mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-24 13:28:12 -05:00
gnu: libvpx: Add upstream security fix.
* gnu/packages/patches/libvpx-use-after-free-in-postproc.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/video.scm (libvpx)[source]: Add patch.
This commit is contained in:
parent
6569549dfa
commit
c5327efb97
3 changed files with 37 additions and 1 deletions
|
@ -916,6 +916,7 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/libutils-remove-damaging-includes.patch \
|
||||
%D%/packages/patches/libvdpau-va-gl-unbundle.patch \
|
||||
%D%/packages/patches/libvpx-CVE-2016-2818.patch \
|
||||
%D%/packages/patches/libvpx-use-after-free-in-postproc.patch \
|
||||
%D%/packages/patches/libxslt-generated-ids.patch \
|
||||
%D%/packages/patches/libxt-guix-search-paths.patch \
|
||||
%D%/packages/patches/lierolibre-check-unaligned-access.patch \
|
||||
|
|
34
gnu/packages/patches/libvpx-use-after-free-in-postproc.patch
Normal file
34
gnu/packages/patches/libvpx-use-after-free-in-postproc.patch
Normal file
|
@ -0,0 +1,34 @@
|
|||
From 52add5896661d186dec284ed646a4b33b607d2c7 Mon Sep 17 00:00:00 2001
|
||||
From: Jerome Jiang <jianj@google.com>
|
||||
Date: Wed, 23 May 2018 15:43:00 -0700
|
||||
Subject: [PATCH] VP8: Fix use-after-free in postproc.
|
||||
|
||||
The pointer in vp8 postproc refers to show_frame_mi which is only
|
||||
updated on show frame. However, when there is a no-show frame which also
|
||||
changes the size (thus new frame buffers allocated), show_frame_mi is
|
||||
not updated with new frame buffer memory.
|
||||
|
||||
Change the pointer in postproc to mi which is always updated.
|
||||
|
||||
Bug: 842265
|
||||
Change-Id: I33874f2112b39f74562cba528432b5f239e6a7bd
|
||||
---
|
||||
vp8/common/postproc.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/vp8/common/postproc.c b/vp8/common/postproc.c
|
||||
index d67ee8a57..8c292d616 100644
|
||||
--- a/vp8/common/postproc.c
|
||||
+++ b/vp8/common/postproc.c
|
||||
@@ -65,7 +65,7 @@ void vp8_deblock(VP8_COMMON *cm, YV12_BUFFER_CONFIG *source,
|
||||
double level = 6.0e-05 * q * q * q - .0067 * q * q + .306 * q + .0065;
|
||||
int ppl = (int)(level + .5);
|
||||
|
||||
- const MODE_INFO *mode_info_context = cm->show_frame_mi;
|
||||
+ const MODE_INFO *mode_info_context = cm->mi;
|
||||
int mbr, mbc;
|
||||
|
||||
/* The pixel thresholds are adjusted according to if or not the macroblock
|
||||
--
|
||||
2.19.0
|
||||
|
|
@ -1242,7 +1242,8 @@ (define-public libvpx
|
|||
(sha256
|
||||
(base32
|
||||
"0vvh89hvp8qg9an9vcmwb7d9k3nixhxaz6zi65qdjnd0i56kkcz6"))
|
||||
(patches (search-patches "libvpx-CVE-2016-2818.patch"))))
|
||||
(patches (search-patches "libvpx-use-after-free-in-postproc.patch"
|
||||
"libvpx-CVE-2016-2818.patch"))))
|
||||
(build-system gnu-build-system)
|
||||
(arguments
|
||||
`(#:configure-flags (list "--enable-shared"
|
||||
|
|
Loading…
Reference in a new issue