From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ffmpeg-devel-bounces@ffmpeg.org>
Received: from ffbox0-bg.ffmpeg.org (ffbox0-bg.ffmpeg.org [79.124.17.100])
	by master.gitmailbox.com (Postfix) with ESMTPS id 3505D4DA81
	for <ffmpegdev@gitmailbox.com>; Tue, 23 Dec 2025 09:12:09 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ffmpeg.org;
 i=@ffmpeg.org; q=dns/txt; s=mail; t=1766481117; h=date : to :
 message-id : references : mime-version : in-reply-to : reply-to :
 subject : list-id : list-archive : list-archive : list-help :
 list-owner : list-post : list-subscribe : list-unsubscribe : from : cc
 : content-type : content-transfer-encoding : from;
 bh=4pGxF8QiTnLOoEP5UGCWYUhRpGq5spU9snOeXhOWTlE=;
 b=Ac1reXApvE7ZtdR3vWUYkKUXACF7ebRqvYxy98IHf5eFTIkAiOjWndIJwQSSlHPhaSzSG
 1UckoHhH9RP3tHVW0HPKTVy1B+/Vi751hZuMbZnZ27rtPse5hiOuYxvAHLTCFM6821g7YVx
 GG/KvsuWCtogL7sFjRJv+L7ivjnTJsV4MJoHw7wmFG1ttN3RpxdzfgJ14ut+Lg7xg30HO6k
 52+dA8+y0Kos11oZZ8I7v5WpYNA1eBam7NisfD8bU3596ULT1O9mJkAX3q0hfSYYj6P5khI
 xBwjQuhgy62bpLiD6cnLHU3BIcmMK4sX6eafkmsNoTACcdhSQYREB9lOzfpQ==
Received: from [172.20.0.2] (unknown [172.19.0.4])
	by ffbox0-bg.ffmpeg.org (Postfix) with ESMTP id 122FD690B16;
	Tue, 23 Dec 2025 11:11:57 +0200 (EET)
ARC-Seal: i=1; cv=none; a=rsa-sha256; d=ffmpeg.org; s=arc; t=1766481109;
 b=myiw1DnPJ9p648q/YtK9k2CYVJdZ2UvnW+GIhz32tzlF09N6uQKZhvjzOMPwK0oyT2kTL
 Fy15lEcFocalIDKDLA1//qHlyIeiWc3HAVlP2eq/HTqaKzYCE8x0hnwycDLJkb2jLchFVzM
 fh6zUJy6lX5b+cAP/Hb3sYv6sFr/H1rmBNeoOmLy3w7AxDGVSXYuzcCL45Z3Xx+Fvqt27xj
 chkxmvtIVDh3grLzGbccVP1S9BdD/NZTHHO4wb+LT1IROC0iy6L3BkLM+8CBVUxlyDj5nLq
 +I4BOmuuF4uZV/wtUprtbyUvelWyHRT2QIyQvzGqqyKjRK2p4BUHKh3U/1PQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=ffmpeg.org; s=arc; t=1766481109; h=from : sender : reply-to :
 subject : date : message-id : to : cc : mime-version : content-type :
 content-transfer-encoding : content-id : content-description :
 resent-date : resent-from : resent-sender : resent-to : resent-cc :
 resent-message-id : in-reply-to : references : list-id : list-help :
 list-unsubscribe : list-subscribe : list-post : list-owner :
 list-archive; bh=L1DFzHnGroR4GcGhxdu0nflJiTC0rOSn/gIVr1BCn9U=;
 b=EktcyOZbemJaoGMlWLFV90AYUA7HiXpl7ccmRJHvk2cugVNZXhMG3ILAmv6M7BZrLCGT4
 j2Xb8E3k5j8wF5oqkP2W9lmFWoUKVjE3L5WHt0V6KoR2N4viVPyo0kkaHdRU0f21KrJF27w
 oV2AikaJKPZWw7mpb8yO3S+GU6cPIUh+KznDaInAw8kf+Zbv3Hws6imbSHyibF/zUfv0TXA
 A/dstSto63BLKomVTzr4t3pgPPr5r9vN+2kpdxn1hbm5zdhL+/AM696wZnnV4r6zuAUqRUF
 zydQ+bLbdFIxDHPLcm4siAkqEuJrintCT3reP2HH23uc3nw/L9gnZUbFlbHQ==
ARC-Authentication-Results: i=1; ffmpeg.org;
 dkim=fail;
 arc=none;
 dmarc=none
Authentication-Results: ffmpeg.org; dkim=fail;
 arc=none (Message is not ARC signed); dmarc=none
Received: from nef.ens.fr (nef2.ens.fr [129.199.96.40])
	by ffbox0-bg.ffmpeg.org (Postfix) with ESMTPS id 5135C690A02;
	Tue, 23 Dec 2025 11:11:29 +0200 (EET)
X-ENS-nef-client: 129.199.129.80 ( name = phare.normalesup.org )
Received: from phare.normalesup.org (phare.normalesup.org [129.199.129.80])
          by nef.ens.fr (8.14.4/1.01.28121999) with ESMTP id 5BN9BSFr002337
          ; Tue, 23 Dec 2025 10:11:28 +0100
Received: by phare.normalesup.org (Postfix, from userid 1001)
	id 036A82EFDA; Tue, 23 Dec 2025 10:11:27 +0100 (CET)
Date: Tue, 23 Dec 2025 10:11:27 +0100
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Message-ID: <aUpcv2_QjqNi1ZEI@phare.normalesup.org>
References: <176645765089.60.2047066680547127790@2cb04c0e5124>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <176645765089.60.2047066680547127790@2cb04c0e5124>
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.4.3 (nef.ens.fr [129.199.96.32]);
 Tue, 23 Dec 2025 10:11:28 +0100 (CET)
Message-ID-Hash: NFQH4UYF7D5LHUJDTAH7T6GV4PHN4IVH
X-Message-ID-Hash: NFQH4UYF7D5LHUJDTAH7T6GV4PHN4IVH
X-MailFrom: SRS0=3i1U=65=phare.normalesup.org=george@ffmpeg.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; header-match-ffmpeg-devel.ffmpeg.org-0;
 header-match-ffmpeg-devel.ffmpeg.org-1;
 header-match-ffmpeg-devel.ffmpeg.org-2;
 header-match-ffmpeg-devel.ffmpeg.org-3; emergency; member-moderation;
 nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size;
 news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.10
Precedence: list
Reply-To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: [FFmpeg-devel] Re: [PATCH] Fix some CVEs in 4.3 release (PR #21275)
List-Id: FFmpeg development discussions and patches <ffmpeg-devel.ffmpeg.org>
Archived-At: 
 <https://lists.ffmpeg.org/archives/list/ffmpeg-devel@ffmpeg.org/message/NFQH4UYF7D5LHUJDTAH7T6GV4PHN4IVH/>
Archived-At: 
 <https://lists.ffmpeg.org/lore/ffmpeg-devel/aUpcv2_QjqNi1ZEI@phare.normalesup.org/>
List-Archive: 
 <https://lists.ffmpeg.org/archives/list/ffmpeg-devel@ffmpeg.org/>
List-Archive: <https://lists.ffmpeg.org/lore/ffmpeg-devel/>
List-Help: <mailto:ffmpeg-devel-request@ffmpeg.org?subject=help>
List-Owner: <mailto:ffmpeg-devel-owner@ffmpeg.org>
List-Post: <mailto:ffmpeg-devel@ffmpeg.org>
List-Subscribe: <mailto:ffmpeg-devel-join@ffmpeg.org>
List-Unsubscribe: <mailto:ffmpeg-devel-leave@ffmpeg.org>
From: Nicolas George via ffmpeg-devel <ffmpeg-devel@ffmpeg.org>
Cc: charles <code@ffmpeg.org>, Nicolas George <george@nsup.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Archived-At: <https://master.gitmailbox.com/ffmpegdev/aUpcv2_QjqNi1ZEI@phare.normalesup.org/>
List-Archive: <https://master.gitmailbox.com/ffmpegdev/>
List-Post: <mailto:ffmpegdev@gitmailbox.com>

charles via ffmpeg-devel (HE12025-12-23):
> >From 48205aaee52aa6f34d45829a93a14b5c63141b59 Mon Sep 17 00:00:00 2001
> From: Jiasheng Jiang <jiashengjiangcool@gmail.com>
> Date: Wed, 6 Aug 2025 16:39:47 +0000
> Subject: [PATCH 9/9] libavfilter/af_firequalizer: Add check for
>  av_malloc_array()
> 
> Add check for the return value of av_malloc_array() to avoid potential NULL pointer dereference.
> 
> Fixes: CVE-2025-10256
> 
> Fixes: d3be186ed1 ("avfilter/firequalizer: add dumpfile and dumpscale option")
> Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com>
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> (cherry picked from commit a25462482c02c004d685a8fcf2fa63955aaa0931)
> Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
> (cherry picked from commit 00b5af29a4203a31574c11b3df892d78d5d862ec)
> Signed-off-by: Carlos Henrique Lima Melara <charlesmelara@riseup.net>
> ---
>  libavfilter/af_firequalizer.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/libavfilter/af_firequalizer.c b/libavfilter/af_firequalizer.c
> index f4513a1c46..748172945a 100644
> --- a/libavfilter/af_firequalizer.c
> +++ b/libavfilter/af_firequalizer.c
> @@ -822,6 +822,8 @@ static int config_input(AVFilterLink *inlink)
>      if (s->dumpfile) {
>          s->analysis_rdft = av_rdft_init(rdft_bits, DFT_R2C);
>          s->dump_buf = av_malloc_array(s->analysis_rdft_len, sizeof(*s->dump_buf));
> +        if (!s->dump_buf)
> +            return AVERROR(ENOMEM);
>      }
>  
>      s->analysis_buf = av_malloc_array(s->analysis_rdft_len, sizeof(*s->analysis_buf));

This patch seems based on a very outdated version of the code. This
issue was fixed months ago.

Regards,

-- 
  Nicolas George
_______________________________________________
ffmpeg-devel mailing list -- ffmpeg-devel@ffmpeg.org
To unsubscribe send an email to ffmpeg-devel-leave@ffmpeg.org