summaryrefslogtreecommitdiffstats
path: root/meta/recipes-multimedia
diff options
context:
space:
mode:
authorRandy MacLeod <randy.macleod@windriver.com>2021-03-10 13:54:51 -0500
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-03-11 14:00:36 +0000
commit7bf522c752431159855bb69d090bc407bb197266 (patch)
treec239929b04b040ae166f8986de4da39ec0daff8b /meta/recipes-multimedia
parentc6f7c7989be89c8fa1edc036dad053e8e0acf4ad (diff)
downloadpoky-7bf522c752431159855bb69d090bc407bb197266.tar.gz
ffmpeg: upgrade 4.3.1 -> 4.3.2
Remove 2 patches that are included in the n4.3.2 tag. The commits were cherry-picked back to the 4.3 branch so they have different commit ids than in the patches: 6d886b6586 lavf/srt: fix build fail when used the libsrt 1.4.1 a53ffb15d8 avcodec/exr: Check ymin vs. h 4f0bdff292 avformat/vividas: improve extradata packing checks in track_header() (From OE-Core rev: ffdce193f3ab5b8cb16979ee9ae29322b7294c38) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-multimedia')
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch52
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35964.patch75
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35965.patch35
-rw-r--r--meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb (renamed from meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.1.bb)5
4 files changed, 1 insertions, 166 deletions
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch
deleted file mode 100644
index 7635c9196a..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch
+++ /dev/null
@@ -1,52 +0,0 @@
1From aebb72e025cbfbd4a6765354f6f565ad4ac89789 Mon Sep 17 00:00:00 2001
2From: Jun Zhao <barryjzhao@tencent.com>
3Date: Sun, 12 Jul 2020 05:48:48 +0800
4Subject: [PATCH] lavf/srt: fix build fail when used the libsrt 1.4.1
5
6lavf/srt: fix build fail when used the libsrt 1.4.1
7
8libsrt changed the:
9SRTO_SMOOTHER -> SRTO_CONGESTION
10SRTO_STRICTENC -> SRTO_ENFORCEDENCRYPTION
11and removed the front of deprecated options (SRTO_SMOOTHER/SRTO_STRICTENC)
12in the header, it's lead to build fail
13
14fix #8760
15
16Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/7c59e1b0f285cd7c7b35fcd71f49c5fd52cf9315]
17
18Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
19Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
20---
21 libavformat/libsrt.c | 8 ++++++++
22 1 file changed, 8 insertions(+)
23
24diff --git a/libavformat/libsrt.c b/libavformat/libsrt.c
25index 4de575b..4719ce0 100644
26--- a/libavformat/libsrt.c
27+++ b/libavformat/libsrt.c
28@@ -313,8 +313,12 @@ static int libsrt_set_options_pre(URLContext *h, int fd)
29 (s->pbkeylen >= 0 && libsrt_setsockopt(h, fd, SRTO_PBKEYLEN, "SRTO_PBKEYLEN", &s->pbkeylen, sizeof(s->pbkeylen)) < 0) ||
30 (s->passphrase && libsrt_setsockopt(h, fd, SRTO_PASSPHRASE, "SRTO_PASSPHRASE", s->passphrase, strlen(s->passphrase)) < 0) ||
31 #if SRT_VERSION_VALUE >= 0x010302
32+#if SRT_VERSION_VALUE >= 0x010401
33+ (s->enforced_encryption >= 0 && libsrt_setsockopt(h, fd, SRTO_ENFORCEDENCRYPTION, "SRTO_ENFORCEDENCRYPTION", &s->enforced_encryption, sizeof(s->enforced_encryption)) < 0) ||
34+#else
35 /* SRTO_STRICTENC == SRTO_ENFORCEDENCRYPTION (53), but for compatibility, we used SRTO_STRICTENC */
36 (s->enforced_encryption >= 0 && libsrt_setsockopt(h, fd, SRTO_STRICTENC, "SRTO_STRICTENC", &s->enforced_encryption, sizeof(s->enforced_encryption)) < 0) ||
37+#endif
38 (s->kmrefreshrate >= 0 && libsrt_setsockopt(h, fd, SRTO_KMREFRESHRATE, "SRTO_KMREFRESHRATE", &s->kmrefreshrate, sizeof(s->kmrefreshrate)) < 0) ||
39 (s->kmpreannounce >= 0 && libsrt_setsockopt(h, fd, SRTO_KMPREANNOUNCE, "SRTO_KMPREANNOUNCE", &s->kmpreannounce, sizeof(s->kmpreannounce)) < 0) ||
40 #endif
41@@ -333,7 +337,11 @@ static int libsrt_set_options_pre(URLContext *h, int fd)
42 (s->lossmaxttl >= 0 && libsrt_setsockopt(h, fd, SRTO_LOSSMAXTTL, "SRTO_LOSSMAXTTL", &s->lossmaxttl, sizeof(s->lossmaxttl)) < 0) ||
43 (s->minversion >= 0 && libsrt_setsockopt(h, fd, SRTO_MINVERSION, "SRTO_MINVERSION", &s->minversion, sizeof(s->minversion)) < 0) ||
44 (s->streamid && libsrt_setsockopt(h, fd, SRTO_STREAMID, "SRTO_STREAMID", s->streamid, strlen(s->streamid)) < 0) ||
45+#if SRT_VERSION_VALUE >= 0x010401
46+ (s->smoother && libsrt_setsockopt(h, fd, SRTO_CONGESTION, "SRTO_CONGESTION", s->smoother, strlen(s->smoother)) < 0) ||
47+#else
48 (s->smoother && libsrt_setsockopt(h, fd, SRTO_SMOOTHER, "SRTO_SMOOTHER", s->smoother, strlen(s->smoother)) < 0) ||
49+#endif
50 (s->messageapi >= 0 && libsrt_setsockopt(h, fd, SRTO_MESSAGEAPI, "SRTO_MESSAGEAPI", &s->messageapi, sizeof(s->messageapi)) < 0) ||
51 (s->payload_size >= 0 && libsrt_setsockopt(h, fd, SRTO_PAYLOADSIZE, "SRTO_PAYLOADSIZE", &s->payload_size, sizeof(s->payload_size)) < 0) ||
52 ((h->flags & AVIO_FLAG_WRITE) && libsrt_setsockopt(h, fd, SRTO_SENDER, "SRTO_SENDER", &yes, sizeof(yes)) < 0)) {
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35964.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35964.patch
deleted file mode 100644
index 6b96bd674f..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35964.patch
+++ /dev/null
@@ -1,75 +0,0 @@
1From 27a99e2c7d450fef15594671eef4465c8a166bd7 Mon Sep 17 00:00:00 2001
2From: Michael Niedermayer <michael@niedermayer.cc>
3Date: Wed, 28 Oct 2020 20:11:54 +0100
4Subject: [PATCH] avformat/vividas: improve extradata packing checks in
5 track_header()
6
7Fixes: out of array accesses
8Fixes: 26622/clusterfuzz-testcase-minimized-ffmpeg_dem_VIVIDAS_fuzzer-6581200338288640
9
10Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
11Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
12
13Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/27a99e2c7d450fef15594671eef4465c8a166bd7]
14
15CVE: CVE-2020-35964
16
17Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
18Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
19---
20 libavformat/vividas.c | 12 ++++++------
21 1 file changed, 6 insertions(+), 6 deletions(-)
22
23diff --git a/libavformat/vividas.c b/libavformat/vividas.c
24index 83d0ed116787..46c66bf9a0ae 100644
25--- a/libavformat/vividas.c
26+++ b/libavformat/vividas.c
27@@ -28,6 +28,7 @@
28 * @sa http://wiki.multimedia.cx/index.php?title=Vividas_VIV
29 */
30
31+#include "libavutil/avassert.h"
32 #include "libavutil/intreadwrite.h"
33 #include "avio_internal.h"
34 #include "avformat.h"
35@@ -379,7 +380,7 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t *
36
37 if (avio_tell(pb) < off) {
38 int num_data;
39- int xd_size = 0;
40+ int xd_size = 1;
41 int data_len[256];
42 int offset = 1;
43 uint8_t *p;
44@@ -393,10 +394,10 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t *
45 return AVERROR_INVALIDDATA;
46 }
47 data_len[j] = len;
48- xd_size += len;
49+ xd_size += len + 1 + len/255;
50 }
51
52- ret = ff_alloc_extradata(st->codecpar, 64 + xd_size + xd_size / 255);
53+ ret = ff_alloc_extradata(st->codecpar, xd_size);
54 if (ret < 0)
55 return ret;
56
57@@ -405,9 +406,7 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t *
58
59 for (j = 0; j < num_data - 1; j++) {
60 unsigned delta = av_xiphlacing(&p[offset], data_len[j]);
61- if (delta > data_len[j]) {
62- return AVERROR_INVALIDDATA;
63- }
64+ av_assert0(delta <= xd_size - offset);
65 offset += delta;
66 }
67
68@@ -418,6 +417,7 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t *
69 av_freep(&st->codecpar->extradata);
70 break;
71 }
72+ av_assert0(data_len[j] <= xd_size - offset);
73 offset += data_len[j];
74 }
75
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35965.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35965.patch
deleted file mode 100644
index ddab8e9aca..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2020-35965.patch
+++ /dev/null
@@ -1,35 +0,0 @@
1From 3e5959b3457f7f1856d997261e6ac672bba49e8b Mon Sep 17 00:00:00 2001
2From: Michael Niedermayer <michael@niedermayer.cc>
3Date: Sat, 24 Oct 2020 22:21:48 +0200
4Subject: [PATCH] avcodec/exr: Check ymin vs. h
5
6Fixes: out of array access
7Fixes: 26532/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5613925708857344
8Fixes: 27443/clusterfuzz-testcase-minimized-ffmpeg_AV_CODEC_ID_EXR_fuzzer-5631239813595136
9
10Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
11Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
12
13Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/3e5959b3457f7f1856d997261e6ac672bba49e8b]
14
15CVE: CVE-2020-35965
16
17Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
18Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
19---
20 libavcodec/exr.c | 2 +-
21 1 file changed, 1 insertion(+), 1 deletion(-)
22
23diff --git a/libavcodec/exr.c b/libavcodec/exr.c
24index e907c5c46401..8b701d1cd298 100644
25--- a/libavcodec/exr.c
26+++ b/libavcodec/exr.c
27@@ -1830,7 +1830,7 @@ static int decode_frame(AVCodecContext *avctx, void *data,
28 // Zero out the start if ymin is not 0
29 for (i = 0; i < planes; i++) {
30 ptr = picture->data[i];
31- for (y = 0; y < s->ymin; y++) {
32+ for (y = 0; y < FFMIN(s->ymin, s->h); y++) {
33 memset(ptr, 0, out_line_size);
34 ptr += picture->linesize[i];
35 }
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.1.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
index bd21552332..9dd56fbba4 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.1.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.3.2.bb
@@ -25,12 +25,9 @@ LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
25 25
26SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \ 26SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \
27 file://mips64_cpu_detection.patch \ 27 file://mips64_cpu_detection.patch \
28 file://0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch \
29 file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \ 28 file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \
30 file://CVE-2020-35964.patch \
31 file://CVE-2020-35965.patch \
32 " 29 "
33SRC_URI[sha256sum] = "ad009240d46e307b4e03a213a0f49c11b650e445b1f8be0dda2a9212b34d2ffb" 30SRC_URI[sha256sum] = "46e4e64f1dd0233cbc0934b9f1c0da676008cad34725113fb7f802cfa84ccddb"
34 31
35# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717 32# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
36ARM_INSTRUCTION_SET_armv4 = "arm" 33ARM_INSTRUCTION_SET_armv4 = "arm"