Pullup ticket 2902 - requested by tron security patch Revisions pulled up: - pkgsrc/multimedia/ffmpeg/Makefile by patch - pkgsrc/multimedia/ffmpeg/distinfo by patch - pkgsrc/multimedia/ffmpeg/options.mk by patch - pkgsrc/multimedia/ffmpeg/patches/patch-bktr by patch - pkgsrc/multimedia/ffmpeg/patches/patch-configure by patch Files added: pkgsrc/multimedia/ffmpeg/patches/patch-aa 1.9 pkgsrc/multimedia/ffmpeg/patches/patch-ab 1.6 pkgsrc/multimedia/ffmpeg/patches/patch-powerpc 1.6 ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Fri Sep 25 11:10:21 UTC 2009 Modified Files: pkgsrc/multimedia/ffmpeg: Makefile distinfo Added Files: pkgsrc/multimedia/ffmpeg/patches: patch-ab Log Message: Add patch from ffmpeg GIT repository to fix the vulnerability reported in SA36760. To generate a diff of this commit: cvs rdiff -u -r1.53 -r1.54 pkgsrc/multimedia/ffmpeg/Makefile cvs rdiff -u -r1.30 -r1.31 pkgsrc/multimedia/ffmpeg/distinfo cvs rdiff -u -r0 -r1.6 pkgsrc/multimedia/ffmpeg/patches/patch-abdiff -r1.50 -r1.50.2.1 pkgsrc/multimedia/ffmpeg/Makefile
(spz)
@@ -1,14 +1,16 @@ | @@ -1,14 +1,16 @@ | |||
1 | # $NetBSD: Makefile,v 1.50 2009/06/12 16:25:34 ahoka Exp $ | 1 | # $NetBSD: Makefile,v 1.50.2.1 2009/09/28 08:08:31 spz Exp $ | |
2 | ||||
3 | PKGREVISION= 4 | |||
2 | 4 | |||
3 | MAINTAINER= ahoka@NetBSD.org | 5 | MAINTAINER= ahoka@NetBSD.org | |
4 | HOMEPAGE= http://ffmpeg.mplayerhq.hu/ | 6 | HOMEPAGE= http://ffmpeg.mplayerhq.hu/ | |
5 | COMMENT= Decoding, encoding and streaming software | 7 | COMMENT= Decoding, encoding and streaming software | |
6 | 8 | |||
7 | PKG_DESTDIR_SUPPORT= user-destdir | 9 | PKG_DESTDIR_SUPPORT= user-destdir | |
8 | 10 | |||
9 | CONFIGURE_ARGS+= --enable-avfilter \ | 11 | CONFIGURE_ARGS+= --enable-avfilter \ | |
10 | --enable-avfilter-lavf \ | 12 | --enable-avfilter-lavf \ | |
11 | --enable-postproc \ | 13 | --enable-postproc \ | |
12 | --enable-libvorbis \ | 14 | --enable-libvorbis \ | |
13 | --enable-libmp3lame | 15 | --enable-libmp3lame | |
14 | 16 |
@@ -1,7 +1,10 @@ | @@ -1,7 +1,10 @@ | |||
1 | $NetBSD: distinfo,v 1.25 2009/06/14 11:27:00 ahoka Exp $ | 1 | $NetBSD: distinfo,v 1.25.2.1 2009/09/28 08:08:31 spz Exp $ | |
2 | 2 | |||
3 | SHA1 (ffmpeg-20090611.tar.bz2) = 04e67497f70c64b7a26534d4b67e3a46cdb4b219 | 3 | SHA1 (ffmpeg-20090611.tar.bz2) = 04e67497f70c64b7a26534d4b67e3a46cdb4b219 | |
4 | RMD160 (ffmpeg-20090611.tar.bz2) = 447a72cd1a416f926100c61299d9012535909d9a | 4 | RMD160 (ffmpeg-20090611.tar.bz2) = 447a72cd1a416f926100c61299d9012535909d9a | |
5 | Size (ffmpeg-20090611.tar.bz2) = 2799194 bytes | 5 | Size (ffmpeg-20090611.tar.bz2) = 2799194 bytes | |
6 | SHA1 (patch-bktr) = dadd96835ffbf3a95a5de75647a72edb53171b6f | 6 | SHA1 (patch-aa) = e40f61850fe5c85bdd4b659802601dfacfe73ad1 | |
7 | SHA1 (patch-configure) = c4f5cbe0cecac291547a9fd652f3e6c3c92fde2c | 7 | SHA1 (patch-ab) = 1c1da33f47be51f75635a9667b0d7d8052945ba7 | |
8 | SHA1 (patch-bktr) = fb57a4f5dc0d372eb3f40dac5b05ea7d1da45d7b | |||
9 | SHA1 (patch-configure) = ec0ae3c27026b45d380ecea04ff22518bf652ec0 | |||
10 | SHA1 (patch-powerpc) = 0eaf8d81164e1488fdb436d50909d0a633439e6a |
@@ -1,60 +1,48 @@ | @@ -1,60 +1,48 @@ | |||
1 | # $NetBSD: options.mk,v 1.12 2009/06/12 16:25:34 ahoka Exp $ | 1 | # $NetBSD: options.mk,v 1.12.2.1 2009/09/28 08:08:31 spz Exp $ | |
2 | 2 | |||
3 | # Global and legacy options | 3 | # Global and legacy options | |
4 | 4 | |||
5 | PKG_OPTIONS_VAR= PKG_OPTIONS.ffmpeg | 5 | PKG_OPTIONS_VAR= PKG_OPTIONS.ffmpeg | |
6 | PKG_SUPPORTED_OPTIONS= theora xvid faad faac x264 | 6 | PKG_SUPPORTED_OPTIONS= theora xvid faad faac x264 | |
7 | PKG_SUGGESTED_OPTIONS= theora xvid x264 | 7 | PKG_SUGGESTED_OPTIONS= theora xvid x264 | |
8 | #PKG_OPTIONS_OPTIONAL_GROUPS= aac-decoder | 8 | #PKG_OPTIONS_OPTIONAL_GROUPS= aac-decoder | |
9 | #PKG_OPTIONS_GROUP.aac-decoder= faad faac | 9 | #PKG_OPTIONS_GROUP.aac-decoder= faad faac | |
10 | 10 | |||
11 | .include "../../mk/bsd.options.mk" | 11 | .include "../../mk/bsd.options.mk" | |
12 | .include "../../mk/bsd.prefs.mk" | |||
13 | 12 | |||
14 | ### | 13 | ### | |
15 | ### faad option | 14 | ### faad option | |
16 | ### | 15 | ### | |
17 | 16 | |||
18 | .if !empty(PKG_OPTIONS:Mfaad) | 17 | .if !empty(PKG_OPTIONS:Mfaad) | |
19 | CONFIGURE_ARGS+= --enable-libfaad | 18 | CONFIGURE_ARGS+= --enable-libfaad | |
20 | .include "../../audio/faad2/buildlink3.mk" | 19 | .include "../../audio/faad2/buildlink3.mk" | |
21 | .endif | 20 | .endif | |
22 | 21 | |||
23 | ### | 22 | ### | |
24 | ### faac option | 23 | ### faac option | |
25 | ### | 24 | ### | |
26 | 25 | |||
27 | .if !empty(PKG_OPTIONS:Mfaac) | 26 | .if !empty(PKG_OPTIONS:Mfaac) | |
27 | RESTRICTED= This software may require the payment of patent royalties | |||
28 | NO_BIN_ON_CDROM= ${RESTRICTED} | |||
29 | NO_BIN_ON_FTP= ${RESTRICTED} | |||
28 | CONFIGURE_ARGS+= --enable-libfaac \ | 30 | CONFIGURE_ARGS+= --enable-libfaac \ | |
29 | --enable-nonfree | 31 | --enable-nonfree | |
30 | .include "../../audio/faac/buildlink3.mk" | 32 | .include "../../audio/faac/buildlink3.mk" | |
31 | .endif | 33 | .endif | |
32 | 34 | |||
33 | ### | 35 | ### | |
34 | ### SDL support | |||
35 | ### | |||
36 | ### You can build the frontend with SDL support enabled | |||
37 | ### | |||
38 | ||||
39 | .if !empty(PKG_OPTIONS:Msdl) | |||
40 | CONFIGURE_ARGS+= --enable-ffplay | |||
41 | PLIST.sdl= yes | |||
42 | .include "../../devel/SDL/buildlink3.mk" | |||
43 | .else | |||
44 | CONFIGURE_ARGS+= --disable-ffplay | |||
45 | .endif | |||
46 | ||||
47 | ### | |||
48 | ### OGG Theora support | 36 | ### OGG Theora support | |
49 | ### | 37 | ### | |
50 | 38 | |||
51 | .if !empty(PKG_OPTIONS:Mtheora) | 39 | .if !empty(PKG_OPTIONS:Mtheora) | |
52 | CONFIGURE_ARGS+= --enable-libtheora | 40 | CONFIGURE_ARGS+= --enable-libtheora | |
53 | .include "../../multimedia/libtheora/buildlink3.mk" | 41 | .include "../../multimedia/libtheora/buildlink3.mk" | |
54 | .endif | 42 | .endif | |
55 | 43 | |||
56 | ### | 44 | ### | |
57 | ### XviD support | 45 | ### XviD support | |
58 | ### | 46 | ### | |
59 | 47 | |||
60 | .if !empty(PKG_OPTIONS:Mxvid) | 48 | .if !empty(PKG_OPTIONS:Mxvid) |
$NetBSD: patch-aa,v 1.9.2.2 2009/09/28 08:08:31 spz Exp $
--- libavcodec/x86/cpuid.c.orig 2009-08-10 22:17:29.000000000 +0200
+++ libavcodec/x86/cpuid.c
@@ -80,6 +80,7 @@ int mm_support(void)
rval |= FF_MM_MMX2
#if HAVE_SSE
| FF_MM_SSE;
+#if !defined(__GNUC__) || (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 2))
if (std_caps & (1<<26))
rval |= FF_MM_SSE2;
if (ecx & 1)
@@ -90,6 +91,7 @@ int mm_support(void)
rval |= FF_MM_SSE4;
if (ecx & 0x00100000 )
rval |= FF_MM_SSE42;
+#endif /* gcc >= 4.2 */
#endif
;
}
$NetBSD: patch-ab,v 1.6.2.2 2009/09/28 08:08:31 spz Exp $
Patch for the vulnerability reported in SA36760, taken from here:
http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=ebbccbaa5e925c2ddb212559f82c29ef526cc17e
http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=7798d31bee361724e0a6ede4e2fd67228f24040b
--- libavformat/sierravmd.c.orig 2009-02-16 14:45:05.000000000 +0000
+++ libavformat/sierravmd.c 2009-09-25 11:49:56.000000000 +0100
@@ -154,7 +154,7 @@
vmd->frame_table = NULL;
sound_buffers = AV_RL16(&vmd->vmd_header[808]);
raw_frame_table_size = vmd->frame_count * 6;
- if(vmd->frame_count * vmd->frames_per_block >= UINT_MAX / sizeof(vmd_frame)){
+ if(vmd->frame_count * vmd->frames_per_block >= UINT_MAX / sizeof(vmd_frame) - sound_buffers){
av_log(s, AV_LOG_ERROR, "vmd->frame_count * vmd->frames_per_block too large\n");
return -1;
}
@@ -1,16 +1,23 @@ | @@ -1,16 +1,23 @@ | |||
1 | $NetBSD: patch-bktr,v 1.2 2009/06/12 16:25:34 ahoka Exp $ | 1 | --- libavdevice/bktr.c.orig 2009-01-19 15:46:40 +0000 | |
2 | 2 | +++ libavdevice/bktr.c 2009-09-21 11:29:29 +0000 | ||
3 | --- libavdevice/bktr.c.orig 2009-01-19 16:46:40.000000000 +0100 | |||
4 | +++ libavdevice/bktr.c | |||
5 | @@ -24,7 +24,11 @@ | 3 | @@ -24,7 +24,11 @@ | |
6 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA | 4 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA | |
7 | */ | 5 | */ | |
8 | 6 | |||
9 | +/* u_short, u_int */ | 7 | +/* u_short, u_int */ | |
10 | #define _BSD_SOURCE 1 | 8 | #define _BSD_SOURCE 1 | |
11 | +#ifdef __NetBSD__ | 9 | +#ifdef __NetBSD__ | |
12 | +# define _NETBSD_SOURCE 1 | 10 | +# define _NETBSD_SOURCE 1 | |
13 | +#endif | 11 | +#endif | |
14 | #include "libavformat/avformat.h" | 12 | #include "libavformat/avformat.h" | |
15 | #if HAVE_DEV_BKTR_IOCTL_METEOR_H && HAVE_DEV_BKTR_IOCTL_BT848_H | 13 | #if HAVE_DEV_BKTR_IOCTL_METEOR_H && HAVE_DEV_BKTR_IOCTL_BT848_H | |
16 | # include <dev/bktr/ioctl_meteor.h> | 14 | # include <dev/bktr/ioctl_meteor.h> | |
15 | @@ -32,7 +36,7 @@ | |||
16 | #elif HAVE_MACHINE_IOCTL_METEOR_H && HAVE_MACHINE_IOCTL_BT848_H | |||
17 | # include <machine/ioctl_meteor.h> | |||
18 | # include <machine/ioctl_bt848.h> | |||
19 | -#elif HAVE_DEV_VIDEO_METEOR_IOCTL_METEOR_H && HAVE_DEV_VIDEO_METEOR_IOCTL_BT848_H | |||
20 | +#elif HAVE_DEV_VIDEO_METEOR_IOCTL_METEOR_H && HAVE_DEV_VIDEO_BKTR_IOCTL_BT848_H | |||
21 | # include <dev/video/meteor/ioctl_meteor.h> | |||
22 | # include <dev/video/bktr/ioctl_bt848.h> | |||
23 | #elif HAVE_DEV_IC_BT8XX_H |
@@ -1,27 +1,38 @@ | @@ -1,27 +1,38 @@ | |||
1 | $NetBSD: patch-configure,v 1.6 2009/06/14 11:27:01 ahoka Exp $ | 1 | $NetBSD: patch-configure,v 1.6.2.1 2009/09/28 08:08:31 spz Exp $ | |
2 | 2 | |||
3 | --- configure.orig 2009-06-10 22:50:53.000000000 +0200 | 3 | --- configure.orig 2009-06-10 22:50:53.000000000 +0200 | |
4 | +++ configure | 4 | +++ configure | |
5 | @@ -1632,6 +1632,8 @@ case $target_os in | 5 | @@ -1619,6 +1619,10 @@ case $target_os in | |
6 | add_cflags -D__EXTENSIONS__ | |||
7 | ;; | |||
8 | netbsd) | |||
9 | + if test $subarch != "x86_32"; then | |||
10 | + LIBOBJFLAGS='$(PIC)' | |||
11 | + SHFLAGS='-shared' | |||
12 | + fi | |||
13 | oss_demuxer_extralibs="-lossaudio" | |||
14 | oss_muxer_extralibs="-lossaudio" | |||
15 | ;; | |||
16 | @@ -1632,6 +1636,8 @@ case $target_os in | |||
6 | freebsd) | 17 | freebsd) | |
7 | disable need_memalign | 18 | disable need_memalign | |
8 | ;; | 19 | ;; | |
9 | + dragonfly) | 20 | + dragonfly) | |
10 | + ;; | 21 | + ;; | |
11 | bsd/os) | 22 | bsd/os) | |
12 | osextralibs="-lpoll -lgnugetopt" | 23 | osextralibs="-lpoll -lgnugetopt" | |
13 | strip="strip -d" | 24 | strip="strip -d" | |
14 | @@ -1996,10 +1998,13 @@ enabled vis && add_cflags -mcpu=ultraspa | 25 | @@ -1996,10 +2002,13 @@ enabled vis && add_cflags -mcpu=ultraspa | |
15 | 26 | |||
16 | # --- | 27 | # --- | |
17 | # big/little-endian test | 28 | # big/little-endian test | |
18 | -check_cc <<EOF || die "endian test failed" | 29 | -check_cc <<EOF || die "endian test failed" | |
19 | -unsigned int endian = 'B' << 24 | 'I' << 16 | 'G' << 8 | 'E'; | 30 | -unsigned int endian = 'B' << 24 | 'I' << 16 | 'G' << 8 | 'E'; | |
20 | +check_exec <<EOF || enable bigendian | 31 | +check_exec <<EOF || enable bigendian | |
21 | +int main() | 32 | +int main() | |
22 | +{ | 33 | +{ | |
23 | + long one = 1; | 34 | + long one = 1; | |
24 | + return !(*((char *)(&one))); | 35 | + return !(*((char *)(&one))); | |
25 | +} | 36 | +} | |
26 | EOF | 37 | EOF | |
27 | -od -A n -t x1 $TMPO | grep -q '42 *49 *47 *45' && enable bigendian | 38 | -od -A n -t x1 $TMPO | grep -q '42 *49 *47 *45' && enable bigendian |
$NetBSD: patch-powerpc,v 1.1.2.2 2009/09/28 08:08:31 spz Exp $
Fixes pkg/42000, not necessary aftert the next upgrade.
--- libswscale/swscale.c.orig 2009-06-04 23:55:52.000000000 +0200
+++ libswscale/swscale.c
@@ -1307,7 +1307,9 @@ static inline void monoblack2Y(uint8_t *
#if ARCH_PPC
#if (HAVE_ALTIVEC || CONFIG_RUNTIME_CPUDETECT) && CONFIG_GPL
+#if !CONFIG_RUNTIME_CPUDETECT
#undef COMPILE_C
+#endif
#define COMPILE_ALTIVEC
#endif
#endif //ARCH_PPC