diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..40fe10a --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/v1.7.0.tar.gz diff --git a/.libvpx.metadata b/.libvpx.metadata new file mode 100644 index 0000000..7d6c734 --- /dev/null +++ b/.libvpx.metadata @@ -0,0 +1 @@ +fb3d4b80596d1e3b1a7f53757d63e7d2b3eeb7c9 SOURCES/v1.7.0.tar.gz diff --git a/SOURCES/0001-CVE-2019-9232-Fix-OOB-memory-access-on-fuzzed-data.patch b/SOURCES/0001-CVE-2019-9232-Fix-OOB-memory-access-on-fuzzed-data.patch new file mode 100644 index 0000000..01bbd4a --- /dev/null +++ b/SOURCES/0001-CVE-2019-9232-Fix-OOB-memory-access-on-fuzzed-data.patch @@ -0,0 +1,45 @@ +From 953b0b85f8462efeac179341c912617c1bae8d4c Mon Sep 17 00:00:00 2001 +From: Wim Taymans +Date: Wed, 25 Mar 2020 13:39:30 +0100 +Subject: [PATCH 1/2] CVE-2019-9232: Fix OOB memory access on fuzzed data + +vp8_norm table has 256 elements while index to it can be higher on +fuzzed data. Typecasting it to unsigned char will ensure valid range and +will trigger proper error later. Also declaring "shift" as unsigned char to +avoid UB sanitizer warning + +BUG=b/122373286,b/122373822,b/122371119 +--- + vp8/decoder/dboolhuff.h | 2 +- + vpx_dsp/bitreader.h | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/vp8/decoder/dboolhuff.h b/vp8/decoder/dboolhuff.h +index 04c027cd7..f3b080509 100644 +--- a/vp8/decoder/dboolhuff.h ++++ b/vp8/decoder/dboolhuff.h +@@ -76,7 +76,7 @@ static int vp8dx_decode_bool(BOOL_DECODER *br, int probability) { + } + + { +- register int shift = vp8_norm[range]; ++ register unsigned char shift = vp8_norm[(unsigned char)range]; + range <<= shift; + value <<= shift; + count -= shift; +diff --git a/vpx_dsp/bitreader.h b/vpx_dsp/bitreader.h +index 6ee2a5863..4b87e986c 100644 +--- a/vpx_dsp/bitreader.h ++++ b/vpx_dsp/bitreader.h +@@ -94,7 +94,7 @@ static INLINE int vpx_read(vpx_reader *r, int prob) { + } + + { +- register int shift = vpx_norm[range]; ++ register unsigned char shift = vpx_norm[(unsigned char)range]; + range <<= shift; + value <<= shift; + count -= shift; +-- +2.25.1 + diff --git a/SOURCES/0002-CVE-2019-9433-VP8-Fix-use-after-free-in-postproc.patch b/SOURCES/0002-CVE-2019-9433-VP8-Fix-use-after-free-in-postproc.patch new file mode 100644 index 0000000..458a45e --- /dev/null +++ b/SOURCES/0002-CVE-2019-9433-VP8-Fix-use-after-free-in-postproc.patch @@ -0,0 +1,33 @@ +From 93681819b22d3f42cf5fdfa85701f38e5bab10dd Mon Sep 17 00:00:00 2001 +From: Wim Taymans +Date: Wed, 25 Mar 2020 13:42:07 +0100 +Subject: [PATCH 2/2] CVE-2019-9433: VP8: Fix use-after-free in postproc. + +The pointer in vp8 postproc refers to show_frame_mi which is only +updated on show frame. However, when there is a no-show frame which also +changes the size (thus new frame buffers allocated), show_frame_mi is +not updated with new frame buffer memory. + +Change the pointer in postproc to mi which is always updated. + +Bug: 842265 +--- + vp8/common/postproc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/vp8/common/postproc.c b/vp8/common/postproc.c +index d67ee8a57..8c292d616 100644 +--- a/vp8/common/postproc.c ++++ b/vp8/common/postproc.c +@@ -65,7 +65,7 @@ void vp8_deblock(VP8_COMMON *cm, YV12_BUFFER_CONFIG *source, + double level = 6.0e-05 * q * q * q - .0067 * q * q + .306 * q + .0065; + int ppl = (int)(level + .5); + +- const MODE_INFO *mode_info_context = cm->show_frame_mi; ++ const MODE_INFO *mode_info_context = cm->mi; + int mbr, mbc; + + /* The pixel thresholds are adjusted according to if or not the macroblock +-- +2.25.1 + diff --git a/SOURCES/0003-CVE-2019-9371-update-libwebm.patch b/SOURCES/0003-CVE-2019-9371-update-libwebm.patch new file mode 100644 index 0000000..79aba43 --- /dev/null +++ b/SOURCES/0003-CVE-2019-9371-update-libwebm.patch @@ -0,0 +1,755 @@ +From ca1647dda267762c03c8641d2c605a9853a8ac59 Mon Sep 17 00:00:00 2001 +From: Johann +Date: Tue, 24 Apr 2018 15:22:28 -0700 +Subject: [PATCH 3/4] CVE-2019-9371: update libwebm + +update libwebm to libwebm-1.0.0.27-358-gdbf1d10 +--- + configure | 8 +- + third_party/libwebm/AUTHORS.TXT | 8 +- + third_party/libwebm/Android.mk | 2 +- + third_party/libwebm/README.libvpx | 14 +++- + third_party/libwebm/common/file_util.cc | 19 ++++- + third_party/libwebm/common/file_util.h | 5 +- + third_party/libwebm/common/hdr_util.cc | 8 +- + third_party/libwebm/common/hdr_util.h | 10 +-- + third_party/libwebm/common/webmids.h | 1 + + third_party/libwebm/mkvmuxer/mkvmuxer.cc | 77 +++++++++++++------- + third_party/libwebm/mkvmuxer/mkvmuxer.h | 5 +- + third_party/libwebm/mkvmuxer/mkvmuxerutil.cc | 13 ++-- + third_party/libwebm/mkvmuxer/mkvmuxerutil.h | 3 + + third_party/libwebm/mkvmuxer/mkvwriter.cc | 2 + + third_party/libwebm/mkvparser/mkvparser.cc | 64 +++++++++++----- + third_party/libwebm/mkvparser/mkvparser.h | 6 +- + third_party/libwebm/mkvparser/mkvreader.cc | 2 + + 17 files changed, 165 insertions(+), 82 deletions(-) + +diff --git a/configure b/configure +index e5a74c6f2..56d203e6b 100755 +--- a/configure ++++ b/configure +@@ -703,9 +703,7 @@ process_toolchain() { + check_cxx "$@" < +- +-Google Inc. ++# Names should be added to this file like so: ++# Name or Organization ++ ++Google Inc. +diff --git a/third_party/libwebm/Android.mk b/third_party/libwebm/Android.mk +index 8149a083f..b46ba101d 100644 +--- a/third_party/libwebm/Android.mk ++++ b/third_party/libwebm/Android.mk +@@ -3,7 +3,7 @@ LOCAL_PATH:= $(call my-dir) + include $(CLEAR_VARS) + LOCAL_MODULE:= libwebm + LOCAL_CPPFLAGS:=-D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS +-LOCAL_CPPFLAGS+=-D__STDC_LIMIT_MACROS -Wno-extern-c-compat ++LOCAL_CPPFLAGS+=-D__STDC_LIMIT_MACROS -std=c++11 + LOCAL_C_INCLUDES:= $(LOCAL_PATH) + LOCAL_EXPORT_C_INCLUDES:= $(LOCAL_PATH) + +diff --git a/third_party/libwebm/README.libvpx b/third_party/libwebm/README.libvpx +index ebb5ff2f4..16f17513e 100644 +--- a/third_party/libwebm/README.libvpx ++++ b/third_party/libwebm/README.libvpx +@@ -1,5 +1,5 @@ + URL: https://chromium.googlesource.com/webm/libwebm +-Version: 0ae757087f5e6eb01dfea16cc09205b2425cfb74 ++Version: dbf1d1089756e7cb5b1a04d6752310ef35912347 + License: BSD + License File: LICENSE.txt + +@@ -7,4 +7,14 @@ Description: + libwebm is used to handle WebM container I/O. + + Local Changes: +-* ++Only keep: ++ - Android.mk ++ - AUTHORS.TXT ++ - common/ ++ file_util.cc/h ++ hdr_util.cc/h ++ webmids.h ++ - LICENSE.TXT ++ - mkvmuxer/ ++ - mkvparser/ ++ - PATENTS.TXT +diff --git a/third_party/libwebm/common/file_util.cc b/third_party/libwebm/common/file_util.cc +index 6dab146dd..6eb6428b9 100644 +--- a/third_party/libwebm/common/file_util.cc ++++ b/third_party/libwebm/common/file_util.cc +@@ -17,14 +17,15 @@ + #include + #include + #include ++#include + + namespace libwebm { + + std::string GetTempFileName() { + #if !defined _MSC_VER && !defined __MINGW32__ + std::string temp_file_name_template_str = +- std::string(std::getenv("TEST_TMPDIR") ? std::getenv("TEST_TMPDIR") : +- ".") + ++ std::string(std::getenv("TEST_TMPDIR") ? std::getenv("TEST_TMPDIR") ++ : ".") + + "/libwebm_temp.XXXXXX"; + char* temp_file_name_template = + new char[temp_file_name_template_str.length() + 1]; +@@ -41,7 +42,12 @@ std::string GetTempFileName() { + return temp_file_name; + #else + char tmp_file_name[_MAX_PATH]; ++#if defined _MSC_VER || defined MINGW_HAS_SECURE_API + errno_t err = tmpnam_s(tmp_file_name); ++#else ++ char* fname_pointer = tmpnam(tmp_file_name); ++ int err = (fname_pointer == &tmp_file_name[0]) ? 0 : -1; ++#endif + if (err == 0) { + return std::string(tmp_file_name); + } +@@ -65,6 +71,15 @@ uint64_t GetFileSize(const std::string& file_name) { + return file_size; + } + ++bool GetFileContents(const std::string& file_name, std::string* contents) { ++ std::ifstream file(file_name.c_str()); ++ *contents = std::string(static_cast(GetFileSize(file_name)), 0); ++ if (file.good() && contents->size()) { ++ file.read(&(*contents)[0], contents->size()); ++ } ++ return !file.fail(); ++} ++ + TempFileDeleter::TempFileDeleter() { file_name_ = GetTempFileName(); } + + TempFileDeleter::~TempFileDeleter() { +diff --git a/third_party/libwebm/common/file_util.h b/third_party/libwebm/common/file_util.h +index 0e71eac11..a87373464 100644 +--- a/third_party/libwebm/common/file_util.h ++++ b/third_party/libwebm/common/file_util.h +@@ -22,6 +22,9 @@ std::string GetTempFileName(); + // Returns size of file specified by |file_name|, or 0 upon failure. + uint64_t GetFileSize(const std::string& file_name); + ++// Gets the contents file_name as a string. Returns false on error. ++bool GetFileContents(const std::string& file_name, std::string* contents); ++ + // Manages life of temporary file specified at time of construction. Deletes + // file upon destruction. + class TempFileDeleter { +@@ -38,4 +41,4 @@ class TempFileDeleter { + + } // namespace libwebm + +-#endif // LIBWEBM_COMMON_FILE_UTIL_H_ +\ No newline at end of file ++#endif // LIBWEBM_COMMON_FILE_UTIL_H_ +diff --git a/third_party/libwebm/common/hdr_util.cc b/third_party/libwebm/common/hdr_util.cc +index e1618ce75..916f7170b 100644 +--- a/third_party/libwebm/common/hdr_util.cc ++++ b/third_party/libwebm/common/hdr_util.cc +@@ -36,10 +36,10 @@ bool CopyMasteringMetadata(const mkvparser::MasteringMetadata& parser_mm, + if (MasteringMetadataValuePresent(parser_mm.luminance_min)) + muxer_mm->set_luminance_min(parser_mm.luminance_min); + +- PrimaryChromaticityPtr r_ptr(NULL); +- PrimaryChromaticityPtr g_ptr(NULL); +- PrimaryChromaticityPtr b_ptr(NULL); +- PrimaryChromaticityPtr wp_ptr(NULL); ++ PrimaryChromaticityPtr r_ptr(nullptr); ++ PrimaryChromaticityPtr g_ptr(nullptr); ++ PrimaryChromaticityPtr b_ptr(nullptr); ++ PrimaryChromaticityPtr wp_ptr(nullptr); + + if (parser_mm.r) { + if (!CopyPrimaryChromaticity(*parser_mm.r, &r_ptr)) +diff --git a/third_party/libwebm/common/hdr_util.h b/third_party/libwebm/common/hdr_util.h +index 3ef5388fd..78e2eeb70 100644 +--- a/third_party/libwebm/common/hdr_util.h ++++ b/third_party/libwebm/common/hdr_util.h +@@ -47,15 +47,7 @@ struct Vp9CodecFeatures { + int chroma_subsampling; + }; + +-// disable deprecation warnings for auto_ptr +-#if defined(__GNUC__) && __GNUC__ >= 5 +-#pragma GCC diagnostic push +-#pragma GCC diagnostic ignored "-Wdeprecated-declarations" +-#endif +-typedef std::auto_ptr PrimaryChromaticityPtr; +-#if defined(__GNUC__) && __GNUC__ >= 5 +-#pragma GCC diagnostic pop +-#endif ++typedef std::unique_ptr PrimaryChromaticityPtr; + + bool CopyPrimaryChromaticity(const mkvparser::PrimaryChromaticity& parser_pc, + PrimaryChromaticityPtr* muxer_pc); +diff --git a/third_party/libwebm/common/webmids.h b/third_party/libwebm/common/webmids.h +index 89d722a71..fc0c20814 100644 +--- a/third_party/libwebm/common/webmids.h ++++ b/third_party/libwebm/common/webmids.h +@@ -93,6 +93,7 @@ enum MkvId { + kMkvDisplayHeight = 0x54BA, + kMkvDisplayUnit = 0x54B2, + kMkvAspectRatioType = 0x54B3, ++ kMkvColourSpace = 0x2EB524, + kMkvFrameRate = 0x2383E3, + // end video + // colour +diff --git a/third_party/libwebm/mkvmuxer/mkvmuxer.cc b/third_party/libwebm/mkvmuxer/mkvmuxer.cc +index 15b9a908d..512031211 100644 +--- a/third_party/libwebm/mkvmuxer/mkvmuxer.cc ++++ b/third_party/libwebm/mkvmuxer/mkvmuxer.cc +@@ -8,6 +8,8 @@ + + #include "mkvmuxer/mkvmuxer.h" + ++#include ++ + #include + #include + #include +@@ -24,11 +26,6 @@ + #include "mkvmuxer/mkvwriter.h" + #include "mkvparser/mkvparser.h" + +-// disable deprecation warnings for auto_ptr +-#if defined(__GNUC__) && __GNUC__ >= 5 +-#pragma GCC diagnostic ignored "-Wdeprecated-declarations" +-#endif +- + namespace mkvmuxer { + + const float PrimaryChromaticity::kChromaticityMin = 0.0f; +@@ -72,7 +69,7 @@ bool StrCpy(const char* src, char** dst_ptr) { + return true; + } + +-typedef std::auto_ptr PrimaryChromaticityPtr; ++typedef std::unique_ptr PrimaryChromaticityPtr; + bool CopyChromaticity(const PrimaryChromaticity* src, + PrimaryChromaticityPtr* dst) { + if (!dst) +@@ -776,6 +773,14 @@ bool Track::Write(IMkvWriter* writer) const { + if (!type_ || !codec_id_) + return false; + ++ // AV1 tracks require a CodecPrivate. See ++ // https://github.com/Matroska-Org/matroska-specification/blob/av1-mappin/codec/av1.md ++ // TODO(tomfinegan): Update the above link to the AV1 Matroska mappings to ++ // point to a stable version once it is finalized, or our own WebM mappings ++ // page on webmproject.org should we decide to release them. ++ if (!strcmp(codec_id_, Tracks::kAv1CodecId) && !codec_private_) ++ return false; ++ + // |size| may be bigger than what is written out in this function because + // derived classes may write out more data in the Track element. + const uint64_t payload_size = PayloadSize(); +@@ -1030,19 +1035,16 @@ bool MasteringMetadata::Write(IMkvWriter* writer) const { + !WriteEbmlElement(writer, libwebm::kMkvLuminanceMin, luminance_min_)) { + return false; + } +- if (r_ && +- !r_->Write(writer, libwebm::kMkvPrimaryRChromaticityX, +- libwebm::kMkvPrimaryRChromaticityY)) { ++ if (r_ && !r_->Write(writer, libwebm::kMkvPrimaryRChromaticityX, ++ libwebm::kMkvPrimaryRChromaticityY)) { + return false; + } +- if (g_ && +- !g_->Write(writer, libwebm::kMkvPrimaryGChromaticityX, +- libwebm::kMkvPrimaryGChromaticityY)) { ++ if (g_ && !g_->Write(writer, libwebm::kMkvPrimaryGChromaticityX, ++ libwebm::kMkvPrimaryGChromaticityY)) { + return false; + } +- if (b_ && +- !b_->Write(writer, libwebm::kMkvPrimaryBChromaticityX, +- libwebm::kMkvPrimaryBChromaticityY)) { ++ if (b_ && !b_->Write(writer, libwebm::kMkvPrimaryBChromaticityX, ++ libwebm::kMkvPrimaryBChromaticityY)) { + return false; + } + if (white_point_ && +@@ -1057,22 +1059,22 @@ bool MasteringMetadata::Write(IMkvWriter* writer) const { + bool MasteringMetadata::SetChromaticity( + const PrimaryChromaticity* r, const PrimaryChromaticity* g, + const PrimaryChromaticity* b, const PrimaryChromaticity* white_point) { +- PrimaryChromaticityPtr r_ptr(NULL); ++ PrimaryChromaticityPtr r_ptr(nullptr); + if (r) { + if (!CopyChromaticity(r, &r_ptr)) + return false; + } +- PrimaryChromaticityPtr g_ptr(NULL); ++ PrimaryChromaticityPtr g_ptr(nullptr); + if (g) { + if (!CopyChromaticity(g, &g_ptr)) + return false; + } +- PrimaryChromaticityPtr b_ptr(NULL); ++ PrimaryChromaticityPtr b_ptr(nullptr); + if (b) { + if (!CopyChromaticity(b, &b_ptr)) + return false; + } +- PrimaryChromaticityPtr wp_ptr(NULL); ++ PrimaryChromaticityPtr wp_ptr(nullptr); + if (white_point) { + if (!CopyChromaticity(white_point, &wp_ptr)) + return false; +@@ -1238,7 +1240,7 @@ bool Colour::Write(IMkvWriter* writer) const { + } + + bool Colour::SetMasteringMetadata(const MasteringMetadata& mastering_metadata) { +- std::auto_ptr mm_ptr(new MasteringMetadata()); ++ std::unique_ptr mm_ptr(new MasteringMetadata()); + if (!mm_ptr.get()) + return false; + +@@ -1424,6 +1426,7 @@ VideoTrack::VideoTrack(unsigned int* seed) + stereo_mode_(0), + alpha_mode_(0), + width_(0), ++ colour_space_(NULL), + colour_(NULL), + projection_(NULL) {} + +@@ -1521,6 +1524,10 @@ bool VideoTrack::Write(IMkvWriter* writer) const { + static_cast(alpha_mode_))) + return false; + } ++ if (colour_space_) { ++ if (!WriteEbmlElement(writer, libwebm::kMkvColourSpace, colour_space_)) ++ return false; ++ } + if (frame_rate_ > 0.0) { + if (!WriteEbmlElement(writer, libwebm::kMkvFrameRate, + static_cast(frame_rate_))) { +@@ -1545,8 +1552,24 @@ bool VideoTrack::Write(IMkvWriter* writer) const { + return true; + } + ++void VideoTrack::set_colour_space(const char* colour_space) { ++ if (colour_space) { ++ delete[] colour_space_; ++ ++ const size_t length = strlen(colour_space) + 1; ++ colour_space_ = new (std::nothrow) char[length]; // NOLINT ++ if (colour_space_) { ++#ifdef _MSC_VER ++ strcpy_s(colour_space_, length, colour_space); ++#else ++ strcpy(colour_space_, colour_space); ++#endif ++ } ++ } ++} ++ + bool VideoTrack::SetColour(const Colour& colour) { +- std::auto_ptr colour_ptr(new Colour()); ++ std::unique_ptr colour_ptr(new Colour()); + if (!colour_ptr.get()) + return false; + +@@ -1574,7 +1597,7 @@ bool VideoTrack::SetColour(const Colour& colour) { + } + + bool VideoTrack::SetProjection(const Projection& projection) { +- std::auto_ptr projection_ptr(new Projection()); ++ std::unique_ptr projection_ptr(new Projection()); + if (!projection_ptr.get()) + return false; + +@@ -1628,6 +1651,8 @@ uint64_t VideoTrack::VideoPayloadSize() const { + if (frame_rate_ > 0.0) + size += EbmlElementSize(libwebm::kMkvFrameRate, + static_cast(frame_rate_)); ++ if (colour_space_) ++ size += EbmlElementSize(libwebm::kMkvColourSpace, colour_space_); + if (colour_) + size += colour_->ColourSize(); + if (projection_) +@@ -1705,9 +1730,9 @@ bool AudioTrack::Write(IMkvWriter* writer) const { + + const char Tracks::kOpusCodecId[] = "A_OPUS"; + const char Tracks::kVorbisCodecId[] = "A_VORBIS"; ++const char Tracks::kAv1CodecId[] = "V_AV1"; + const char Tracks::kVp8CodecId[] = "V_VP8"; + const char Tracks::kVp9CodecId[] = "V_VP9"; +-const char Tracks::kVp10CodecId[] = "V_VP10"; + const char Tracks::kWebVttCaptionsId[] = "D_WEBVTT/CAPTIONS"; + const char Tracks::kWebVttDescriptionsId[] = "D_WEBVTT/DESCRIPTIONS"; + const char Tracks::kWebVttMetadataId[] = "D_WEBVTT/METADATA"; +@@ -2666,7 +2691,7 @@ bool Cluster::QueueOrWriteFrame(const Frame* const frame) { + // and write it if it is okay to do so (i.e.) no other track has an held back + // frame with timestamp <= the timestamp of the frame in question. + std::vector::iterator> frames_to_erase; +- for (std::list::iterator ++ for (std::list::iterator + current_track_iterator = stored_frames_[track_number].begin(), + end = --stored_frames_[track_number].end(); + current_track_iterator != end; ++current_track_iterator) { +@@ -4168,8 +4193,8 @@ bool Segment::DocTypeIsWebm() const { + // TODO(vigneshv): Tweak .clang-format. + const char* kWebmCodecIds[kNumCodecIds] = { + Tracks::kOpusCodecId, Tracks::kVorbisCodecId, +- Tracks::kVp8CodecId, Tracks::kVp9CodecId, +- Tracks::kVp10CodecId, Tracks::kWebVttCaptionsId, ++ Tracks::kAv1CodecId, Tracks::kVp8CodecId, ++ Tracks::kVp9CodecId, Tracks::kWebVttCaptionsId, + Tracks::kWebVttDescriptionsId, Tracks::kWebVttMetadataId, + Tracks::kWebVttSubtitlesId}; + +diff --git a/third_party/libwebm/mkvmuxer/mkvmuxer.h b/third_party/libwebm/mkvmuxer/mkvmuxer.h +index 46b0029dc..f2db37714 100644 +--- a/third_party/libwebm/mkvmuxer/mkvmuxer.h ++++ b/third_party/libwebm/mkvmuxer/mkvmuxer.h +@@ -795,6 +795,8 @@ class VideoTrack : public Track { + uint64_t alpha_mode() { return alpha_mode_; } + void set_width(uint64_t width) { width_ = width; } + uint64_t width() const { return width_; } ++ void set_colour_space(const char* colour_space); ++ const char* colour_space() const { return colour_space_; } + + Colour* colour() { return colour_; } + +@@ -824,6 +826,7 @@ class VideoTrack : public Track { + uint64_t stereo_mode_; + uint64_t alpha_mode_; + uint64_t width_; ++ char* colour_space_; + + Colour* colour_; + Projection* projection_; +@@ -871,9 +874,9 @@ class Tracks { + + static const char kOpusCodecId[]; + static const char kVorbisCodecId[]; ++ static const char kAv1CodecId[]; + static const char kVp8CodecId[]; + static const char kVp9CodecId[]; +- static const char kVp10CodecId[]; + static const char kWebVttCaptionsId[]; + static const char kWebVttDescriptionsId[]; + static const char kWebVttMetadataId[]; +diff --git a/third_party/libwebm/mkvmuxer/mkvmuxerutil.cc b/third_party/libwebm/mkvmuxer/mkvmuxerutil.cc +index 355d4e22b..7636a9f4e 100644 +--- a/third_party/libwebm/mkvmuxer/mkvmuxerutil.cc ++++ b/third_party/libwebm/mkvmuxer/mkvmuxerutil.cc +@@ -136,9 +136,8 @@ uint64 WriteBlock(IMkvWriter* writer, const Frame* const frame, int64 timecode, + return false; + } + +- if (!frame->is_key() && +- !WriteEbmlElement(writer, libwebm::kMkvReferenceBlock, +- reference_block_timestamp)) { ++ if (!frame->is_key() && !WriteEbmlElement(writer, libwebm::kMkvReferenceBlock, ++ reference_block_timestamp)) { + return false; + } + +@@ -563,10 +562,10 @@ uint64 WriteFrame(IMkvWriter* writer, const Frame* const frame, + if (relative_timecode < 0 || relative_timecode > kMaxBlockTimecode) + return 0; + +- return frame->CanBeSimpleBlock() ? +- WriteSimpleBlock(writer, frame, relative_timecode) : +- WriteBlock(writer, frame, relative_timecode, +- cluster->timecode_scale()); ++ return frame->CanBeSimpleBlock() ++ ? WriteSimpleBlock(writer, frame, relative_timecode) ++ : WriteBlock(writer, frame, relative_timecode, ++ cluster->timecode_scale()); + } + + uint64 WriteVoidElement(IMkvWriter* writer, uint64 size) { +diff --git a/third_party/libwebm/mkvmuxer/mkvmuxerutil.h b/third_party/libwebm/mkvmuxer/mkvmuxerutil.h +index 132388da5..3355428bd 100644 +--- a/third_party/libwebm/mkvmuxer/mkvmuxerutil.h ++++ b/third_party/libwebm/mkvmuxer/mkvmuxerutil.h +@@ -31,6 +31,9 @@ const int64 kMaxBlockTimecode = 0x07FFFLL; + // Writes out |value| in Big Endian order. Returns 0 on success. + int32 SerializeInt(IMkvWriter* writer, int64 value, int32 size); + ++// Writes out |f| in Big Endian order. Returns 0 on success. ++int32 SerializeFloat(IMkvWriter* writer, float f); ++ + // Returns the size in bytes of the element. + int32 GetUIntSize(uint64 value); + int32 GetIntSize(int64 value); +diff --git a/third_party/libwebm/mkvmuxer/mkvwriter.cc b/third_party/libwebm/mkvmuxer/mkvwriter.cc +index 84655d802..d668384d8 100644 +--- a/third_party/libwebm/mkvmuxer/mkvwriter.cc ++++ b/third_party/libwebm/mkvmuxer/mkvwriter.cc +@@ -78,6 +78,8 @@ int32 MkvWriter::Position(int64 position) { + + #ifdef _MSC_VER + return _fseeki64(file_, position, SEEK_SET); ++#elif defined(_WIN32) ++ return fseeko64(file_, static_cast(position), SEEK_SET); + #else + return fseeko(file_, static_cast(position), SEEK_SET); + #endif +diff --git a/third_party/libwebm/mkvparser/mkvparser.cc b/third_party/libwebm/mkvparser/mkvparser.cc +index 37f230d0a..dcb969dcf 100644 +--- a/third_party/libwebm/mkvparser/mkvparser.cc ++++ b/third_party/libwebm/mkvparser/mkvparser.cc +@@ -22,12 +22,8 @@ + + #include "common/webmids.h" + +-// disable deprecation warnings for auto_ptr +-#if defined(__GNUC__) && __GNUC__ >= 5 +-#pragma GCC diagnostic ignored "-Wdeprecated-declarations" +-#endif +- + namespace mkvparser { ++const long long kStringElementSizeLimit = 20 * 1000 * 1000; + const float MasteringMetadata::kValueNotPresent = FLT_MAX; + const long long Colour::kValueNotPresent = LLONG_MAX; + const float Projection::kValueNotPresent = FLT_MAX; +@@ -40,8 +36,6 @@ inline bool isnan(double val) { return std::isnan(val); } + inline bool isinf(double val) { return std::isinf(val); } + #endif // MSC_COMPAT + +-IMkvReader::~IMkvReader() {} +- + template + Type* SafeArrayAlloc(unsigned long long num_elements, + unsigned long long element_size) { +@@ -330,7 +324,7 @@ long UnserializeString(IMkvReader* pReader, long long pos, long long size, + delete[] str; + str = NULL; + +- if (size >= LONG_MAX || size < 0) ++ if (size >= LONG_MAX || size < 0 || size > kStringElementSizeLimit) + return E_FILE_FORMAT_INVALID; + + // +1 for '\0' terminator +@@ -5015,7 +5009,7 @@ bool MasteringMetadata::Parse(IMkvReader* reader, long long mm_start, + if (!reader || *mm) + return false; + +- std::auto_ptr mm_ptr(new MasteringMetadata()); ++ std::unique_ptr mm_ptr(new MasteringMetadata()); + if (!mm_ptr.get()) + return false; + +@@ -5035,6 +5029,10 @@ bool MasteringMetadata::Parse(IMkvReader* reader, long long mm_start, + double value = 0; + const long long value_parse_status = + UnserializeFloat(reader, read_pos, child_size, value); ++ if (value < -FLT_MAX || value > FLT_MAX || ++ (value > 0.0 && value < FLT_MIN)) { ++ return false; ++ } + mm_ptr->luminance_max = static_cast(value); + if (value_parse_status < 0 || mm_ptr->luminance_max < 0.0 || + mm_ptr->luminance_max > 9999.99) { +@@ -5044,6 +5042,10 @@ bool MasteringMetadata::Parse(IMkvReader* reader, long long mm_start, + double value = 0; + const long long value_parse_status = + UnserializeFloat(reader, read_pos, child_size, value); ++ if (value < -FLT_MAX || value > FLT_MAX || ++ (value > 0.0 && value < FLT_MIN)) { ++ return false; ++ } + mm_ptr->luminance_min = static_cast(value); + if (value_parse_status < 0 || mm_ptr->luminance_min < 0.0 || + mm_ptr->luminance_min > 999.9999) { +@@ -5096,7 +5098,7 @@ bool Colour::Parse(IMkvReader* reader, long long colour_start, + if (!reader || *colour) + return false; + +- std::auto_ptr colour_ptr(new Colour()); ++ std::unique_ptr colour_ptr(new Colour()); + if (!colour_ptr.get()) + return false; + +@@ -5194,7 +5196,7 @@ bool Projection::Parse(IMkvReader* reader, long long start, long long size, + if (!reader || *projection) + return false; + +- std::auto_ptr projection_ptr(new Projection()); ++ std::unique_ptr projection_ptr(new Projection()); + if (!projection_ptr.get()) + return false; + +@@ -5270,6 +5272,7 @@ bool Projection::Parse(IMkvReader* reader, long long start, long long size, + VideoTrack::VideoTrack(Segment* pSegment, long long element_start, + long long element_size) + : Track(pSegment, element_start, element_size), ++ m_colour_space(NULL), + m_colour(NULL), + m_projection(NULL) {} + +@@ -5295,6 +5298,7 @@ long VideoTrack::Parse(Segment* pSegment, const Info& info, + long long stereo_mode = 0; + + double rate = 0.0; ++ char* colour_space = NULL; + + IMkvReader* const pReader = pSegment->m_pReader; + +@@ -5307,8 +5311,8 @@ long VideoTrack::Parse(Segment* pSegment, const Info& info, + + const long long stop = pos + s.size; + +- Colour* colour = NULL; +- Projection* projection = NULL; ++ std::unique_ptr colour_ptr; ++ std::unique_ptr projection_ptr; + + while (pos < stop) { + long long id, size; +@@ -5357,11 +5361,23 @@ long VideoTrack::Parse(Segment* pSegment, const Info& info, + if (rate <= 0) + return E_FILE_FORMAT_INVALID; + } else if (id == libwebm::kMkvColour) { +- if (!Colour::Parse(pReader, pos, size, &colour)) ++ Colour* colour = NULL; ++ if (!Colour::Parse(pReader, pos, size, &colour)) { + return E_FILE_FORMAT_INVALID; ++ } else { ++ colour_ptr.reset(colour); ++ } + } else if (id == libwebm::kMkvProjection) { +- if (!Projection::Parse(pReader, pos, size, &projection)) ++ Projection* projection = NULL; ++ if (!Projection::Parse(pReader, pos, size, &projection)) { + return E_FILE_FORMAT_INVALID; ++ } else { ++ projection_ptr.reset(projection); ++ } ++ } else if (id == libwebm::kMkvColourSpace) { ++ const long status = UnserializeString(pReader, pos, size, colour_space); ++ if (status < 0) ++ return status; + } + + pos += size; // consume payload +@@ -5392,8 +5408,9 @@ long VideoTrack::Parse(Segment* pSegment, const Info& info, + pTrack->m_display_unit = display_unit; + pTrack->m_stereo_mode = stereo_mode; + pTrack->m_rate = rate; +- pTrack->m_colour = colour; +- pTrack->m_projection = projection; ++ pTrack->m_colour = colour_ptr.release(); ++ pTrack->m_colour_space = colour_space; ++ pTrack->m_projection = projection_ptr.release(); + + pResult = pTrack; + return 0; // success +@@ -7903,6 +7920,10 @@ long Block::Parse(const Cluster* pCluster) { + return E_FILE_FORMAT_INVALID; + + curr.len = static_cast(frame_size); ++ // Check if size + curr.len could overflow. ++ if (size > LLONG_MAX - curr.len) { ++ return E_FILE_FORMAT_INVALID; ++ } + size += curr.len; // contribution of this frame + + --frame_count; +@@ -7964,6 +7985,11 @@ long long Block::GetTimeCode(const Cluster* pCluster) const { + const long long tc0 = pCluster->GetTimeCode(); + assert(tc0 >= 0); + ++ // Check if tc0 + m_timecode would overflow. ++ if (tc0 < 0 || LLONG_MAX - tc0 < m_timecode) { ++ return -1; ++ } ++ + const long long tc = tc0 + m_timecode; + + return tc; // unscaled timecode units +@@ -7981,6 +8007,10 @@ long long Block::GetTime(const Cluster* pCluster) const { + const long long scale = pInfo->GetTimeCodeScale(); + assert(scale >= 1); + ++ // Check if tc * scale could overflow. ++ if (tc != 0 && scale > LLONG_MAX / tc) { ++ return -1; ++ } + const long long ns = tc * scale; + + return ns; +diff --git a/third_party/libwebm/mkvparser/mkvparser.h b/third_party/libwebm/mkvparser/mkvparser.h +index 26c2b7e5e..848d01f03 100644 +--- a/third_party/libwebm/mkvparser/mkvparser.h ++++ b/third_party/libwebm/mkvparser/mkvparser.h +@@ -22,7 +22,7 @@ class IMkvReader { + virtual int Length(long long* total, long long* available) = 0; + + protected: +- virtual ~IMkvReader(); ++ virtual ~IMkvReader() {} + }; + + template +@@ -527,6 +527,8 @@ class VideoTrack : public Track { + + Projection* GetProjection() const; + ++ const char* GetColourSpace() const { return m_colour_space; } ++ + private: + long long m_width; + long long m_height; +@@ -534,7 +536,7 @@ class VideoTrack : public Track { + long long m_display_height; + long long m_display_unit; + long long m_stereo_mode; +- ++ char* m_colour_space; + double m_rate; + + Colour* m_colour; +diff --git a/third_party/libwebm/mkvparser/mkvreader.cc b/third_party/libwebm/mkvparser/mkvreader.cc +index 23d68f508..9d19c1be5 100644 +--- a/third_party/libwebm/mkvparser/mkvreader.cc ++++ b/third_party/libwebm/mkvparser/mkvreader.cc +@@ -118,6 +118,8 @@ int MkvReader::Read(long long offset, long len, unsigned char* buffer) { + + if (status) + return -1; // error ++#elif defined(_WIN32) ++ fseeko64(m_file, static_cast(offset), SEEK_SET); + #else + fseeko(m_file, static_cast(offset), SEEK_SET); + #endif +-- +2.25.1 + diff --git a/SOURCES/0004-CVE-2019-2126-update-libwebm-to-libwebm-1.0.0.27-361.patch b/SOURCES/0004-CVE-2019-2126-update-libwebm-to-libwebm-1.0.0.27-361.patch new file mode 100644 index 0000000..3e64446 --- /dev/null +++ b/SOURCES/0004-CVE-2019-2126-update-libwebm-to-libwebm-1.0.0.27-361.patch @@ -0,0 +1,71 @@ +From d06fa15d1c113edea0d6760ea19af8e8d0af0d94 Mon Sep 17 00:00:00 2001 +From: James Zern +Date: Fri, 7 Jun 2019 15:06:29 -0700 +Subject: [PATCH 4/4] CVE-2019-2126: update libwebm to + libwebm-1.0.0.27-361-g81de00c + +81de00c Check there is only one settings per ContentCompression +5623013 Fixes a double free in ContentEncoding +93b2ba0 mkvparser: quiet static analysis warnings + +Change-Id: Ieaa562ef2f10075381bd856388e6b29f97ca2746 +--- + third_party/libwebm/README.libvpx | 2 +- + third_party/libwebm/mkvparser/mkvparser.cc | 9 +++++++++ + 2 files changed, 10 insertions(+), 1 deletion(-) + +diff --git a/third_party/libwebm/README.libvpx b/third_party/libwebm/README.libvpx +index 16f17513e..714f5d0eb 100644 +--- a/third_party/libwebm/README.libvpx ++++ b/third_party/libwebm/README.libvpx +@@ -1,5 +1,5 @@ + URL: https://chromium.googlesource.com/webm/libwebm +-Version: dbf1d1089756e7cb5b1a04d6752310ef35912347 ++Version: 81de00c43ea3c087b48a8c20337db7531b9f7612 + License: BSD + License File: LICENSE.txt + +diff --git a/third_party/libwebm/mkvparser/mkvparser.cc b/third_party/libwebm/mkvparser/mkvparser.cc +index dcb969dcf..ace65bd59 100644 +--- a/third_party/libwebm/mkvparser/mkvparser.cc ++++ b/third_party/libwebm/mkvparser/mkvparser.cc +@@ -4230,6 +4230,7 @@ long ContentEncoding::ParseContentEncodingEntry(long long start, long long size, + new (std::nothrow) ContentEncryption*[encryption_count]; + if (!encryption_entries_) { + delete[] compression_entries_; ++ compression_entries_ = NULL; + return -1; + } + encryption_entries_end_ = encryption_entries_; +@@ -4261,6 +4262,7 @@ long ContentEncoding::ParseContentEncodingEntry(long long start, long long size, + delete compression; + return status; + } ++ assert(compression_count > 0); + *compression_entries_end_++ = compression; + } else if (id == libwebm::kMkvContentEncryption) { + ContentEncryption* const encryption = +@@ -4273,6 +4275,7 @@ long ContentEncoding::ParseContentEncodingEntry(long long start, long long size, + delete encryption; + return status; + } ++ assert(encryption_count > 0); + *encryption_entries_end_++ = encryption; + } + +@@ -4325,6 +4328,12 @@ long ContentEncoding::ParseCompressionEntry(long long start, long long size, + return status; + } + ++ // There should be only one settings element per content compression. ++ if (compression->settings != NULL) { ++ delete[] buf; ++ return E_FILE_FORMAT_INVALID; ++ } ++ + compression->settings = buf; + compression->settings_len = buflen; + } +-- +2.25.1 + diff --git a/SOURCES/libvpx-1.7.0-leave-fortify-source-on.patch b/SOURCES/libvpx-1.7.0-leave-fortify-source-on.patch new file mode 100644 index 0000000..23099da --- /dev/null +++ b/SOURCES/libvpx-1.7.0-leave-fortify-source-on.patch @@ -0,0 +1,12 @@ +diff -up libvpx-1.7.0/build/make/configure.sh.leave-fs-on libvpx-1.7.0/build/make/configure.sh +--- libvpx-1.7.0/build/make/configure.sh.leave-fs-on 2018-01-26 15:02:18.767645332 -0500 ++++ libvpx-1.7.0/build/make/configure.sh 2018-01-26 15:02:28.594420775 -0500 +@@ -1440,7 +1440,7 @@ EOF + + # Work around longjmp interception on glibc >= 2.11, to improve binary + # compatibility. See http://code.google.com/p/webm/issues/detail?id=166 +- enabled linux && check_add_cflags -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=0 ++ # enabled linux && check_add_cflags -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=0 + + # Check for strip utility variant + ${STRIP} -V 2>/dev/null | grep GNU >/dev/null && enable_feature gnu_strip diff --git a/SOURCES/libvpx.ver b/SOURCES/libvpx.ver new file mode 100644 index 0000000..aa147ab --- /dev/null +++ b/SOURCES/libvpx.ver @@ -0,0 +1,79 @@ +{ global: +vpx_codec_build_config; +vpx_codec_control_; +vpx_codec_dec_init_ver; +vpx_codec_decode; +vpx_codec_destroy; +vpx_codec_enc_config_default; +vpx_codec_enc_config_set; +vpx_codec_enc_init_ver; +vpx_codec_encode; +vpx_codec_error; +vpx_codec_error_detail; +vpx_codec_err_to_string; +vpx_codec_get_caps; +vpx_codec_get_cx_data; +vpx_codec_get_frame; +vpx_codec_get_global_headers; +vpx_codec_get_mem_map; +vpx_codec_get_preview_frame; +vpx_codec_get_stream_info; +vpx_codec_iface_name; +vpx_codec_peek_stream_info; +vpx_codec_register_put_frame_cb; +vpx_codec_register_put_slice_cb; +vpx_codec_set_cx_data_buf; +vpx_codec_set_frame_buffer_functions; +vpx_codec_set_mem_map; +vpx_codec_version; +vpx_codec_version_extra_str; +vpx_codec_version_str; +vpx_codec_vp8_algo; +vpx_codec_vp8_cx; +vpx_codec_vp8_cx_algo; +vpx_codec_vp8_dx; +vpx_codec_vp8_dx_algo; +vpx_codec_vp9_cx; +vpx_codec_vp9_cx_algo; +vpx_codec_vp9_dx; +vpx_codec_vp9_dx_algo; +vpx_dec_control; +vpx_dec_decode; +vpx_dec_destroy; +vpx_dec_error; +vpx_dec_error_detail; +vpx_dec_err_to_string; +vpx_dec_get_caps; +vpx_dec_get_frame; +vpx_dec_get_mem_map; +vpx_dec_get_stream_info; +vpx_dec_iface_name; +vpx_dec_init_ver; +vpx_dec_peek_stream_info; +vpx_dec_register_put_frame_cb; +vpx_dec_register_put_slice_cb; +vpx_dec_set_mem_map; +vpx_dec_xma_init_ver; +vpx_enc_vp8_algo; +vpx_img_alloc; +vpx_img_flip; +vpx_img_free; +vpx_img_set_rect; +vpx_img_wrap; +vpx_svc_dump_statistics; +vpx_svc_encode; +vpx_svc_get_buffer; +vpx_svc_get_encode_frame_count; +vpx_svc_get_frame_size; +vpx_svc_get_layer_resolution; +vpx_svc_get_message; +vpx_svc_get_rc_stats_buffer; +vpx_svc_get_rc_stats_buffer_size; +vpx_svc_init; +vpx_svc_is_keyframe; +vpx_svc_release; +vpx_svc_set_keyframe; +vpx_svc_set_options; +vpx_svc_set_quantizers; +vpx_svc_set_scale_factors; +local: *; }; diff --git a/SOURCES/vpx_config.h b/SOURCES/vpx_config.h new file mode 100644 index 0000000..d2ded8c --- /dev/null +++ b/SOURCES/vpx_config.h @@ -0,0 +1,18 @@ +/* Provide a real file - not a symlink - as it would cause multiarch conflicts + (when multiple different arch releases are installed simultaneously. */ + +#if defined __x86_64__ +# include "vpx_config-x86_64.h" +#elif defined __aarch64__ +# include "vpx_config-aarch64.h" +#elif defined __arm__ +# include "vpx_config-arm.h" +#elif defined __i386__ +# include "vpx_config-x86.h" +#elif defined __powerpc64__ +# include "vpx_config-ppc64.h" +#elif defined __s390__ +# include "vpx_config-s390.h" +#else +# error "Unsupported arch" +#endif diff --git a/SPECS/libvpx.spec b/SPECS/libvpx.spec new file mode 100644 index 0000000..e667c44 --- /dev/null +++ b/SPECS/libvpx.spec @@ -0,0 +1,439 @@ +%global somajor 5 +%global sominor 0 +%global sotiny 0 +%global soversion %{somajor}.%{sominor}.%{sotiny} + +Name: libvpx +Summary: VP8/VP9 Video Codec SDK +Version: 1.7.0 +Release: 8%{?dist} +License: BSD +Group: System Environment/Libraries +#Source0: http://downloads.webmproject.org/releases/webm/%{name}-%{version}.tar.bz2 +Source0: https://github.com/webmproject/libvpx/archive/v%{version}.tar.gz +Source1: vpx_config.h +# Thanks to debian. +Source2: libvpx.ver +URL: http://www.webmproject.org/code/ +%ifarch %{ix86} x86_64 +BuildRequires: yasm +%endif +BuildRequires: doxygen, perl(Getopt::Long) +# Do not disable FORTIFY_SOURCE=2 +Patch0: libvpx-1.7.0-leave-fortify-source-on.patch +Patch1: 0001-CVE-2019-9232-Fix-OOB-memory-access-on-fuzzed-data.patch +Patch2: 0002-CVE-2019-9433-VP8-Fix-use-after-free-in-postproc.patch +Patch3: 0003-CVE-2019-9371-update-libwebm.patch +Patch4: 0004-CVE-2019-2126-update-libwebm-to-libwebm-1.0.0.27-361.patch + +%description +libvpx provides the VP8/VP9 SDK, which allows you to integrate your applications +with the VP8 and VP9 video codecs, high quality, royalty free, open source codecs +deployed on millions of computers and devices worldwide. + +%package devel +Summary: Development files for libvpx +Group: Development/Libraries +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +Development libraries and headers for developing software against +libvpx. + +%package utils +Summary: VP8 utilities and tools +Group: Development/Tools +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description utils +A selection of utilities and tools for VP8, including a sample encoder +and decoder. + +%prep +%setup -q -n libvpx-%{version} +%patch0 -p1 -b .leave-fs-on +%patch1 -p1 -b .0001 +%patch2 -p1 -b .0002 +%patch3 -p1 -b .0003 +%patch4 -p1 -b .0004 + +%build +%ifarch %{ix86} +%global vpxtarget x86-linux-gcc +%else +%ifarch x86_64 +%global vpxtarget x86_64-linux-gcc +%else +%ifarch armv7hl +%global vpxtarget armv7-linux-gcc +%else +%ifarch aarch64 +%global vpxtarget arm64-linux-gcc +%else +%global vpxtarget generic-gnu +%endif +%endif +%endif +%endif + +# History: The configure script used to reject the shared flag on the generic target. +# This meant that we needed to fall back to manual shared lib creation. +# However, the modern configure script permits the shared flag and assumes ELF. +# Additionally, the libvpx.ver would need to be updated to work properly. +# As a result, we disable this universally, but keep it around in case we ever need to support +# something "special". +%if "%{vpxtarget}" == "generic-gnu" +%global generic_target 0 +%else +%global generic_target 0 +%endif + +%set_build_flags + +%ifarch armv7hl +CROSS=armv7hl-redhat-linux-gnueabi- CHOST=armv7hl-redhat-linux-gnueabi-hardfloat ./configure \ +%else +./configure --target=%{vpxtarget} \ +%endif +%ifarch %{arm} +--disable-neon --disable-neon_asm \ +%endif +--enable-pic --disable-install-srcs \ +--enable-vp9-decoder --enable-vp9-encoder \ +--enable-experimental --enable-spatial-svc \ +--enable-vp9-highbitdepth --enable-webm-io \ +%if ! %{generic_target} +--enable-shared \ +%endif +--enable-install-srcs \ +--prefix=%{_prefix} --libdir=%{_libdir} --size-limit=16384x16384 + +# Hack our optflags in. +sed -i "s|-O3|%{optflags}|g" libs-%{vpxtarget}.mk +sed -i "s|-O3|%{optflags}|g" examples-%{vpxtarget}.mk +sed -i "s|-O3|%{optflags}|g" docs-%{vpxtarget}.mk + +%ifarch armv7hl +#hackety hack hack +sed -i "s|AR=armv7hl-redhat-linux-gnueabi-ar|AR=ar|g" libs-%{vpxtarget}.mk +sed -i "s|AR=armv7hl-redhat-linux-gnueabi-ar|AR=ar|g" examples-%{vpxtarget}.mk +sed -i "s|AR=armv7hl-redhat-linux-gnueabi-ar|AR=ar|g" docs-%{vpxtarget}.mk + +sed -i "s|AS=armv7hl-redhat-linux-gnueabi-as|AS=as|g" libs-%{vpxtarget}.mk +sed -i "s|AS=armv7hl-redhat-linux-gnueabi-as|AS=as|g" examples-%{vpxtarget}.mk +sed -i "s|AS=armv7hl-redhat-linux-gnueabi-as|AS=as|g" docs-%{vpxtarget}.mk + +sed -i "s|NM=armv7hl-redhat-linux-gnueabi-nm|NM=nm|g" libs-%{vpxtarget}.mk +sed -i "s|NM=armv7hl-redhat-linux-gnueabi-nm|NM=nm|g" examples-%{vpxtarget}.mk +sed -i "s|NM=armv7hl-redhat-linux-gnueabi-nm|NM=nm|g" docs-%{vpxtarget}.mk +%endif + +make %{?_smp_mflags} verbose=true + +# Manual shared library creation +# We should never need to do this anymore, and if we do, we need to fix the version-script. +%if %{generic_target} +mkdir tmp +cd tmp +ar x ../libvpx_g.a +cd .. +gcc -fPIC -shared -pthread -lm -Wl,--no-undefined -Wl,-soname,libvpx.so.%{somajor} -Wl,--version-script,%{SOURCE2} -Wl,-z,noexecstack -o libvpx.so.%{soversion} tmp/*.o +rm -rf tmp +%endif + +# Temporarily dance the static libs out of the way +# mv libvpx.a libNOTvpx.a +# mv libvpx_g.a libNOTvpx_g.a + +# We need to do this so the examples can link against it. +# ln -sf libvpx.so.%{soversion} libvpx.so + +# make %{?_smp_mflags} verbose=true target=examples CONFIG_SHARED=1 +# make %{?_smp_mflags} verbose=true target=docs + +# Put them back so the install doesn't fail +# mv libNOTvpx.a libvpx.a +# mv libNOTvpx_g.a libvpx_g.a + +%install +%ifarch armv7hl +export CROSS=armv7hl-redhat-linux-gnueabi- +export CHOST=armv7hl-redhat-linux-gnueabi-hardfloat +%endif +make DIST_DIR=%{buildroot}%{_prefix} dist + +# Simpler to label the dir as %%doc. +if [ -d %{buildroot}/usr/docs ]; then + mv %{buildroot}/usr/docs doc/ +fi + +# Again, we should never need to do this anymore. +%if %{generic_target} +install -p libvpx.so.%{soversion} %{buildroot}%{_libdir} +pushd %{buildroot}%{_libdir} +ln -sf libvpx.so.%{soversion} libvpx.so +ln -sf libvpx.so.%{soversion} libvpx.so.%{somajor} +ln -sf libvpx.so.%{soversion} libvpx.so.%{somajor}.%{sominor} +popd +%endif + +pushd %{buildroot} +# Stuff we don't need. +rm -rf usr/build/ usr/md5sums.txt usr/lib*/*.a usr/CHANGELOG usr/README +# No, bad google. No treat. +mv usr/bin/examples/* usr/bin/ +rm -rf usr/bin/examples + +# Rename a few examples +mv usr/bin/postproc usr/bin/vp8_postproc +mv usr/bin/simple_decoder usr/bin/vp8_simple_decoder +mv usr/bin/simple_encoder usr/bin/vp8_simple_encoder +mv usr/bin/twopass_encoder usr/bin/vp8_twopass_encoder +# Fix the binary permissions +chmod 755 usr/bin/* +popd + +# Get the vpx_config.h file +%ifarch %{arm} +cp -a vpx_config.h %{buildroot}%{_includedir}/vpx/vpx_config-arm.h +%else +# Does ppc64le need its own? +%ifarch ppc64 ppc64le +cp -a vpx_config.h %{buildroot}%{_includedir}/vpx/vpx_config-ppc64.h +%else +%ifarch s390 s390x +cp -a vpx_config.h %{buildroot}%{_includedir}/vpx/vpx_config-s390.h +%else +%ifarch %{ix86} +cp -a vpx_config.h %{buildroot}%{_includedir}/vpx/vpx_config-x86.h +%else +cp -a vpx_config.h %{buildroot}%{_includedir}/vpx/vpx_config-%{_arch}.h +%endif +%endif +%endif +%endif +cp %{SOURCE1} %{buildroot}%{_includedir}/vpx/vpx_config.h +# for timestamp sync +touch -r AUTHORS %{buildroot}%{_includedir}/vpx/vpx_config.h + +mv %{buildroot}%{_prefix}/src/vpx_dsp %{buildroot}%{_includedir}/ +mv %{buildroot}%{_prefix}/src/vpx_mem %{buildroot}%{_includedir}/ +mv %{buildroot}%{_prefix}/src/vpx_ports %{buildroot}%{_includedir}/ +mv %{buildroot}%{_prefix}/src/vpx_scale %{buildroot}%{_includedir}/ + +rm -rf %{buildroot}%{_prefix}/src + +%ldconfig_scriptlets + +%files +%license LICENSE +%doc AUTHORS CHANGELOG README +%{_libdir}/libvpx.so.* + +%files devel +# These are SDK docs, not really useful to an end-user. +%doc docs/html/ +%{_includedir}/vpx/ +%{_includedir}/vpx_dsp/ +%{_includedir}/vpx_mem/ +%{_includedir}/vpx_ports/ +%{_includedir}/vpx_scale/ +%{_libdir}/pkgconfig/vpx.pc +%{_libdir}/libvpx.so + +%files utils +%{_bindir}/* + +%changelog +* Wed Apr 1 2020 Wim Taymans - 1.7.0-8 +- Resolves: rhbz#1796086, rhbz#1796100, rhbz#1796448, rhbz#1796454 +- Enable webm-io explicitly + +* Wed Mar 25 2020 Wim Taymans - 1.7.0-7 +- Fix for CVE-2019-9232, CVE-2019-9433, CVE-2019-9371, CVE-2019-2126 +- Resolves: rhbz#1796086, rhbz#1796100, rhbz#1796448, rhbz#1796454 +- Remove php-cli BR + +* Tue Oct 09 2018 Wim Taymans - 1.7.0-6 +- Set build flags in all cases +- Resolves: #1630588 + +* Mon Feb 12 2018 Tom Callaway - 1.7.0-5 +- properly set build flags in rawhide (bz1543819) + +* Wed Feb 07 2018 Fedora Release Engineering - 1.7.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Sat Feb 3 2018 Tom Callaway - 1.7.0-3 +- package more files (for firefox) +- setup vpx_config.h for multilib + +* Sat Feb 03 2018 Igor Gnatenko - 1.7.0-2 +- Switch to %%ldconfig_scriptlets + +* Fri Jan 26 2018 Tom Callaway - 1.7.0-1 +- update to 1.7.0 (ABI change) + +* Wed Jan 17 2018 Wim Taymans - 1.6.1-5 +- fix for CVE-2017-13194 + +* Thu Aug 03 2017 Fedora Release Engineering - 1.6.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 1.6.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering - 1.6.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Mon Jan 16 2017 Tom Callaway - 1.6.1-1 +- update to 1.6.1 + +* Thu Jan 12 2017 Tom Callaway - 1.6.0-2 +- enable vp9-highbitdepth (thanks to mike@cchtml.com) + +* Fri Jul 22 2016 Tom Callaway - 1.6.0-1 +- update to 1.6.0 + +* Wed Mar 16 2016 Tom Callaway - 1.5.0-4 +- disable generic_target conditional universally (bz1311125) + +* Tue Mar 8 2016 Tom Callaway - 1.5.0-3 +- enable-experimental and enable-spatial-svc + +* Thu Feb 04 2016 Fedora Release Engineering - 1.5.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Dec 1 2015 Tom Callaway - 1.5.0-1 +- update to 1.5.0 + +* Mon Sep 21 2015 Tom Callaway - 1.4.0-6 +- remove exit 0 + +* Tue Sep 15 2015 Tom Callaway - 1.4.0-5 +- set --size-limit=16384x16384 to avoid CVE-2015-1258 + +* Mon Jul 27 2015 Kalev Lember - 1.4.0-4 +- Package review fixes (#1225648) +- Update URL +- Use license macro +- Escape a commented out macro + +* Wed Jun 17 2015 Fedora Release Engineering - 1.4.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sat May 02 2015 Kalev Lember - 1.4.0-2 +- Rebuilt for GCC 5 C++11 ABI change + +* Mon Apr 6 2015 Tom Callaway - 1.4.0-1 +- update to 1.4.0 + +* Sun Aug 17 2014 Fedora Release Engineering - 1.3.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 1.3.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu Mar 20 2014 Wim Taymans - 1.3.0-4 +- fix Illegal Instruction abort + +* Thu Feb 13 2014 Dan Horák - 1.3.0-3 +- update library symbol list for 1.3.0 from Debian + +* Tue Feb 11 2014 Tom Callaway - 1.3.0-2 +- armv7hl specific target + +* Tue Feb 11 2014 Tom Callaway - 1.3.0-1 +- update to 1.3.0 + +* Sat Aug 03 2013 Fedora Release Engineering - 1.2.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Thu Feb 28 2013 Tom Callaway - 1.2.0-1 +- update to 1.2.0 + +* Thu Feb 14 2013 Fedora Release Engineering - 1.1.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Thu Jul 19 2012 Fedora Release Engineering - 1.1.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Tue May 29 2012 Tom Callaway - 1.1.0-1 +- update to 1.1.0 + +* Tue May 29 2012 Tom Callaway - 1.0.0-3 +- fix vpx.pc file to include -lm (bz825754) + +* Fri May 11 2012 Tom Callaway - 1.0.0-2 +- use included vpx.pc file (drop local libvpx.pc) +- apply upstream fix to vpx.pc file (bz 814177) + +* Mon Jan 30 2012 Tom Callaway - 1.0.0-1 +- update to 1.0.0 + +* Fri Jan 13 2012 Fedora Release Engineering - 0.9.7.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon Oct 10 2011 Dan Horák - 0.9.7.1-3 +- use macro instead of hard-coded version + +* Mon Sep 12 2011 Dan Horák - 0.9.7.1-2 +- fix build on generic targets + +* Tue Aug 16 2011 Adam Jackson 0.9.7.1-1 +- libvpx 0.9.7-p1 + +* Tue Aug 09 2011 Adam Jackson 0.9.7-1 +- libvpx 0.9.7 + +* Mon Mar 21 2011 Dan Horák - 0.9.6-2 +- add 2 symbols to the shared library for generic targets + +* Thu Mar 10 2011 Tom Callaway - 0.9.6-1 +- update to 0.9.6 + +* Tue Feb 08 2011 Fedora Release Engineering - 0.9.5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Nov 17 2010 Tom "spot" Callaway 0.9.5-2 +- apply patch from upstream git (Change I6266aba7), should resolve CVE-2010-4203 + +* Mon Nov 1 2010 Tom "spot" Callaway 0.9.5-1 +- update to 0.9.5 + +* Wed Sep 1 2010 Tom "spot" Callaway 0.9.1-3 +- only package html docs to avoid multilib conflict (bz 613185) + +* Thu Jun 24 2010 Tom "spot" Callaway 0.9.1-2 +- build shared library the old way for generic arches + +* Thu Jun 24 2010 Tom "spot" Callaway 0.9.1-1 +- update to 0.9.1 + +* Fri Jun 11 2010 Tom "spot" Callaway 0.9.0-7 +- update to git revision 8389f1967c5f8b3819cca80705b1b4ba04132b93 +- upstream fix for bz 599147 +- proper shared library support + +* Wed Jun 2 2010 Tom "spot" Callaway 0.9.0-6 +- add hackish fix for bz 599147 + (upstream will hopefully fix properly in future release) + +* Fri May 21 2010 Tom "spot" Callaway 0.9.0-5 +- fix noexecstack flag + +* Thu May 20 2010 Tom "spot" Callaway 0.9.0-4 +- BuildRequires: yasm (we're optimized again) + +* Thu May 20 2010 Tom "spot" Callaway 0.9.0-3 +- add pkg-config file +- move headers into include/vpx/ +- enable optimization + +* Thu May 20 2010 Tom "spot" Callaway 0.9.0-2 +- fix permissions on binaries +- rename generic binaries to v8_* +- link shared library to -lm, -lpthread to resolve missing weak symbols + +* Wed May 19 2010 Tom "spot" Callaway 0.9.0-1 +- Initial package for Fedora