[SCM] FFmpeg packaging branch, ubuntu.karmic, updated. debian/0.5+svn20090706-1ubuntu3-36-g3f9d596
siretart at users.alioth.debian.org
siretart at users.alioth.debian.org
Thu Oct 15 07:34:10 UTC 2009
The following commit has been merged in the ubuntu.karmic branch:
commit 709e4cdfe959b962d2a70104c2f3bd770dabdf33
Author: Reinhard Tartler <siretart at tauware.de>
Date: Wed Oct 14 23:34:24 2009 +0200
backport vp3 fixes
diff --git a/debian/patches/security/vp3/0001-Fix-init_get_bits-buffer-size.patch b/debian/patches/security/vp3/0001-Fix-init_get_bits-buffer-size.patch
new file mode 100644
index 0000000..a90a9f3
--- /dev/null
+++ b/debian/patches/security/vp3/0001-Fix-init_get_bits-buffer-size.patch
@@ -0,0 +1,27 @@
+From 351a67a951b4b95bc0cb05127445b685f362f9b9 Mon Sep 17 00:00:00 2001
+From: michael <michael at 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b>
+Date: Wed, 23 Sep 2009 12:27:10 +0000
+Subject: [PATCH 1/3] Fix init_get_bits() buffer size.
+ 18_fix_theora_header_bit_len.patch by chrome
+
+git-svn-id: file:///var/local/repositories/ffmpeg/trunk@19993 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b
+---
+ libavcodec/vp3.c | 2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/libavcodec/vp3.c b/libavcodec/vp3.c
+index 4d27a8a..4896fd0 100644
+--- a/libavcodec/vp3.c
++++ b/libavcodec/vp3.c
+@@ -2319,7 +2319,7 @@ static av_cold int theora_decode_init(AVCodecContext *avctx)
+ }
+
+ for(i=0;i<3;i++) {
+- init_get_bits(&gb, header_start[i], header_len[i]);
++ init_get_bits(&gb, header_start[i], header_len[i] * 8);
+
+ ptype = get_bits(&gb, 8);
+
+--
+1.6.3.3
+
diff --git a/debian/patches/security/vp3/0003-Make-sure-that-all-memory-allocations-succeed.patch b/debian/patches/security/vp3/0003-Make-sure-that-all-memory-allocations-succeed.patch
new file mode 100644
index 0000000..bc1a7ce
--- /dev/null
+++ b/debian/patches/security/vp3/0003-Make-sure-that-all-memory-allocations-succeed.patch
@@ -0,0 +1,51 @@
+From 3303bd41acebb0068f1afd09fbb39432d3982620 Mon Sep 17 00:00:00 2001
+From: melanson <melanson at 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b>
+Date: Thu, 24 Sep 2009 06:33:16 +0000
+Subject: [PATCH 3/3] Make sure that all memory allocations succeed.
+ Based on 28_theora_malloc_checks.patch from the Google Chrome team.
+
+git-svn-id: file:///var/local/repositories/ffmpeg/trunk@20008 9553f0bf-9b14-0410-a0b8-cfaf0461ba5b
+---
+ libavcodec/vp3.c | 12 ++++++++++++
+ 1 files changed, 12 insertions(+), 0 deletions(-)
+
+diff --git a/libavcodec/vp3.c b/libavcodec/vp3.c
+index 6a6663f..60b84f0 100644
+--- a/libavcodec/vp3.c
++++ b/libavcodec/vp3.c
+@@ -42,6 +42,8 @@
+
+ #define FRAGMENT_PIXELS 8
+
++static av_cold int vp3_decode_end(AVCodecContext *avctx);
++
+ typedef struct Coeff {
+ struct Coeff *next;
+ DCTELEM coeff;
+@@ -1755,6 +1757,11 @@ static av_cold int vp3_decode_init(AVCodecContext *avctx)
+ s->coeffs = av_malloc(s->fragment_count * sizeof(Coeff) * 65);
+ s->coded_fragment_list = av_malloc(s->fragment_count * sizeof(int));
+ s->pixel_addresses_initialized = 0;
++ if (!s->superblock_coding || !s->all_fragments || !s->coeff_counts ||
++ !s->coeffs || !s->coded_fragment_list) {
++ vp3_decode_end(avctx);
++ return -1;
++ }
+
+ if (!s->theora_tables)
+ {
+@@ -1860,6 +1867,11 @@ static av_cold int vp3_decode_init(AVCodecContext *avctx)
+ s->superblock_macroblocks = av_malloc(s->superblock_count * 4 * sizeof(int));
+ s->macroblock_fragments = av_malloc(s->macroblock_count * 6 * sizeof(int));
+ s->macroblock_coding = av_malloc(s->macroblock_count + 1);
++ if (!s->superblock_fragments || !s->superblock_macroblocks ||
++ !s->macroblock_fragments || !s->macroblock_coding) {
++ vp3_decode_end(avctx);
++ return -1;
++ }
+ init_block_mapping(s);
+
+ for (i = 0; i < 3; i++) {
+--
+1.6.3.3
+
diff --git a/debian/patches/series b/debian/patches/series
index 6507805..897c0d1 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -50,3 +50,7 @@ security/vorbis_dec/0012-Fix-format-string-to-match-the-types-printed.patch
# vorbis security backports
security/oggparsevorbis/0001-Fix-possible-buffer-over-read-in-vorbis_comment-fix-.patch
+
+# libavcodec vp3 fixes
+security/vp3/0003-Make-sure-that-all-memory-allocations-succeed.patch
+security/vp3/0001-Fix-init_get_bits-buffer-size.patch
--
FFmpeg packaging
More information about the pkg-multimedia-commits
mailing list