Merge #32126: ffmpeg-3.4: fix CVE CVE-2017-16840

This commit is contained in:
Vladimír Čunát 2017-11-28 18:59:46 +01:00
commit c917950c05
No known key found for this signature in database
GPG Key ID: E747DF1F9575A3AA
2 changed files with 19 additions and 2 deletions

View File

@ -238,7 +238,15 @@ stdenv.mkDerivation rec {
sha256 = "1vzvpx8ixy8m44f8qwp833hv253hpghybgzbc4n8b3div3j0dvmf"; sha256 = "1vzvpx8ixy8m44f8qwp833hv253hpghybgzbc4n8b3div3j0dvmf";
}; };
patchPhase = ''patchShebangs . patchPhase = let
cve_2017_16840_patch = (fetchurl{
name = "CVE-2017-16840.patch";
url = "http://git.videolan.org/?p=ffmpeg.git;a=patch;h=a94cb36ab2ad99d3a1331c9f91831ef593d94f74";
sha256 = "1rjr9lc71cyy43wsa2zxb9ygya292h9jflvr5wk61nf0vp97gjg3";
});
in
'' patch -p1 < ${cve_2017_16840_patch}
patchShebangs .
'' + stdenv.lib.optionalString stdenv.isDarwin '' '' + stdenv.lib.optionalString stdenv.isDarwin ''
sed -i 's/#ifndef __MAC_10_11/#if 1/' ./libavcodec/audiotoolboxdec.c sed -i 's/#ifndef __MAC_10_11/#if 1/' ./libavcodec/audiotoolboxdec.c
'' + stdenv.lib.optionalString (frei0r != null) '' '' + stdenv.lib.optionalString (frei0r != null) ''

View File

@ -1,4 +1,4 @@
{ stdenv, callPackage { stdenv, callPackage, fetchpatch
# Darwin frameworks # Darwin frameworks
, Cocoa, CoreMedia , Cocoa, CoreMedia
, ... , ...
@ -9,4 +9,13 @@ callPackage ./generic.nix (args // rec {
branch = "3.4"; branch = "3.4";
sha256 = "0pn8g3ab937ahslqd41crk0g4j4fh7kwimsrlfc0rl0pc3z132ax"; sha256 = "0pn8g3ab937ahslqd41crk0g4j4fh7kwimsrlfc0rl0pc3z132ax";
darwinFrameworks = [ Cocoa CoreMedia ]; darwinFrameworks = [ Cocoa CoreMedia ];
patches = [
(fetchpatch{
name = "CVE-2017-16840.patch";
url = "http://git.videolan.org/?p=ffmpeg.git;a=patch;h=a94cb36ab2ad99d3a1331c9f91831ef593d94f74";
sha256 = "1rjr9lc71cyy43wsa2zxb9ygya292h9jflvr5wk61nf0vp97gjg3";
})
];
}) })