pool/vlc
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 289640 from multimedia:libs

Browse Source 
Update to 2.2.0

OBS-URL: https://build.opensuse.org/request/show/289640
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/vlc?expand=0&rev=34
This commit is contained in:
Dominique Leuenberger 2015-03-16 08:41:28 +00:00 committed by Git OBS Bridge
commit 518a6828de
8 changed files with 594 additions and 585 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
vlc-2.1.5-fix-skins2-default-skin-creation.patch
View File

@ -5,19 +5,6 @@ New tar defaults create PAX archives which have two problems:
* they contain atime and thus the build time
Avoid this by passign "--format=ustar" to tar when creating skins2/default.vlt
Index: b/share/Makefile.am
===================================================================
--- a/share/Makefile.am
+++ b/share/Makefile.am
@@ -79,7 +79,7 @@ skins2/default.vlt: $(skins2_default_vlt
mkdir -p skins2
(cd "$(srcdir)/skins2"; find default -print0 | \
LC_ALL=C sort -z | \
- tar cvv --exclude .svn --no-recursion --null -T -) | \
+ tar cvv --format=ustar --exclude .svn --no-recursion --null -T -) | \
gzip -n > skins2/default.vlt
#
Index: b/share/Makefile.in
===================================================================
--- a/share/Makefile.in

3
vlc-2.1.5.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:6f6566ab6cd90d381395b7f0e401060b044cd3843e50ceb252b558a88e5d1f72
size 19574208

119
vlc-2.2.0-fix_deinterlace_mmx.patch Normal file
View File

@ -0,0 +1,119 @@
--- modules/video_filter/deinterlace/merge.c.orig 2015-03-04 07:55:02.021482260 +0100
+++ modules/video_filter/deinterlace/merge.c 2015-03-04 07:56:33.975885612 +0100
@@ -68,116 +68,6 @@
*p_dest++ = ( *p_s1++ + *p_s2++ ) >> 1;
}
-#if defined(CAN_COMPILE_MMXEXT)
-VLC_MMX
-void MergeMMXEXT( void *_p_dest, const void *_p_s1, const void *_p_s2,
- size_t i_bytes )
-{
- uint8_t *p_dest = _p_dest;
- const uint8_t *p_s1 = _p_s1;
- const uint8_t *p_s2 = _p_s2;
-
- for( ; i_bytes >= 8; i_bytes -= 8 )
- {
- __asm__ __volatile__( "movq %2,%%mm1;"
- "pavgb %1, %%mm1;"
- "movq %%mm1, %0" :"=m" (*p_dest):
- "m" (*p_s1),
- "m" (*p_s2) : "mm1" );
- p_dest += 8;
- p_s1 += 8;
- p_s2 += 8;
- }
-
- for( ; i_bytes > 0; i_bytes-- )
- *p_dest++ = ( *p_s1++ + *p_s2++ ) >> 1;
-}
-#endif
-
-#if defined(CAN_COMPILE_3DNOW)
-VLC_MMX
-void Merge3DNow( void *_p_dest, const void *_p_s1, const void *_p_s2,
- size_t i_bytes )
-{
- uint8_t *p_dest = _p_dest;
- const uint8_t *p_s1 = _p_s1;
- const uint8_t *p_s2 = _p_s2;
-
- for( ; i_bytes >= 8; i_bytes -= 8 )
- {
- __asm__ __volatile__( "movq %2,%%mm1;"
- "pavgusb %1, %%mm1;"
- "movq %%mm1, %0" :"=m" (*p_dest):
- "m" (*p_s1),
- "m" (*p_s2) : "mm1" );
- p_dest += 8;
- p_s1 += 8;
- p_s2 += 8;
- }
-
- for( ; i_bytes > 0; i_bytes-- )
- *p_dest++ = ( *p_s1++ + *p_s2++ ) >> 1;
-}
-#endif
-
-#if defined(CAN_COMPILE_SSE)
-VLC_SSE
-void Merge8BitSSE2( void *_p_dest, const void *_p_s1, const void *_p_s2,
- size_t i_bytes )
-{
- uint8_t *p_dest = _p_dest;
- const uint8_t *p_s1 = _p_s1;
- const uint8_t *p_s2 = _p_s2;
-
- for( ; i_bytes > 0 && ((uintptr_t)p_s1 & 15); i_bytes-- )
- *p_dest++ = ( *p_s1++ + *p_s2++ ) >> 1;
-
- for( ; i_bytes >= 16; i_bytes -= 16 )
- {
- __asm__ __volatile__( "movdqu %2,%%xmm1;"
- "pavgb %1, %%xmm1;"
- "movdqu %%xmm1, %0" :"=m" (*p_dest):
- "m" (*p_s1),
- "m" (*p_s2) : "xmm1" );
- p_dest += 16;
- p_s1 += 16;
- p_s2 += 16;
- }
-
- for( ; i_bytes > 0; i_bytes-- )
- *p_dest++ = ( *p_s1++ + *p_s2++ ) >> 1;
-}
-
-VLC_SSE
-void Merge16BitSSE2( void *_p_dest, const void *_p_s1, const void *_p_s2,
- size_t i_bytes )
-{
- uint16_t *p_dest = _p_dest;
- const uint16_t *p_s1 = _p_s1;
- const uint16_t *p_s2 = _p_s2;
-
- size_t i_words = i_bytes / 2;
- for( ; i_words > 0 && ((uintptr_t)p_s1 & 15); i_words-- )
- *p_dest++ = ( *p_s1++ + *p_s2++ ) >> 1;
-
- for( ; i_words >= 8; i_words -= 8 )
- {
- __asm__ __volatile__( "movdqu %2,%%xmm1;"
- "pavgw %1, %%xmm1;"
- "movdqu %%xmm1, %0" :"=m" (*p_dest):
- "m" (*p_s1),
- "m" (*p_s2) : "xmm1" );
- p_dest += 8;
- p_s1 += 8;
- p_s2 += 8;
- }
-
- for( ; i_words > 0; i_words-- )
- *p_dest++ = ( *p_s1++ + *p_s2++ ) >> 1;
-}
-
-#endif
-
#ifdef CAN_COMPILE_C_ALTIVEC
void MergeAltivec( void *_p_dest, const void *_p_s1,
const void *_p_s2, size_t i_bytes )

3
vlc-2.2.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5e0a27e248c47da723a696420aca3a4dd15cc3ed8cc81618d3f1dc8661b25517
size 20861760

253
vlc-CVE-2014-9625.patch
View File

@ -1,253 +0,0 @@
From b915dc931fe886add566f208650e0ab225acbe3a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20Denis-Courmont?= <remi@remlab.net>
Date: Wed, 30 Jul 2014 19:05:43 +0300
Subject: [PATCH 18/39] avformat: initialize probe data (fixes #11851)
(cherry picked from commit 49bd1c657d960ba107d9db8752f716139a938eee)
---
modules/demux/avformat/demux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules/demux/avformat/demux.c b/modules/demux/avformat/demux.c
index 3bb1266..902ef01 100644
--- a/modules/demux/avformat/demux.c
+++ b/modules/demux/avformat/demux.c
@@ -106,7 +106,7 @@ int OpenDemux( vlc_object_t *p_this )
{
demux_t *p_demux = (demux_t*)p_this;
demux_sys_t *p_sys;
- AVProbeData pd;
+ AVProbeData pd = { };
AVInputFormat *fmt = NULL;
unsigned int i;
int64_t i_start_time = -1;
--
2.2.1
From 74996ceefd63adf07e28ea80198200d74a164c9d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9mi=20Denis-Courmont?= <remi@remlab.net>
Date: Sat, 30 Aug 2014 16:41:53 +0300
Subject: [PATCH 27/39] decomp: fix heap overflow (fixes #12052)
---
modules/stream_filter/decomp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules/stream_filter/decomp.c b/modules/stream_filter/decomp.c
index 5a12e87..16a4901 100644
--- a/modules/stream_filter/decomp.c
+++ b/modules/stream_filter/decomp.c
@@ -207,7 +207,7 @@ static int Read (stream_t *stream, void *buf, unsigned int buflen)
p_sys->offset += length;
if (buflen > 0)
- length += Read (stream, ((char *)buf) + length, buflen - length);
+ length += Read (stream, buf, buflen);
return length;
}
assert ((buf != NULL) || (buflen == 0));
--
2.2.1
From 9ddfcbb6e5222871de9b2047c939cf1da1fdbe7b Mon Sep 17 00:00:00 2001
From: Fabian Yamaguchi <fyamagu@gwdg.de>
Date: Sat, 6 Dec 2014 13:12:38 +0100
Subject: [PATCH 34/39] misc: update: fix buffer overflow in updater
On 32 bit builds, parsing of update status files with a size of
4294967295 or more lead to an integer truncation in a call to malloc
and a subsequent buffer overflow. This happened prior to checking the
files' signature. The commit fixes this by disallowing overly large
status files (above 65k in practice)
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
(cherry picked from commit fbe2837bc80f155c001781041a54c58b5524fc14)
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
---
src/misc/update.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/misc/update.c b/src/misc/update.c
index 600e900..32e8701 100644
--- a/src/misc/update.c
+++ b/src/misc/update.c
@@ -193,6 +193,13 @@ static bool GetUpdateFile( update_t *p_update )
}
const int64_t i_read = stream_Size( p_stream );
+
+ if( i_read < 0 || i_read >= UINT16_MAX)
+ {
+ msg_Err(p_update->p_libvlc, "Status file too large");
+ goto error;
+ }
+
psz_update_data = malloc( i_read + 1 ); /* terminating '\0' */
if( !psz_update_data )
goto error;
--
2.2.1
From a99d9cc2fede1a18140b43ffb59cde37cef7478d Mon Sep 17 00:00:00 2001
From: Fabian Yamaguchi <fyamagu@gwdg.de>
Date: Fri, 5 Dec 2014 15:18:22 +0100
Subject: [PATCH 35/39] codec: schroedinger: fix potential buffer overflow.
The variable len is a raw 32 bit value read using GetDWBE. If this
value is larger than UINT32_MAX - sizeof(eos), this will cause an
integer overflow in the subsequent call to malloc, and finally a
buffer overflow when calling memcpy. We fix this by checking len
accordingly.
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
(cherry picked from commit 9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5)
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
---
modules/codec/schroedinger.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/modules/codec/schroedinger.c b/modules/codec/schroedinger.c
index 0c5a7e7..93b72e1 100644
--- a/modules/codec/schroedinger.c
+++ b/modules/codec/schroedinger.c
@@ -1548,6 +1548,10 @@ static block_t *Encode( encoder_t *p_enc, picture_t *p_pic )
* is appended to the sequence header to allow guard
* against poor streaming servers */
/* XXX, should this be done using the packetizer ? */
+
+ if( len > UINT32_MAX - sizeof( eos ) )
+ return NULL;
+
p_enc->fmt_out.p_extra = malloc( len + sizeof( eos ) );
if( !p_enc->fmt_out.p_extra )
return NULL;
--
2.2.1
From 4e6137bbcd3d74630aa6f0e8b8b5b8aa0c19647d Mon Sep 17 00:00:00 2001
From: Fabian Yamaguchi <fyamagu@gwdg.de>
Date: Fri, 5 Dec 2014 15:37:05 +0100
Subject: [PATCH 36/39] codec: dmo: avoid null-pointer dereference.
Check the return value of malloc to avoid a null-pointer dereference.
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
(cherry picked from commit 229c385a79d48e41687fae8b4dfeaeef9c8c3eb7)
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
---
modules/codec/dmo/dmo.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/modules/codec/dmo/dmo.c b/modules/codec/dmo/dmo.c
index 6595f70..dd1fbbc 100644
--- a/modules/codec/dmo/dmo.c
+++ b/modules/codec/dmo/dmo.c
@@ -1310,6 +1310,9 @@ static int EncoderSetAudioType( encoder_t *p_enc, IMediaObject *p_dmo )
msg_Dbg( p_enc, "found cbSize: %i", p_wf->cbSize );
p_enc->fmt_out.i_extra = p_wf->cbSize;
p_enc->fmt_out.p_extra = malloc( p_enc->fmt_out.i_extra );
+ if( p_enc->fmt_out.p_extra == NULL)
+ return VLC_EGENERIC;
+
memcpy( p_enc->fmt_out.p_extra, &p_wf[1], p_enc->fmt_out.i_extra );
}
--
2.2.1
From 8eab5c92136ffc60873c41c06e7a6a9266e8af7c Mon Sep 17 00:00:00 2001
From: Fabian Yamaguchi <fyamagu@gwdg.de>
Date: Fri, 5 Dec 2014 13:52:42 +0100
Subject: [PATCH 37/39] demux: mp4: fix buffer overflow in parsing of string
boxes.
We ensure that pbox->i_size is never smaller than 8 to avoid an
integer underflow in the third argument of the subsequent call to
memcpy. We also make sure no truncation occurs when passing values
derived from the 64 bit integer p_box->i_size to arguments of malloc
and memcpy that may be 32 bit integers on 32 bit platforms.
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
(cherry picked from commit 2e7c7091a61aa5d07e7997b393d821e91f593c39)
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
Conflicts:
modules/demux/mp4/libmp4.c
---
modules/demux/mp4/libmp4.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/modules/demux/mp4/libmp4.c b/modules/demux/mp4/libmp4.c
index 3abb940..ba6dcb9 100644
--- a/modules/demux/mp4/libmp4.c
+++ b/modules/demux/mp4/libmp4.c
@@ -2596,6 +2596,9 @@ static int MP4_ReadBox_name( stream_t *p_stream, MP4_Box_t *p_box )
{
MP4_READBOX_ENTER( MP4_Box_data_name_t );
+ if( p_box->i_size < 8 || p_box->i_size > SIZE_MAX )
+ MP4_READBOX_EXIT( 0 );
+
p_box->data.p_name->psz_text = malloc( p_box->i_size + 1 - 8 ); /* +\0, -name, -size */
if( p_box->data.p_name->psz_text == NULL )
MP4_READBOX_EXIT( 0 );
--
2.2.1
From 41c52fbf434d6fc59e1a5e90118b8c924ea6f50d Mon Sep 17 00:00:00 2001
From: Fabian Yamaguchi <fyamagu@gwdg.de>
Date: Fri, 5 Dec 2014 13:58:24 +0100
Subject: [PATCH 38/39] stream_out: rtp: don't use VLA for user controlled data
It should fix a possible invalid memory access
When streaming ogg-files via rtp, an ogg-file can trigger an invalid
write access using an overly long 'configuration' string.
The original code attemps to allocate space to hold the string on the stack
and hence, cannot verify if allocation succeeds. Instead, we now allocate the
buffer on the heap and return if allocation fails.
In detail, rtp_packetize_xiph_config allocates a buffer on the stack at (1) where
the size depends on the local variable 'len'. The variable 'len' is
calculated at (0) to be the length of a string contained in a specially
crafted Ogg Vorbis file, and therefore, it is attacker-controlled.
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
(cherry picked from commit 204291467724867b79735c0ee3aeb0dbc2200f97)
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>
Conflicts:
modules/stream_out/rtpfmt.c
---
modules/stream_out/rtpfmt.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/modules/stream_out/rtpfmt.c b/modules/stream_out/rtpfmt.c
index 7b71588..f19f41b 100644
--- a/modules/stream_out/rtpfmt.c
+++ b/modules/stream_out/rtpfmt.c
@@ -540,7 +540,11 @@ int rtp_packetize_xiph_config( sout_stream_id_t *id, const char *fmtp,
char *end = strchr(start, ';');
assert(end != NULL);
size_t len = end - start;
- char b64[len + 1];
+
+ char *b64 = malloc(len + 1);
+ if(!b64)
+ return VLC_EGENERIC;
+
memcpy(b64, start, len);
b64[len] = '\0';
@@ -550,6 +554,7 @@ int rtp_packetize_xiph_config( sout_stream_id_t *id, const char *fmtp,
int i_data;
i_data = vlc_b64_decode_binary(&p_orig, b64);
+ free(b64);
if (i_data == 0)
return VLC_EGENERIC;
assert(i_data > 9);
--
2.2.1

9
vlc-rpmlintrc Normal file
View File

@ -0,0 +1,9 @@
# according to the developers this is a false positive
addFilter("libvlccore.* shared-lib-calls-exit")
# there's a good reason for packaging vlc and vlc.desktop separately
addFilter("desktopfile-without-binary")
# plugins.dat is created on startup if necessary
addFilter("vlc-noX.* ghost-files-without-postin")

35
vlc.changes
View File

@ -1,3 +1,38 @@
-------------------------------------------------------------------
Wed Mar 4 11:09:14 UTC 2015 - dimstar@opensuse.org
- Reintroduce calling {_libdir}/vlc/vlc-cache-gen during post.
-------------------------------------------------------------------
Tue Mar 3 15:00:18 UTC 2015 - aloisio@gmx.com
- made fludsynth optional again out of caution
- added vlc-2.2.0-fix_deinterlace_mmx.patch to make
SLE11/i586 build without a recent enough gcc
- fixed SLE11 to build without automake >= 1.11
- fixed a SLE12 build problem on packman
- removed hevc plugins in a cleaner way
-------------------------------------------------------------------
Sun Mar 1 18:05:03 UTC 2015 - aloisio@gmx.com
- enabled ncurses for Factory
- enabled fluidsynth unconditionally
- enabled libcdio
- enabled x265 for packman
- fixed SLE11/SLE12 build
- added vlc-rpmlintrc to suppress bogus warnings
- added manpages for the various versions of vlc
as link to the main one
-------------------------------------------------------------------
Fri Feb 27 18:28:17 UTC 2015 - dimstar@opensuse.org
- Update to version 2.2.0:
+ Long awaited update with a huge changelog. Please see the
content of /usr/share/doc/packages/vlc/NEWS.
- Drop vlc-CVE-2014-9625.patch: fixed upstream.
-------------------------------------------------------------------
Wed Feb 4 10:11:09 UTC 2015 - dimstar@opensuse.org

726
vlc.spec
View File

File diff suppressed because it is too large Load Diff