libde265: patch CVE-2025-61147

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-61147 Backport the patch referenced by the NVD advisory. Note that this is a partial backport - only the parts that are used by the application, and without pulling in c++17 headers. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
2026-04-02 02:49:12 +00:00 · 2026-03-21 13:00:56 +01:00 · 2026-03-21 13:00:56 +01:00 · 144725f1e3
commit 144725f1e3
parent a9b824a500
2 changed files with 85 additions and 0 deletions
--- a/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2025-61147.patch
+++ b/meta-multimedia/recipes-multimedia/libde265/libde265/CVE-2025-61147.patch
@ -0,0 +1,84 @@
+From 3ca0ece7aac301be40e34c004d7182b9d701d6ae Mon Sep 17 00:00:00 2001
+From: Dirk Farin <dirk.farin@gmail.com>
+Date: Tue, 9 Sep 2025 15:14:05 +0200
+Subject: [PATCH] check for valid integer command line parameters (#484)
+
+OE comment:
+This is a partial backport of the below mentioned patch, without raising
+the required c++ standard.
+
+CVE: CVE-2025-61147
+Upstream-Status: Backport [https://github.com/strukturag/libde265/commit/8b17e0930f77db07f55e0b89399a8f054ddbecf7]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ dec265/dec265.cc | 35 ++++++++++++++++++++++++++++++++---
+ 1 file changed, 32 insertions(+), 3 deletions(-)
+
+diff --git a/dec265/dec265.cc b/dec265/dec265.cc
+index 9309465..dcd0183 100644
+--- a/dec265/dec265.cc
+++ b/dec265/dec265.cc
+@@ -27,6 +27,9 @@
+ #define DO_MEMORY_LOGGING 0
+ 
+ #include "de265.h"
+#include <stdexcept>
+#include <iostream>
+
+ #ifdef HAVE_CONFIG_H
+ #include "config.h"
+ #endif
+@@ -557,6 +560,32 @@ void (*volatile __malloc_initialize_hook)(void) = init_my_hooks;
+ #endif
+ #endif
+ 
+int parse_param(const char* arg, int lower_bound, const char* arg_name){
+  int value;
+
+  try {
+    size_t len;
+    value = std::stoi(optarg, &len);
+    if (arg[len] != 0) {
+      std::cerr << "invalid argument to " << arg_name << "\n";
+      exit(5);
+    }
+  } catch (std::invalid_argument const& ex) {
+    std::cerr << "invalid argument to " << arg_name << "\n";
+    exit(5);
+  }
+  catch (std::out_of_range const& ex) {
+    std::cerr << "argument to -T is out of range\n";
+    exit(5);
+  }
+
+  if (value < lower_bound) {
+    std::cerr << "argument to " << arg_name << " may not be smaller than " << lower_bound << "\n";
+    exit(5);
+  }
+
+  return value;
+}
+ 
+ int main(int argc, char** argv)
+ {
+@@ -573,9 +602,9 @@ int main(int argc, char** argv)
+ 
+     switch (c) {
+     case 'q': quiet++; break;
+-    case 't': nThreads=atoi(optarg); break;
+    case 't': nThreads=parse_param(optarg, 0, "-t"); break;
+     case 'c': check_hash=true; break;
+-    case 'f': max_frames=atoi(optarg); break;
+    case 'f': max_frames=parse_param(optarg, 1, "-f"); break;
+     case 'o': write_yuv=true; output_filename=optarg; break;
+     case 'h': show_help=true; break;
+     case 'd': dump_headers=true; break;
+@@ -587,7 +616,7 @@ int main(int argc, char** argv)
+     case 'm': measure_quality=true; reference_filename=optarg; break;
+     case 's': show_ssim_map=true; break;
+     case 'e': show_psnr_map=true; break;
+-    case 'T': highestTID=atoi(optarg); break;
+    case 'T': highestTID = parse_param(optarg, 0, "-T"); break;
+     case 'v': verbosity++; break;
+     }
+   }
--- a/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.5.bb
+++ b/meta-multimedia/recipes-multimedia/libde265/libde265_1.0.5.bb
@ -10,6 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=695b556799abb2435c97a113cdca512f"

 SRC_URI = "https://github.com/strukturag/libde265/releases/download/v${PV}/${BPN}-${PV}.tar.gz \
           file://CVE-2022-1253.patch \
+           file://CVE-2025-61147.patch \
           "
 SRC_URI[sha256sum] = "e3f277d8903408615a5cc34718b391b83c97c646faea4f41da93bac5ee08a87f"