* [gentoo-commits] repo/gentoo:master commit in: media-libs/libquicktime/files/, media-libs/libquicktime/
@ 2015-09-16 9:34 Alexis Ballier
0 siblings, 0 replies; 3+ messages in thread
From: Alexis Ballier @ 2015-09-16 9:34 UTC (permalink / raw
To: gentoo-commits
commit: fc758ce2a30914bd74410abeec0a48c4bd7bd840
Author: Alexis Ballier <aballier <AT> gentoo <DOT> org>
AuthorDate: Wed Sep 16 09:33:40 2015 +0000
Commit: Alexis Ballier <aballier <AT> gentoo <DOT> org>
CommitDate: Wed Sep 16 09:33:40 2015 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fc758ce2
media-libs/libquicktime: fix build with ffmpeg git master.
Package-Manager: portage-2.2.20.1
.../files/libquicktime-1.2.4-ffmpeg29.patch | 287 +++++++++++++++++++++
.../libquicktime/libquicktime-1.2.4-r1.ebuild | 1 +
2 files changed, 288 insertions(+)
diff --git a/media-libs/libquicktime/files/libquicktime-1.2.4-ffmpeg29.patch b/media-libs/libquicktime/files/libquicktime-1.2.4-ffmpeg29.patch
new file mode 100644
index 0000000..96a323a
--- /dev/null
+++ b/media-libs/libquicktime/files/libquicktime-1.2.4-ffmpeg29.patch
@@ -0,0 +1,287 @@
+Index: libquicktime-1.2.4/plugins/ffmpeg/video.c
+===================================================================
+--- libquicktime-1.2.4.orig/plugins/ffmpeg/video.c
++++ libquicktime-1.2.4/plugins/ffmpeg/video.c
+@@ -37,10 +37,10 @@
+ #endif
+
+
+-#ifdef PIX_FMT_YUV422P10
+-#define PIX_FMT_YUV422P10_OR_DUMMY PIX_FMT_YUV422P10
++#ifdef AV_PIX_FMT_YUV422P10
++#define AV_PIX_FMT_YUV422P10_OR_DUMMY AV_PIX_FMT_YUV422P10
+ #else
+-#define PIX_FMT_YUV422P10_OR_DUMMY -1234
++#define AV_PIX_FMT_YUV422P10_OR_DUMMY -1234
+ #endif
+
+ #if LIBAVCODEC_VERSION_INT >= ((54<<16)|(1<<8)|0)
+@@ -90,9 +90,9 @@ typedef struct
+ int imx_bitrate;
+ int imx_strip_vbi;
+
+- /* In some cases FFMpeg would report something like PIX_FMT_YUV422P, while
+- we would like to treat it as PIX_FMT_YUVJ422P. It's only used for decoding */
+- enum PixelFormat reinterpret_pix_fmt;
++ /* In some cases FFMpeg would report something like AV_PIX_FMT_YUV422P, while
++ we would like to treat it as AV_PIX_FMT_YUVJ422P. It's only used for decoding */
++ enum AVPixelFormat reinterpret_pix_fmt;
+
+ int is_imx;
+ int y_offset;
+@@ -137,42 +137,42 @@ typedef struct
+
+ static const struct
+ {
+- enum PixelFormat ffmpeg_id;
++ enum AVPixelFormat ffmpeg_id;
+ int lqt_id;
+ int exact;
+ }
+ colormodels[] =
+ {
+- { PIX_FMT_YUV420P, BC_YUV420P, 1 }, ///< Planar YUV 4:2:0 (1 Cr & Cb sample per 2x2 Y samples)
++ { AV_PIX_FMT_YUV420P, BC_YUV420P, 1 }, ///< Planar YUV 4:2:0 (1 Cr & Cb sample per 2x2 Y samples)
+ #if LIBAVUTIL_VERSION_INT < (50<<16)
+- { PIX_FMT_YUV422, BC_YUV422, 1 },
++ { AV_PIX_FMT_YUV422, BC_YUV422, 1 },
+ #else
+- { PIX_FMT_YUYV422, BC_YUV422, 1 },
++ { AV_PIX_FMT_YUYV422, BC_YUV422, 1 },
+ #endif
+- { PIX_FMT_RGB24, BC_RGB888, 1 }, ///< Packed pixel, 3 bytes per pixel, RGBRGB...
+- { PIX_FMT_BGR24, BC_BGR888, 1 }, ///< Packed pixel, 3 bytes per pixel, BGRBGR...
+- { PIX_FMT_YUV422P, BC_YUV422P, 1 }, ///< Planar YUV 4:2:2 (1 Cr & Cb sample per 2x1 Y samples)
+- { PIX_FMT_YUV444P, BC_YUV444P, 1 }, ///< Planar YUV 4:4:4 (1 Cr & Cb sample per 1x1 Y samples)
+- { PIX_FMT_YUV411P, BC_YUV411P, 1 }, ///< Planar YUV 4:1:1 (1 Cr & Cb sample per 4x1 Y samples)
+- { PIX_FMT_YUV422P16, BC_YUV422P16, 1 }, ///< Planar 16 bit YUV 4:2:2 (1 Cr & Cb sample per 2x1 Y samples)
+-#ifdef PIX_FMT_YUV422P10
+- { PIX_FMT_YUV422P10, BC_YUV422P10, 1 }, ///< 10 bit samples in uint16_t containers, planar 4:2:2
+-#endif
+- { PIX_FMT_RGB565, BC_RGB565, 1 }, ///< always stored in cpu endianness
+- { PIX_FMT_YUVJ420P, BC_YUVJ420P, 1 }, ///< Planar YUV 4:2:0 full scale (jpeg)
+- { PIX_FMT_YUVJ422P, BC_YUVJ422P, 1 }, ///< Planar YUV 4:2:2 full scale (jpeg)
+- { PIX_FMT_YUVJ444P, BC_YUVJ444P, 1 }, ///< Planar YUV 4:4:4 full scale (jpeg)
++ { AV_PIX_FMT_RGB24, BC_RGB888, 1 }, ///< Packed pixel, 3 bytes per pixel, RGBRGB...
++ { AV_PIX_FMT_BGR24, BC_BGR888, 1 }, ///< Packed pixel, 3 bytes per pixel, BGRBGR...
++ { AV_PIX_FMT_YUV422P, BC_YUV422P, 1 }, ///< Planar YUV 4:2:2 (1 Cr & Cb sample per 2x1 Y samples)
++ { AV_PIX_FMT_YUV444P, BC_YUV444P, 1 }, ///< Planar YUV 4:4:4 (1 Cr & Cb sample per 1x1 Y samples)
++ { AV_PIX_FMT_YUV411P, BC_YUV411P, 1 }, ///< Planar YUV 4:1:1 (1 Cr & Cb sample per 4x1 Y samples)
++ { AV_PIX_FMT_YUV422P16, BC_YUV422P16, 1 }, ///< Planar 16 bit YUV 4:2:2 (1 Cr & Cb sample per 2x1 Y samples)
++#ifdef AV_PIX_FMT_YUV422P10
++ { AV_PIX_FMT_YUV422P10, BC_YUV422P10, 1 }, ///< 10 bit samples in uint16_t containers, planar 4:2:2
++#endif
++ { AV_PIX_FMT_RGB565, BC_RGB565, 1 }, ///< always stored in cpu endianness
++ { AV_PIX_FMT_YUVJ420P, BC_YUVJ420P, 1 }, ///< Planar YUV 4:2:0 full scale (jpeg)
++ { AV_PIX_FMT_YUVJ422P, BC_YUVJ422P, 1 }, ///< Planar YUV 4:2:2 full scale (jpeg)
++ { AV_PIX_FMT_YUVJ444P, BC_YUVJ444P, 1 }, ///< Planar YUV 4:4:4 full scale (jpeg)
+ #if LIBAVUTIL_VERSION_INT < (50<<16)
+- { PIX_FMT_RGBA32, BC_RGBA8888, 0 }, ///< Packed pixel, 4 bytes per pixel, BGRABGRA...
++ { AV_PIX_FMT_RGBA32, BC_RGBA8888, 0 }, ///< Packed pixel, 4 bytes per pixel, BGRABGRA...
+ #else
+- { PIX_FMT_RGB32, BC_RGBA8888, 0 }, ///< Packed pixel, 4 bytes per pixel, BGRABGRA...
++ { AV_PIX_FMT_RGB32, BC_RGBA8888, 0 }, ///< Packed pixel, 4 bytes per pixel, BGRABGRA...
+ #endif
+- { PIX_FMT_RGB555, BC_RGB888, 0 }, ///< always stored in cpu endianness, most significant bit to 1
+- { PIX_FMT_GRAY8, BC_RGB888, 0 },
+- { PIX_FMT_MONOWHITE, BC_RGB888, 0 }, ///< 0 is white
+- { PIX_FMT_MONOBLACK, BC_RGB888, 0 }, ///< 0 is black
+- { PIX_FMT_PAL8, BC_RGB888, 0 }, ///< 8 bit with RGBA palette
+- { PIX_FMT_YUV410P, BC_YUV420P, 0 }, ///< Planar YUV 4:1:0 (1 Cr & Cb sample per 4x4 Y samples)
++ { AV_PIX_FMT_RGB555, BC_RGB888, 0 }, ///< always stored in cpu endianness, most significant bit to 1
++ { AV_PIX_FMT_GRAY8, BC_RGB888, 0 },
++ { AV_PIX_FMT_MONOWHITE, BC_RGB888, 0 }, ///< 0 is white
++ { AV_PIX_FMT_MONOBLACK, BC_RGB888, 0 }, ///< 0 is black
++ { AV_PIX_FMT_PAL8, BC_RGB888, 0 }, ///< 8 bit with RGBA palette
++ { AV_PIX_FMT_YUV410P, BC_YUV420P, 0 }, ///< Planar YUV 4:1:0 (1 Cr & Cb sample per 4x4 Y samples)
+ };
+
+ static const struct
+@@ -343,16 +343,16 @@ static int lqt_tenbit_dnxhd_supported(AV
+ if (!codec->pix_fmts)
+ return 0;
+
+- for (i = 0; codec->pix_fmts[i] != PIX_FMT_NONE; ++i)
++ for (i = 0; codec->pix_fmts[i] != AV_PIX_FMT_NONE; ++i)
+ {
+- if (codec->pix_fmts[i] == PIX_FMT_YUV422P10_OR_DUMMY)
++ if (codec->pix_fmts[i] == AV_PIX_FMT_YUV422P10_OR_DUMMY)
+ return 1;
+ }
+
+ return 0;
+ }
+
+-static enum PixelFormat lqt_ffmpeg_get_ffmpeg_colormodel(int id)
++static enum AVPixelFormat lqt_ffmpeg_get_ffmpeg_colormodel(int id)
+ {
+ int i;
+
+@@ -361,10 +361,10 @@ static enum PixelFormat lqt_ffmpeg_get_f
+ if(colormodels[i].lqt_id == id)
+ return colormodels[i].ffmpeg_id;
+ }
+- return PIX_FMT_NB;
++ return AV_PIX_FMT_NB;
+ }
+
+-static int lqt_ffmpeg_get_lqt_colormodel(enum PixelFormat id, int * exact)
++static int lqt_ffmpeg_get_lqt_colormodel(enum AVPixelFormat id, int * exact)
+ {
+ int i;
+
+@@ -402,24 +402,24 @@ static void lqt_ffmpeg_setup_decoding_co
+ /* First we try codec-specific colormodel matching. */
+ if(codec->decoder->id == AV_CODEC_ID_DNXHD)
+ {
+- /* FFMpeg supports PIX_FMT_YUV422P and PIX_FMT_YUV422P10 for DNxHD, which
+- we sometimes interpret as PIX_FMT_YUVJ422P and PIX_FMT_YUVJ422P10. */
+- if (codec->avctx->pix_fmt == PIX_FMT_YUV422P || codec->avctx->pix_fmt == PIX_FMT_YUV422P10_OR_DUMMY)
++ /* FFMpeg supports AV_PIX_FMT_YUV422P and AV_PIX_FMT_YUV422P10 for DNxHD, which
++ we sometimes interpret as AV_PIX_FMT_YUVJ422P and AV_PIX_FMT_YUVJ422P10. */
++ if (codec->avctx->pix_fmt == AV_PIX_FMT_YUV422P || codec->avctx->pix_fmt == AV_PIX_FMT_YUV422P10_OR_DUMMY)
+ {
+- int p10 = (codec->avctx->pix_fmt == PIX_FMT_YUV422P10_OR_DUMMY);
++ int p10 = (codec->avctx->pix_fmt == AV_PIX_FMT_YUV422P10_OR_DUMMY);
+ *exact = 1;
+ if (lqt_ffmpeg_get_avid_yuv_range(vtrack->track) == AVID_FULL_YUV_RANGE)
+ {
+ vtrack->stream_cmodel = p10 ? BC_YUVJ422P10 : BC_YUVJ422P;
+- codec->reinterpret_pix_fmt = p10 ? PIX_FMT_YUV422P10_OR_DUMMY : PIX_FMT_YUVJ422P;
+- // Note: reinterpret_pix_fmt should really be PIX_FMT_YUVJ422P10, except
++ codec->reinterpret_pix_fmt = p10 ? AV_PIX_FMT_YUV422P10_OR_DUMMY : AV_PIX_FMT_YUVJ422P;
++ // Note: reinterpret_pix_fmt should really be AV_PIX_FMT_YUVJ422P10, except
+ // there is no such colormodel in FFMpeg. Fortunately, it's not a problem
+ // in this case, as reinterpret_pix_fmt is only used when *exact == 0.
+ }
+ else
+ {
+ vtrack->stream_cmodel = p10 ? BC_YUV422P10 : BC_YUV422P;
+- codec->reinterpret_pix_fmt = p10 ? PIX_FMT_YUV422P10_OR_DUMMY : PIX_FMT_YUV422P;
++ codec->reinterpret_pix_fmt = p10 ? AV_PIX_FMT_YUV422P10_OR_DUMMY : AV_PIX_FMT_YUV422P;
+ }
+ return;
+ }
+@@ -440,14 +440,14 @@ static void lqt_ffmpeg_setup_encoding_co
+
+ if (codec->encoder->id == AV_CODEC_ID_DNXHD)
+ {
+- /* FFMpeg's DNxHD encoder only supports PIX_FMT_YUV422P and PIX_FMT_YUV422P10
+- and doesn't know anything about PIX_FMT_YUVJ422P and PIX_FMT_YUVJ422P10
++ /* FFMpeg's DNxHD encoder only supports AV_PIX_FMT_YUV422P and AV_PIX_FMT_YUV422P10
++ and doesn't know anything about AV_PIX_FMT_YUVJ422P and AV_PIX_FMT_YUVJ422P10
+ (in fact, the latter doesn't even exist) */
+- codec->avctx->pix_fmt = PIX_FMT_YUV422P;
++ codec->avctx->pix_fmt = AV_PIX_FMT_YUV422P;
+ if (vtrack->stream_cmodel == BC_YUV422P10 || vtrack->stream_cmodel == BC_YUVJ422P10)
+ {
+ if (lqt_tenbit_dnxhd_supported(codec->encoder))
+- codec->avctx->pix_fmt = PIX_FMT_YUV422P10_OR_DUMMY;
++ codec->avctx->pix_fmt = AV_PIX_FMT_YUV422P10_OR_DUMMY;
+ }
+ }
+ }
+@@ -458,7 +458,7 @@ static void lqt_ffmpeg_setup_encoding_co
+ /* From avcodec.h: */
+
+ /*
+- * PIX_FMT_RGBA32 is handled in an endian-specific manner. A RGBA
++ * AV_PIX_FMT_RGBA32 is handled in an endian-specific manner. A RGBA
+ * color is put together as:
+ * (A << 24) | (R << 16) | (G << 8) | B
+ * This is stored as BGRA on little endian CPU architectures and ARGB on
+@@ -530,7 +530,7 @@ static void convert_rgba_to_argb(uint8_t
+ */
+
+ static void convert_image_decode(quicktime_ffmpeg_video_codec_t *codec,
+- AVFrame * in_frame, enum PixelFormat in_format,
++ AVFrame * in_frame, enum AVPixelFormat in_format,
+ unsigned char ** out_frame, int out_format,
+ int width, int height, int row_span, int row_span_uv)
+ {
+@@ -547,9 +547,9 @@ static void convert_image_decode(quickti
+ * RGBA format like in ffmpeg??
+ */
+ #if LIBAVUTIL_VERSION_INT < (50<<16)
+- if((in_format == PIX_FMT_RGBA32) && (out_format == BC_RGBA8888))
++ if((in_format == AV_PIX_FMT_RGBA32) && (out_format == BC_RGBA8888))
+ #else
+- if((in_format == PIX_FMT_RGB32) && (out_format == BC_RGBA8888))
++ if((in_format == AV_PIX_FMT_RGB32) && (out_format == BC_RGBA8888))
+ #endif
+ {
+ convert_image_decode_rgba(in_frame, out_frame, width, height, codec->y_offset);
+@@ -829,7 +829,7 @@ static int lqt_ffmpeg_decode_video(quick
+ if(avcodec_open2(codec->avctx, codec->decoder, NULL) != 0)
+ return -1;
+ #endif
+- codec->frame = avcodec_alloc_frame();
++ codec->frame = av_frame_alloc();
+ vtrack->stream_cmodel = LQT_COLORMODEL_NONE;
+ codec->initialized = 1;
+ }
+@@ -929,10 +929,10 @@ static int lqt_ffmpeg_decode_video(quick
+ #ifdef HAVE_LIBSWSCALE
+
+ #if LIBAVUTIL_VERSION_INT < (50<<16)
+- if(!((codec->avctx->pix_fmt == PIX_FMT_RGBA32) &&
++ if(!((codec->avctx->pix_fmt == AV_PIX_FMT_RGBA32) &&
+ (vtrack->stream_cmodel == BC_RGBA8888)))
+ #else
+- if(!((codec->avctx->pix_fmt == PIX_FMT_RGB32) &&
++ if(!((codec->avctx->pix_fmt == AV_PIX_FMT_RGB32) &&
+ (vtrack->stream_cmodel == BC_RGBA8888)))
+ #endif
+ {
+@@ -1318,7 +1318,7 @@ static int lqt_ffmpeg_encode_video(quick
+
+ if(!codec->initialized)
+ {
+- codec->frame = avcodec_alloc_frame();
++ codec->frame = av_frame_alloc();
+
+ /* time_base is 1/framerate for constant framerate */
+
+@@ -1396,9 +1396,9 @@ static int lqt_ffmpeg_encode_video(quick
+ if(vtrack->stream_cmodel == BC_RGBA8888)
+ {
+ /* Libquicktime doesn't natively support a color model equivalent
+- to PIX_FMT_ARGB, which is required for QTRLE with alpha channel.
++ to AV_PIX_FMT_ARGB, which is required for QTRLE with alpha channel.
+ So, we use BC_RGBA8888 and do ad hoc conversion below. */
+- codec->avctx->pix_fmt = PIX_FMT_ARGB;
++ codec->avctx->pix_fmt = AV_PIX_FMT_ARGB;
+ vtrack->track->mdia.minf.stbl.stsd.table[0].depth = 32;
+ }
+ }
+@@ -1467,7 +1467,7 @@ static int lqt_ffmpeg_encode_video(quick
+ }
+ // codec->lqt_colormodel = ffmepg_2_lqt(codec->com.ffcodec_enc);
+
+- if(codec->y_offset != 0 || codec->avctx->pix_fmt == PIX_FMT_ARGB)
++ if(codec->y_offset != 0 || codec->avctx->pix_fmt == AV_PIX_FMT_ARGB)
+ {
+ if(!codec->tmp_rows)
+ {
+@@ -1492,7 +1492,7 @@ static int lqt_ffmpeg_encode_video(quick
+ vtrack->stream_cmodel,
+ 0, 0, 0, codec->y_offset);
+ }
+- else if(codec->avctx->pix_fmt == PIX_FMT_ARGB)
++ else if(codec->avctx->pix_fmt == AV_PIX_FMT_ARGB)
+ {
+ convert_rgba_to_argb(row_pointers[0], vtrack->stream_row_span,
+ codec->tmp_rows[0], codec->tmp_row_span,
+Index: libquicktime-1.2.4/plugins/ffmpeg/audio.c
+===================================================================
+--- libquicktime-1.2.4.orig/plugins/ffmpeg/audio.c
++++ libquicktime-1.2.4/plugins/ffmpeg/audio.c
+@@ -1266,7 +1266,7 @@ static int lqt_ffmpeg_encode_audio(quick
+ pkt.data = codec->chunk_buffer;
+ pkt.size = codec->chunk_buffer_alloc;
+
+- avcodec_get_frame_defaults(&f);
++ av_frame_unref(&f);
+ f.nb_samples = codec->avctx->frame_size;
+
+ avcodec_fill_audio_frame(&f, channels, codec->avctx->sample_fmt,
diff --git a/media-libs/libquicktime/libquicktime-1.2.4-r1.ebuild b/media-libs/libquicktime/libquicktime-1.2.4-r1.ebuild
index ebfed85..67ab74c 100644
--- a/media-libs/libquicktime/libquicktime-1.2.4-r1.ebuild
+++ b/media-libs/libquicktime/libquicktime-1.2.4-r1.ebuild
@@ -53,6 +53,7 @@ DOCS="ChangeLog README TODO"
src_prepare() {
epatch "${FILESDIR}"/${P}+libav-9.patch \
"${FILESDIR}"/${P}-ffmpeg2.patch
+ has_version '>=media-video/ffmpeg-2.9' && epatch "${FILESDIR}"/${P}-ffmpeg29.patch
for FILE in lqt_ffmpeg.c video.c audio.c ; do
sed -i -e "s:CODEC_ID_:AV_&:g" "${S}/plugins/ffmpeg/${FILE}" || die
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: media-libs/libquicktime/files/, media-libs/libquicktime/
@ 2018-09-18 15:11 Andreas Sturmlechner
0 siblings, 0 replies; 3+ messages in thread
From: Andreas Sturmlechner @ 2018-09-18 15:11 UTC (permalink / raw
To: gentoo-commits
commit: c8d9d005d305c0d4a8232649e3ec93535c1bacca
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
AuthorDate: Tue Sep 18 14:54:25 2018 +0000
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Tue Sep 18 15:07:45 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c8d9d005
media-libs/libquicktime: Fix CVE-2017-9122..9128
Bug: https://bugs.gentoo.org/634806
Package-Manager: Portage-2.3.49, Repoman-2.3.10
.../libquicktime-1.2.4-CVE-2017-9122_et_al.patch | 151 +++++++++++++++++++++
.../libquicktime/libquicktime-1.2.4-r3.ebuild | 1 +
2 files changed, 152 insertions(+)
diff --git a/media-libs/libquicktime/files/libquicktime-1.2.4-CVE-2017-9122_et_al.patch b/media-libs/libquicktime/files/libquicktime-1.2.4-CVE-2017-9122_et_al.patch
new file mode 100644
index 00000000000..06fb7b33758
--- /dev/null
+++ b/media-libs/libquicktime/files/libquicktime-1.2.4-CVE-2017-9122_et_al.patch
@@ -0,0 +1,151 @@
+From: Burkhard Plaum <plaum@ipf.uni-stuttgart.de>
+Origin: https://sourceforge.net/p/libquicktime/mailman/libquicktime-devel/?viewmonth=201706
+
+Hi,
+
+I committed some (mostly trivial) updates to CVS. The following CVE's
+are fixed and/or no longer reproducible:
+
+CVE-2017-9122
+CVE-2017-9123
+CVE-2017-9124
+CVE-2017-9125
+CVE-2017-9126
+CVE-2017-9127
+CVE-2017-9128
+
+I was a bit surprised that one simple sanity check fixes a whole bunch of files.
+
+So it could be, that the problems are still there, but better hidden since the
+critical code isn't executed anymore with the sample files I got.
+
+If someone encounters more crashes, feel free to report them.
+
+Burkhard
+
+--- a/include/lqt_funcprotos.h
++++ b/include/lqt_funcprotos.h
+@@ -1345,9 +1345,9 @@ int quicktime_write_int32_le(quicktime_t
+ int quicktime_write_char32(quicktime_t *file, char *string);
+ float quicktime_read_fixed16(quicktime_t *file);
+ int quicktime_write_fixed16(quicktime_t *file, float number);
+-unsigned long quicktime_read_uint32(quicktime_t *file);
+-long quicktime_read_int32(quicktime_t *file);
+-long quicktime_read_int32_le(quicktime_t *file);
++uint32_t quicktime_read_uint32(quicktime_t *file);
++int32_t quicktime_read_int32(quicktime_t *file);
++int32_t quicktime_read_int32_le(quicktime_t *file);
+ int64_t quicktime_read_int64(quicktime_t *file);
+ int64_t quicktime_read_int64_le(quicktime_t *file);
+ long quicktime_read_int24(quicktime_t *file);
+--- a/src/atom.c
++++ b/src/atom.c
+@@ -131,6 +131,9 @@ int quicktime_atom_read_header(quicktime
+ atom->size = read_size64(header);
+ atom->end = atom->start + atom->size;
+ }
++/* Avoid broken files */
++ if(atom->end > file->total_length)
++ result = 1;
+ }
+
+
+--- a/src/lqt_quicktime.c
++++ b/src/lqt_quicktime.c
+@@ -1788,8 +1788,8 @@ int quicktime_read_info(quicktime_t *fil
+ quicktime_set_position(file, start_position);
+ free(temp);
+
+- quicktime_read_moov(file, &file->moov, &leaf_atom);
+- got_header = 1;
++ if(!quicktime_read_moov(file, &file->moov, &leaf_atom))
++ got_header = 1;
+ }
+ else
+ quicktime_atom_skip(file, &leaf_atom);
+--- a/src/moov.c
++++ b/src/moov.c
+@@ -218,7 +218,8 @@ int quicktime_read_moov(quicktime_t *fil
+ if(quicktime_atom_is(&leaf_atom, "trak"))
+ {
+ quicktime_trak_t *trak = quicktime_add_trak(file);
+- quicktime_read_trak(file, trak, &leaf_atom);
++ if(quicktime_read_trak(file, trak, &leaf_atom))
++ return 1;
+ }
+ else
+ if(quicktime_atom_is(&leaf_atom, "udta"))
+--- a/src/trak.c
++++ b/src/trak.c
+@@ -269,6 +269,14 @@ int quicktime_read_trak(quicktime_t *fil
+ else quicktime_atom_skip(file, &leaf_atom);
+ } while(quicktime_position(file) < trak_atom->end);
+
++ /* Do some sanity checks to prevent later crashes */
++ if(trak->mdia.minf.is_video || trak->mdia.minf.is_video)
++ {
++ if(!trak->mdia.minf.stbl.stsc.table ||
++ !trak->mdia.minf.stbl.stco.table)
++ return 1;
++ }
++
+ #if 1
+ if(trak->mdia.minf.is_video &&
+ quicktime_match_32(trak->mdia.minf.stbl.stsd.table[0].format, "drac"))
+--- a/src/util.c
++++ b/src/util.c
+@@ -647,10 +647,10 @@ int quicktime_write_fixed16(quicktime_t
+ return quicktime_write_data(file, data, 2);
+ }
+
+-unsigned long quicktime_read_uint32(quicktime_t *file)
++uint32_t quicktime_read_uint32(quicktime_t *file)
+ {
+- unsigned long result;
+- unsigned long a, b, c, d;
++ uint32_t result;
++ uint32_t a, b, c, d;
+ uint8_t data[4];
+
+ quicktime_read_data(file, data, 4);
+@@ -663,10 +663,10 @@ unsigned long quicktime_read_uint32(quic
+ return result;
+ }
+
+-long quicktime_read_int32(quicktime_t *file)
++int32_t quicktime_read_int32(quicktime_t *file)
+ {
+- unsigned long result;
+- unsigned long a, b, c, d;
++ uint32_t result;
++ uint32_t a, b, c, d;
+ uint8_t data[4];
+
+ quicktime_read_data(file, data, 4);
+@@ -676,13 +676,13 @@ long quicktime_read_int32(quicktime_t *f
+ d = data[3];
+
+ result = (a << 24) | (b << 16) | (c << 8) | d;
+- return (long)result;
++ return (int32_t)result;
+ }
+
+-long quicktime_read_int32_le(quicktime_t *file)
++int32_t quicktime_read_int32_le(quicktime_t *file)
+ {
+- unsigned long result;
+- unsigned long a, b, c, d;
++ uint32_t result;
++ uint32_t a, b, c, d;
+ uint8_t data[4];
+
+ quicktime_read_data(file, data, 4);
+@@ -692,7 +692,7 @@ long quicktime_read_int32_le(quicktime_t
+ d = data[3];
+
+ result = (d << 24) | (c << 16) | (b << 8) | a;
+- return (long)result;
++ return (int32_t)result;
+ }
+
+ int64_t quicktime_read_int64(quicktime_t *file)
diff --git a/media-libs/libquicktime/libquicktime-1.2.4-r3.ebuild b/media-libs/libquicktime/libquicktime-1.2.4-r3.ebuild
index 69f1b64818e..e4c2bea8920 100644
--- a/media-libs/libquicktime/libquicktime-1.2.4-r3.ebuild
+++ b/media-libs/libquicktime/libquicktime-1.2.4-r3.ebuild
@@ -61,6 +61,7 @@ PATCHES=(
"${FILESDIR}"/${P}-ffmpeg2.patch
"${FILESDIR}"/${P}-ffmpeg29.patch
"${FILESDIR}"/${P}-CVE-2016-2399.patch
+ "${FILESDIR}"/${P}-CVE-2017-9122_et_al.patch
)
src_prepare() {
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: media-libs/libquicktime/files/, media-libs/libquicktime/
@ 2022-10-25 12:15 Sam James
0 siblings, 0 replies; 3+ messages in thread
From: Sam James @ 2022-10-25 12:15 UTC (permalink / raw
To: gentoo-commits
commit: 298dd9d4630a90736e56d059481a99036b2ac1a2
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Tue Oct 25 12:14:07 2022 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Tue Oct 25 12:15:25 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=298dd9d4
media-libs/libquicktime: fix build w/ Clang 16
Closes: https://bugs.gentoo.org/874447
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../files/libquicktime-1.2.4-implicit-func-decl.patch | 11 +++++++++++
...quicktime-1.2.4-r3.ebuild => libquicktime-1.2.4-r4.ebuild} | 5 +++--
2 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/media-libs/libquicktime/files/libquicktime-1.2.4-implicit-func-decl.patch b/media-libs/libquicktime/files/libquicktime-1.2.4-implicit-func-decl.patch
new file mode 100644
index 000000000000..c4fbb02d0754
--- /dev/null
+++ b/media-libs/libquicktime/files/libquicktime-1.2.4-implicit-func-decl.patch
@@ -0,0 +1,11 @@
+https://bugs.gentoo.org/874447
+--- a/plugins/png/qtpng.c
++++ b/plugins/png/qtpng.c
+@@ -26,6 +26,7 @@
+ #include <quicktime/colormodels.h>
+ #include <png.h>
+ #include <stdlib.h>
++#include <string.h>
+ #include "qtpng.h"
+
+ typedef struct
diff --git a/media-libs/libquicktime/libquicktime-1.2.4-r3.ebuild b/media-libs/libquicktime/libquicktime-1.2.4-r4.ebuild
similarity index 96%
rename from media-libs/libquicktime/libquicktime-1.2.4-r3.ebuild
rename to media-libs/libquicktime/libquicktime-1.2.4-r4.ebuild
index a56c905c7c94..d39c7d5b0dda 100644
--- a/media-libs/libquicktime/libquicktime-1.2.4-r3.ebuild
+++ b/media-libs/libquicktime/libquicktime-1.2.4-r4.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -25,7 +25,7 @@ RDEPEND="
dv? ( >=media-libs/libdv-1.0.0-r3[${MULTILIB_USEDEP}] )
ffmpeg? ( >=media-video/ffmpeg-3.2.6:0=[${MULTILIB_USEDEP}] )
gtk? ( x11-libs/gtk+:2 )
- jpeg? ( >=virtual/jpeg-0-r2:0[${MULTILIB_USEDEP}] )
+ jpeg? ( media-libs/libjpeg-turbo:=[${MULTILIB_USEDEP}] )
lame? ( >=media-sound/lame-3.99.5-r1[${MULTILIB_USEDEP}] )
opengl? ( virtual/opengl )
png? ( >=media-libs/libpng-1.6.10:0[${MULTILIB_USEDEP}] )
@@ -58,6 +58,7 @@ PATCHES=(
"${FILESDIR}"/${P}-ffmpeg29.patch
"${FILESDIR}"/${P}-CVE-2016-2399.patch
"${FILESDIR}"/${P}-CVE-2017-9122_et_al.patch
+ "${FILESDIR}"/${P}-implicit-func-decl.patch
)
src_prepare() {
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-10-25 12:15 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-10-25 12:15 [gentoo-commits] repo/gentoo:master commit in: media-libs/libquicktime/files/, media-libs/libquicktime/ Sam James
-- strict thread matches above, loose matches on Subject: below --
2018-09-18 15:11 Andreas Sturmlechner
2015-09-16 9:34 Alexis Ballier
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox