From 25b686b63df047899ba1381f2a33817ea4954baf Mon Sep 17 00:00:00 2001
From: happyworker <208suo@208suo.com>
Date: Tue, 27 Aug 2024 10:20:52 +0800
Subject: [PATCH] fix CVE-2024-7055

---
 CVE-2024-7055.patch | 25 +++++++++++++++++++++++++
 ffmpeg.spec         |  6 +++++-
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2024-7055.patch

diff --git a/CVE-2024-7055.patch b/CVE-2024-7055.patch
new file mode 100644
index 0000000..84dda14
--- /dev/null
+++ b/CVE-2024-7055.patch
@@ -0,0 +1,25 @@
+From d911cb96e55228619a29704dda26d2fddd6779f6 Mon Sep 17 00:00:00 2001
+From: Michael Niedermayer <michael@niedermayer.cc>
+Date: Tue, 27 Aug 2024 10:14:04 +0800
+Subject: [PATCH] avcodec/pnmdec: Use 64bit for input size check
+
+---
+ libavcodec/pnmdec.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libavcodec/pnmdec.c b/libavcodec/pnmdec.c
+index acd77ea..40cc2ae 100644
+--- a/libavcodec/pnmdec.c
++++ b/libavcodec/pnmdec.c
+@@ -264,7 +264,7 @@ static int pnm_decode_frame(AVCodecContext *avctx, AVFrame *p,
+         break;
+     case AV_PIX_FMT_GBRPF32:
+         if (!s->half) {
+-            if (avctx->width * avctx->height * 12 > s->bytestream_end - s->bytestream)
++            if (avctx->width * avctx->height * 12LL > s->bytestream_end - s->bytestream)
+                 return AVERROR_INVALIDDATA;
+             scale = 1.f / s->scale;
+             if (s->endian) {
+-- 
+2.27.0
+
diff --git a/ffmpeg.spec b/ffmpeg.spec
index bf53394..c801f6a 100644
--- a/ffmpeg.spec
+++ b/ffmpeg.spec
@@ -58,7 +58,7 @@
 Summary:        Digital VCR and streaming server
 Name:           ffmpeg%{?flavor}
 Version:        6.1.1
-Release:        11
+Release:        12
 License:        GPL-3.0-or-later
 URL:            http://ffmpeg.org/
 Source0:        http://ffmpeg.org/releases/ffmpeg-%{version}.tar.xz
@@ -72,6 +72,7 @@ Patch5:         fix_libsvgdec_compile_error.patch
 Patch6:         CVE-2023-49528.patch
 Patch7:         fix-CVE-2023-49502.patch
 Patch8:         fix-CVE-2024-32230.patch
+Patch9:         CVE-2024-7055.patch
 
 Requires:       %{name}-libs%{?_isa} = %{version}-%{release}
 %{?_with_cuda:BuildRequires: cuda-minimal-build-%{_cuda_version_rpm} cuda-drivers-devel}
@@ -400,6 +401,9 @@ install -pm755 tools/qt-faststart %{buildroot}%{_bindir}
 
 
 %changelog
+* Tue Aug 27 2024 happyworker <208suo@208suo.com> - 6.1.1-12
+- CVE-2024-7055.patch
+
 * Fri Jul  5 2024 happyworker <208suo@208suo.com> - 6.1.1-11
 - remove fix-CVE-2024-32228.patch
 
-- 
Gitee