diff --git a/Adapt-to-backwards-incompatible-change-in-GNU-Make-4.3.patch b/Adapt-to-backwards-incompatible-change-in-GNU-Make-4.3.patch deleted file mode 100644 index 8b2721fe5de80cbc28bb87b954ace2e5f1d30f0f..0000000000000000000000000000000000000000 --- a/Adapt-to-backwards-incompatible-change-in-GNU-Make-4.3.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -Naur gst-plugins-bad-1.14.4/common/gst-glib-gen.mak gst-plugins-bad-1.14.4-fix/common/gst-glib-gen.mak ---- gst-plugins-bad-1.14.4/common/gst-glib-gen.mak 2018-03-24 04:45:17.000000000 +0800 -+++ gst-plugins-bad-1.14.4-fix/common/gst-glib-gen.mak 2020-08-01 18:28:15.096308635 +0800 -@@ -8,7 +8,8 @@ - #glib_gen_decl_banner=GST_EXPORT - #glib_gen_decl_include=\#include - --enum_headers=$(foreach h,$(glib_enum_headers),\n\#include \"$(h)\") -+hash:=\# -+enum_headers=$(foreach h,$(glib_enum_headers),\n$(hash)include \"$(h)\") - - # these are all the rules generating the relevant files - $(glib_gen_basename)-marshal.h: $(glib_gen_basename)-marshal.list diff --git a/CVE-2021-3185.patch b/CVE-2021-3185.patch deleted file mode 100644 index 86e9ab5502c5ca1bcc72f084976d5a8c62d4d8e8..0000000000000000000000000000000000000000 --- a/CVE-2021-3185.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 11353b3f6e2f047cc37483d21e6a37ae558896bc Mon Sep 17 00:00:00 2001 -From: Andrew Wesie -Date: Fri, 16 Oct 2020 12:29:02 +0100 -Subject: [PATCH] codecparsers: h264parser: guard against ref_pic_markings - overflow - -Part-of: ---- - gst-libs/gst/codecparsers/gsth264parser.c | 10 +++++++--- - 1 file changed, 7 insertions(+), 3 deletions(-) - -diff --git a/gst-libs/gst/codecparsers/gsth264parser.c b/gst-libs/gst/codecparsers/gsth264parser.c -index 1c40b6517c..012f1d0d73 100644 ---- a/gst-libs/gst/codecparsers/gsth264parser.c -+++ b/gst-libs/gst/codecparsers/gsth264parser.c -@@ -723,13 +723,17 @@ gst_h264_slice_parse_dec_ref_pic_marking (GstH264SliceHdr * slice, - - dec_ref_pic_m->n_ref_pic_marking = 0; - while (1) { -- refpicmarking = -- &dec_ref_pic_m->ref_pic_marking[dec_ref_pic_m->n_ref_pic_marking]; -- - READ_UE (nr, mem_mgmt_ctrl_op); - if (mem_mgmt_ctrl_op == 0) - break; - -+ if (dec_ref_pic_m->n_ref_pic_marking >= -+ G_N_ELEMENTS (dec_ref_pic_m->ref_pic_marking)) -+ goto error; -+ -+ refpicmarking = -+ &dec_ref_pic_m->ref_pic_marking[dec_ref_pic_m->n_ref_pic_marking]; -+ - refpicmarking->memory_management_control_operation = mem_mgmt_ctrl_op; - - if (mem_mgmt_ctrl_op == 1 || mem_mgmt_ctrl_op == 3) --- -GitLab - diff --git a/CVE-2023-37329.patch b/CVE-2023-37329.patch deleted file mode 100644 index da8f36fde371cfabc73c8c30d6f8c37bf8f11a80..0000000000000000000000000000000000000000 --- a/CVE-2023-37329.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 7ed446dca9454dd66a0180823f57a34bc01845a4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= -Date: Tue, 13 Jun 2023 14:23:47 +0300 -Subject: [PATCH 1/2] dvdspu: Make sure enough data is allocated for the - available data - -If the size read from the stream is smaller than the currently available -data then the size is bogus and the data should simply be discarded. - -Fixes ZDI-CAN-20994 -Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2660 - -Part-of: ---- - gst/dvdspu/gstspu-pgs.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/gst/dvdspu/gstspu-pgs.c b/gst/dvdspu/gstspu-pgs.c -index e609a284df9..e29f4f18826 100644 ---- a/gst/dvdspu/gstspu-pgs.c -+++ b/gst/dvdspu/gstspu-pgs.c -@@ -593,6 +593,9 @@ parse_set_object_data (GstDVDSpu * dvdspu, guint8 type, guint8 * payload, - obj->rle_data_size = GST_READ_UINT24_BE (payload); - payload += 3; - -+ if (end - payload > obj->rle_data_size) -+ return 0; -+ - PGS_DUMP ("%d bytes of RLE data, of %d bytes total.\n", - (int) (end - payload), obj->rle_data_size); - --- -GitLab - - -From 0dabf0eb00723a26b88e13dcb3030744e84569da Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= -Date: Tue, 13 Jun 2023 14:25:04 +0300 -Subject: [PATCH 2/2] dvdspu: Avoid integer overflow when checking if enough - data is available - -Part-of: ---- - subprojects/gst-plugins-bad/gst/dvdspu/gstspu-pgs.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/gst/dvdspu/gstspu-pgs.c b/gst/dvdspu/gstspu-pgs.c -index e29f4f18826..49db6d13d8b 100644 ---- a/gst/dvdspu/gstspu-pgs.c -+++ b/gst/dvdspu/gstspu-pgs.c -@@ -607,7 +607,8 @@ parse_set_object_data (GstDVDSpu * dvdspu, guint8 type, guint8 * payload, - PGS_DUMP ("%d bytes of additional RLE data\n", (int) (end - payload)); - /* Check that the data chunk is for this object version, and fits in the buffer */ - if (obj->rle_data_ver == obj_ver && -- obj->rle_data_used + end - payload <= obj->rle_data_size) { -+ end - payload <= obj->rle_data_size && -+ obj->rle_data_used <= obj->rle_data_size - (end - payload)) { - - memcpy (obj->rle_data + obj->rle_data_used, payload, end - payload); - obj->rle_data_used += end - payload; --- -GitLab - diff --git a/CVE-2023-40474.patch b/CVE-2023-40474.patch deleted file mode 100644 index 8268002838b0827b93b7f2428319bee7a229ab3a..0000000000000000000000000000000000000000 --- a/CVE-2023-40474.patch +++ /dev/null @@ -1,114 +0,0 @@ -From ce17e968e4cf900d28ca5b46f6e095febc42b4f0 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= -Date: Thu, 10 Aug 2023 15:45:01 +0300 -Subject: [PATCH] mxfdemux: Fix integer overflow causing out of bounds writes - when handling invalid uncompressed video - -Check ahead of time when parsing the track information whether -width, height and bpp are valid and usable without overflows. - -Fixes ZDI-CAN-21660, CVE-2023-40474 - -Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2896 - -Part-of: ---- - gst/mxf/mxfup.c | 51 +++++++++++++++++---- - 1 file changed, 43 insertions(+), 8 deletions(-) - -diff --git a/gst/mxf/mxfup.c b/gst/mxf/mxfup.c -index d72ed22cb7a..0c0178c1c9e 100644 ---- a/gst/mxf/mxfup.c -+++ b/gst/mxf/mxfup.c -@@ -118,6 +118,8 @@ mxf_up_handle_essence_element (const MXFUL * key, GstBuffer * buffer, - gpointer mapping_data, GstBuffer ** outbuf) - { - MXFUPMappingData *data = mapping_data; -+ gsize expected_in_stride = 0, out_stride = 0; -+ gsize expected_in_size = 0, out_size = 0; - - /* SMPTE 384M 7.1 */ - if (key->u[12] != 0x15 || (key->u[14] != 0x01 && key->u[14] != 0x02 -@@ -146,22 +148,25 @@ mxf_up_handle_essence_element (const MXFUL * key, GstBuffer * buffer, - } - } - -- if (gst_buffer_get_size (buffer) != data->bpp * data->width * data->height) { -+ // Checked for overflows when parsing the descriptor -+ expected_in_stride = data->bpp * data->width; -+ out_stride = GST_ROUND_UP_4 (expected_in_stride); -+ expected_in_size = expected_in_stride * data->height; -+ out_size = out_stride * data->height; -+ -+ if (gst_buffer_get_size (buffer) != expected_in_size) { - GST_ERROR ("Invalid buffer size"); - gst_buffer_unref (buffer); - return GST_FLOW_ERROR; - } - -- if (data->bpp != 4 -- || GST_ROUND_UP_4 (data->width * data->bpp) != data->width * data->bpp) { -+ if (data->bpp != 4 || out_stride != expected_in_stride) { - guint y; - GstBuffer *ret; - GstMapInfo inmap, outmap; - guint8 *indata, *outdata; - -- ret = -- gst_buffer_new_and_alloc (GST_ROUND_UP_4 (data->width * data->bpp) * -- data->height); -+ ret = gst_buffer_new_and_alloc (out_size); - gst_buffer_map (buffer, &inmap, GST_MAP_READ); - gst_buffer_map (ret, &outmap, GST_MAP_WRITE); - indata = inmap.data; -@@ -169,8 +174,8 @@ mxf_up_handle_essence_element (const MXFUL * key, GstBuffer * buffer, - - for (y = 0; y < data->height; y++) { - memcpy (outdata, indata, data->width * data->bpp); -- outdata += GST_ROUND_UP_4 (data->width * data->bpp); -- indata += data->width * data->bpp; -+ outdata += out_stride; -+ indata += expected_in_stride; - } - - gst_buffer_unmap (buffer, &inmap); -@@ -378,6 +383,36 @@ mxf_up_create_caps (MXFMetadataTimelineTrack * track, GstTagList ** tags, - return NULL; - } - -+ if (caps) { -+ MXFUPMappingData *data = *mapping_data; -+ gsize expected_in_stride = 0, out_stride = 0; -+ gsize expected_in_size = 0, out_size = 0; -+ -+ // Do some checking of the parameters to see if they're valid and -+ // we can actually work with them. -+ if (data->image_start_offset > data->image_end_offset) { -+ GST_WARNING ("Invalid image start/end offset"); -+ g_free (data); -+ *mapping_data = NULL; -+ gst_clear_caps (&caps); -+ -+ return NULL; -+ } -+ -+ if (!g_size_checked_mul (&expected_in_stride, data->bpp, data->width) || -+ (out_stride = GST_ROUND_UP_4 (expected_in_stride)) < expected_in_stride -+ || !g_size_checked_mul (&expected_in_size, expected_in_stride, -+ data->height) -+ || !g_size_checked_mul (&out_size, out_stride, data->height)) { -+ GST_ERROR ("Invalid resolution or bit depth"); -+ g_free (data); -+ *mapping_data = NULL; -+ gst_clear_caps (&caps); -+ -+ return NULL; -+ } -+ } -+ - return caps; - } - --- -GitLab - diff --git a/CVE-2023-40475.patch b/CVE-2023-40475.patch deleted file mode 100644 index 451d1e4ccb125e8d828343767aeebec816040a6c..0000000000000000000000000000000000000000 --- a/CVE-2023-40475.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 72742dee30cce7bf909639f82de119871566ce39 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= -Date: Thu, 10 Aug 2023 15:47:03 +0300 -Subject: [PATCH] mxfdemux: Check number of channels for AES3 audio - -Only up to 8 channels are allowed and using a higher number would cause -integer overflows when copying the data, and lead to out of bound -writes. - -Also check that each buffer is at least 4 bytes long to avoid another -overflow. - -Fixes ZDI-CAN-21661, CVE-2023-40475 - -Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2897 - -Part-of: ---- - gst/mxf/mxfd10.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/gst/mxf/mxfd10.c b/gst/mxf/mxfd10.c -index 03854d93039..0ad0d2d283e 100644 ---- a/gst/mxf/mxfd10.c -+++ b/gst/mxf/mxfd10.c -@@ -101,7 +101,7 @@ mxf_d10_sound_handle_essence_element (const MXFUL * key, GstBuffer * buffer, - gst_buffer_map (buffer, &map, GST_MAP_READ); - - /* Now transform raw AES3 into raw audio, see SMPTE 331M */ -- if ((map.size - 4) % 32 != 0) { -+ if (map.size < 4 || (map.size - 4) % 32 != 0) { - gst_buffer_unmap (buffer, &map); - GST_ERROR ("Invalid D10 sound essence buffer size"); - return GST_FLOW_ERROR; -@@ -201,6 +201,7 @@ mxf_d10_create_caps (MXFMetadataTimelineTrack * track, GstTagList ** tags, - GstAudioFormat audio_format; - - if (s->channel_count == 0 || -+ s->channel_count > 8 || - s->quantization_bits == 0 || - s->audio_sampling_rate.n == 0 || s->audio_sampling_rate.d == 0) { - GST_ERROR ("Invalid descriptor"); --- -GitLab - diff --git a/CVE-2023-40476.patch b/CVE-2023-40476.patch deleted file mode 100644 index f33824d8fe04222edc7f129a71bcd058f3d4906b..0000000000000000000000000000000000000000 --- a/CVE-2023-40476.patch +++ /dev/null @@ -1,41 +0,0 @@ -From ff91a3d8d6f7e2412c44663bf30fad5c7fdbc9d9 Mon Sep 17 00:00:00 2001 -From: Nicolas Dufresne -Date: Wed, 9 Aug 2023 12:49:19 -0400 -Subject: [PATCH] h265parser: Fix possible overflow using max_sub_layers_minus1 - -This fixes a possible overflow that can be triggered by an invalid value of -max_sub_layers_minus1 being set in the bitstream. The bitstream uses 3 bits, -but the allowed range is 0 to 6 only. - -Fixes ZDI-CAN-21768, CVE-2023-40476 - -Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2895 - -Part-of: ---- - gst-libs/gst/codecparsers/gsth265parser.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/gst-libs/gst/codecparsers/gsth265parser.c b/gst-libs/gst/codecparsers/gsth265parser.c -index 16fce00..2e8ef18 100644 ---- a/gst-libs/gst/codecparsers/gsth265parser.c -+++ b/gst-libs/gst/codecparsers/gsth265parser.c -@@ -1490,6 +1490,7 @@ gst_h265_parse_vps (GstH265NalUnit * nalu, GstH265VPS * vps) - - READ_UINT8 (&nr, vps->max_layers_minus1, 6); - READ_UINT8 (&nr, vps->max_sub_layers_minus1, 3); -+ CHECK_ALLOWED (vps->max_sub_layers_minus1, 0, 6); - READ_UINT8 (&nr, vps->temporal_id_nesting_flag, 1); - - /* skip reserved_0xffff_16bits */ -@@ -1669,6 +1670,7 @@ gst_h265_parse_sps (GstH265Parser * parser, GstH265NalUnit * nalu, - sps->vps = vps; - - READ_UINT8 (&nr, sps->max_sub_layers_minus1, 3); -+ CHECK_ALLOWED (sps->max_sub_layers_minus1, 0, 6); - READ_UINT8 (&nr, sps->temporal_id_nesting_flag, 1); - - if (!gst_h265_parse_profile_tier_level (&sps->profile_tier_level, &nr, --- -2.30.0 - diff --git a/CVE-2023-44446.patch b/CVE-2023-44446.patch deleted file mode 100644 index 52e3b1505c1075939c8560dca28a816641640b89..0000000000000000000000000000000000000000 --- a/CVE-2023-44446.patch +++ /dev/null @@ -1,305 +0,0 @@ -From 2c92454ec06ce2c17aceceb14b1db006410791a7 Mon Sep 17 00:00:00 2001 -From: peijiankang -Date: Mon, 20 Nov 2023 16:25:54 +0800 -Subject: [PATCH] CVE-2023-44446 - ---- - gst/mxf/mxfdemux.c | 112 +++++++++++++++++++-------------------------- - gst/mxf/mxfdemux.h | 2 +- - 2 files changed, 49 insertions(+), 65 deletions(-) - -diff --git a/gst/mxf/mxfdemux.c b/gst/mxf/mxfdemux.c -index f6e5ac0..6dd0acb 100644 ---- a/gst/mxf/mxfdemux.c -+++ b/gst/mxf/mxfdemux.c -@@ -154,10 +154,25 @@ gst_mxf_demux_partition_free (GstMXFDemuxPartition * partition) - } - - static void --gst_mxf_demux_reset_mxf_state (GstMXFDemux * demux) -+gst_mxf_demux_essence_track_free (GstMXFDemuxEssenceTrack * t) - { -- guint i; -+ if (t->offsets) -+ g_array_free (t->offsets, TRUE); -+ -+ g_free (t->mapping_data); -+ -+ if (t->tags) -+ gst_tag_list_unref (t->tags); -+ -+ if (t->caps) -+ gst_caps_unref (t->caps); -+ -+ g_free (t); -+} - -+static void -+gst_mxf_demux_reset_mxf_state (GstMXFDemux * demux) -+{ - GST_DEBUG_OBJECT (demux, "Resetting MXF state"); - - g_list_foreach (demux->partitions, (GFunc) gst_mxf_demux_partition_free, -@@ -166,23 +181,7 @@ gst_mxf_demux_reset_mxf_state (GstMXFDemux * demux) - demux->partitions = NULL; - - demux->current_partition = NULL; -- -- for (i = 0; i < demux->essence_tracks->len; i++) { -- GstMXFDemuxEssenceTrack *t = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); -- -- if (t->offsets) -- g_array_free (t->offsets, TRUE); -- -- g_free (t->mapping_data); -- -- if (t->tags) -- gst_tag_list_unref (t->tags); -- -- if (t->caps) -- gst_caps_unref (t->caps); -- } -- g_array_set_size (demux->essence_tracks, 0); -+ g_ptr_array_set_size (demux->essence_tracks, 0); - } - - static void -@@ -200,7 +199,7 @@ gst_mxf_demux_reset_linked_metadata (GstMXFDemux * demux) - - for (i = 0; i < demux->essence_tracks->len; i++) { - GstMXFDemuxEssenceTrack *track = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); -+ g_ptr_array_index (demux->essence_tracks, i); - - track->source_package = NULL; - track->source_track = NULL; -@@ -713,8 +712,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux) - - for (k = 0; k < demux->essence_tracks->len; k++) { - GstMXFDemuxEssenceTrack *tmp = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, -- k); -+ g_ptr_array_index (demux->essence_tracks, k); - - if (tmp->track_number == track->parent.track_number && - tmp->body_sid == edata->body_sid) { -@@ -732,24 +730,23 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux) - } - - if (!etrack) { -- GstMXFDemuxEssenceTrack tmp; -+ GstMXFDemuxEssenceTrack *tmp = g_new0 (GstMXFDemuxEssenceTrack, 1); - -- memset (&tmp, 0, sizeof (tmp)); -- tmp.body_sid = edata->body_sid; -- tmp.index_sid = edata->index_sid; -- tmp.track_number = track->parent.track_number; -- tmp.track_id = track->parent.track_id; -- memcpy (&tmp.source_package_uid, &package->parent.package_uid, 32); -+ tmp->body_sid = edata->body_sid; -+ tmp->index_sid = edata->index_sid; -+ tmp->track_number = track->parent.track_number; -+ tmp->track_id = track->parent.track_id; -+ memcpy (&tmp->source_package_uid, &package->parent.package_uid, 32); - - if (demux->current_partition->partition.body_sid == edata->body_sid && - demux->current_partition->partition.body_offset == 0) -- tmp.position = 0; -+ tmp->position = 0; - else -- tmp.position = -1; -+ tmp->position = -1; - -- g_array_append_val (demux->essence_tracks, tmp); -+ g_ptr_array_add (demux->essence_tracks, tmp); - etrack = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, -+ g_ptr_array_index (demux->essence_tracks, - demux->essence_tracks->len - 1); - new = TRUE; - } -@@ -876,13 +873,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux) - - next: - if (new) { -- g_free (etrack->mapping_data); -- if (etrack->tags) -- gst_tag_list_unref (etrack->tags); -- if (etrack->caps) -- gst_caps_unref (etrack->caps); -- -- g_array_remove_index (demux->essence_tracks, -+ g_ptr_array_remove_index (demux->essence_tracks, - demux->essence_tracks->len - 1); - } - } -@@ -895,7 +886,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux) - - for (i = 0; i < demux->essence_tracks->len; i++) { - GstMXFDemuxEssenceTrack *etrack = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); -+ g_ptr_array_index (demux->essence_tracks, i); - - if (!etrack->source_package || !etrack->source_track || !etrack->caps) { - GST_ERROR_OBJECT (demux, "Failed to update essence track %u", i); -@@ -1117,7 +1108,7 @@ gst_mxf_demux_update_tracks (GstMXFDemux * demux) - - for (k = 0; k < demux->essence_tracks->len; k++) { - GstMXFDemuxEssenceTrack *tmp = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, k); -+ g_ptr_array_index (demux->essence_tracks, k); - - if (tmp->source_package == source_package && - tmp->source_track == source_track) { -@@ -1598,8 +1589,7 @@ gst_mxf_demux_pad_set_component (GstMXFDemux * demux, GstMXFDemuxPad * pad, - pad->current_essence_track = NULL; - - for (k = 0; k < demux->essence_tracks->len; k++) { -- GstMXFDemuxEssenceTrack *tmp = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, k); -+ GstMXFDemuxEssenceTrack *tmp = g_ptr_array_index (demux->essence_tracks, k); - - if (tmp->source_package == source_package && - tmp->source_track == source_track) { -@@ -1731,7 +1721,7 @@ gst_mxf_demux_handle_generic_container_essence_element (GstMXFDemux * demux, - - for (i = 0; i < demux->essence_tracks->len; i++) { - GstMXFDemuxEssenceTrack *tmp = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); -+ g_ptr_array_index (demux->essence_tracks, i); - - if (tmp->body_sid == demux->current_partition->partition.body_sid && - (tmp->track_number == track_number || tmp->track_number == 0)) { -@@ -2656,7 +2646,7 @@ gst_mxf_demux_handle_klv_packet (GstMXFDemux * demux, const MXFUL * key, - - for (i = 0; i < demux->essence_tracks->len; i++) { - GstMXFDemuxEssenceTrack *etrack = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); -+ g_ptr_array_index (demux->essence_tracks, i); - - if (etrack->body_sid != demux->current_partition->partition.body_sid) - continue; -@@ -2719,7 +2709,7 @@ gst_mxf_demux_handle_klv_packet (GstMXFDemux * demux, const MXFUL * key, - guint i; - for (i = 0; i < demux->essence_tracks->len; i++) { - GstMXFDemuxEssenceTrack *etrack = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); -+ g_ptr_array_index (demux->essence_tracks, i); - - if (etrack->body_sid != demux->current_partition->partition.body_sid) - continue; -@@ -2913,8 +2903,7 @@ from_index: - gst_mxf_demux_set_partition_for_offset (demux, demux->offset); - - for (i = 0; i < demux->essence_tracks->len; i++) { -- GstMXFDemuxEssenceTrack *t = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); -+ GstMXFDemuxEssenceTrack *t = g_ptr_array_index (demux->essence_tracks, i); - - if (index_start_position != -1 && t == etrack) - t->position = index_start_position; -@@ -2937,8 +2926,7 @@ from_index: - if (ret == GST_FLOW_EOS) { - for (i = 0; i < demux->essence_tracks->len; i++) { - GstMXFDemuxEssenceTrack *t = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, -- i); -+ g_ptr_array_index (demux->essence_tracks, i); - - if (t->position > 0) - t->duration = t->position; -@@ -3020,7 +3008,7 @@ gst_mxf_demux_pull_and_handle_klv_packet (GstMXFDemux * demux) - - for (i = 0; i < demux->essence_tracks->len; i++) { - GstMXFDemuxEssenceTrack *t = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); -+ g_ptr_array_index (demux->essence_tracks, i); - - if (t->position > 0) - t->duration = t->position; -@@ -3627,8 +3615,7 @@ gst_mxf_demux_seek_push (GstMXFDemux * demux, GstEvent * event) - } - - for (i = 0; i < demux->essence_tracks->len; i++) { -- GstMXFDemuxEssenceTrack *t = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); -+ GstMXFDemuxEssenceTrack *t = g_ptr_array_index (demux->essence_tracks, i); - t->position = -1; - } - -@@ -4001,8 +3988,7 @@ gst_mxf_demux_seek_pull (GstMXFDemux * demux, GstEvent * event) - } - - for (i = 0; i < demux->essence_tracks->len; i++) { -- GstMXFDemuxEssenceTrack *t = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); -+ GstMXFDemuxEssenceTrack *t = g_ptr_array_index (demux->essence_tracks, i); - t->position = -1; - } - -@@ -4284,7 +4270,7 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event) - - for (i = 0; i < demux->essence_tracks->len; i++) { - GstMXFDemuxEssenceTrack *t = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); -+ g_ptr_array_index (demux->essence_tracks, i); - - if (t->position > 0) - t->duration = t->position; -@@ -4325,8 +4311,7 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event) - - for (i = 0; i < demux->essence_tracks->len; i++) { - GstMXFDemuxEssenceTrack *etrack = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, -- i); -+ g_ptr_array_index (demux->essence_tracks, i); - etrack->position = -1; - } - ret = TRUE; -@@ -4350,8 +4335,7 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event) - - for (i = 0; i < demux->essence_tracks->len; i++) { - GstMXFDemuxEssenceTrack *t = -- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, -- i); -+ g_ptr_array_index (demux->essence_tracks, i); - t->position = -1; - } - demux->current_partition = NULL; -@@ -4624,7 +4608,7 @@ gst_mxf_demux_finalize (GObject * object) - - g_ptr_array_free (demux->src, TRUE); - demux->src = NULL; -- g_array_free (demux->essence_tracks, TRUE); -+ g_ptr_array_free (demux->essence_tracks, TRUE); - demux->essence_tracks = NULL; - - g_hash_table_destroy (demux->metadata); -@@ -4701,8 +4685,8 @@ gst_mxf_demux_init (GstMXFDemux * demux) - g_rw_lock_init (&demux->metadata_lock); - - demux->src = g_ptr_array_new (); -- demux->essence_tracks = -- g_array_new (FALSE, FALSE, sizeof (GstMXFDemuxEssenceTrack)); -+ demux->essence_tracks = g_ptr_array_new_with_free_func ((GDestroyNotify) -+ gst_mxf_demux_essence_track_free); - - gst_segment_init (&demux->segment, GST_FORMAT_TIME); - -diff --git a/gst/mxf/mxfdemux.h b/gst/mxf/mxfdemux.h -index aac3e67..a452980 100644 ---- a/gst/mxf/mxfdemux.h -+++ b/gst/mxf/mxfdemux.h -@@ -182,7 +182,7 @@ struct _GstMXFDemux - GList *partitions; - GstMXFDemuxPartition *current_partition; - -- GArray *essence_tracks; -+ GPtrArray *essence_tracks; - - GList *pending_index_table_segments; - GList *index_tables; /* one per BodySID / IndexSID */ --- -2.41.0 - diff --git a/gst-plugins-bad-1.16.2.tar.xz b/gst-plugins-bad-1.24.0.tar.xz similarity index 36% rename from gst-plugins-bad-1.16.2.tar.xz rename to gst-plugins-bad-1.24.0.tar.xz index a54ded42c28b62d49bf30c5cad1cf9e8d762c4a9..54849931ae26e2293c044da10e02a738e1a65bf9 100644 Binary files a/gst-plugins-bad-1.16.2.tar.xz and b/gst-plugins-bad-1.24.0.tar.xz differ diff --git a/gstreamer1-plugins-bad-free.spec b/gstreamer1-plugins-bad-free.spec index f479e97de51b5a9cbfb58912081741786d4d68f2..8821904f0b8dc36e18838bf11e272a91ef06be97 100644 --- a/gstreamer1-plugins-bad-free.spec +++ b/gstreamer1-plugins-bad-free.spec @@ -2,26 +2,14 @@ %bcond_with extras Name: gstreamer1-plugins-bad-free -Version: 1.16.2 -Release: 9 +Version: 1.24.0 +Release: 1 Summary: Not well tested plugins for GStreamer framework License: LGPLv2+ and LGPLv2 URL: http://gstreamer.freedesktop.org/ Source0: https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad-%{version}.tar.xz -Patch0001: Adapt-to-backwards-incompatible-change-in-GNU-Make-4.3.patch -Patch0002: CVE-2021-3185.patch -# https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/ce17e968e4cf900d28ca5b46f6e095febc42b4f0 -Patch0003: CVE-2023-40474.patch -# https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/72742dee30cce7bf909639f82de119871566ce39 -Patch0004: CVE-2023-40475.patch -# https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/ff91a3d8d6f7e2412c44663bf30fad5c7fdbc9d9 -Patch0005: CVE-2023-40476.patch -#https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/7dfaa57b6f9b55f17ffe824bd8988bb71ae11353 -Patch0006: CVE-2023-44446.patch -#https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/4896.patch -Patch0007: CVE-2023-37329.patch - +BuildRequires: meson BuildRequires: gstreamer1-devel >= %{version} autoconf BuildRequires: gstreamer1-plugins-base-devel >= %{version} BuildRequires: check gettext-devel libXt-devel gtk-doc @@ -36,6 +24,13 @@ BuildRequires: gnutls-devel pkgconfig(gudev-1.0) pkgconfig(libusb-1.0) BuildRequires: gtk3-devel >= 3.4 bluez-libs-devel >= 5.0 libwebp-devel BuildRequires: mesa-libEGL-devel webrtc-audio-processing-devel gcc-g++ BuildRequires: wayland-protocols-devel +BuildRequires: libva-devel +BuildRequires: vulkan-devel +BuildRequires: glslc +BuildRequires: libdrm-devel +BuildRequires: liblc3-devel +BuildRequires: json-glib-devel +BuildRequires: svt-av1-devel %if %{with extras} BuildRequires: libbs2b-devel >= 3.1.0 fluidsynth-devel libass-devel @@ -92,21 +87,57 @@ This package provides the development files for GStreamer not-well-tested plugin %autosetup -n gst-plugins-bad-%{version} -p1 %build -autoreconf --force --install -%configure --disable-silent-rules --disable-fatal-warnings \ - --with-package-name="openEuler GStreamer-plugins-bad package" \ - --with-package-origin="https://openeuler.org/en/building/download.html" \ - %{!?with_extras:--disable-fbdev --disable-decklink --disable-linsys} \ - --enable-debug --disable-static --enable-gtk-doc --enable-experimental \ - --disable-dts --disable-faac --disable-faad --disable-nas \ - --disable-mimic --disable-libmms --disable-mpeg2enc --disable-mplex \ - --disable-neon --disable-rtmp --disable-xvid \ - --disable-flite --disable-mpg123 --disable-sbc --disable-opencv \ - --disable-spandsp --disable-voamrwbenc --disable-x265 -%make_build +%meson \ + -D package-name="openEuler GStreamer-plugins-bad package" \ + -D package-origin="http://openeuler.org/en/building/download.html" \ + -D tests=disabled \ + %{!?with_extras:-D fbdev=disabled -D decklink=disabled } \ + %{!?with_extras:-D assrender=disabled -D bs2b=disabled } \ + %{!?with_extras:-D chromaprint=disabled -D d3dvideosink=disabled } \ + %{!?with_extras:-D directsound=disabled -D dts=disabled } \ + %{!?with_extras:-D fluidsynth=disabled -D openexr=disabled } \ + %{!?with_extras:-D curl=disabled -D curl-ssh2=disabled } \ + %{!?with_extras:-D ttml=disabled } \ + %{!?with_extras:-D modplug=disabled } \ + %{!?with_extras:-D openal=disabled } \ + %{!?with_opencv:-D opencv=disabled } \ + %{!?with_openh264:-D openh264=disabled } \ + %{!?with_extras:-D openjpeg=disabled } \ + %{!?with_extras:-D wildmidi=disabled -D zbar=disabled } \ + %{!?with_extras:-D gme=disabled -D lv2=disabled } \ + %{!?with_extras:-D webrtc=disabled -D aom=disabled } \ + %{!?with_extras:-D teletext=disabled -D srt=disabled } \ + %{!?with_extras:-D openmpt=disabled -D microdns=disabled } \ + %{!?with_extras:-D ladspa=disabled } \ + %{!?with_extras:-D avtp=disabled -D dts=disabled } \ + %{!?with_extras:-D flite=disabled } \ + -D doc=disabled -D magicleap=disabled -D msdk=disabled \ + -D faac=disabled -D faad=disabled \ + -D mpeg2enc=disabled -D mplex=disabled \ + -D neon=disabled -D rtmp=disabled \ + -D sbc=disabled \ + %{!?with_extras:-D spandsp=disabled } \ + %{!?with_extras:-D voamrwbenc=disabled } \ + -D x265=disabled \ + -D dvdspu=disabled \ + -D opensles=disabled -D tinyalsa=disabled \ + -D wasapi=disabled -D wasapi2=disabled \ + -D dc1394=disabled -D directfb=disabled -D iqa=disabled \ + -D libde265=disabled -D openni2=disabled \ + %{!?with_extras:-D musepack=disabled } \ + -D svthevcenc=disabled -D voaacenc=disabled \ + -D zxing=disabled -D wpe=disabled -D x11=disabled \ + %{!?with_extras:-D ldac=disabled } \ + %{!?with_extras:-D qroverlay=disabled } \ + -D gs=disabled -D isac=disabled \ + -D onnx=disabled -D openaptx=disabled -Dgpl=enabled \ + -D amfcodec=disabled -D directshow=disabled -D qsv=disabled \ + %{!?with_webrtcdsp:-D webrtcdsp=disabled } \ + -D aja=disabled -D qt6d3d11=disabled +%meson_build %install -%make_install +%meson_install install -d $RPM_BUILD_ROOT%{_datadir}/appdata cat > $RPM_BUILD_ROOT%{_datadir}/appdata/gstreamer-bad-free.appdata.xml < - 1.24.0-1 +- update to version 1.24.0 + * Fri Dec 15 2023 wangkai <13474090681@163.com> - 1.16.2-9 - Fix CVE-2023-44446,CVE-2023-37329