From: Markus Koschany <apo@debian.org>
Date: Sun, 30 Dec 2018 15:57:18 +0000 (+0100)
Subject: CVE-2017-9993
X-Git-Tag: archive/raspbian/6%11.12-1_deb8u5+rpi1^2~16
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=245a1415b30ee74b33e3e88491828fed98c7b471;p=libav.git

CVE-2017-9993

Origin: https://github.com/FFmpeg/FFmpeg/commit/a5d849b149ca67ced2d271dc84db0bc95a548abb

Gbp-Pq: Name CVE-2017-9993.patch
---

diff --git a/libavformat/avidec.c b/libavformat/avidec.c
index 928bbaa..713f822 100644
--- a/libavformat/avidec.c
+++ b/libavformat/avidec.c
@@ -870,6 +870,9 @@ static int read_gab2_sub(AVStream *st, AVPacket *pkt)
         if (!(sub_demuxer = av_probe_input_format2(&pd, 1, &score)))
             goto error;
 
+        if (strcmp(sub_demuxer->name, "srt") && strcmp(sub_demuxer->name, "ass"))
+            goto error;
+
         if (!(ast->sub_ctx = avformat_alloc_context()))
             goto error;