From befa801151fc23183d420f8d3bd6be0c942270b2 Mon Sep 17 00:00:00 2001
From: Dominik Mierzejewski <dominik@greysector.net>
Date: Fri, 7 Mar 2025 09:29:24 +0100
Subject: [PATCH] Backport fix for CVE-2024-12361 (resolves rhbz#2331085)

---
 ffmpeg-CVE-2024-12361.patch | 32 ++++++++++++++++++++++++++++++++
 ffmpeg.spec                 |  7 ++++++-
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 ffmpeg-CVE-2024-12361.patch

diff --git a/ffmpeg-CVE-2024-12361.patch b/ffmpeg-CVE-2024-12361.patch
new file mode 100644
index 0000000..697558e
--- /dev/null
+++ b/ffmpeg-CVE-2024-12361.patch
@@ -0,0 +1,32 @@
+From 4065ff69a2ed49872f8694a03d0642b18c9d977c Mon Sep 17 00:00:00 2001
+From: Jiasheng Jiang <jiashengjiangcool@outlook.com>
+Date: Mon, 10 Jun 2024 14:18:11 +0000
+Subject: [PATCH] avcodec/mpegvideo_enc: Add check for
+ av_packet_new_side_data()
+
+Add check for av_packet_new_side_data() to avoid null pointer
+dereference if allocation fails.
+
+Fixes: bdc1220eeb ("h263enc: Add an option for outputting info about MBs as side data")
+Signed-off-by: Jiasheng Jiang <jiashengjiangcool@outlook.com>
+Signed-off-by: Anton Khirnov <anton@khirnov.net>
+---
+ libavcodec/mpegvideo_enc.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libavcodec/mpegvideo_enc.c b/libavcodec/mpegvideo_enc.c
+index 620ca08869..d33754d115 100644
+--- a/libavcodec/mpegvideo_enc.c
++++ b/libavcodec/mpegvideo_enc.c
+@@ -1825,6 +1825,8 @@ int ff_mpv_encode_picture(AVCodecContext *avctx, AVPacket *pkt,
+             s->mb_info_ptr = av_packet_new_side_data(pkt,
+                                  AV_PKT_DATA_H263_MB_INFO,
+                                  s->mb_width*s->mb_height*12);
++            if (!s->mb_info_ptr)
++                return AVERROR(ENOMEM);
+             s->prev_mb_info = s->last_mb_info = s->mb_info_size = 0;
+         }
+ 
+-- 
+2.48.1
+
diff --git a/ffmpeg.spec b/ffmpeg.spec
index d4f39d2..dc36d2b 100644
--- a/ffmpeg.spec
+++ b/ffmpeg.spec
@@ -100,7 +100,7 @@ Name:           ffmpeg
 %global pkg_name %{name}%{?pkg_suffix}
 
 Version:        6.1.2
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        A complete solution to record, convert and stream audio and video
 License:        GPL-3.0-or-later
 URL:            https://ffmpeg.org/
@@ -135,6 +135,8 @@ Patch8:         https://git.ffmpeg.org/gitweb/ffmpeg.git/patch/2d9ed64859c9887d0
 # Fixes for Mesa 24.0.6+ / 24.1.4+ VA-API
 Patch9:         0001-lavc-vaapi_decode-Make-it-possible-to-send-multiple-.patch
 Patch10:        0002-lavc-vaapi_av1-Avoid-sending-the-same-slice-buffer-m.patch
+# Backport fix for CVE-2024-12361
+Patch11:        https://git.ffmpeg.org/gitweb/ffmpeg.git/patch/4065ff69a2ed49872f8694a03d0642b18c9d977c#/ffmpeg-CVE-2024-12361.patch
 
 # Set up dlopen for openh264
 Patch1001:      ffmpeg-dlopen-openh264.patch
@@ -881,6 +883,9 @@ rm -rf %{buildroot}%{_datadir}/%{name}/examples
 %{_mandir}/man3/libswscale.3*
 
 %changelog
+* Fri Mar 07 2025 Dominik Mierzejewski <dominik@greysector.net> - 6.1.2-2
+- Backport fix for CVE-2024-12361 (resolves rhbz#2331085)
+
 * Sat Aug 24 2024 Fabio Valentini <decathorpe@gmail.com> - 6.1.2-1
 - Update to 6.1.2