SHA256
1
0
forked from jengelh/ffmpeg-4

Accepting request 879741 from home:dirkmueller:Factory

- update to 4.3.2:
  * lots of oss-fuzz reported overflow fixes, see included ChangeLog 
- drop 
      ffmpeg.git-ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a.patch
      0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch
      0001-avformat-vividas-improve-extradata-packing-checks-in.patch: upstream

OBS-URL: https://build.opensuse.org/request/show/879741
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/ffmpeg-4?expand=0&rev=153
This commit is contained in:
Jan Engelhardt 2021-03-19 09:42:33 +00:00 committed by Git OBS Bridge
parent 14cff7697d
commit 3765321cb0
9 changed files with 25 additions and 197 deletions

View File

@ -1,71 +0,0 @@
From 27a99e2c7d450fef15594671eef4465c8a166bd7 Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Wed, 28 Oct 2020 20:11:54 +0100
Subject: [PATCH] avformat/vividas: improve extradata packing checks in
track_header()
Fixes: out of array accesses
Fixes: 26622/clusterfuzz-testcase-minimized-ffmpeg_dem_VIVIDAS_fuzzer-6581200338288640
Found-by: continuous fuzzing process https://github.com/google/oss-fuzz/tree/master/projects/ffmpeg
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
---
libavformat/vividas.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git libavformat/vividas.c libavformat/vividas.c
index 83d0ed1167..46c66bf9a0 100644
--- a/libavformat/vividas.c
+++ a/libavformat/vividas.c
@@ -28,6 +28,7 @@
* @sa http://wiki.multimedia.cx/index.php?title=Vividas_VIV
*/
+#include "libavutil/avassert.h"
#include "libavutil/intreadwrite.h"
#include "avio_internal.h"
#include "avformat.h"
@@ -379,7 +380,7 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t *
if (avio_tell(pb) < off) {
int num_data;
- int xd_size = 0;
+ int xd_size = 1;
int data_len[256];
int offset = 1;
uint8_t *p;
@@ -393,10 +394,10 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t *
return AVERROR_INVALIDDATA;
}
data_len[j] = len;
- xd_size += len;
+ xd_size += len + 1 + len/255;
}
- ret = ff_alloc_extradata(st->codecpar, 64 + xd_size + xd_size / 255);
+ ret = ff_alloc_extradata(st->codecpar, xd_size);
if (ret < 0)
return ret;
@@ -405,9 +406,7 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t *
for (j = 0; j < num_data - 1; j++) {
unsigned delta = av_xiphlacing(&p[offset], data_len[j]);
- if (delta > data_len[j]) {
- return AVERROR_INVALIDDATA;
- }
+ av_assert0(delta <= xd_size - offset);
offset += delta;
}
@@ -418,6 +417,7 @@ static int track_header(VividasDemuxContext *viv, AVFormatContext *s, uint8_t *
av_freep(&st->codecpar->extradata);
break;
}
+ av_assert0(data_len[j] <= xd_size - offset);
offset += data_len[j];
}
--
2.30.0

View File

@ -1,50 +0,0 @@
From 7c59e1b0f285cd7c7b35fcd71f49c5fd52cf9315 Mon Sep 17 00:00:00 2001
From: Jun Zhao <barryjzhao@tencent.com>
Date: Sun, 12 Jul 2020 13:48:48 +0800
Subject: [PATCH] lavf/srt: fix build fail when used the libsrt 1.4.1
libsrt changed the:
SRTO_SMOOTHER -> SRTO_CONGESTION
SRTO_STRICTENC -> SRTO_ENFORCEDENCRYPTION
and removed the front of deprecated options (SRTO_SMOOTHER/SRTO_STRICTENC)
in the header, it's lead to build fail
fix #8760
Signed-off-by: Jun Zhao <barryjzhao@tencent.com>
---
libavformat/libsrt.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/libavformat/libsrt.c b/libavformat/libsrt.c
index 4de575b37c..4719ce0d4b 100644
--- a/libavformat/libsrt.c
+++ b/libavformat/libsrt.c
@@ -313,8 +313,12 @@ static int libsrt_set_options_pre(URLContext *h, int fd)
(s->pbkeylen >= 0 && libsrt_setsockopt(h, fd, SRTO_PBKEYLEN, "SRTO_PBKEYLEN", &s->pbkeylen, sizeof(s->pbkeylen)) < 0) ||
(s->passphrase && libsrt_setsockopt(h, fd, SRTO_PASSPHRASE, "SRTO_PASSPHRASE", s->passphrase, strlen(s->passphrase)) < 0) ||
#if SRT_VERSION_VALUE >= 0x010302
+#if SRT_VERSION_VALUE >= 0x010401
+ (s->enforced_encryption >= 0 && libsrt_setsockopt(h, fd, SRTO_ENFORCEDENCRYPTION, "SRTO_ENFORCEDENCRYPTION", &s->enforced_encryption, sizeof(s->enforced_encryption)) < 0) ||
+#else
/* SRTO_STRICTENC == SRTO_ENFORCEDENCRYPTION (53), but for compatibility, we used SRTO_STRICTENC */
(s->enforced_encryption >= 0 && libsrt_setsockopt(h, fd, SRTO_STRICTENC, "SRTO_STRICTENC", &s->enforced_encryption, sizeof(s->enforced_encryption)) < 0) ||
+#endif
(s->kmrefreshrate >= 0 && libsrt_setsockopt(h, fd, SRTO_KMREFRESHRATE, "SRTO_KMREFRESHRATE", &s->kmrefreshrate, sizeof(s->kmrefreshrate)) < 0) ||
(s->kmpreannounce >= 0 && libsrt_setsockopt(h, fd, SRTO_KMPREANNOUNCE, "SRTO_KMPREANNOUNCE", &s->kmpreannounce, sizeof(s->kmpreannounce)) < 0) ||
#endif
@@ -333,7 +337,11 @@ static int libsrt_set_options_pre(URLContext *h, int fd)
(s->lossmaxttl >= 0 && libsrt_setsockopt(h, fd, SRTO_LOSSMAXTTL, "SRTO_LOSSMAXTTL", &s->lossmaxttl, sizeof(s->lossmaxttl)) < 0) ||
(s->minversion >= 0 && libsrt_setsockopt(h, fd, SRTO_MINVERSION, "SRTO_MINVERSION", &s->minversion, sizeof(s->minversion)) < 0) ||
(s->streamid && libsrt_setsockopt(h, fd, SRTO_STREAMID, "SRTO_STREAMID", s->streamid, strlen(s->streamid)) < 0) ||
+#if SRT_VERSION_VALUE >= 0x010401
+ (s->smoother && libsrt_setsockopt(h, fd, SRTO_CONGESTION, "SRTO_CONGESTION", s->smoother, strlen(s->smoother)) < 0) ||
+#else
(s->smoother && libsrt_setsockopt(h, fd, SRTO_SMOOTHER, "SRTO_SMOOTHER", s->smoother, strlen(s->smoother)) < 0) ||
+#endif
(s->messageapi >= 0 && libsrt_setsockopt(h, fd, SRTO_MESSAGEAPI, "SRTO_MESSAGEAPI", &s->messageapi, sizeof(s->messageapi)) < 0) ||
(s->payload_size >= 0 && libsrt_setsockopt(h, fd, SRTO_PAYLOADSIZE, "SRTO_PAYLOADSIZE", &s->payload_size, sizeof(s->payload_size)) < 0) ||
((h->flags & AVIO_FLAG_WRITE) && libsrt_setsockopt(h, fd, SRTO_SENDER, "SRTO_SENDER", &yes, sizeof(yes)) < 0)) {
--
2.28.0

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ad009240d46e307b4e03a213a0f49c11b650e445b1f8be0dda2a9212b34d2ffb
size 9379424

View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQFMBAABCAA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAl8Jl1kYHGZmbXBlZy1k
ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYeqMH/0oOMa5UQJuP9w3nxjuAI1rF
AhXFU7y1IKgHhxfYafkhcZphwbm3u8lpkI4E5dfG369WyE4Svi/t0+kI0iqEXQgn
0Vxk0gr79sTjoCm8HZssngo0ourLPWAJnoip6rdxlPB7bAEh69M3qX3xuKwSklw1
Vu3L3bpmie3lAKqqeRv7JMxkKpg6fZMeQP4f7LCWpIFYlCn93icYTTF28L5T89yB
mt8WcYIU2IO0FxEGlh6ayxrr+/ioG6N8iE1q7laBRAFVU/OsARY9M/6RHFMSrm42
4l65+Qh+IwQVzpFsnZ/S2iRD7QCZX+noAd+EH/S4vICNn+snBxIlxuYSDL6uqF4=
=AoNS
-----END PGP SIGNATURE-----

3
ffmpeg-4.3.2.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:46e4e64f1dd0233cbc0934b9f1c0da676008cad34725113fb7f802cfa84ccddb
size 9391100

11
ffmpeg-4.3.2.tar.xz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQFMBAABCAA2FiEE/PmG6hXm4pOlZE8QtDIvBNZ2WNgFAmAxcoMYHGZmbXBlZy1k
ZXZlbEBmZm1wZWcub3JnAAoJELQyLwTWdljYO2UH/0Olke14XxdkZycJH4zuh3a0
1bV+M01fLOtOHXSIdoLtMD0uF5zynsvK9kyk/boXX4vK44XTpNe+dlvTOAiY6VKk
WfGBHG91y6/kYm+0tsan22uxrJTHlO/KP477P/N7dCGA1juzDZ05pMZ+imikXA88
PwmUYGGiCB6ErFmgn+kJ3WJBR20GMIdCC4E5lOv+7aJJL/zZcPAnU+bU689VutmE
BJ8CV0tBkBvNS0b32+kZQ/Lwjx69k+L9uiwpFXSIUU0Sus9/6QZJMEhvqPDPe7yg
EUqBcC1aYWbDfC2+WeTNHSOXUX4RIpfNIi2qFfoW48tDy0nQzeHOPM0boi+Gmrs=
=FJtn
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,13 @@
-------------------------------------------------------------------
Sun Mar 14 21:08:02 UTC 2021 - Dirk Müller <dmueller@suse.com>
- update to 4.3.2:
* lots of oss-fuzz reported overflow fixes, see included ChangeLog
- drop
ffmpeg.git-ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a.patch
0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch
0001-avformat-vividas-improve-extradata-packing-checks-in.patch: upstream
-------------------------------------------------------------------
Fri Feb 5 21:10:43 UTC 2021 - Jan Engelhardt <jengelh@inai.de>

View File

@ -94,7 +94,7 @@
%define _major_version 4
%define _major_expected 5
Name: ffmpeg-4
Version: 4.3.1
Version: 4.3.2
Release: 0
Summary: Library for working with various multimedia formats
License: GPL-3.0-or-later
@ -114,11 +114,8 @@ Patch2: ffmpeg-new-coder-errors.diff
Patch3: ffmpeg-codec-choice.diff
Patch4: ffmpeg-4.2-dlopen-fdk_aac.patch
Patch5: soversion.patch
Patch6: ffmpeg.git-ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a.patch
Patch7: 0001-lavf-srt-fix-build-fail-when-used-the-libsrt-1.4.1.patch
Patch8: vmaf-trim-usr-local.patch
Patch9: ffmpeg_altivec_yuv2rgb_novsx.patch
Patch10: 0001-avformat-vividas-improve-extradata-packing-checks-in.patch
BuildRequires: ladspa-devel
BuildRequires: libgsm-devel
BuildRequires: libmp3lame-devel

View File

@ -1,58 +0,0 @@
From: James Almer <jamrial@gmail.com>
Date: Mon, 13 Jul 2020 00:32:01 +0000 (-0300)
Subject: x86/yuv2rgb: fix crashes when storing data on unaligned buffers
X-Git-Url: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff_plain;h=ba3e771a42c29ee02c34e7769cfc1b2dbc5c760a
x86/yuv2rgb: fix crashes when storing data on unaligned buffers
Regression since fc6a5883d6af8cae0e96af84dda0ad74b360a084 on SSSE3 enabled
CPUs.
Fixes ticket #8747
Signed-off-by: James Almer <jamrial@gmail.com>
---
diff --git a/libswscale/x86/yuv_2_rgb.asm b/libswscale/x86/yuv_2_rgb.asm
index 575a84d921..003dff1f25 100644
--- a/libswscale/x86/yuv_2_rgb.asm
+++ b/libswscale/x86/yuv_2_rgb.asm
@@ -268,9 +268,9 @@ cglobal %1_420_%2%3, GPR_num, GPR_num, reg_num, parameters
por m2, m7
por m1, m6 ; g5 b5 r6 g6 b6 r7 g7 b7 r8 g8 b8 r9 g9 b9 r10 g10
por m2, m3 ; b10 r11 g11 b11 r12 g12 b12 r13 g13 b13 r14 g14 b14 r15 g15 b15
- mova [imageq], m0
- mova [imageq + 16], m1
- mova [imageq + 32], m2
+ movu [imageq], m0
+ movu [imageq + 16], m1
+ movu [imageq + 32], m2
%endif ; mmsize = 16
%else ; PACK RGB15/16/32
packuswb m0, m1
@@ -300,10 +300,10 @@ cglobal %1_420_%2%3, GPR_num, GPR_num, reg_num, parameters
punpckhwd m_green, m_red
punpcklwd m5, m6
punpckhwd m_alpha, m6
- mova [imageq + 0], m_blue
- mova [imageq + 8 * time_num], m_green
- mova [imageq + 16 * time_num], m5
- mova [imageq + 24 * time_num], m_alpha
+ movu [imageq + 0], m_blue
+ movu [imageq + 8 * time_num], m_green
+ movu [imageq + 16 * time_num], m5
+ movu [imageq + 24 * time_num], m_alpha
%else ; PACK RGB15/16
%define depth 2
%if cpuflag(ssse3)
@@ -342,8 +342,8 @@ cglobal %1_420_%2%3, GPR_num, GPR_num, reg_num, parameters
mova m2, m0
punpcklbw m0, m1
punpckhbw m2, m1
- mova [imageq], m0
- mova [imageq + 8 * time_num], m2
+ movu [imageq], m0
+ movu [imageq + 8 * time_num], m2
%endif ; PACK RGB15/16
%endif ; PACK RGB15/16/32