From 20b3c2932bd53b6af9ea01541051b8c69163a292aa699a58bd9abb3ae3c0a1c7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ismail=20D=C3=B6nmez?= <ismail@i10z.com>
Date: Wed, 4 Sep 2019 12:05:54 +0000
Subject: [PATCH 1/3] - Make ffmpeg-4.2-dlopen-fdk_aac.patch less verbose

OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-4?expand=0&rev=89
---
 ffmpeg-4.2-dlopen-fdk_aac.patch | 3 +--
 ffmpeg-4.changes                | 5 +++++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/ffmpeg-4.2-dlopen-fdk_aac.patch b/ffmpeg-4.2-dlopen-fdk_aac.patch
index 26b3675..88a8529 100644
--- a/ffmpeg-4.2-dlopen-fdk_aac.patch
+++ b/ffmpeg-4.2-dlopen-fdk_aac.patch
@@ -30,7 +30,7 @@ Index: ffmpeg-4.2/libavcodec/dlopen.h
 ===================================================================
 --- /dev/null
 +++ ffmpeg-4.2/libavcodec/dlopen.h
-@@ -0,0 +1,13 @@
+@@ -0,0 +1,12 @@
 +#ifndef LOCALINC_DLOPEN_H
 +#define LOCALINC_DLOPEN_H
 +#include <dlfcn.h>
@@ -38,7 +38,6 @@ Index: ffmpeg-4.2/libavcodec/dlopen.h
 +#define str(x) #x
 +
 +#define dl_sym(func, args, lib) \
-+	fprintf(stderr, "dlsym " #func "\n"); \
 +	dl_##func = args dlsym(lib, #func); \
 +	if ((err = dlerror())) \
 +		goto error;
diff --git a/ffmpeg-4.changes b/ffmpeg-4.changes
index 2fc9e62..dd6f15d 100644
--- a/ffmpeg-4.changes
+++ b/ffmpeg-4.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Wed Sep  4 12:05:35 UTC 2019 - Ismail Dönmez <idonmez@suse.com>
+
+- Make ffmpeg-4.2-dlopen-fdk_aac.patch less verbose 
+
 -------------------------------------------------------------------
 Thu Aug 22 08:45:17 UTC 2019 - Ismail Dönmez <idonmez@suse.com>
 

From 8a0eb853b5e1a46e7c39a6b61b158f13829da7f72d772e3df2d70a9b2cf4fbe2 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Tue, 10 Sep 2019 08:34:40 +0000
Subject: [PATCH 2/3] - Add
 0001-avcodec-h2645_parse-zero-initialize-the-rbsp-buffer.patch  
 [boo#1149839, CVE-2019-15942]

OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-4?expand=0&rev=90
---
 ...arse-zero-initialize-the-rbsp-buffer.patch | 49 +++++++++++++++++++
 ffmpeg-4.changes                              | 14 ++++--
 2 files changed, 59 insertions(+), 4 deletions(-)
 create mode 100644 0001-avcodec-h2645_parse-zero-initialize-the-rbsp-buffer.patch

diff --git a/0001-avcodec-h2645_parse-zero-initialize-the-rbsp-buffer.patch b/0001-avcodec-h2645_parse-zero-initialize-the-rbsp-buffer.patch
new file mode 100644
index 0000000..adb763b
--- /dev/null
+++ b/0001-avcodec-h2645_parse-zero-initialize-the-rbsp-buffer.patch
@@ -0,0 +1,49 @@
+From af70bfbeadc0c9b9215cf045ff2a6a31e8ac3a71 Mon Sep 17 00:00:00 2001
+From: James Almer <jamrial@gmail.com>
+Date: Mon, 26 Aug 2019 00:54:20 -0300
+Subject: [PATCH] avcodec/h2645_parse: zero initialize the rbsp buffer
+
+Fixes ticket #8093
+
+Reviewed-by: Andreas Rheinhardt <andreas.rheinhardt@gmail.com>
+Signed-off-by: James Almer <jamrial@gmail.com>
+---
+ libavcodec/h2645_parse.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/libavcodec/h2645_parse.c b/libavcodec/h2645_parse.c
+index 24658b3dfa..307e8643e6 100644
+--- a/libavcodec/h2645_parse.c
++++ b/libavcodec/h2645_parse.c
+@@ -345,13 +345,18 @@ static int find_next_start_code(const uint8_t *buf, const uint8_t *next_avc)
+ 
+ static void alloc_rbsp_buffer(H2645RBSP *rbsp, unsigned int size, int use_ref)
+ {
++    int min_size = size;
++
+     if (size > INT_MAX - AV_INPUT_BUFFER_PADDING_SIZE)
+         goto fail;
+     size += AV_INPUT_BUFFER_PADDING_SIZE;
+ 
+     if (rbsp->rbsp_buffer_alloc_size >= size &&
+-        (!rbsp->rbsp_buffer_ref || av_buffer_is_writable(rbsp->rbsp_buffer_ref)))
++        (!rbsp->rbsp_buffer_ref || av_buffer_is_writable(rbsp->rbsp_buffer_ref))) {
++        av_assert0(rbsp->rbsp_buffer);
++        memset(rbsp->rbsp_buffer + min_size, 0, AV_INPUT_BUFFER_PADDING_SIZE);
+         return;
++    }
+ 
+     size = FFMIN(size + size / 16 + 32, INT_MAX);
+ 
+@@ -360,7 +365,7 @@ static void alloc_rbsp_buffer(H2645RBSP *rbsp, unsigned int size, int use_ref)
+     else
+         av_free(rbsp->rbsp_buffer);
+ 
+-    rbsp->rbsp_buffer = av_malloc(size);
++    rbsp->rbsp_buffer = av_mallocz(size);
+     if (!rbsp->rbsp_buffer)
+         goto fail;
+     rbsp->rbsp_buffer_alloc_size = size;
+-- 
+2.23.0
+
diff --git a/ffmpeg-4.changes b/ffmpeg-4.changes
index dd6f15d..162afea 100644
--- a/ffmpeg-4.changes
+++ b/ffmpeg-4.changes
@@ -1,7 +1,13 @@
+-------------------------------------------------------------------
+Tue Sep 10 08:30:36 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
+
+- Add 0001-avcodec-h2645_parse-zero-initialize-the-rbsp-buffer.patch
+  [boo#1149839, CVE-2019-15942]
+
 -------------------------------------------------------------------
 Wed Sep  4 12:05:35 UTC 2019 - Ismail Dönmez <idonmez@suse.com>
 
-- Make ffmpeg-4.2-dlopen-fdk_aac.patch less verbose 
+- Make ffmpeg-4.2-dlopen-fdk_aac.patch less verbose
 
 -------------------------------------------------------------------
 Thu Aug 22 08:45:17 UTC 2019 - Ismail Dönmez <idonmez@suse.com>
@@ -283,8 +289,8 @@ Tue Nov 06 01:39:11 UTC 2018 - sean@suspend.net
 
 Sat Nov 03 14:48:35 UTC 2018 - sean@suspend.net
 
-- Remove 0001-avformat-fivenc-Check-audio-packet-size.patch (fixed upstream (bsc#8591d16) 
-- Update ffmpeg to 4.0.3 
+- Remove 0001-avformat-fivenc-Check-audio-packet-size.patch (fixed upstream (bsc#8591d16)
+- Update ffmpeg to 4.0.3
   * For complete changelog, see https://git.ffmpeg.org/gitweb/ffmpeg.git/shortlog/n4.0.3
 
 -------------------------------------------------------------------
@@ -1347,7 +1353,7 @@ Mon Dec  7 12:18:36 UTC 2015 - idonmez@suse.com
   * All packman specific changes are protected with BUILD_ORIG
 - Added the following patches
   * ffmpeg-2.4.5-arm6l.patch
-  * ffmpeg-libcdio_cdda-pkgconfig.patch 
+  * ffmpeg-libcdio_cdda-pkgconfig.patch
 
 -------------------------------------------------------------------
 Sun Nov 29 11:24:54 UTC 2015 - jengelh@inai.de

From b3ae02790c912fd07f24250fb31c880330847704c0f084a3779b9ed98a09dd72 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Tue, 10 Sep 2019 09:00:39 +0000
Subject: [PATCH 3/3] OBS-URL:
 https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-4?expand=0&rev=91

---
 ffmpeg-4.spec | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ffmpeg-4.spec b/ffmpeg-4.spec
index bfff9c4..015008a 100644
--- a/ffmpeg-4.spec
+++ b/ffmpeg-4.spec
@@ -122,6 +122,7 @@ Patch6:         ffmpeg-4.2-dlopen-fdk_aac.patch
 # https://trac.ffmpeg.org/ticket/7861
 Patch7:         ffmpeg4_swscale_replace_illegal_vector_keyword.patch
 Patch8:         ffmpeg4_swscale_fix_altivec_vsx_recent_gcc.patch
+Patch9:         0001-avcodec-h2645_parse-zero-initialize-the-rbsp-buffer.patch
 BuildRequires:  ladspa-devel
 BuildRequires:  libgsm-devel
 BuildRequires:  libmp3lame-devel