jengelh/ffmpeg-5
SHA256
1
0
Fork 3
forked from pool/ffmpeg-5
Code Pull Requests 1 Activity

Compare commits

merge into: jengelh:master
Branches Tags
jengelh:master
jengelh:factory
manfred-h:master
manfred-h:factory
pool:factory
pool:devel
...
pull from: manfred-h:master
Branches Tags
manfred-h:master
manfred-h:factory
jengelh:master
jengelh:factory
pool:factory
pool:devel

5 Commits
master ... master

Author SHA256 Message Date
Manfred Hollstein
5c7421cca2 ffmpeg-5-CVE-2024-32228.patch gelöscht 
- Remove ffmpeg-5-CVE-2024-32228.patch as it adds/modifies code
  which does not build on Packman.
 2024-08-15 12:12:37 +02:00
Manfred Hollstein
203fdd4415 ffmpeg-5.spec aktualisiert 
- Remove ffmpeg-5-CVE-2024-32228.patch as it adds/modifies code
  which does not build on Packman.
 2024-08-15 12:11:11 +02:00
Manfred Hollstein
ff1103718d ffmpeg-5.changes aktualisiert 2024-08-15 12:08:49 +02:00
Manfred Hollstein
6af725eab1 ffmpeg-5.changes aktualisiert 2024-08-15 12:08:10 +02:00
Manfred Hollstein
bd45ca0807 ffmpeg-5.changes aktualisiert 
- Remove ffmpeg-5-CVE-2024-32228.patch as it adds/modifies code
  which does not build on Packman.
 2024-08-15 12:02:13 +02:00
3 changed files with 13 additions and 70 deletions
Show Stats Expand all files Collapse all files

66
ffmpeg-5-CVE-2024-32228.patch
View File

@ -1,66 +0,0 @@
From 459648761f5412acdc3317d5bac982ceaa257584
Author: Niklas Haas <git@haasn.dev>
Date: Sat Apr 6 13:11:09 2024 +0200
Subject: avcodec/hevcdec: fix segfault on invalid film grain metadata
References: CVE-2024-32228
References: bsc#1227277
Upstream: Backport from upstream
Invalid input files may contain film grain metadata which survives
ff_h274_film_grain_params_supported() but does not pass
av_film_grain_params_select(), leading to a SIGSEGV on hevc_frame_end().
Fix this by duplicating the av_film_grain_params_select() check at frame
init time.
An alternative solution here would be to defer the incompatibility check
to hevc_frame_end(), but this has the downside of allocating a film
grain buffer even when we already know we can't apply film grain.
Fixes: https://trac.ffmpeg.org/ticket/10951
--- ffmpeg-5.1.4/libavcodec/hevcdec.c
+++ ffmpeg-5.1.4_new/libavcodec/hevcdec.c
@@ -3035,12 +3035,29 @@
goto fail;
}
- s->ref->frame->key_frame = IS_IRAP(s);
+ if (IS_IRAP(s))
+ s->ref->frame->flags |= AV_FRAME_FLAG_KEY;
+ else
+ s->ref->frame->flags &= ~AV_FRAME_FLAG_KEY;
- s->ref->needs_fg = s->sei.film_grain_characteristics.present &&
+ s->ref->needs_fg = (s->sei.common.film_grain_characteristics.present ||
+ s->sei.common.aom_film_grain.enable) &&
!(s->avctx->export_side_data & AV_CODEC_EXPORT_DATA_FILM_GRAIN) &&
!s->avctx->hwaccel;
+ ret = set_side_data(s);
+ if (ret < 0)
+ goto fail;
+
+ if (s->ref->needs_fg &&
+ ( s->sei.common.film_grain_characteristics.present &&
+ !ff_h274_film_grain_params_supported(s->sei.common.film_grain_characteristics.model_id,
+ s->ref->frame->format))
+ || !av_film_grain_params_select(s->ref->frame)) {
+ av_log_once(s->avctx, AV_LOG_WARNING, AV_LOG_DEBUG, &s->film_grain_warning_shown,
+ "Unsupported film grain parameters. Ignoring film grain.\n");
+ s->ref->needs_fg = 0;
+ }
if (s->ref->needs_fg) {
s->ref->frame_grain->format = s->ref->frame->format;
s->ref->frame_grain->width = s->ref->frame->width;
@@ -3049,10 +3066,6 @@
goto fail;
}
- ret = set_side_data(s);
- if (ret < 0)
- goto fail;
-
s->frame->pict_type = 3 - s->sh.slice_type;
if (!IS_IRAP(s))

11
ffmpeg-5.changes
View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Thu Aug 15 09:56:01 UTC 2024 - Manfred Hollstein <manfred.h@gmx.net>
- Remove ffmpeg-5-CVE-2024-32228.patch as it adds/modifies code
which does not build on Packman. Following errors are generated:
* AV_FRAME_FLAG_KEY undeclared
* 'HEVCSEI' has no member named 'common'
* implicit declaration of function 'ff_h274_film_grain_params_supported'
* implicit declaration of function 'av_film_grain_params_select'
* 'HEVCContext' has no member named 'film_grain_warning_shown'
- Renumber patches
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Jul 2 12:26:28 UTC 2024 - Cliff Zhao <qzhao@suse.com> Tue Jul 2 12:26:28 UTC 2024 - Cliff Zhao <qzhao@suse.com>

6
ffmpeg-5.spec
View File

@ -123,8 +123,7 @@ Patch97: ffmpeg-CVE-2023-51793.patch
Patch98: ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch Patch98: ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch
Patch99: ffmpeg-CVE-2023-50009.patch Patch99: ffmpeg-CVE-2023-50009.patch
Patch100: ffmpeg-CVE-2023-50010.patch Patch100: ffmpeg-CVE-2023-50010.patch
Patch101: ffmpeg-5-CVE-2024-32228.patch Patch101: ffmpeg-5-CVE-2024-32230.patch
Patch102: ffmpeg-5-CVE-2024-32230.patch
# #
# preamble is present twice, watch out # preamble is present twice, watch out
# #
@ -862,8 +861,7 @@ Patch97: ffmpeg-CVE-2023-51793.patch
Patch98: ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch Patch98: ffmpeg-Templatify-ff_gaussian_blur-and-ff-function.patch
Patch99: ffmpeg-CVE-2023-50009.patch Patch99: ffmpeg-CVE-2023-50009.patch
Patch100: ffmpeg-CVE-2023-50010.patch Patch100: ffmpeg-CVE-2023-50010.patch
Patch101: ffmpeg-5-CVE-2024-32228.patch Patch101: ffmpeg-5-CVE-2024-32230.patch
Patch102: ffmpeg-5-CVE-2024-32230.patch
BuildRequires: c_compiler BuildRequires: c_compiler
Requires: this-is-only-for-build-envs Requires: this-is-only-for-build-envs