Skip to content

[3.x] libwebm: Fix double free in mkvparser ContentEncoding #107781

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 22, 2025
Merged

[3.x] libwebm: Fix double free in mkvparser ContentEncoding #107781

merged 1 commit into from
Jun 22, 2025

Conversation

john-breton
Copy link

Origin: webmproject/libvpx@6a7c84a
Author: James Zern [email protected]

This is a security fix for CVE-2019-2126. Godot currently contains a vulnerable version of libwebm in its 3.6 branch that is susceptible to a double free due to a missing reset of a freed pointer. This commit corrects that issue.

@john-breton john-breton requested a review from a team as a code owner June 20, 2025 19:49
@AThousandShips AThousandShips changed the title Fix double free in mkvparser.cc [3.6] Fix double free in mkvparser.cc Jun 21, 2025
@AThousandShips
Copy link
Member

Any reason this targets 3.6 and not 3.x? Is it not relevant to 3.x (future 3.7)?

@akien-mga
Copy link
Member

Indeed this should be fixed in the 3.x branch, and then we'd cherrypick the fix to the 3.6 and 3.5 branches (older ones are EOL).

@akien-mga akien-mga changed the title [3.6] Fix double free in mkvparser.cc [3.6] libwebm: Fix double free in mkvparser.cc Jun 21, 2025
@akien-mga akien-mga changed the title [3.6] libwebm: Fix double free in mkvparser.cc [3.6] libwebm: Fix double free in mkvparser ContentEncoding Jun 21, 2025
@akien-mga akien-mga changed the base branch from 3.6 to 3.x June 21, 2025 09:29
@akien-mga akien-mga requested review from a team as code owners June 21, 2025 09:29
@akien-mga akien-mga changed the title [3.6] libwebm: Fix double free in mkvparser ContentEncoding [3.x] libwebm: Fix double free in mkvparser ContentEncoding Jun 21, 2025
@AThousandShips AThousandShips removed request for a team June 21, 2025 09:30
@AThousandShips AThousandShips removed request for a team June 21, 2025 09:30
@akien-mga akien-mga added bug topic:thirdparty cherrypick:3.5 Considered for cherry-picking into a future 3.5.x release cherrypick:3.6 Considered for cherry-picking into a future 3.6.x release labels Jun 21, 2025
@akien-mga akien-mga added this to the 3.7 milestone Jun 21, 2025
@john-breton @akien-mga
libwebm: Fix double free in mkvparser ContentEncoding
53d8b95 
Origin: webmproject/libvpx@6a7c84a
Author: James Zern <[email protected]>

-----
This is a security fix for CVE-2019-2126. Godot currently contains a vulnerable
version of libwebm in its 3.x branch that is susceptible to a double free due
to a missing reset of a freed pointer. This commit corrects that issue.
@akien-mga
Copy link
Member

I changed the base branch to 3.x and amended the PR branch to be based on 3.x, as well as include a .patch version of the changes to properly document what was modified in thirdparty code.

@akien-mga akien-mga merged commit 9e76b16 into godotengine:3.x Jun 22, 2025
14 checks passed
@akien-mga
Copy link
Member

Thanks! And congrats for your first merged Godot contribution 🎉

@akien-mga
Copy link
Member

Cherry-picked for 3.6.1.

@akien-mga akien-mga removed the cherrypick:3.6 Considered for cherry-picking into a future 3.6.x release label Jun 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akien-mga akien-mga akien-mga approved these changes

Assignees
No one assigned
Labels
bug cherrypick:3.5 Considered for cherry-picking into a future 3.5.x release topic:thirdparty
Projects
None yet
Milestone
3.7
Development

Successfully merging this pull request may close these issues.
3 participants
@john-breton @AThousandShips @akien-mga