libheif: add patch for CVE-2019-11471 (PR #61919)

This commit is contained in:
Robert Scott 2019-05-23 01:12:23 +01:00 committed by Vladimír Čunát
parent 3a28c99923
commit 9c4d318f06
No known key found for this signature in database
GPG key ID: E747DF1F9575A3AA
2 changed files with 17 additions and 0 deletions

View file

@ -0,0 +1,15 @@
Adapted from upstream commit 995a4283d8ed2d0d2c1ceb1a577b993df2f0e014
--- a/libheif/heif_context.cc
+++ b/libheif/heif_context.cc
@@ -571,6 +571,11 @@
image->set_is_alpha_channel_of(refs[0]);
auto master_iter = m_all_images.find(refs[0]);
+ if (master_iter == m_all_images.end()) {
+ return Error(heif_error_Invalid_input,
+ heif_suberror_Nonexisting_item_referenced,
+ "Non-existing alpha image referenced");
+ }
master_iter->second->set_alpha_channel(image);
}

View file

@ -11,6 +11,8 @@ stdenv.mkDerivation rec {
sha256 = "0vbjknkb2ccmw3xh2j8ljz5sj9i8wv92iw7zghcc5wn64sk1xkk2";
};
patches = [ ./1.4.0-CVE-2019-11471.patch ];
nativeBuildInputs = [ autoreconfHook pkgconfig ];
buildInputs = [ libde265 x265 libpng libjpeg ];