit, 2 years ago

Attachment: 4a71da0f3a.patch added

Associated patch, as shown in body

comment:1 by halarious, 2 years ago

This relates to CVE-2011-3973 and CVE-2011-3974, which the full commit addresses.

comment:2 by halarious, 2 years ago

Component: undeterminedavcodec
Type: enhancementdefect

comment:3 by Elon Musk, 2 years ago

Resolution: invalid
Status: newclosed
Note: See TracTickets for help on using tickets.