diff --git a/0001-avformat-vividas-improve-extradata-packing-checks-in.patch b/0001-avformat-vividas-improve-extradata-packing-checks-in.patch deleted file mode 100644 index b6da2ae..0000000 --- a/0001-avformat-vividas-improve-extradata-packing-checks-in.patch +++ /dev/null @@ -1,71 +0,0 @@ -From 27a99e2c7d450fef15594671eef4465c8a166bd7 Mon Sep 17 00:00:00 2001 -From: Michael Niedermayer -Date: Wed, 28 Oct 2020 20:11:54 +0100 -Subject: [PATCH] avformat/vividas: improve extradata packing checks in - track_header() - -Fixes: out of array accesses -Fixes: 26622/clusterfuzz-testcase-minimized-ffmpeg_dem_VIVIDAS_fuzzer-6581200338288640 - -Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg -Signed-off-by: Michael Niedermayer ---- - libavformat/vividas.c | 12 ++++++------ - 1 file changed, 6 insertions(+), 6 deletions(-) - -diff --git libavformat/vividas.c libavformat/vividas.c -index 83d0ed1167..46c66bf9a0 100644 ---- a/libavformat/vividas.c -+++ a/libavformat/vividas.c -@@ -28,6 +28,7 @@ - * @sa http://wiki.multimedia.cx/index.php?title=Vividas_VIV - */ - -+#include "libavutil/avassert.h" - #include "libavutil/intreadwrite.h" - #include "avio_internal.h" - #include "avformat.h" -@@ -379,7 +380,7 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t * - - if (avio_tell(pb) < off) { - int num_data; -- int xd_size = 0; -+ int xd_size = 1; - int data_len[256]; - int offset = 1; - uint8_t *p; -@@ -393,10 +394,10 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t * - return AVERROR_INVALIDDATA; - } - data_len[j] = len; -- xd_size += len; -+ xd_size += len + 1 + len/255; - } - -- ret = ff_alloc_extradata(st->codecpar, 64 + xd_size + xd_size / 255); -+ ret = ff_alloc_extradata(st->codecpar, xd_size); - if (ret < 0) - return ret; - -@@ -405,9 +406,7 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t * - - for (j = 0; j < num_data - 1; j++) { - unsigned delta = av_xiphlacing(&p[offset], data_len[j]); -- if (delta > data_len[j]) { -- return AVERROR_INVALIDDATA; -- } -+ av_assert0(delta <= xd_size - offset); - offset += delta; - } - -@@ -418,6 +417,7 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t * - av_freep(&st->codecpar->extradata); - break; - } -+ av_assert0(data_len[j] <= xd_size - offset); - offset += data_len[j]; - } - --- -2.30.0 - diff --git a/0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch b/0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch deleted file mode 100644 index bcf1414..0000000 --- a/0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 7c59e1b0f285cd7c7b35fcd71f49c5fd52cf9315 Mon Sep 17 00:00:00 2001 -From: Jun Zhao -Date: Sun, 12 Jul 2020 13:48:48 +0800 -Subject: [PATCH] lavf/srt: fix build fail when used the libsrt 1.4.1 - -libsrt changed the: -SRTO_SMOOTHER -> SRTO_CONGESTION -SRTO_STRICTENC -> SRTO_ENFORCEDENCRYPTION -and removed the front of deprecated options (SRTO_SMOOTHER/SRTO_STRICTENC) -in the header, it's lead to build fail - -fix #8760 - -Signed-off-by: Jun Zhao ---- - libavformat/libsrt.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/libavformat/libsrt.c b/libavformat/libsrt.c -index 4de575b37c..4719ce0d4b 100644 ---- a/libavformat/libsrt.c -+++ b/libavformat/libsrt.c -@@ -313,8 +313,12 @@ static int libsrt_set_options_pre(URLContext *h, int fd) - (s->pbkeylen >= 0 && libsrt_setsockopt(h, fd, SRTO_PBKEYLEN, "SRTO_PBKEYLEN", &s->pbkeylen, sizeof(s->pbkeylen)) < 0) || - (s->passphrase && libsrt_setsockopt(h, fd, SRTO_PASSPHRASE, "SRTO_PASSPHRASE", s->passphrase, strlen(s->passphrase)) < 0) || - #if SRT_VERSION_VALUE >= 0x010302 -+#if SRT_VERSION_VALUE >= 0x010401 -+ (s->enforced_encryption >= 0 && libsrt_setsockopt(h, fd, SRTO_ENFORCEDENCRYPTION, "SRTO_ENFORCEDENCRYPTION", &s->enforced_encryption, sizeof(s->enforced_encryption)) < 0) || -+#else - /* SRTO_STRICTENC == SRTO_ENFORCEDENCRYPTION (53), but for compatibility, we used SRTO_STRICTENC */ - (s->enforced_encryption >= 0 && libsrt_setsockopt(h, fd, SRTO_STRICTENC, "SRTO_STRICTENC", &s->enforced_encryption, sizeof(s->enforced_encryption)) < 0) || -+#endif - (s->kmrefreshrate >= 0 && libsrt_setsockopt(h, fd, SRTO_KMREFRESHRATE, "SRTO_KMREFRESHRATE", &s->kmrefreshrate, sizeof(s->kmrefreshrate)) < 0) || - (s->kmpreannounce >= 0 && libsrt_setsockopt(h, fd, SRTO_KMPREANNOUNCE, "SRTO_KMPREANNOUNCE", &s->kmpreannounce, sizeof(s->kmpreannounce)) < 0) || - #endif -@@ -333,7 +337,11 @@ static int libsrt_set_options_pre(URLContext *h, int fd) - (s->lossmaxttl >= 0 && libsrt_setsockopt(h, fd, SRTO_LOSSMAXTTL, "SRTO_LOSSMAXTTL", &s->lossmaxttl, sizeof(s->lossmaxttl)) < 0) || - (s->minversion >= 0 && libsrt_setsockopt(h, fd, SRTO_MINVERSION, "SRTO_MINVERSION", &s->minversion, sizeof(s->minversion)) < 0) || - (s->streamid && libsrt_setsockopt(h, fd, SRTO_STREAMID, "SRTO_STREAMID", s->streamid, strlen(s->streamid)) < 0) || -+#if SRT_VERSION_VALUE >= 0x010401 -+ (s->smoother && libsrt_setsockopt(h, fd, SRTO_CONGESTION, "SRTO_CONGESTION", s->smoother, strlen(s->smoother)) < 0) || -+#else - (s->smoother && libsrt_setsockopt(h, fd, SRTO_SMOOTHER, "SRTO_SMOOTHER", s->smoother, strlen(s->smoother)) < 0) || -+#endif - (s->messageapi >= 0 && libsrt_setsockopt(h, fd, SRTO_MESSAGEAPI, "SRTO_MESSAGEAPI", &s->messageapi, sizeof(s->messageapi)) < 0) || - (s->payload_size >= 0 && libsrt_setsockopt(h, fd, SRTO_PAYLOADSIZE, "SRTO_PAYLOADSIZE", &s->payload_size, sizeof(s->payload_size)) < 0) || - ((h->flags & AVIO_FLAG_WRITE) && libsrt_setsockopt(h, fd, SRTO_SENDER, "SRTO_SENDER", &yes, sizeof(yes)) < 0)) { --- -2.28.0 - diff --git a/ffmpeg-4.3.1.tar.xz b/ffmpeg-4.3.1.tar.xz deleted file mode 100644 index 7f21816..0000000 --- a/ffmpeg-4.3.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ad009240d46e307b4e03a213a0f49c11b650e445b1f8be0dda2a9212b34d2ffb -size 9379424 diff --git a/ffmpeg-4.3.1.tar.xz.asc b/ffmpeg-4.3.1.tar.xz.asc deleted file mode 100644 index a49abc4..0000000 --- a/ffmpeg-4.3.1.tar.xz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQFMBAABCAA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAl8Jl1kYHGZmbXBlZy1k -ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYeqMH/0oOMa5UQJuP9w3nxjuAI1rF -AhXFU7y1IKgHhxfYafkhcZphwbm3u8lpkI4E5dfG369WyE4Svi/t0+kI0iqEXQgn -0Vxk0gr79sTjoCm8HZssngo0ourLPWAJnoip6rdxlPB7bAEh69M3qX3xuKwSklw1 -Vu3L3bpmie3lAKqqeRv7JMxkKpg6fZMeQP4f7LCWpIFYlCn93icYTTF28L5T89yB -mt8WcYIU2IO0FxEGlh6ayxrr+/ioG6N8iE1q7laBRAFVU/OsARY9M/6RHFMSrm42 -4l65+Qh+IwQVzpFsnZ/S2iRD7QCZX+noAd+EH/S4vICNn+snBxIlxuYSDL6uqF4= -=AoNS ------END PGP SIGNATURE----- diff --git a/ffmpeg-4.3.2.tar.xz b/ffmpeg-4.3.2.tar.xz new file mode 100644 index 0000000..099a279 --- /dev/null +++ b/ffmpeg-4.3.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:46e4e64f1dd0233cbc0934b9f1c0da676008cad34725113fb7f802cfa84ccddb +size 9391100 diff --git a/ffmpeg-4.3.2.tar.xz.asc b/ffmpeg-4.3.2.tar.xz.asc new file mode 100644 index 0000000..962182e --- /dev/null +++ b/ffmpeg-4.3.2.tar.xz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQFMBAABCAA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAmAxcoMYHGZmbXBlZy1k +ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYO2UH/0Olke14XxdkZycJH4zuh3a0 +1bV+M01fLOtOHXSIdoLtMD0uF5zynsvK9kyk/boXX4vK44XTpNe+dlvTOAiY6VKk +WfGBHG91y6/kYm+0tsan22uxrJTHlO/KP477P/N7dCGA1juzDZ05pMZ+imikXA88 +PwmUYGGiCB6ErFmgn+kJ3WJBR20GMIdCC4E5lOv+7aJJL/zZcPAnU+bU689VutmE +BJ8CV0tBkBvNS0b32+kZQ/Lwjx69k+L9uiwpFXSIUU0Sus9/6QZJMEhvqPDPe7yg +EUqBcC1aYWbDfC2+WeTNHSOXUX4RIpfNIi2qFfoW48tDy0nQzeHOPM0boi+Gmrs= +=FJtn +-----END PGP SIGNATURE----- diff --git a/ffmpeg-4.changes b/ffmpeg-4.changes index a6cba46..6b58cc1 100644 --- a/ffmpeg-4.changes +++ b/ffmpeg-4.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Sun Mar 14 21:08:02 UTC 2021 - Dirk Müller + +- update to 4.3.2: + * lots of oss-fuzz reported overflow fixes, see included ChangeLog +- drop + ffmpeg.git-ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a.patch + 0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch + 0001-avformat-vividas-improve-extradata-packing-checks-in.patch: upstream + ------------------------------------------------------------------- Fri Feb 5 21:10:43 UTC 2021 - Jan Engelhardt diff --git a/ffmpeg-4.spec b/ffmpeg-4.spec index 3424142..670ba15 100644 --- a/ffmpeg-4.spec +++ b/ffmpeg-4.spec @@ -94,7 +94,7 @@ %define _major_version 4 %define _major_expected 5 Name: ffmpeg-4 -Version: 4.3.1 +Version: 4.3.2 Release: 0 Summary: Library for working with various multimedia formats License: GPL-3.0-or-later @@ -114,11 +114,8 @@ Patch2: ffmpeg-new-coder-errors.diff Patch3: ffmpeg-codec-choice.diff Patch4: ffmpeg-4.2-dlopen-fdk_aac.patch Patch5: soversion.patch -Patch6: ffmpeg.git-ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a.patch -Patch7: 0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch Patch8: vmaf-trim-usr-local.patch Patch9: ffmpeg_altivec_yuv2rgb_novsx.patch -Patch10: 0001-avformat-vividas-improve-extradata-packing-checks-in.patch BuildRequires: ladspa-devel BuildRequires: libgsm-devel BuildRequires: libmp3lame-devel diff --git a/ffmpeg.git-ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a.patch b/ffmpeg.git-ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a.patch deleted file mode 100644 index c1ad28e..0000000 --- a/ffmpeg.git-ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a.patch +++ /dev/null @@ -1,58 +0,0 @@ -From: James Almer -Date: Mon, 13 Jul 2020 00:32:01 +0000 (-0300) -Subject: x86/yuv2rgb: fix crashes when storing data on unaligned buffers -X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a - -x86/yuv2rgb: fix crashes when storing data on unaligned buffers - -Regression since fc6a5883d6af8cae0e96af84dda0ad74b360a084 on SSSE3 enabled -CPUs. - -Fixes ticket #8747 - -Signed-off-by: James Almer ---- - -diff --git a/libswscale/x86/yuv_2_rgb.asm b/libswscale/x86/yuv_2_rgb.asm -index 575a84d921..003dff1f25 100644 ---- a/libswscale/x86/yuv_2_rgb.asm -+++ b/libswscale/x86/yuv_2_rgb.asm -@@ -268,9 +268,9 @@ cglobal %1_420_%2%3, GPR_num, GPR_num, reg_num, parameters - por m2, m7 - por m1, m6 ; g5 b5 r6 g6 b6 r7 g7 b7 r8 g8 b8 r9 g9 b9 r10 g10 - por m2, m3 ; b10 r11 g11 b11 r12 g12 b12 r13 g13 b13 r14 g14 b14 r15 g15 b15 -- mova [imageq], m0 -- mova [imageq + 16], m1 -- mova [imageq + 32], m2 -+ movu [imageq], m0 -+ movu [imageq + 16], m1 -+ movu [imageq + 32], m2 - %endif ; mmsize = 16 - %else ; PACK RGB15/16/32 - packuswb m0, m1 -@@ -300,10 +300,10 @@ cglobal %1_420_%2%3, GPR_num, GPR_num, reg_num, parameters - punpckhwd m_green, m_red - punpcklwd m5, m6 - punpckhwd m_alpha, m6 -- mova [imageq + 0], m_blue -- mova [imageq + 8 * time_num], m_green -- mova [imageq + 16 * time_num], m5 -- mova [imageq + 24 * time_num], m_alpha -+ movu [imageq + 0], m_blue -+ movu [imageq + 8 * time_num], m_green -+ movu [imageq + 16 * time_num], m5 -+ movu [imageq + 24 * time_num], m_alpha - %else ; PACK RGB15/16 - %define depth 2 - %if cpuflag(ssse3) -@@ -342,8 +342,8 @@ cglobal %1_420_%2%3, GPR_num, GPR_num, reg_num, parameters - mova m2, m0 - punpcklbw m0, m1 - punpckhbw m2, m1 -- mova [imageq], m0 -- mova [imageq + 8 * time_num], m2 -+ movu [imageq], m0 -+ movu [imageq + 8 * time_num], m2 - %endif ; PACK RGB15/16 - %endif ; PACK RGB15/16/32 -