diff --git a/vlc-flac-heap-overflow.patch b/vlc-flac-heap-overflow.patch new file mode 100644 index 0000000..65f0c1b --- /dev/null +++ b/vlc-flac-heap-overflow.patch @@ -0,0 +1,148 @@ +X-Git-Url: http://git.videolan.org/?p=vlc%2Fvlc-2.2.git;a=blobdiff_plain;f=modules%2Fcodec%2Fflac.c;h=fb12e6cab890777592154b43d8a2bc286a8f3913;hp=87c1e6cb7b84d4ba2b5eef18f9dc861b40cf6393;hb=55a82442cfea9dab8b853f3a4610f2880c5fadf3;hpb=dbe888f9ca9c3b102478b4a16a3d1d985c267899 + +diff --git a/modules/codec/flac.c b/modules/codec/flac.c +index 87c1e6cb7b..fb12e6cab8 100644 +--- a/modules/codec/flac.c ++++ b/modules/codec/flac.c +@@ -64,6 +64,8 @@ struct decoder_sys_t + */ + FLAC__StreamDecoder *p_flac; + FLAC__StreamMetadata_StreamInfo stream_info; ++ ++ uint8_t rgi_channels_reorder[AOUT_CHAN_MAX]; + bool b_stream_info; + }; + +@@ -87,6 +89,19 @@ static const int pi_channels_maps[9] = + | AOUT_CHAN_LFE + }; + ++/* XXX it supposes our internal format is WG4 */ ++static const uint8_t ppi_reorder[1+8][8] = { ++ { }, ++ { 0, }, ++ { 0, 1 }, ++ { 0, 1, 2 }, ++ { 0, 1, 2, 3 }, ++ { 0, 1, 3, 4, 2 }, ++ { 0, 1, 4, 5, 2, 3 }, ++ { 0, 1, 5, 6, 4, 2, 3 }, ++ { 0, 1, 6, 7, 4, 5, 2, 3 }, ++}; ++ + /***************************************************************************** + * Local prototypes + *****************************************************************************/ +@@ -143,6 +158,29 @@ static void Interleave( int32_t *p_out, const int32_t * const *pp_in, + } + + /***************************************************************************** ++ * DecoderSetOutputFormat: helper function to convert and check frame format ++ *****************************************************************************/ ++static int DecoderSetOutputFormat( unsigned i_channels, unsigned i_rate, ++ unsigned i_streaminfo_rate, ++ unsigned i_bitspersample, ++ audio_format_t *fmt, ++ uint8_t *pi_channels_reorder ) ++{ ++ if( i_channels == 0 || i_channels > FLAC__MAX_CHANNELS || ++ i_bitspersample == 0 || (i_rate == 0 && i_streaminfo_rate == 0) ) ++ return VLC_EGENERIC; ++ ++ fmt->i_channels = i_channels; ++ fmt->i_rate = (i_rate > 0 ) ? i_rate : i_streaminfo_rate; ++ fmt->i_physical_channels = ++ fmt->i_original_channels = pi_channels_maps[i_channels]; ++ memcpy( pi_channels_reorder, ppi_reorder[i_channels], i_channels ); ++ fmt->i_bitspersample = i_bitspersample; ++ ++ return VLC_SUCCESS; ++} ++ ++/***************************************************************************** + * DecoderWriteCallback: called by libflac to output decoded samples + *****************************************************************************/ + static FLAC__StreamDecoderWriteStatus +@@ -150,30 +188,31 @@ DecoderWriteCallback( const FLAC__StreamDecoder *decoder, + const FLAC__Frame *frame, + const FLAC__int32 *const buffer[], void *client_data ) + { +- /* XXX it supposes our internal format is WG4 */ +- static const unsigned char ppi_reorder[1+8][8] = { +- { }, +- { 0, }, +- { 0, 1 }, +- { 0, 1, 2 }, +- { 0, 1, 2, 3 }, +- { 0, 1, 3, 4, 2 }, +- { 0, 1, 4, 5, 2, 3 }, +- { 0, 1, 5, 6, 4, 2, 3 }, +- { 0, 1, 6, 7, 4, 5, 2, 3 }, +- }; +- + VLC_UNUSED(decoder); + decoder_t *p_dec = (decoder_t *)client_data; + decoder_sys_t *p_sys = p_dec->p_sys; + +- if( p_dec->fmt_out.audio.i_channels <= 0 || +- p_dec->fmt_out.audio.i_channels > 8 ) ++ if( DecoderSetOutputFormat( frame->header.channels, ++ frame->header.sample_rate, ++ p_sys->b_stream_info ? p_sys->stream_info.sample_rate : 0, ++ frame->header.bits_per_sample, ++ &p_dec->fmt_out.audio, ++ p_sys->rgi_channels_reorder ) ) + return FLAC__STREAM_DECODER_WRITE_STATUS_CONTINUE; +- if( date_Get( &p_sys->end_date ) <= VLC_TS_INVALID ) ++ ++ if( p_sys->end_date.i_divider_num != p_dec->fmt_out.audio.i_rate ) ++ { ++ if( p_sys->end_date.i_divider_num > 0 ) ++ date_Change( &p_sys->end_date, p_dec->fmt_out.audio.i_rate, 1 ); ++ else ++ date_Init( &p_sys->end_date, p_dec->fmt_out.audio.i_rate, 1 ); ++ } ++ ++ if( decoder_UpdateAudioFormat( p_dec ) ) + return FLAC__STREAM_DECODER_WRITE_STATUS_CONTINUE; + +- const unsigned char *pi_reorder = ppi_reorder[p_dec->fmt_out.audio.i_channels]; ++ if( date_Get( &p_sys->end_date ) <= VLC_TS_INVALID ) ++ return FLAC__STREAM_DECODER_WRITE_STATUS_CONTINUE; + + p_sys->p_aout_buffer = + decoder_NewAudioBuffer( p_dec, frame->header.blocksize ); +@@ -181,7 +220,8 @@ DecoderWriteCallback( const FLAC__StreamDecoder *decoder, + if( p_sys->p_aout_buffer == NULL ) + return FLAC__STREAM_DECODER_WRITE_STATUS_CONTINUE; + +- Interleave( (int32_t *)p_sys->p_aout_buffer->p_buffer, buffer, pi_reorder, ++ Interleave( (int32_t *)p_sys->p_aout_buffer->p_buffer, buffer, ++ p_sys->rgi_channels_reorder , + frame->header.channels, frame->header.blocksize, + frame->header.bits_per_sample ); + +@@ -233,17 +273,11 @@ static void DecoderMetadataCallback( const FLAC__StreamDecoder *decoder, + decoder_sys_t *p_sys = p_dec->p_sys; + + /* Setup the format */ +- p_dec->fmt_out.audio.i_rate = metadata->data.stream_info.sample_rate; +- p_dec->fmt_out.audio.i_channels = metadata->data.stream_info.channels; +- if(metadata->data.stream_info.channels < 9) +- { +- p_dec->fmt_out.audio.i_physical_channels = +- p_dec->fmt_out.audio.i_original_channels = +- pi_channels_maps[metadata->data.stream_info.channels]; +- } +- if (!p_dec->fmt_out.audio.i_bitspersample) +- p_dec->fmt_out.audio.i_bitspersample = +- metadata->data.stream_info.bits_per_sample; ++ DecoderSetOutputFormat( metadata->data.stream_info.channels, ++ metadata->data.stream_info.sample_rate, ++ metadata->data.stream_info.sample_rate, ++ metadata->data.stream_info.bits_per_sample, ++ &p_dec->fmt_out.audio, p_sys->rgi_channels_reorder ); + + msg_Dbg( p_dec, "channels:%d samplerate:%d bitspersamples:%d", + p_dec->fmt_out.audio.i_channels, p_dec->fmt_out.audio.i_rate, + diff --git a/vlc.changes b/vlc.changes index 6b78c45..d8702e9 100644 --- a/vlc.changes +++ b/vlc.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Sep 21 11:20:24 UTC 2017 - dimstar@opensuse.org + +- Add vlc-flac-heap-overflow.patch: flac: fix heap write overflow + on frame format change (CVE-2017-9300, boo#1041907). + ------------------------------------------------------------------- Tue Sep 19 15:08:45 UTC 2017 - dimstar@opensuse.org diff --git a/vlc.spec b/vlc.spec index 89a8198..27fb170 100644 --- a/vlc.spec +++ b/vlc.spec @@ -20,30 +20,25 @@ %define libvlc 5 %define libvlccore 8 %define conflicts vlc-beta - -# Fluidsynth plugin is known to cause strange crashes here and there - disable it for now (2014-10-07, DimStar) -%bcond_with fluidsynth - %if 0%{?suse_version} >= 1200 %bcond_without gstreamer %else %bcond_with gstreamer %endif - -# VNC support - the module is not really usable in most cases tested so far (e.g. against qemu-kvm -vnc :xx) -%bcond_with vnc - %ifarch %arm %bcond_without opengles %else %bcond_with opengles %endif - +# Fluidsynth plugin is known to cause strange crashes here and there - disable it for now (2014-10-07, DimStar) +%bcond_with fluidsynth +# VNC support - the module is not really usable in most cases tested so far (e.g. against qemu-kvm -vnc :xx) +%bcond_with vnc Name: vlc Version: 2.2.6 Release: 0 Summary: Graphical media player -License: GPL-2.0+ and LGPL-2.1+ +License: GPL-2.0+ AND LGPL-2.1+ Group: Productivity/Multimedia/Video/Players Url: http://www.videolan.org Source: http://download.videolan.org/%{name}/%{version}/%{name}-%{version}.tar.xz @@ -60,6 +55,7 @@ Patch6: vlc-gcc6-buildfixes.patch Patch7: vlc.a52.patch # PATCH-FIX-OPENSUSE vlc-projectM-qt5.patch -- link to libprojectM-qt5 Patch8: vlc-projectM-qt5.patch +Patch9: vlc-flac-heap-overflow.patch BuildRequires: Mesa-devel BuildRequires: SDL-devel >= 1.2.10 BuildRequires: aalib-devel @@ -68,12 +64,6 @@ BuildRequires: avahi-devel >= 0.6 BuildRequires: dirac-devel BuildRequires: fdupes BuildRequires: findutils -%if %{with gstreamer} -BuildRequires: pkgconfig(gstreamer-app-1.0) -%endif -%if 0%{?suse_version} > 1110 || 0%{?BUILD_ORIG} -BuildRequires: flac-devel -%endif BuildRequires: freetype2 BuildRequires: fribidi-devel BuildRequires: gettext-devel @@ -87,24 +77,11 @@ BuildRequires: libdvbpsi-devel >= 1.0.0 BuildRequires: libgcrypt-devel BuildRequires: libidn-devel BuildRequires: libjack-devel >= 1.9.7 +BuildRequires: libjpeg-devel BuildRequires: libkate-devel >= 0.3.0 BuildRequires: libnotify-devel BuildRequires: libogg-devel >= 1.0 BuildRequires: libopus-devel >= 1.0.3 -BuildRequires: pkgconfig(libmodplug) >= 0.8.4 -%if 0%{?suse_version} >= 1310 -BuildRequires: pkgconfig(Qt5Core) -BuildRequires: pkgconfig(Qt5Gui) -BuildRequires: pkgconfig(Qt5Widgets) -%if 0%{?suse_version} != 1315 || 0%{?is_opensuse} -BuildRequires: pkgconfig(Qt5X11Extras) -# for some reason libXi-devel is explicitly needed on Leap 42.1, otherwise the build fails... -BuildRequires: pkgconfig(xi) -%endif -%else -BuildRequires: libqt4-devel >= 4.6.0 -%endif -BuildRequires: libjpeg-devel BuildRequires: libraw1394 >= 2.0.1 BuildRequires: librsvg-devel >= 2.9.0 BuildRequires: libsamplerate-devel @@ -121,6 +98,7 @@ BuildRequires: lirc-devel BuildRequires: live555-devel >= 2015.01.27 BuildRequires: lua-devel >= 5.1 BuildRequires: pcre-devel +BuildRequires: pkgconfig BuildRequires: schroedinger-devel >= 1.0.10 BuildRequires: slang-devel BuildRequires: speex-devel >= 1.0.5 @@ -128,14 +106,35 @@ BuildRequires: update-desktop-files BuildRequires: vcdimager-devel BuildRequires: xosd-devel BuildRequires: xz -BuildConflicts: pkgconfig(libavutil) >= 55 +BuildRequires: pkgconfig(libavcodec) >= 55.26.0 +BuildRequires: pkgconfig(libavformat) >= 53.21.0 +BuildRequires: pkgconfig(libavutil) >= 52.4.0 +BuildRequires: pkgconfig(libmodplug) >= 0.8.4 Requires: %{name}-noX = %{version}-%{release} +Requires: %{name}-qt = %{version}-%{release} # We need the noX package first, as it contains vlc-cache-gen PreReq: %{name}-noX -Requires: %{name}-qt = %{version}-%{release} Conflicts: %{conflicts} -BuildRoot: %{_tmppath}/%{name}-%{version}-build - +Obsoletes: %{name}-gnome <= %{version} +BuildConflicts: pkgconfig(libavutil) >= 55 +%if %{with gstreamer} +BuildRequires: pkgconfig(gstreamer-app-1.0) +%endif +%if 0%{?suse_version} > 1110 || 0%{?BUILD_ORIG} +BuildRequires: flac-devel +%endif +%if 0%{?suse_version} >= 1310 +BuildRequires: pkgconfig(Qt5Core) +BuildRequires: pkgconfig(Qt5Gui) +BuildRequires: pkgconfig(Qt5Widgets) +%if 0%{?suse_version} != 1315 || 0%{?is_opensuse} +BuildRequires: pkgconfig(Qt5X11Extras) +# for some reason libXi-devel is explicitly needed on Leap 42.1, otherwise the build fails... +BuildRequires: pkgconfig(xi) +%endif +%else +BuildRequires: libqt4-devel >= 4.6.0 +%endif %if 0%{?suse_version} > 1110 BuildRequires: gdk-pixbuf-devel BuildRequires: libv4l-devel @@ -150,20 +149,19 @@ BuildRequires: pkgconfig(xext) BuildRequires: pkgconfig(xproto) BuildRequires: pkgconfig(zvbi-0.2) >= 0.2.28 %endif - %if 0%{?suse_version} >= 1140 && 0%{?suse_version} != 1315 || 0%{?BUILD_ORIG} BuildRequires: pkgconfig(libswscale) %endif %if 0%{?suse_version} > 1110 %if 0%{?suse_version} != 1315 || 0%{?is_opensuse} BuildRequires: pkgconfig(SDL_image) >= 1.2.10 +BuildRequires: pkgconfig(libupnp) +BuildRequires: pkgconfig(opencv) > 2.0 %if 0%{?suse_version} > 1320 BuildRequires: pkgconfig(libprojectM-qt5) >= 2.0.0 %else BuildRequires: pkgconfig(libprojectM) >= 2.0.0 %endif -BuildRequires: pkgconfig(libupnp) -BuildRequires: pkgconfig(opencv) > 2.0 %endif %endif %if 0%{?suse_version} > 1110 || 0%{?BUILD_ORIG} @@ -179,18 +177,18 @@ BuildRequires: pkgconfig(taglib) >= 1.9 %endif %if 0%{?suse_version} > 1140 BuildRequires: pkgconfig(dbus-1) >= 1.6.0 -%if 0%{?suse_version} < 1330 && ( 0%{?sle_version} < 120200 || 0%{?is_opensuse} < 1 ) -BuildRequires: pkgconfig(freerdp) >= 1.0.1 -%endif BuildRequires: pkgconfig(gnutls) >= 3.2.0 BuildRequires: pkgconfig(libbluray) >= 0.3.0 BuildRequires: pkgconfig(libpulse) >= 1.0 -%if %{with vnc} -BuildRequires: pkgconfig(libvncclient) >= 0.9.9 -%endif BuildRequires: pkgconfig(xcb-keysyms) >= 0.3.4 BuildRequires: pkgconfig(xinerama) BuildRequires: pkgconfig(xpm) +%if 0%{?suse_version} < 1330 && ( 0%{?sle_version} < 120200 || 0%{?is_opensuse} < 1 ) +BuildRequires: pkgconfig(freerdp) >= 1.0.1 +%endif +%if %{with vnc} +BuildRequires: pkgconfig(libvncclient) >= 0.9.9 +%endif %if %{with fluidsynth} BuildRequires: pkgconfig(fluidsynth) >= 1.1.2 %endif @@ -201,25 +199,22 @@ BuildRequires: pkgconfig(libchromaprint) >= 0.6.0 %if 0%{?suse_version} >= 1320 BuildRequires: pkgconfig(ncursesw) %endif -BuildRequires: pkgconfig(libavcodec) >= 55.26.0 -BuildRequires: pkgconfig(libavformat) >= 53.21.0 -BuildRequires: pkgconfig(libavutil) >= 52.4.0 -%if (0%{?suse_version} == 1330) || (0%{suse_version} == 1315 && 0%{?sle_version} >= 120200) +%if (0%{?suse_version} == 1330) || (0%{?suse_version} == 1315 && 0%{?sle_version} >= 120200) # for TW, we favor ffmpeg2-devel. Older distros have ffmpeg 2.x intree BuildRequires: ffmpeg2-devel %endif # Those are dependencies which are NOT provided in openSUSE, mostly for legal reasons. %if 0%{?BUILD_ORIG} BuildRequires: faad2-devel -BuildRequires: libfaac-devel -BuildRequires: libxvidcore-devel # Disabled for now - VideoLAN repo needs to catch up BuildRequires: liba52-devel +BuildRequires: libfaac-devel +# Disabled for now - VideoLAN repo needs to catch up +BuildRequires: libmad-devel +BuildRequires: libxvidcore-devel BuildRequires: pkgconfig(libdca) >= 0.0.5 BuildRequires: pkgconfig(libmpeg2) > 0.3.2 BuildRequires: pkgconfig(libpostproc) -# Disabled for now - VideoLAN repo needs to catch up -BuildRequires: libmad-devel BuildRequires: pkgconfig(twolame) BuildRequires: pkgconfig(x264) >= 0.8.6 # Disabled for now - VideoLAN repo needs to catch up @@ -228,7 +223,6 @@ BuildRequires: pkgconfig(x264) >= 0.8.6 BuildRequires: pkgconfig(vdpau) >= 0.6 %endif %endif -Obsoletes: %{name}-gnome <= %{version} %description VLC media player is a multimedia player for many @@ -269,16 +263,16 @@ Summary: VLC without X dependencies Group: Productivity/Multimedia/Video/Players Requires: libvlc%{libvlc} = %{version}-%{release} Requires: libvlccore%{libvlccore} = %{version}-%{release} -# lang subpackage -Recommends: %{name}-lang -Recommends: %{name}-codecs -Recommends: libdvdcss -# The lang-package was renamed to vlc-lang to assist AppStream building -Obsoletes: %{name}-noX-lang # This is a hack only due to libbluray not having versioned symbols as well as # having a strange ABI/API break between 0.3 and 0.7 %requires_ge libbluray1 +Recommends: %{name}-codecs +# lang subpackage +Recommends: %{name}-lang +Recommends: libdvdcss Conflicts: %{conflicts}-noX +# The lang-package was renamed to vlc-lang to assist AppStream building +Obsoletes: %{name}-noX-lang %description noX This package of VLC contains the bare requirements you need to install. @@ -293,16 +287,16 @@ installed as a dependency. # but the package name has to stay vlc-lang, as otherise the software centers # (AppStream based) can't see vlc being translated (vlc is the one listed in SC # not vlc-noX) -%package lang -Summary: Translations for package %{name} +%package lang +Summary: Translations for package %{name} # We do not want to require vlc, which is GUI based, but only vlc-noX -Group: System/Localization -Requires: %{name}-noX = %{version} -Provides: %{name}-lang-all = %{version} -Supplements: packageand(bundle-lang-other:%{name}-noX) -BuildArch: noarch +Group: System/Localization +Requires: %{name}-noX = %{version} +Supplements: packageand(bundle-lang-other:%{name}-noX) +Provides: %{name}-lang-all = %{version} +BuildArch: noarch -%description lang +%description lang Provides translations for the "%{name}" package. %package codec-gstreamer @@ -319,10 +313,10 @@ using GStreamer and its submodules as a backend to decode streams. %package codecs Summary: Additional codecs for the VLC media player Group: Productivity/Multimedia/Video/Players -Requires: %{name}-noX = %{version} -Supplements: %{name}-noX # We require the unrestricted libavcodec - same ABI version we linked Requires: %(rpm --qf "%%{name}" -qf $(readlink -f %{_libdir}/libavcodec.so))(unrestricted) +Requires: %{name}-noX = %{version} +Supplements: %{name}-noX %description codecs This package enhances the functionality of the VLC media player by @@ -333,12 +327,12 @@ codecs that are not available in the stock openSUSE distribution. Summary: Qt interface for the VLC media player Group: Productivity/Multimedia/Video/Players Requires: %{name}-noX = %{version}-%{release} +Conflicts: %{conflicts}-qt %if 0%{?suse_version} >= 1310 Supplements: packageand(%{name}-noX:libqt5) %else Supplements: packageand(%{name}-noX:libqt4) %endif -Conflicts: %{conflicts}-qt %description qt This subpackage provides a Qt interface for VLC and selects it by @@ -366,6 +360,7 @@ fi %if 0%{?suse_version} > 1320 %patch8 -p1 %endif +%patch9 -p1 ### Fix up sources for LUA 5.3 if pkg-config --atleast-version 5.3 lua; then @@ -554,12 +549,12 @@ done %find_lang vlc #Install appdata file -install -Dm0644 %{S:3} %{buildroot}%{_datadir}/appdata/%{name}.appdata.xml +install -Dm0644 %{SOURCE3} %{buildroot}%{_datadir}/appdata/%{name}.appdata.xml %post %{_libdir}/vlc/vlc-cache-gen -f %{_libdir}/vlc/plugins -%post -n %{name}-noX +%post -n %{name}-noX /sbin/ldconfig %{_libdir}/vlc/vlc-cache-gen -f %{_libdir}/vlc/plugins @@ -575,7 +570,7 @@ install -Dm0644 %{S:3} %{buildroot}%{_datadir}/appdata/%{name}.appdata.xml %{_libdir}/vlc/vlc-cache-gen -f %{_libdir}/vlc/plugins %if 0%{?BUILD_ORIG} -%post -n %{name}-codecs +%post -n %{name}-codecs %{_libdir}/vlc/vlc-cache-gen -f %{_libdir}/vlc/plugins %endif