Mon Sep 28 08:08:31 2009 UTC ()

Pullup ticket 2902 - requested by tron
security patch

Revisions pulled up:
- pkgsrc/multimedia/ffmpeg/Makefile			by patch
- pkgsrc/multimedia/ffmpeg/distinfo			by patch
- pkgsrc/multimedia/ffmpeg/options.mk			by patch
- pkgsrc/multimedia/ffmpeg/patches/patch-bktr		by patch
- pkgsrc/multimedia/ffmpeg/patches/patch-configure	by patch

Files added:
pkgsrc/multimedia/ffmpeg/patches/patch-aa		1.9
pkgsrc/multimedia/ffmpeg/patches/patch-ab		1.6
pkgsrc/multimedia/ffmpeg/patches/patch-powerpc		1.6

   -------------------------------------------------------------------------

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Fri Sep 25 11:10:21 UTC 2009

   Modified Files:
   	pkgsrc/multimedia/ffmpeg: Makefile distinfo
   Added Files:
   	pkgsrc/multimedia/ffmpeg/patches: patch-ab

   Log Message:
   Add patch from ffmpeg GIT repository to fix the vulnerability
   reported in SA36760.

   To generate a diff of this commit:
   cvs rdiff -u -r1.53 -r1.54 pkgsrc/multimedia/ffmpeg/Makefile
   cvs rdiff -u -r1.30 -r1.31 pkgsrc/multimedia/ffmpeg/distinfo
   cvs rdiff -u -r0 -r1.6 pkgsrc/multimedia/ffmpeg/patches/patch-ab


(spz)

diff -r1.50 -r1.50.2.1 pkgsrc/multimedia/ffmpeg/Makefile
diff -r1.25 -r1.25.2.1 pkgsrc/multimedia/ffmpeg/distinfo
diff -r1.12 -r1.12.2.1 pkgsrc/multimedia/ffmpeg/options.mk
diff -r0 -r1.9.2.2 pkgsrc/multimedia/ffmpeg/patches/patch-aa
diff -r0 -r1.6.2.2 pkgsrc/multimedia/ffmpeg/patches/patch-ab
diff -r1.2 -r1.2.2.1 pkgsrc/multimedia/ffmpeg/patches/patch-bktr
diff -r1.6 -r1.6.2.1 pkgsrc/multimedia/ffmpeg/patches/patch-configure
diff -r0 -r1.1.2.2 pkgsrc/multimedia/ffmpeg/patches/patch-powerpc

--- pkgsrc/multimedia/ffmpeg/Attic/Makefile 2009/06/12 16:25:34 1.50
+++ pkgsrc/multimedia/ffmpeg/Attic/Makefile 2009/09/28 08:08:31 1.50.2.1

 @@ -1,14 +1,16 @@
-# $NetBSD: Makefile,v 1.50 2009/06/12 16:25:34 ahoka Exp $
+# $NetBSD: Makefile,v 1.50.2.1 2009/09/28 08:08:31 spz Exp $
 PKGREVISION=	4
 MAINTAINER=	ahoka@NetBSD.org
 HOMEPAGE=	http://ffmpeg.mplayerhq.hu/
 COMMENT=	Decoding, encoding and streaming software
 PKG_DESTDIR_SUPPORT=	user-destdir
 CONFIGURE_ARGS+=	--enable-avfilter \
 			--enable-avfilter-lavf \
 			--enable-postproc \
 			--enable-libvorbis \
 			--enable-libmp3lame

--- pkgsrc/multimedia/ffmpeg/Attic/distinfo 2009/06/14 11:27:00 1.25
+++ pkgsrc/multimedia/ffmpeg/Attic/distinfo 2009/09/28 08:08:31 1.25.2.1

 @@ -1,7 +1,10 @@
-$NetBSD: distinfo,v 1.25 2009/06/14 11:27:00 ahoka Exp $
+$NetBSD: distinfo,v 1.25.2.1 2009/09/28 08:08:31 spz Exp $
 SHA1 (ffmpeg-20090611.tar.bz2) = 04e67497f70c64b7a26534d4b67e3a46cdb4b219
 RMD160 (ffmpeg-20090611.tar.bz2) = 447a72cd1a416f926100c61299d9012535909d9a
 Size (ffmpeg-20090611.tar.bz2) = 2799194 bytes
-SHA1 (patch-bktr) = dadd96835ffbf3a95a5de75647a72edb53171b6f
+SHA1 (patch-aa) = e40f61850fe5c85bdd4b659802601dfacfe73ad1
-SHA1 (patch-configure) = c4f5cbe0cecac291547a9fd652f3e6c3c92fde2c
+SHA1 (patch-ab) = 1c1da33f47be51f75635a9667b0d7d8052945ba7
 SHA1 (patch-bktr) = fb57a4f5dc0d372eb3f40dac5b05ea7d1da45d7b
 SHA1 (patch-configure) = ec0ae3c27026b45d380ecea04ff22518bf652ec0
 SHA1 (patch-powerpc) = 0eaf8d81164e1488fdb436d50909d0a633439e6a

--- pkgsrc/multimedia/ffmpeg/Attic/options.mk 2009/06/12 16:25:34 1.12
+++ pkgsrc/multimedia/ffmpeg/Attic/options.mk 2009/09/28 08:08:31 1.12.2.1

 @@ -1,60 +1,48 @@
-# $NetBSD: options.mk,v 1.12 2009/06/12 16:25:34 ahoka Exp $
+# $NetBSD: options.mk,v 1.12.2.1 2009/09/28 08:08:31 spz Exp $
 # Global and legacy options
 PKG_OPTIONS_VAR=	PKG_OPTIONS.ffmpeg
 PKG_SUPPORTED_OPTIONS=	theora xvid faad faac x264
 PKG_SUGGESTED_OPTIONS=	theora xvid x264
 #PKG_OPTIONS_OPTIONAL_GROUPS=	aac-decoder
 #PKG_OPTIONS_GROUP.aac-decoder=	faad faac
 .include "../../mk/bsd.options.mk"
 .include "../../mk/bsd.prefs.mk"
 ###
 ### faad option
 ###
 .if !empty(PKG_OPTIONS:Mfaad)
 CONFIGURE_ARGS+=  --enable-libfaad
 .include "../../audio/faad2/buildlink3.mk"
 .endif
 ###
 ### faac option
 ###
 .if !empty(PKG_OPTIONS:Mfaac)
 RESTRICTED=		This software may require the payment of patent royalties
 NO_BIN_ON_CDROM=	${RESTRICTED}
 NO_BIN_ON_FTP=		${RESTRICTED}
 CONFIGURE_ARGS+=	--enable-libfaac \
 			--enable-nonfree
 .include "../../audio/faac/buildlink3.mk"
 .endif
 ###
 ### SDL support
 ###
 ### You can build the frontend with SDL support enabled
 ###
 .if !empty(PKG_OPTIONS:Msdl)
 CONFIGURE_ARGS+=	--enable-ffplay
 PLIST.sdl=		yes
 .include "../../devel/SDL/buildlink3.mk"
 .else
 CONFIGURE_ARGS+=	--disable-ffplay
 .endif
 ###
 ### OGG Theora support
 ###
 .if !empty(PKG_OPTIONS:Mtheora)
 CONFIGURE_ARGS+=  --enable-libtheora
 .include "../../multimedia/libtheora/buildlink3.mk"
 .endif
 ###
 ### XviD support
 ###
 .if !empty(PKG_OPTIONS:Mxvid)

$NetBSD: patch-aa,v 1.9.2.2 2009/09/28 08:08:31 spz Exp $

--- libavcodec/x86/cpuid.c.orig	2009-08-10 22:17:29.000000000 +0200
+++ libavcodec/x86/cpuid.c
@@ -80,6 +80,7 @@ int mm_support(void)
             rval |= FF_MM_MMX2
 #if HAVE_SSE
                   | FF_MM_SSE;
+#if !defined(__GNUC__) || (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 2))
         if (std_caps & (1<<26))
             rval |= FF_MM_SSE2;
         if (ecx & 1)
@@ -90,6 +91,7 @@ int mm_support(void)
             rval |= FF_MM_SSE4;
         if (ecx & 0x00100000 )
             rval |= FF_MM_SSE42;
+#endif /* gcc >= 4.2 */
 #endif
                   ;
     }

$NetBSD: patch-ab,v 1.6.2.2 2009/09/28 08:08:31 spz Exp $

Patch for the vulnerability reported in SA36760, taken from here:

http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=ebbccbaa5e925c2ddb212559f82c29ef526cc17e
http://git.ffmpeg.org/?p=ffmpeg;a=commit;h=7798d31bee361724e0a6ede4e2fd67228f24040b

--- libavformat/sierravmd.c.orig	2009-02-16 14:45:05.000000000 +0000
+++ libavformat/sierravmd.c	2009-09-25 11:49:56.000000000 +0100
@@ -154,7 +154,7 @@
     vmd->frame_table = NULL;
     sound_buffers = AV_RL16(&vmd->vmd_header[808]);
     raw_frame_table_size = vmd->frame_count * 6;
-    if(vmd->frame_count * vmd->frames_per_block  >= UINT_MAX / sizeof(vmd_frame)){
+    if(vmd->frame_count * vmd->frames_per_block >= UINT_MAX / sizeof(vmd_frame) - sound_buffers){
         av_log(s, AV_LOG_ERROR, "vmd->frame_count * vmd->frames_per_block too large\n");
         return -1;
     }

--- pkgsrc/multimedia/ffmpeg/patches/Attic/patch-bktr 2009/06/12 16:25:34 1.2
+++ pkgsrc/multimedia/ffmpeg/patches/Attic/patch-bktr 2009/09/28 08:08:31 1.2.2.1

 @@ -1,16 +1,23 @@
-$NetBSD: patch-bktr,v 1.2 2009/06/12 16:25:34 ahoka Exp $
+--- libavdevice/bktr.c.orig	2009-01-19 15:46:40 +0000
 +++ libavdevice/bktr.c	2009-09-21 11:29:29 +0000
 --- libavdevice/bktr.c.orig	2009-01-19 16:46:40.000000000 +0100
 +++ libavdevice/bktr.c
 @@ -24,7 +24,11 @@
   * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
   */
 +/* u_short, u_int */
  #define _BSD_SOURCE 1
 +#ifdef __NetBSD__
 +# define _NETBSD_SOURCE 1
 +#endif
  #include "libavformat/avformat.h"
  #if HAVE_DEV_BKTR_IOCTL_METEOR_H && HAVE_DEV_BKTR_IOCTL_BT848_H
  # include <dev/bktr/ioctl_meteor.h>
@@ -32,7 +36,7 @@
  #elif HAVE_MACHINE_IOCTL_METEOR_H && HAVE_MACHINE_IOCTL_BT848_H
  # include <machine/ioctl_meteor.h>
  # include <machine/ioctl_bt848.h>
 -#elif HAVE_DEV_VIDEO_METEOR_IOCTL_METEOR_H && HAVE_DEV_VIDEO_METEOR_IOCTL_BT848_H
 +#elif HAVE_DEV_VIDEO_METEOR_IOCTL_METEOR_H && HAVE_DEV_VIDEO_BKTR_IOCTL_BT848_H
  # include <dev/video/meteor/ioctl_meteor.h>
  # include <dev/video/bktr/ioctl_bt848.h>
  #elif HAVE_DEV_IC_BT8XX_H

--- pkgsrc/multimedia/ffmpeg/patches/Attic/patch-configure 2009/06/14 11:27:01 1.6
+++ pkgsrc/multimedia/ffmpeg/patches/Attic/patch-configure 2009/09/28 08:08:31 1.6.2.1

 @@ -1,27 +1,38 @@
-$NetBSD: patch-configure,v 1.6 2009/06/14 11:27:01 ahoka Exp $
+$NetBSD: patch-configure,v 1.6.2.1 2009/09/28 08:08:31 spz Exp $
 --- configure.orig	2009-06-10 22:50:53.000000000 +0200
 +++ configure
-@@ -1632,6 +1632,8 @@ case $target_os in
+@@ -1619,6 +1619,10 @@ case $target_os in
          add_cflags -D__EXTENSIONS__
          ;;
      netbsd)
 +	if test $subarch != "x86_32"; then
 +	    LIBOBJFLAGS='$(PIC)'
 +	    SHFLAGS='-shared'
 +	fi
          oss_demuxer_extralibs="-lossaudio"
          oss_muxer_extralibs="-lossaudio"
          ;;
@@ -1632,6 +1636,8 @@ case $target_os in
      freebsd)
          disable need_memalign
          ;;
 +    dragonfly)
 +        ;;
      bsd/os)
          osextralibs="-lpoll -lgnugetopt"
          strip="strip -d"
-@@ -1996,10 +1998,13 @@ enabled vis && add_cflags -mcpu=ultraspa
+@@ -1996,10 +2002,13 @@ enabled vis && add_cflags -mcpu=ultraspa
  # ---
  # big/little-endian test
 -check_cc <<EOF || die "endian test failed"
 -unsigned int endian = 'B' << 24 | 'I' << 16 | 'G' << 8 | 'E';
 +check_exec <<EOF || enable bigendian
 +int main()
 +{
 + long one = 1;
 + return !(*((char *)(&one)));
 +}
  EOF
 -od -A n -t x1 $TMPO | grep -q '42 *49 *47 *45' && enable bigendian

$NetBSD: patch-powerpc,v 1.1.2.2 2009/09/28 08:08:31 spz Exp $

Fixes pkg/42000, not necessary aftert the next upgrade.

--- libswscale/swscale.c.orig	2009-06-04 23:55:52.000000000 +0200
+++ libswscale/swscale.c
@@ -1307,7 +1307,9 @@ static inline void monoblack2Y(uint8_t *
 
 #if ARCH_PPC
 #if (HAVE_ALTIVEC || CONFIG_RUNTIME_CPUDETECT) && CONFIG_GPL
+#if !CONFIG_RUNTIME_CPUDETECT
 #undef COMPILE_C
+#endif
 #define COMPILE_ALTIVEC
 #endif
 #endif //ARCH_PPC