From 79fdabe5439ff0bab36120a5789abee7e240d799 Mon Sep 17 00:00:00 2001
From: wangziliang <wangziliang@kylinos.cn>
Date: Thu, 9 Oct 2025 17:02:47 +0800
Subject: [PATCH] fix CVE-2025-10256

---
 backport-CVE-2025-10256.patch | 32 ++++++++++++++++++++++++++++++++
 ffmpeg.spec                   |  6 +++++-
 2 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2025-10256.patch

diff --git a/backport-CVE-2025-10256.patch b/backport-CVE-2025-10256.patch
new file mode 100644
index 0000000..fd8390c
--- /dev/null
+++ b/backport-CVE-2025-10256.patch
@@ -0,0 +1,32 @@
+From 0e8ccde9e5c9daa081eb4c037d83350390c9aa2b Mon Sep 17 00:00:00 2001
+From: Jiasheng Jiang <jiashengjiangcool@gmail.com>
+Date: Wed, 6 Aug 2025 16:39:47 +0000
+Subject: [PATCH] libavfilter/af_firequalizer: Add check for av_malloc_array()
+
+Add check for the return value of av_malloc_array() to avoid potential NULL pointer dereference.
+
+Fixes: d3be186ed1 ("avfilter/firequalizer: add dumpfile and dumpscale option")
+Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com>
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+(cherry picked from commit a25462482c02c004d685a8fcf2fa63955aaa0931)
+Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
+---
+ libavfilter/af_firequalizer.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libavfilter/af_firequalizer.c b/libavfilter/af_firequalizer.c
+index 386d8cd242..1ce8cabbd6 100644
+--- a/libavfilter/af_firequalizer.c
++++ b/libavfilter/af_firequalizer.c
+@@ -808,6 +808,8 @@ static int config_input(AVFilterLink *inlink)
+         if ((ret = av_tx_init(&s->analysis_rdft, &s->analysis_rdft_fn, AV_TX_FLOAT_RDFT, 0, 1 << rdft_bits, &scale, 0)) < 0)
+             return ret;
+         s->dump_buf = av_malloc_array(s->analysis_rdft_len + 2, sizeof(*s->dump_buf));
++        if (!s->dump_buf)
++            return AVERROR(ENOMEM);
+     }
+ 
+     s->analysis_buf = av_malloc_array((s->analysis_rdft_len + 2), sizeof(*s->analysis_buf));
+-- 
+2.25.1
+
diff --git a/ffmpeg.spec b/ffmpeg.spec
index ce0588b..7b14d57 100644
--- a/ffmpeg.spec
+++ b/ffmpeg.spec
@@ -73,7 +73,7 @@
 Summary:        Digital VCR and streaming server
 Name:           ffmpeg%{?flavor}
 Version:        7.1
-Release:        11
+Release:        12
 License:        GPL-3.0-or-later
 URL:            https://ffmpeg.org/
 Source0:        https://ffmpeg.org/releases/ffmpeg-%{version}.tar.xz
@@ -93,6 +93,7 @@ Patch12:        fix-CVE-2025-22919.patch
 Patch13:        backport-fix-h264idct-rvv.patch
 # https://github.com/FFmpeg/FFmpeg/commit/e29432e6bbb6184d3ff2c7d1e070e9424cb25fe6
 Patch14:        backport-riscv-fix-compilation-without-Vector-support.patch
+Patch15:        backport-CVE-2025-10256.patch
 
 Requires:       %{name}-libs%{?_isa} = %{version}-%{release}
 %{?_with_cuda:BuildRequires: cuda-minimal-build-%{_cuda_version_rpm} cuda-drivers-devel}
@@ -416,6 +417,9 @@ install -pm755 tools/qt-faststart %{buildroot}%{_bindir}
 %{_libdir}/lib*.so
 
 %changelog
+* Thu Oct 9 2025 wangziliang <wangziliang@kylinos.cn> - 7.1-12
+- fix-CVE-2025-10256
+
 * Sun Aug 17 2025 yoo <sunyuechi@iscas.ac.cn> - 7.1-11
 - Fix: RISC-V compilation without Vector support
 
-- 
Gitee