From 8242bc9a75aee063a3dd721be28fa75fefe00ba9 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Fri, 29 Mar 2024 15:44:27 +0300 Subject: [PATCH] import gstreamer1-plugins-bad-free-1.16.1-4.el8 --- .gitignore | 1 + .gstreamer1-plugins-bad-free.metadata | 1 + ...stMXFDemuxEssenceTrack-in-their-own-.patch | 321 +++++++ ...eger-overflow-causing-out-of-bounds-.patch | 114 +++ ...ck-number-of-channels-for-AES3-audio.patch | 45 + ...ossible-overflow-using-max_sub_layer.patch | 42 + SOURCES/gst-p-bad-cleanup.sh | 208 ++++ SPECS/gstreamer1-plugins-bad-free.spec | 889 ++++++++++++++++++ 8 files changed, 1621 insertions(+) create mode 100644 .gitignore create mode 100644 .gstreamer1-plugins-bad-free.metadata create mode 100644 SOURCES/0001-mxfdemux-Store-GstMXFDemuxEssenceTrack-in-their-own-.patch create mode 100644 SOURCES/0003-mxfdemux-Fix-integer-overflow-causing-out-of-bounds-.patch create mode 100644 SOURCES/0004-mxfdemux-Check-number-of-channels-for-AES3-audio.patch create mode 100644 SOURCES/0005-h265parser-Fix-possible-overflow-using-max_sub_layer.patch create mode 100755 SOURCES/gst-p-bad-cleanup.sh create mode 100644 SPECS/gstreamer1-plugins-bad-free.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d4cb90e --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/gst-plugins-bad-free-1.16.1.tar.xz diff --git a/.gstreamer1-plugins-bad-free.metadata b/.gstreamer1-plugins-bad-free.metadata new file mode 100644 index 0000000..d16f7a1 --- /dev/null +++ b/.gstreamer1-plugins-bad-free.metadata @@ -0,0 +1 @@ +318b749af5a289650e380cbabc0293e422b9a3ba SOURCES/gst-plugins-bad-free-1.16.1.tar.xz diff --git a/SOURCES/0001-mxfdemux-Store-GstMXFDemuxEssenceTrack-in-their-own-.patch b/SOURCES/0001-mxfdemux-Store-GstMXFDemuxEssenceTrack-in-their-own-.patch new file mode 100644 index 0000000..ce617bf --- /dev/null +++ b/SOURCES/0001-mxfdemux-Store-GstMXFDemuxEssenceTrack-in-their-own-.patch @@ -0,0 +1,321 @@ +From 24e891568537f4447d1c212dcb355a766296bdbb Mon Sep 17 00:00:00 2001 +From: Wim Taymans +Date: Tue, 12 Dec 2023 18:00:58 +0100 +Subject: [PATCH] mxfdemux: Store GstMXFDemuxEssenceTrack in their own fixed + allocation + +Previously they were stored inline inside a GArray, but as references to +the tracks were stored in various other places although the array could +still be updated (and reallocated!), this could lead to dangling +references in various places. + +Instead now store them in a GPtrArray in their own allocation so each +track's memory position stays fixed. + +Fixes ZDI-CAN-22299 + +Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3055 + +Part-of: +--- + gst/mxf/mxfdemux.c | 114 +++++++++++++++++++++------------------------ + gst/mxf/mxfdemux.h | 2 +- + 2 files changed, 53 insertions(+), 63 deletions(-) + +diff --git a/gst/mxf/mxfdemux.c b/gst/mxf/mxfdemux.c +index f6e5ac048..b97dce1ad 100644 +--- a/gst/mxf/mxfdemux.c ++++ b/gst/mxf/mxfdemux.c +@@ -154,10 +154,25 @@ gst_mxf_demux_partition_free (GstMXFDemuxPartition * partition) + } + + static void +-gst_mxf_demux_reset_mxf_state (GstMXFDemux * demux) ++gst_mxf_demux_essence_track_free (GstMXFDemuxEssenceTrack * t) + { +- guint i; ++ if (t->offsets) ++ g_array_free (t->offsets, TRUE); ++ ++ g_free (t->mapping_data); ++ ++ if (t->tags) ++ gst_tag_list_unref (t->tags); ++ ++ if (t->caps) ++ gst_caps_unref (t->caps); ++ ++ g_free (t); ++} + ++static void ++gst_mxf_demux_reset_mxf_state (GstMXFDemux * demux) ++{ + GST_DEBUG_OBJECT (demux, "Resetting MXF state"); + + g_list_foreach (demux->partitions, (GFunc) gst_mxf_demux_partition_free, +@@ -167,22 +182,7 @@ gst_mxf_demux_reset_mxf_state (GstMXFDemux * demux) + + demux->current_partition = NULL; + +- for (i = 0; i < demux->essence_tracks->len; i++) { +- GstMXFDemuxEssenceTrack *t = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); +- +- if (t->offsets) +- g_array_free (t->offsets, TRUE); +- +- g_free (t->mapping_data); +- +- if (t->tags) +- gst_tag_list_unref (t->tags); +- +- if (t->caps) +- gst_caps_unref (t->caps); +- } +- g_array_set_size (demux->essence_tracks, 0); ++ g_ptr_array_set_size (demux->essence_tracks, 0); + } + + static void +@@ -200,7 +200,7 @@ gst_mxf_demux_reset_linked_metadata (GstMXFDemux * demux) + + for (i = 0; i < demux->essence_tracks->len; i++) { + GstMXFDemuxEssenceTrack *track = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); ++ g_ptr_array_index (demux->essence_tracks, i); + + track->source_package = NULL; + track->source_track = NULL; +@@ -713,8 +713,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux) + + for (k = 0; k < demux->essence_tracks->len; k++) { + GstMXFDemuxEssenceTrack *tmp = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, +- k); ++ g_ptr_array_index (demux->essence_tracks, k); + + if (tmp->track_number == track->parent.track_number && + tmp->body_sid == edata->body_sid) { +@@ -732,24 +731,23 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux) + } + + if (!etrack) { +- GstMXFDemuxEssenceTrack tmp; ++ GstMXFDemuxEssenceTrack *tmp = g_new0 (GstMXFDemuxEssenceTrack, 1); + +- memset (&tmp, 0, sizeof (tmp)); +- tmp.body_sid = edata->body_sid; +- tmp.index_sid = edata->index_sid; +- tmp.track_number = track->parent.track_number; +- tmp.track_id = track->parent.track_id; +- memcpy (&tmp.source_package_uid, &package->parent.package_uid, 32); ++ tmp->body_sid = edata->body_sid; ++ tmp->index_sid = edata->index_sid; ++ tmp->track_number = track->parent.track_number; ++ tmp->track_id = track->parent.track_id; ++ memcpy (&tmp->source_package_uid, &package->parent.package_uid, 32); + + if (demux->current_partition->partition.body_sid == edata->body_sid && + demux->current_partition->partition.body_offset == 0) +- tmp.position = 0; ++ tmp->position = 0; + else +- tmp.position = -1; ++ tmp->position = -1; + +- g_array_append_val (demux->essence_tracks, tmp); ++ g_ptr_array_add (demux->essence_tracks, tmp); + etrack = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, ++ g_ptr_array_index (demux->essence_tracks, + demux->essence_tracks->len - 1); + new = TRUE; + } +@@ -876,13 +874,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux) + + next: + if (new) { +- g_free (etrack->mapping_data); +- if (etrack->tags) +- gst_tag_list_unref (etrack->tags); +- if (etrack->caps) +- gst_caps_unref (etrack->caps); +- +- g_array_remove_index (demux->essence_tracks, ++ g_ptr_array_remove_index (demux->essence_tracks, + demux->essence_tracks->len - 1); + } + } +@@ -895,7 +887,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux) + + for (i = 0; i < demux->essence_tracks->len; i++) { + GstMXFDemuxEssenceTrack *etrack = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); ++ g_ptr_array_index (demux->essence_tracks, i); + + if (!etrack->source_package || !etrack->source_track || !etrack->caps) { + GST_ERROR_OBJECT (demux, "Failed to update essence track %u", i); +@@ -1117,7 +1109,7 @@ gst_mxf_demux_update_tracks (GstMXFDemux * demux) + + for (k = 0; k < demux->essence_tracks->len; k++) { + GstMXFDemuxEssenceTrack *tmp = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, k); ++ g_ptr_array_index (demux->essence_tracks, k); + + if (tmp->source_package == source_package && + tmp->source_track == source_track) { +@@ -1598,8 +1590,7 @@ gst_mxf_demux_pad_set_component (GstMXFDemux * demux, GstMXFDemuxPad * pad, + pad->current_essence_track = NULL; + + for (k = 0; k < demux->essence_tracks->len; k++) { +- GstMXFDemuxEssenceTrack *tmp = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, k); ++ GstMXFDemuxEssenceTrack *tmp = g_ptr_array_index (demux->essence_tracks, k); + + if (tmp->source_package == source_package && + tmp->source_track == source_track) { +@@ -1731,7 +1722,7 @@ gst_mxf_demux_handle_generic_container_essence_element (GstMXFDemux * demux, + + for (i = 0; i < demux->essence_tracks->len; i++) { + GstMXFDemuxEssenceTrack *tmp = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); ++ g_ptr_array_index (demux->essence_tracks, i); + + if (tmp->body_sid == demux->current_partition->partition.body_sid && + (tmp->track_number == track_number || tmp->track_number == 0)) { +@@ -2656,7 +2647,7 @@ gst_mxf_demux_handle_klv_packet (GstMXFDemux * demux, const MXFUL * key, + + for (i = 0; i < demux->essence_tracks->len; i++) { + GstMXFDemuxEssenceTrack *etrack = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); ++ g_ptr_array_index (demux->essence_tracks, i); + + if (etrack->body_sid != demux->current_partition->partition.body_sid) + continue; +@@ -2719,7 +2710,7 @@ gst_mxf_demux_handle_klv_packet (GstMXFDemux * demux, const MXFUL * key, + guint i; + for (i = 0; i < demux->essence_tracks->len; i++) { + GstMXFDemuxEssenceTrack *etrack = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); ++ g_ptr_array_index (demux->essence_tracks, i); + + if (etrack->body_sid != demux->current_partition->partition.body_sid) + continue; +@@ -2914,7 +2905,7 @@ from_index: + + for (i = 0; i < demux->essence_tracks->len; i++) { + GstMXFDemuxEssenceTrack *t = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); ++ g_ptr_array_index (demux->essence_tracks, i); + + if (index_start_position != -1 && t == etrack) + t->position = index_start_position; +@@ -2937,8 +2928,7 @@ from_index: + if (ret == GST_FLOW_EOS) { + for (i = 0; i < demux->essence_tracks->len; i++) { + GstMXFDemuxEssenceTrack *t = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, +- i); ++ g_ptr_array_index (demux->essence_tracks, i); + + if (t->position > 0) + t->duration = t->position; +@@ -3020,7 +3010,7 @@ gst_mxf_demux_pull_and_handle_klv_packet (GstMXFDemux * demux) + + for (i = 0; i < demux->essence_tracks->len; i++) { + GstMXFDemuxEssenceTrack *t = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); ++ g_ptr_array_index (demux->essence_tracks, i); + + if (t->position > 0) + t->duration = t->position; +@@ -3627,8 +3617,8 @@ gst_mxf_demux_seek_push (GstMXFDemux * demux, GstEvent * event) + } + + for (i = 0; i < demux->essence_tracks->len; i++) { +- GstMXFDemuxEssenceTrack *t = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); ++ GstMXFDemuxEssenceTrack *t = g_ptr_array_index (demux->essence_tracks, i); ++ + t->position = -1; + } + +@@ -4001,8 +3991,8 @@ gst_mxf_demux_seek_pull (GstMXFDemux * demux, GstEvent * event) + } + + for (i = 0; i < demux->essence_tracks->len; i++) { +- GstMXFDemuxEssenceTrack *t = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); ++ GstMXFDemuxEssenceTrack *t = g_ptr_array_index (demux->essence_tracks, i); ++ + t->position = -1; + } + +@@ -4284,7 +4274,7 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event) + + for (i = 0; i < demux->essence_tracks->len; i++) { + GstMXFDemuxEssenceTrack *t = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i); ++ g_ptr_array_index (demux->essence_tracks, i); + + if (t->position > 0) + t->duration = t->position; +@@ -4325,8 +4315,8 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event) + + for (i = 0; i < demux->essence_tracks->len; i++) { + GstMXFDemuxEssenceTrack *etrack = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, +- i); ++ g_ptr_array_index (demux->essence_tracks, i); ++ + etrack->position = -1; + } + ret = TRUE; +@@ -4350,8 +4340,8 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event) + + for (i = 0; i < demux->essence_tracks->len; i++) { + GstMXFDemuxEssenceTrack *t = +- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, +- i); ++ g_ptr_array_index (demux->essence_tracks, i); ++ + t->position = -1; + } + demux->current_partition = NULL; +@@ -4624,7 +4614,7 @@ gst_mxf_demux_finalize (GObject * object) + + g_ptr_array_free (demux->src, TRUE); + demux->src = NULL; +- g_array_free (demux->essence_tracks, TRUE); ++ g_ptr_array_free (demux->essence_tracks, TRUE); + demux->essence_tracks = NULL; + + g_hash_table_destroy (demux->metadata); +@@ -4701,8 +4691,8 @@ gst_mxf_demux_init (GstMXFDemux * demux) + g_rw_lock_init (&demux->metadata_lock); + + demux->src = g_ptr_array_new (); +- demux->essence_tracks = +- g_array_new (FALSE, FALSE, sizeof (GstMXFDemuxEssenceTrack)); ++ demux->essence_tracks = g_ptr_array_new_with_free_func ((GDestroyNotify) ++ gst_mxf_demux_essence_track_free); + + gst_segment_init (&demux->segment, GST_FORMAT_TIME); + +diff --git a/gst/mxf/mxfdemux.h b/gst/mxf/mxfdemux.h +index aac3e67d0..a452980ee 100644 +--- a/gst/mxf/mxfdemux.h ++++ b/gst/mxf/mxfdemux.h +@@ -182,7 +182,7 @@ struct _GstMXFDemux + GList *partitions; + GstMXFDemuxPartition *current_partition; + +- GArray *essence_tracks; ++ GPtrArray *essence_tracks; + + GList *pending_index_table_segments; + GList *index_tables; /* one per BodySID / IndexSID */ +-- +2.43.0 + diff --git a/SOURCES/0003-mxfdemux-Fix-integer-overflow-causing-out-of-bounds-.patch b/SOURCES/0003-mxfdemux-Fix-integer-overflow-causing-out-of-bounds-.patch new file mode 100644 index 0000000..c75b1df --- /dev/null +++ b/SOURCES/0003-mxfdemux-Fix-integer-overflow-causing-out-of-bounds-.patch @@ -0,0 +1,114 @@ +From b6353c44ca9f005d3b57ee07fda0570d80eecc0f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= +Date: Thu, 10 Aug 2023 15:45:01 +0300 +Subject: [PATCH 3/5] mxfdemux: Fix integer overflow causing out of bounds + writes when handling invalid uncompressed video + +Check ahead of time when parsing the track information whether +width, height and bpp are valid and usable without overflows. + +Fixes ZDI-CAN-21660, CVE-2023-40474 + +Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2896 + +Part-of: +--- + gst/mxf/mxfup.c | 51 +++++++++++++++++++++++++++++++++++++++++-------- + 1 file changed, 43 insertions(+), 8 deletions(-) + +diff --git a/gst/mxf/mxfup.c b/gst/mxf/mxfup.c +index d8b6664da..ba86255f2 100644 +--- a/gst/mxf/mxfup.c ++++ b/gst/mxf/mxfup.c +@@ -134,6 +134,8 @@ mxf_up_handle_essence_element (const MXFUL * key, GstBuffer * buffer, + gpointer mapping_data, GstBuffer ** outbuf) + { + MXFUPMappingData *data = mapping_data; ++ gsize expected_in_stride = 0, out_stride = 0; ++ gsize expected_in_size = 0, out_size = 0; + + /* SMPTE 384M 7.1 */ + if (key->u[12] != 0x15 || (key->u[14] != 0x01 && key->u[14] != 0x02 +@@ -162,22 +164,25 @@ mxf_up_handle_essence_element (const MXFUL * key, GstBuffer * buffer, + } + } + +- if (gst_buffer_get_size (buffer) != data->bpp * data->width * data->height) { ++ // Checked for overflows when parsing the descriptor ++ expected_in_stride = data->bpp * data->width; ++ out_stride = GST_ROUND_UP_4 (expected_in_stride); ++ expected_in_size = expected_in_stride * data->height; ++ out_size = out_stride * data->height; ++ ++ if (gst_buffer_get_size (buffer) != expected_in_size) { + GST_ERROR ("Invalid buffer size"); + gst_buffer_unref (buffer); + return GST_FLOW_ERROR; + } + +- if (data->bpp != 4 +- || GST_ROUND_UP_4 (data->width * data->bpp) != data->width * data->bpp) { ++ if (data->bpp != 4 || out_stride != expected_in_stride) { + guint y; + GstBuffer *ret; + GstMapInfo inmap, outmap; + guint8 *indata, *outdata; + +- ret = +- gst_buffer_new_and_alloc (GST_ROUND_UP_4 (data->width * data->bpp) * +- data->height); ++ ret = gst_buffer_new_and_alloc (out_size); + gst_buffer_map (buffer, &inmap, GST_MAP_READ); + gst_buffer_map (ret, &outmap, GST_MAP_WRITE); + indata = inmap.data; +@@ -185,8 +190,8 @@ mxf_up_handle_essence_element (const MXFUL * key, GstBuffer * buffer, + + for (y = 0; y < data->height; y++) { + memcpy (outdata, indata, data->width * data->bpp); +- outdata += GST_ROUND_UP_4 (data->width * data->bpp); +- indata += data->width * data->bpp; ++ outdata += out_stride; ++ indata += expected_in_stride; + } + + gst_buffer_unmap (buffer, &inmap); +@@ -394,6 +399,36 @@ mxf_up_create_caps (MXFMetadataTimelineTrack * track, GstTagList ** tags, + return NULL; + } + ++ if (caps) { ++ MXFUPMappingData *data = *mapping_data; ++ gsize expected_in_stride = 0, out_stride = 0; ++ gsize expected_in_size = 0, out_size = 0; ++ ++ // Do some checking of the parameters to see if they're valid and ++ // we can actually work with them. ++ if (data->image_start_offset > data->image_end_offset) { ++ GST_WARNING ("Invalid image start/end offset"); ++ g_free (data); ++ *mapping_data = NULL; ++ gst_clear_caps (&caps); ++ ++ return NULL; ++ } ++ ++ if (!g_size_checked_mul (&expected_in_stride, data->bpp, data->width) || ++ (out_stride = GST_ROUND_UP_4 (expected_in_stride)) < expected_in_stride ++ || !g_size_checked_mul (&expected_in_size, expected_in_stride, ++ data->height) ++ || !g_size_checked_mul (&out_size, out_stride, data->height)) { ++ GST_ERROR ("Invalid resolution or bit depth"); ++ g_free (data); ++ *mapping_data = NULL; ++ gst_clear_caps (&caps); ++ ++ return NULL; ++ } ++ } ++ + return caps; + } + +-- +2.43.0 + diff --git a/SOURCES/0004-mxfdemux-Check-number-of-channels-for-AES3-audio.patch b/SOURCES/0004-mxfdemux-Check-number-of-channels-for-AES3-audio.patch new file mode 100644 index 0000000..22b94bf --- /dev/null +++ b/SOURCES/0004-mxfdemux-Check-number-of-channels-for-AES3-audio.patch @@ -0,0 +1,45 @@ +From 706abb367ab366be142fbea4e454fdaa7e7e2bcb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= +Date: Thu, 10 Aug 2023 15:47:03 +0300 +Subject: [PATCH 4/5] mxfdemux: Check number of channels for AES3 audio + +Only up to 8 channels are allowed and using a higher number would cause +integer overflows when copying the data, and lead to out of bound +writes. + +Also check that each buffer is at least 4 bytes long to avoid another +overflow. + +Fixes ZDI-CAN-21661, CVE-2023-40475 + +Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2897 + +Part-of: +--- + gst/mxf/mxfd10.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/gst/mxf/mxfd10.c b/gst/mxf/mxfd10.c +index 21401cf52..99c197ab9 100644 +--- a/gst/mxf/mxfd10.c ++++ b/gst/mxf/mxfd10.c +@@ -119,7 +119,7 @@ mxf_d10_sound_handle_essence_element (const MXFUL * key, GstBuffer * buffer, + gst_buffer_map (buffer, &map, GST_MAP_READ); + + /* Now transform raw AES3 into raw audio, see SMPTE 331M */ +- if ((map.size - 4) % 32 != 0) { ++ if (map.size < 4 || (map.size - 4) % 32 != 0) { + gst_buffer_unmap (buffer, &map); + GST_ERROR ("Invalid D10 sound essence buffer size"); + return GST_FLOW_ERROR; +@@ -219,6 +219,7 @@ mxf_d10_create_caps (MXFMetadataTimelineTrack * track, GstTagList ** tags, + GstAudioFormat audio_format; + + if (s->channel_count == 0 || ++ s->channel_count > 8 || + s->quantization_bits == 0 || + s->audio_sampling_rate.n == 0 || s->audio_sampling_rate.d == 0) { + GST_ERROR ("Invalid descriptor"); +-- +2.43.0 + diff --git a/SOURCES/0005-h265parser-Fix-possible-overflow-using-max_sub_layer.patch b/SOURCES/0005-h265parser-Fix-possible-overflow-using-max_sub_layer.patch new file mode 100644 index 0000000..62819b0 --- /dev/null +++ b/SOURCES/0005-h265parser-Fix-possible-overflow-using-max_sub_layer.patch @@ -0,0 +1,42 @@ +From 33868442087aac6f26f18aeafd527c1a75946f34 Mon Sep 17 00:00:00 2001 +From: Nicolas Dufresne +Date: Wed, 17 Jan 2024 12:50:34 +0100 +Subject: [PATCH 5/5] h265parser: Fix possible overflow using + max_sub_layers_minus1 + +This fixes a possible overflow that can be triggered by an invalid value of +max_sub_layers_minus1 being set in the bitstream. The bitstream uses 3 bits, +but the allowed range is 0 to 6 only. + +Fixes ZDI-CAN-21768, CVE-2023-40476 + +Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2895 + +Part-of: +--- + gst-libs/gst/codecparsers/gsth265parser.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/gst-libs/gst/codecparsers/gsth265parser.c b/gst-libs/gst/codecparsers/gsth265parser.c +index 16fce006b..2e8ef182b 100644 +--- a/gst-libs/gst/codecparsers/gsth265parser.c ++++ b/gst-libs/gst/codecparsers/gsth265parser.c +@@ -1490,6 +1490,7 @@ gst_h265_parse_vps (GstH265NalUnit * nalu, GstH265VPS * vps) + + READ_UINT8 (&nr, vps->max_layers_minus1, 6); + READ_UINT8 (&nr, vps->max_sub_layers_minus1, 3); ++ CHECK_ALLOWED (vps->max_sub_layers_minus1, 0, 6); + READ_UINT8 (&nr, vps->temporal_id_nesting_flag, 1); + + /* skip reserved_0xffff_16bits */ +@@ -1669,6 +1670,7 @@ gst_h265_parse_sps (GstH265Parser * parser, GstH265NalUnit * nalu, + sps->vps = vps; + + READ_UINT8 (&nr, sps->max_sub_layers_minus1, 3); ++ CHECK_ALLOWED (sps->max_sub_layers_minus1, 0, 6); + READ_UINT8 (&nr, sps->temporal_id_nesting_flag, 1); + + if (!gst_h265_parse_profile_tier_level (&sps->profile_tier_level, &nr, +-- +2.43.0 + diff --git a/SOURCES/gst-p-bad-cleanup.sh b/SOURCES/gst-p-bad-cleanup.sh new file mode 100755 index 0000000..c340116 --- /dev/null +++ b/SOURCES/gst-p-bad-cleanup.sh @@ -0,0 +1,208 @@ +#!/bin/sh + +# Process a gst-plugins-bad tarball to remove +# unwanted GStreamer plugins. +# +# See https://bugzilla.redhat.com/show_bug.cgi?id=532470 +# for details +# +# Bastien Nocera - 2010 +# + +SOURCE="$1" +NEW_SOURCE=`echo $SOURCE | sed 's/bad-/bad-free-/'` +DIRECTORY=`echo $SOURCE | sed 's/\.tar\.xz//'` + +ALLOWED=" +aacparse +accurip +adpcmdec +adpcmenc +aiff +aiffparse +amrparse +asfmux +audiobuffersplit +audiofxbad +audiolatency +audiomixer +audiomixmatrix +audioparsers +audiovisualizers +autoconvert +bayer +camerabin +camerabin2 +cdxaparse +coloreffects +colorspace +compositor +dataurisrc +dccp +debugutils +dtmf +faceoverlay +festival +fieldanalysis +freeverb +freeze +frei0r +gaudieffects +gdp +geometrictransform +h264parse +hdvparse +hls +id3tag +inter +interlace +invtelecine +ivfparse +ivtc +jpegformat +jp2kdecimator +legacyresample +librfb +liveadder +midi +mve +mpegdemux +mpeg4videoparse +mpegpsmux +mpegtsdemux +mpegtsmux +mpegvideoparse +mxf +netsim +nsf +nuvdemux +onvif +patchdetect +pcapparse +pnm +proxy +qtmux +rawparse +removesilence +rtp +rtpmux +rtpvp8 +scaletempo +sdi +sdp +segmentclip +selector +smooth +speed +stereo +subenc +timecode +tta +valve +videofilters +videoframe_audiolevel +videomaxrate +videomeasure +videoparsers +videosignal +vmnc +yadif +y4m +" + +NOT_ALLOWED=" +dvbsuboverlay +dvdspu +real +siren +" + +error() +{ + MESSAGE=$1 + echo $MESSAGE + exit 1 +} + +check_allowed() +{ + MODULE=$1 + for i in $ALLOWED ; do + if test x$MODULE = x$i ; then + return 0; + fi + done + # Ignore errors coming from ext/ directory + # they require external libraries so are ineffective anyway + return 1; +} + +check_not_allowed() +{ + MODULE=$1 + for i in $NOT_ALLOWED ; do + if test x$MODULE = x$i ; then + return 0; + fi + done + return 1; +} + +rm -rf $DIRECTORY +tar xJf $SOURCE || error "Cannot unpack $SOURCE" +pushd $DIRECTORY > /dev/null || error "Cannot open directory \"$DIRECTORY\"" + +unknown="" +for subdir in gst ext sys; do + for dir in $subdir/* ; do + # Don't touch non-directories + if ! [ -d $dir ] ; then + continue; + fi + MODULE=`basename $dir` + if ( check_not_allowed $MODULE ) ; then + echo "**** Removing $MODULE ****" + echo "Removing directory $dir" + rm -r $dir || error "Cannot remove $dir" + if grep -q "AG_GST_CHECK_PLUGIN($MODULE)" configure.ac ; then + echo "Removing element check for $MODULE" + grep -v "AG_GST_CHECK_PLUGIN($MODULE)" configure.ac > configure.ac.new && mv configure.ac.new configure.ac + fi + echo "Removing Makefile generation for $MODULE" + grep -v "$dir/Makefile" configure.ac > configure.ac.new && mv configure.ac.new configure.ac + # Urgh + if test $MODULE = real ; then + grep -v "AG_GST_DISABLE_PLUGIN(real)" configure.ac > configure.ac.new && mv configure.ac.new configure.ac + fi + echo "Removing documentation for $MODULE" + if grep -q "$MODULE" docs/plugins/Makefile.am ; then + grep -v $dir docs/plugins/Makefile.am > docs/plugins/Makefile.am.new && mv docs/plugins/Makefile.am.new docs/plugins/Makefile.am + fi + echo + elif test $subdir = ext || test $subdir = sys; then + # Ignore library or system non-blacklisted plugins + continue; + elif ! ( check_allowed $MODULE ) ; then + echo "Unknown module in $dir" + unknown="$unknown $dir" + fi + done +done + +echo + +if test "x$unknown" != "x"; then + echo -n "Aborting due to unkown modules: " + echo "$unknown" | sed "s/ /\n /g" + exit 1 +fi + +#autoreconf +NOCONFIGURE=1 \ +./autogen.sh + +popd > /dev/null + +tar cJf $NEW_SOURCE $DIRECTORY +echo "$NEW_SOURCE is ready to use" + diff --git a/SPECS/gstreamer1-plugins-bad-free.spec b/SPECS/gstreamer1-plugins-bad-free.spec new file mode 100644 index 0000000..6ed73c5 --- /dev/null +++ b/SPECS/gstreamer1-plugins-bad-free.spec @@ -0,0 +1,889 @@ +%global majorminor 1.0 +%global _gobject_introspection 1.31.1 + +# Only build extras on Fedora +%if 0%{?fedora} +%bcond_without extras +%else +%bcond_with extras +%endif + +#global gitrel 140 +#global gitcommit 4ca3a22b6b33ad8be4383063e76f79c4d346535d +#global shortcommit %(c=%{gitcommit}; echo ${c:0:5}) + +Name: gstreamer1-plugins-bad-free +Version: 1.16.1 +Release: 4%{?gitcommit:.git%{shortcommit}}%{?dist} +Summary: GStreamer streaming media framework "bad" plugins + +License: LGPLv2+ and LGPLv2 +URL: http://gstreamer.freedesktop.org/ +%if 0%{?gitrel} +# git clone git://anongit.freedesktop.org/gstreamer/gst-plugins-good +# cd gst-plugins-good; git reset --hard %{gitcommit}; ./autogen.sh; make; make distcheck +# modified with gst-p-bad-cleanup.sh from SOURCE1 +%else +# The source is: +# http://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad-%{version}.tar.xz +# modified with gst-p-bad-cleanup.sh from SOURCE1 +%endif +Source0: gst-plugins-bad-free-%{version}.tar.xz +Source1: gst-p-bad-cleanup.sh + +#upstream patches +Patch0: 0001-mxfdemux-Store-GstMXFDemuxEssenceTrack-in-their-own-.patch +Patch1: 0003-mxfdemux-Fix-integer-overflow-causing-out-of-bounds-.patch +Patch2: 0004-mxfdemux-Check-number-of-channels-for-AES3-audio.patch +Patch3: 0005-h265parser-Fix-possible-overflow-using-max_sub_layer.patch + +BuildRequires: gstreamer1-devel >= %{version} +BuildRequires: gstreamer1-plugins-base-devel >= %{version} + +BuildRequires: check +BuildRequires: gettext-devel +BuildRequires: libXt-devel +BuildRequires: gtk-doc +BuildRequires: gobject-introspection-devel >= %{_gobject_introspection} + +BuildRequires: bzip2-devel +BuildRequires: exempi-devel +BuildRequires: gsm-devel +BuildRequires: jasper-devel +BuildRequires: ladspa-devel +BuildRequires: lcms2-devel +BuildRequires: libdvdnav-devel +BuildRequires: libexif-devel +BuildRequires: libmpcdec-devel +BuildRequires: librsvg2-devel +BuildRequires: libsndfile-devel +BuildRequires: mesa-libGL-devel +BuildRequires: mesa-libGLES-devel +BuildRequires: mesa-libGLU-devel +BuildRequires: openssl-devel +BuildRequires: orc-devel +BuildRequires: python3-devel +BuildRequires: soundtouch-devel +BuildRequires: wavpack-devel +BuildRequires: opus-devel +BuildRequires: nettle-devel +BuildRequires: libgcrypt-devel +%if 0%{?fedora} || 0%{?rhel} > 7 +BuildRequires: wayland-devel +%endif +BuildRequires: gnutls-devel +BuildRequires: libsrtp-devel +BuildRequires: pkgconfig(gudev-1.0) +BuildRequires: pkgconfig(libusb-1.0) +BuildRequires: gtk3-devel >= 3.4 +BuildRequires: bluez-libs-devel >= 5.0 +BuildRequires: libwebp-devel +BuildRequires: mesa-libEGL-devel +#BuildRequires: vulkan-devel +#BuildRequires: mesa-vulkan-devel +BuildRequires: webrtc-audio-processing-devel + +%if %{with extras} +BuildRequires: libbs2b-devel >= 3.1.0 +## Plugins not ported +#BuildRequires: dirac-devel +#BuildRequires: gmyth-devel >= 0.4 +BuildRequires: fluidsynth-devel +BuildRequires: libass-devel +BuildRequires: libchromaprint-devel +## Plugin not ported +#BuildRequires: libcdaudio-devel +BuildRequires: libcurl-devel +BuildRequires: game-music-emu-devel +BuildRequires: libkate-devel +BuildRequires: libmodplug-devel +BuildRequires: libofa-devel +## Plugins not ported +#BuildRequires: libmusicbrainz-devel +#BuildRequires: libtimidity-devel +BuildRequires: libvdpau-devel +BuildRequires: openal-soft-devel +#BuildRequires: opencv-devel +BuildRequires: openjpeg2-devel +## Plugins not ported +#BuildRequires: SDL-devel +#BuildRequires: slv2-devel +BuildRequires: wildmidi-devel +BuildRequires: zbar-devel +BuildRequires: zvbi-devel +BuildRequires: OpenEXR-devel +%endif + + +%description +GStreamer is a streaming media framework, based on graphs of elements which +operate on media data. + +This package contains plug-ins that aren't tested well enough, or the code +is not of good enough quality. + + +%if %{with extras} +%package extras +Summary: Extra GStreamer "bad" plugins (less often used "bad" plugins) +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description extras +GStreamer is a streaming media framework, based on graphs of elements which +operate on media data. + +gstreamer-plugins-bad contains plug-ins that aren't tested well enough, +or the code is not of good enough quality. + +This package (%{name}-extras) contains +extra "bad" plugins for sources (mythtv), sinks (fbdev) and +effects (pitch) which are not used very much and require additional +libraries to be installed. + + +%package fluidsynth +Summary: GStreamer "bad" plugins fluidsynth plugin +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: soundfont2-default + +%description fluidsynth +GStreamer is a streaming media framework, based on graphs of elements which +operate on media data. + +gstreamer-plugins-bad contains plug-ins that aren't tested well enough, +or the code is not of good enough quality. + +This package (%{name}-fluidsynth) contains the fluidsynth +plugin which allows playback of midi files. + + +%package wildmidi +Summary: GStreamer "bad" plugins wildmidi plugin +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description wildmidi +GStreamer is a streaming media framework, based on graphs of elements which +operate on media data. + +gstreamer-plugins-bad contains plug-ins that aren't tested well enough, +or the code is not of good enough quality. + +This package (%{name}-wildmidi) contains the wildmidi +plugin which allows playback of midi files. +%endif + + +%package devel +Summary: Development files for the GStreamer media framework "bad" plug-ins +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: gstreamer1-plugins-base-devel + +%description devel +GStreamer is a streaming media framework, based on graphs of elements which +operate on media data. + +This package contains the development files for the plug-ins that +aren't tested well enough, or the code is not of good enough quality. + + +%prep +%setup -q -n gst-plugins-bad-%{version} +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 + +%build +%configure --disable-silent-rules --disable-fatal-warnings \ + --with-package-name="GStreamer-plugins-bad package" \ + --with-package-origin="http://www.redhat.com" \ + %{!?with_extras:--disable-fbdev --disable-decklink --disable-linsys} \ + --enable-debug --disable-static --enable-gtk-doc --enable-experimental \ + --disable-dts --disable-faac --disable-faad --disable-nas \ + --disable-mimic --disable-libmms --disable-mpeg2enc --disable-mplex \ + --disable-neon --disable-rtmp --disable-xvid \ + --disable-flite --disable-mpg123 --disable-sbc --disable-opencv \ + --disable-spandsp --disable-voamrwbenc --disable-x265 + +%make_build + +%install +%make_install + +# Register as an AppStream component to be visible in the software center +# +# NOTE: It would be *awesome* if this file was maintained by the upstream +# project, translated and installed into the right place during `make install`. +# +# See http://www.freedesktop.org/software/appstream/docs/ for more details. +# +mkdir -p $RPM_BUILD_ROOT%{_datadir}/appdata +cat > $RPM_BUILD_ROOT%{_datadir}/appdata/gstreamer-bad-free.appdata.xml < + + + gstreamer-bad-free + CC0-1.0 + GStreamer Multimedia Codecs - Extra + Multimedia playback for AIFF, DVB, GSM, MIDI, MXF and Opus + +

+ This addon includes several additional codecs that are missing + something - perhaps a good code review, some documentation, a set of + tests, a real live maintainer, or some actual wide use. + However, they might be good enough to play your media files. +

+

+ These codecs can be used to encode and decode media files where the + format is not patent encumbered. +

+

+ A codec decodes audio and video for for playback or editing and is also + used for transmission or storage. + Different codecs are used in video-conferencing, streaming media and + video editing applications. +

+ + + AIFF + DVB + GSM + MIDI + MXF + Opus + + http://gstreamer.freedesktop.org/ + https://bugzilla.gnome.org/enter_bug.cgi?product=GStreamer + http://gstreamer.freedesktop.org/documentation/ + http://www.gnome.org/friends/ + + +EOF + +%find_lang gst-plugins-bad-%{majorminor} + +# unpackaged files +find $RPM_BUILD_ROOT -name '*.la' -exec rm -fv {} ';' + + +%ldconfig_scriptlets + +%files -f gst-plugins-bad-%{majorminor}.lang +%license COPYING COPYING.LIB +%doc AUTHORS README REQUIREMENTS + +%{_datadir}/appdata/*.appdata.xml + +# presets +%dir %{_datadir}/gstreamer-%{majorminor}/presets/ +%{_datadir}/gstreamer-%{majorminor}/presets/GstFreeverb.prs + +# opencv data +#{_datadir}/gst-plugins-bad/%{majorminor}/opencv_haarcascades/ + +%{_libdir}/libgstadaptivedemux-%{majorminor}.so.* +%{_libdir}/libgstbasecamerabinsrc-%{majorminor}.so.* +%{_libdir}/libgstbadaudio-%{majorminor}.so.* +%{_libdir}/libgstcodecparsers-%{majorminor}.so.* +%{_libdir}/libgstinsertbin-%{majorminor}.so.* +%{_libdir}/libgstisoff-%{majorminor}.so.* +%{_libdir}/libgstmpegts-%{majorminor}.so.* +%{_libdir}/libgstplayer-%{majorminor}.so.* +%{_libdir}/libgstphotography-%{majorminor}.so.* +%{_libdir}/libgstsctp-%{majorminor}.so.* +%{_libdir}/libgsturidownloader-%{majorminor}.so.* +%{_libdir}/libgstwebrtc-%{majorminor}.so.* +%if 0%{?fedora} || 0%{?rhel} > 7 +%{_libdir}/libgstwayland-%{majorminor}.so.* +%endif + +%{_libdir}/girepository-1.0/GstInsertBin-1.0.typelib +%{_libdir}/girepository-1.0/GstMpegts-1.0.typelib +%{_libdir}/girepository-1.0/GstPlayer-1.0.typelib +%{_libdir}/girepository-1.0/GstWebRTC-1.0.typelib + +# Plugins without external dependencies +%{_libdir}/gstreamer-%{majorminor}/libgstaccurip.so +%{_libdir}/gstreamer-%{majorminor}/libgstadpcmdec.so +%{_libdir}/gstreamer-%{majorminor}/libgstadpcmenc.so +%{_libdir}/gstreamer-%{majorminor}/libgstaiff.so +%{_libdir}/gstreamer-%{majorminor}/libgstasfmux.so +%{_libdir}/gstreamer-%{majorminor}/libgstaudiobuffersplit.so +%{_libdir}/gstreamer-%{majorminor}/libgstaudiofxbad.so +%{_libdir}/gstreamer-%{majorminor}/libgstaudiolatency.so +%{_libdir}/gstreamer-%{majorminor}/libgstaudiomixmatrix.so +%{_libdir}/gstreamer-%{majorminor}/libgstaudiovisualizers.so +%{_libdir}/gstreamer-%{majorminor}/libgstautoconvert.so +%{_libdir}/gstreamer-%{majorminor}/libgstbayer.so +%{_libdir}/gstreamer-%{majorminor}/libgstcamerabin.so +%{_libdir}/gstreamer-%{majorminor}/libgstcoloreffects.so +%{_libdir}/gstreamer-%{majorminor}/libgstdashdemux.so +%{_libdir}/gstreamer-%{majorminor}/libgstfaceoverlay.so +%if %{with extras} +%{_libdir}/gstreamer-%{majorminor}/libgstfbdevsink.so +%endif + +%{_libdir}/gstreamer-%{majorminor}/libgstfestival.so +%{_libdir}/gstreamer-%{majorminor}/libgstfieldanalysis.so +%{_libdir}/gstreamer-%{majorminor}/libgstfreeverb.so +%{_libdir}/gstreamer-%{majorminor}/libgstfrei0r.so +%{_libdir}/gstreamer-%{majorminor}/libgstgaudieffects.so +%{_libdir}/gstreamer-%{majorminor}/libgstgdp.so +%{_libdir}/gstreamer-%{majorminor}/libgstgeometrictransform.so +%{_libdir}/gstreamer-%{majorminor}/libgstlegacyrawparse.so +%{_libdir}/gstreamer-%{majorminor}/libgstid3tag.so +%{_libdir}/gstreamer-%{majorminor}/libgstipcpipeline.so +%{_libdir}/gstreamer-%{majorminor}/libgstinter.so +%{_libdir}/gstreamer-%{majorminor}/libgstinterlace.so +%{_libdir}/gstreamer-%{majorminor}/libgstivfparse.so +%{_libdir}/gstreamer-%{majorminor}/libgstivtc.so +%{_libdir}/gstreamer-%{majorminor}/libgstjp2kdecimator.so +%{_libdir}/gstreamer-%{majorminor}/libgstjpegformat.so +%{_libdir}/gstreamer-%{majorminor}/libgstmidi.so +%{_libdir}/gstreamer-%{majorminor}/libgstmpegpsdemux.so +%{_libdir}/gstreamer-%{majorminor}/libgstmpegtsdemux.so +%{_libdir}/gstreamer-%{majorminor}/libgstmpegpsmux.so +%{_libdir}/gstreamer-%{majorminor}/libgstmpegtsmux.so +%{_libdir}/gstreamer-%{majorminor}/libgstmxf.so +%{_libdir}/gstreamer-%{majorminor}/libgstnetsim.so +%{_libdir}/gstreamer-%{majorminor}/libgstpcapparse.so +%{_libdir}/gstreamer-%{majorminor}/libgstpnm.so +%{_libdir}/gstreamer-%{majorminor}/libgstproxy.so +%{_libdir}/gstreamer-%{majorminor}/libgstremovesilence.so +%{_libdir}/gstreamer-%{majorminor}/libgstresindvd.so +%{_libdir}/gstreamer-%{majorminor}/libgstrfbsrc.so +%{_libdir}/gstreamer-%{majorminor}/libgstrsvg.so +%{_libdir}/gstreamer-%{majorminor}/libgstrtponvif.so +%{_libdir}/gstreamer-%{majorminor}/libgstsdpelem.so +%{_libdir}/gstreamer-%{majorminor}/libgstsegmentclip.so +%{_libdir}/gstreamer-%{majorminor}/libgstshm.so +%{_libdir}/gstreamer-%{majorminor}/libgstsmooth.so +%{_libdir}/gstreamer-%{majorminor}/libgstsmoothstreaming.so +%{_libdir}/gstreamer-%{majorminor}/libgstspeed.so +%{_libdir}/gstreamer-%{majorminor}/libgstsubenc.so +%{_libdir}/gstreamer-%{majorminor}/libgsttimecode.so +%{_libdir}/gstreamer-%{majorminor}/libgstuvch264.so +%{_libdir}/gstreamer-%{majorminor}/libgstvideofiltersbad.so +%{_libdir}/gstreamer-%{majorminor}/libgstvideoframe_audiolevel.so +%{_libdir}/gstreamer-%{majorminor}/libgstvideoparsersbad.so +%{_libdir}/gstreamer-%{majorminor}/libgstvideosignal.so +%{_libdir}/gstreamer-%{majorminor}/libgstvmnc.so +%{_libdir}/gstreamer-%{majorminor}/libgstyadif.so +%{_libdir}/gstreamer-%{majorminor}/libgsty4mdec.so + +# System (Linux) specific plugins +%{_libdir}/gstreamer-%{majorminor}/libgstdvb.so + +# Plugins with external dependencies +%{_libdir}/gstreamer-%{majorminor}/libgstbluez.so +%{_libdir}/gstreamer-%{majorminor}/libgstbz2.so +%{_libdir}/gstreamer-%{majorminor}/libgstclosedcaption.so +%{_libdir}/gstreamer-%{majorminor}/libgstcolormanagement.so +%{_libdir}/gstreamer-%{majorminor}/libgstdtls.so +%{_libdir}/gstreamer-%{majorminor}/libgsthls.so +%{_libdir}/gstreamer-%{majorminor}/libgstgsm.so +%{_libdir}/gstreamer-%{majorminor}/libgstkms.so +%{_libdir}/gstreamer-%{majorminor}/libgstladspa.so +%{_libdir}/gstreamer-%{majorminor}/libgstopusparse.so +%{_libdir}/gstreamer-%{majorminor}/libgstsndfile.so +%{_libdir}/gstreamer-%{majorminor}/libgstsoundtouch.so +%{_libdir}/gstreamer-%{majorminor}/libgstsrtp.so +%{_libdir}/gstreamer-%{majorminor}/libgstttmlsubs.so +#{_libdir}/gstreamer-%{majorminor}/libgstvulkan.so +%if 0%{?fedora} || 0%{?rhel} > 7 +%{_libdir}/gstreamer-%{majorminor}/libgstwaylandsink.so +%endif +%{_libdir}/gstreamer-%{majorminor}/libgstwebp.so +%{_libdir}/gstreamer-%{majorminor}/libgstwebrtcdsp.so + +#debugging plugin +%{_libdir}/gstreamer-%{majorminor}/libgstdebugutilsbad.so + + +%if %{with extras} +%files extras +# Plugins with external dependencies +%{_libdir}/gstreamer-%{majorminor}/libgstassrender.so +%{_libdir}/gstreamer-%{majorminor}/libgstbs2b.so +%{_libdir}/gstreamer-%{majorminor}/libgstchromaprint.so +%{_libdir}/gstreamer-%{majorminor}/libgstcurl.so +%{_libdir}/gstreamer-%{majorminor}/libgstdecklink.so +%{_libdir}/gstreamer-%{majorminor}/libgstgme.so +%{_libdir}/gstreamer-%{majorminor}/libgstkate.so +%{_libdir}/gstreamer-%{majorminor}/libgstmodplug.so +%{_libdir}/gstreamer-%{majorminor}/libgstofa.so +%{_libdir}/gstreamer-%{majorminor}/libgstopenal.so +#{_libdir}/gstreamer-%{majorminor}/libgstopencv.so +%{_libdir}/gstreamer-%{majorminor}/libgstopenexr.so +%{_libdir}/gstreamer-%{majorminor}/libgstopenjpeg.so +%{_libdir}/gstreamer-%{majorminor}/libgstteletext.so +%{_libdir}/gstreamer-%{majorminor}/libgstvdpau.so +%{_libdir}/gstreamer-%{majorminor}/libgstzbar.so + + +%files fluidsynth +# Plugins with external dependencies +%{_libdir}/gstreamer-%{majorminor}/libgstfluidsynthmidi.so + +%files wildmidi +# Plugins with external dependencies +%{_libdir}/gstreamer-%{majorminor}/libgstwildmidi.so +%endif + + +%files devel +%doc %{_datadir}/gtk-doc/html/gst-plugins-bad-plugins-%{majorminor} +%doc %{_datadir}/gtk-doc/html/gst-plugins-bad-libs-%{majorminor} + +%{_datadir}/gir-1.0/GstInsertBin-%{majorminor}.gir +%{_datadir}/gir-1.0/GstMpegts-%{majorminor}.gir +%{_datadir}/gir-1.0/GstPlayer-%{majorminor}.gir +%{_datadir}/gir-1.0/GstWebRTC-%{majorminor}.gir + +%{_libdir}/libgstadaptivedemux-%{majorminor}.so +%{_libdir}/libgstbasecamerabinsrc-%{majorminor}.so +%{_libdir}/libgstbadaudio-%{majorminor}.so +%{_libdir}/libgstcodecparsers-%{majorminor}.so +%{_libdir}/libgstinsertbin-%{majorminor}.so +%{_libdir}/libgstisoff-%{majorminor}.so +%{_libdir}/libgstmpegts-%{majorminor}.so +%{_libdir}/libgstplayer-%{majorminor}.so +%{_libdir}/libgstphotography-%{majorminor}.so +%{_libdir}/libgstsctp-%{majorminor}.so +%{_libdir}/libgsturidownloader-%{majorminor}.so +%{_libdir}/libgstwebrtc-%{majorminor}.so +%if 0%{?fedora} || 0%{?rhel} > 7 +%{_libdir}/libgstwayland-%{majorminor}.so +%endif + +%{_includedir}/gstreamer-%{majorminor}/gst/audio +%{_includedir}/gstreamer-%{majorminor}/gst/basecamerabinsrc +%{_includedir}/gstreamer-%{majorminor}/gst/codecparsers +%{_includedir}/gstreamer-%{majorminor}/gst/insertbin +%{_includedir}/gstreamer-%{majorminor}/gst/interfaces/photography* +%{_includedir}/gstreamer-%{majorminor}/gst/isoff/ +%{_includedir}/gstreamer-%{majorminor}/gst/mpegts +%{_includedir}/gstreamer-%{majorminor}/gst/player +%{_includedir}/gstreamer-%{majorminor}/gst/sctp +%{_includedir}/gstreamer-%{majorminor}/gst/uridownloader +%{_includedir}/gstreamer-%{majorminor}/gst/webrtc/ + +# pkg-config files +%{_libdir}/pkgconfig/gstreamer-bad-audio-%{majorminor}.pc +%{_libdir}/pkgconfig/gstreamer-codecparsers-%{majorminor}.pc +%{_libdir}/pkgconfig/gstreamer-insertbin-%{majorminor}.pc +%{_libdir}/pkgconfig/gstreamer-mpegts-%{majorminor}.pc +%{_libdir}/pkgconfig/gstreamer-player-%{majorminor}.pc +%{_libdir}/pkgconfig/gstreamer-plugins-bad-%{majorminor}.pc +%{_libdir}/pkgconfig/gstreamer-sctp-%{majorminor}.pc +%{_libdir}/pkgconfig/gstreamer-webrtc-%{majorminor}.pc + + +%changelog +* Wed Jan 17 2024 Wim Taymans - 1.16.1-4 +- Patch CVE-2023-40474: Integer overflow +- Patch CVE-2023-40475: Integer overflow +- Patch CVE-2023-40476: Integer overflow in H.265 video parser +- Resolves: RHEL-19500, RHEL-19504, RHEL-19507 + +* Thu Jan 11 2024 Wim Taymans - 1.16.1-3 +- Bump to avoid conflict with z stream. +- Resolves: RHEL-16794 + +* Wed Dec 13 2023 Wim Taymans - 1.16.1-2 +- Patch CVE-2023-44446: MXF demuxer use-after-free +- Resolves: RHEL-16794 + +* Mon Nov 18 2019 Wim Taymans - 1.16.1-1 +- Update to 1.16.1 +- Remove upstreamed patches +- Remove dependency on removed package +- Add sctp and closedcaption plugins +- The vcdsrc plugin was removed +- Resolves: rhbz#1756299 + +* Thu Aug 16 2018 Wim Taymans - 1.14.0-5 +- Fixes for problems found by covscan +- Resolves: rhbz#1602534 + +* Mon Aug 13 2018 Troy Dawson - 1.14.0-4 +- Add BuildRequest python3-devel + +* Tue Jul 17 2018 Wim Taymans - 1.14.0-3 +- Remove obsolete liboil BR (#1588303) +- Only build extras on Fedora +- bluez is not in extras +- vdpau is in extras + +* Tue Jul 17 2018 Wim Taymans - 1.14.0-2 +- Use openjpeg2 instead of openjpeg (#1553079) + +* Tue Mar 20 2018 Wim Taymans - 1.14.0-1 +- Update to 1.14.0 +- add webrtc gir and typelib + +* Wed Mar 14 2018 Wim Taymans - 1.13.91-1 +- Update to 1.13.91 + +* Mon Mar 5 2018 Wim Taymans - 1.13.90-1 +- Update to 1.13.90 +- Add audiolatency +- Schrodinger element was removed + +* Tue Feb 27 2018 Rex Dieter - 1.13.1-2 +- drop -gtk subpkg, moved to gst1-plugins-good + +* Fri Feb 23 2018 Rex Dieter - 1.13.1-1 +- 1.13.1 +- use %%ldconfig_scriptlets %%make_build %%make_install +- fix rpath in gst-p-bad-cleanup.sh +- tighten subpkg deps with %%{?_isa} +- -gtk subpkg now empty. FIXME + +* Wed Feb 07 2018 Fedora Release Engineering - 1.12.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Mon Jan 8 2018 Wim Taymans - 1.12.4-2 +- Rebuild for chromaprint .so change + +* Mon Dec 11 2017 Wim Taymans - 1.12.4-1 +- Update to 1.12.4 + +* Fri Oct 13 2017 Troy Dawson - 1.12.3-3 +- Cleanup spec file conditionals + +* Sat Sep 30 2017 Jerry James - 1.12.3-2 +- Rebuild for soundtouch 2.0.0 + +* Tue Sep 19 2017 Wim Taymans - 1.12.3-1 +- Update to 1.12.3 + +* Wed Aug 02 2017 Fedora Release Engineering - 1.12.2-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Sun Jul 30 2017 Florian Weimer - 1.12.2-4 +- Rebuild with binutils fix for ppc64le (#1475636) + +* Thu Jul 27 2017 Jan Horak - 1.12.2-3 +- Added missing buildrequire on EGL + +* Wed Jul 26 2017 Fedora Release Engineering - 1.12.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Mon Jul 17 2017 Wim Taymans - 1.12.2-1 +- Update to 1.12.2 + +* Tue Jun 20 2017 Wim Taymans - 1.12.1-1 +- Update to 1.12.1 + +* Wed May 10 2017 Wim Taymans - 1.12.0-1 +- Update to 1.12.0 + +* Fri Apr 28 2017 Wim Taymans - 1.11.91-1 +- Update to 1.11.91 + +* Tue Apr 11 2017 Wim Taymans - 1.11.90-1 +- Update to 1.11.90 +- Update plugin names +- Remove old rawparse plugin +- Add new allocator lib and legacyrawparse + +* Fri Feb 24 2017 Wim Taymans - 1.11.2-1 +- Update to 1.11.2 +- add audiomixmatrix + +* Fri Feb 10 2017 Fedora Release Engineering - 1.11.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Feb 01 2017 Sandro Mani - 1.11.1-2 +- Rebuild (libwebp) + +* Fri Jan 13 2017 Wim Taymans - 1.11.1-1 +- Update to 1.11.1 +- Add audiobuffersplit +- Dataurisrc was moved to core +- Add ttmlsubs plugin + +* Mon Dec 05 2016 Wim Taymans - 1.10.2-1 +- Update to 1.10.2 + +* Mon Nov 28 2016 Wim Taymans - 1.10.1-1 +- Update to 1.10.1 + +* Thu Nov 03 2016 Wim Taymans - 1.10.0-1 +- Update to 1.10.0 + +* Sat Oct 01 2016 Wim Taymans - 1.9.90-1 +- Update to 1.9.90 + +* Fri Sep 02 2016 Wim Taymans - 1.9.2-2 +- Rebuild + +* Thu Sep 01 2016 Wim Taymans - 1.9.2-1 +- Update to 1.9.2 + +* Fri Aug 26 2016 Hans de Goede - 1.9.1-3 +- Rebuild for new wildmidi + +* Wed Aug 10 2016 Wim Taymans - 1.9.1-2 +- Merge patches from Kevin Kofler (#1267665) +- Split gtksink into a -gtk subpackage (#1295444) +- Split wildmidi plugin into a -wildmidi subpackage (#1267665) +- BR mesa-libGLES-devel to enable OpenGL ES 2 support in GstGL (#1308290) + +* Thu Jul 07 2016 Wim Taymans - 1.9.1-1 +- Update to 1.9.1 +- add musepack plugin +- add kmssink plugin + +* Thu Jun 09 2016 Wim Taymans - 1.8.2-1 +- Update to 1.8.2 + +* Sun May 08 2016 Wim Taymans - 1.8.1-2 +- Rebuild for opencv +- Disable opencv, the version is too new + +* Thu Apr 21 2016 Wim Taymans - 1.8.1-1 +- Update to 1.8.1 + +* Thu Mar 24 2016 Wim Taymans - 1.8.0-1 +- Update to 1.8.0 + +* Wed Mar 16 2016 Wim Taymans - 1.7.91-1 +- Update to 1.7.91 +- The opus parse was not moved so we still need opus-devel and we still + ship a plugin. +- the plugin was renamed to opusparse + +* Wed Mar 02 2016 Wim Taymans - 1.7.90-1 +- Update to 1.7.90 +- the opus plugin was moved to -base. + +* Thu Feb 25 2016 Wim Taymans - 1.7.2-2 +- Rebuild for soundtouch ABI break (#1311323) + +* Fri Feb 19 2016 Wim Taymans - 1.7.2-1 +- Update to 1.7.2 +- remove rtpbad plugin, it was moved +- add new libraries and netsim plugin + +* Tue Feb 16 2016 Wim Taymans - 1.7.1-5 +- add chromaprint plugin + +* Thu Feb 04 2016 Ralf Corsépius - 1.7.1-4 +- Append --disable-fatal-warnings to %%configure to prevent + building from aborting for negligible warnings (Fix F24FTBFS) +- Append --disable-silent-rules to %%configure to make + building verbose. +- Don't remove buildroot before installing. + +* Wed Feb 03 2016 Fedora Release Engineering - 1.7.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Jan 5 2016 Wim Taymans - 1.7.1-2 +- remove rpath from gtksink and mxf +- Fix description line too long + +* Tue Jan 5 2016 Wim Taymans - 1.7.1-1 +- Update to 1.7.1 +- rename fragmented -> hls +- remove liveadder +- add gstplayer +- add teletextdec and videoframe_audiolevel + +* Mon Dec 28 2015 Rex Dieter 1.6.2-2 +- rebuild (libwebp) + +* Tue Dec 15 2015 Wim Taymans - 1.6.2-1 +- Update to 1.6.2 + +* Mon Nov 9 2015 Wim Taymans - 1.6.1-2 +- Enable more plugins: gtksink, webp, bluez, bs2b, gme, ofa, openal, + opencv, openjpeg + +* Mon Nov 2 2015 Wim Taymans - 1.6.1-1 +- Update to 1.6.1 + +* Sat Sep 26 2015 Kalev Lember - 1.6.0-1 +- Update to 1.6.0 +- Remove lib64 rpaths from a few more libraries +- Use license macro for COPYING and COPYING.LIB + +* Mon Sep 21 2015 Wim Taymans - 1.5.91-1 +- Update to 1.5.91 + +* Fri Sep 18 2015 Richard Hughes - 1.5.90-3 +- Add optional data to AppStream metadata. + +* Mon Aug 24 2015 Wim Taymans - 1.5.90-2 +- Enable uvch264 + +* Wed Aug 19 2015 Wim Taymans - 1.5.90-1 +- Update to 1.5.90 + +* Thu Jun 25 2015 Wim Taymans - 1.5.2-1 +- Update to 1.5.2 + +* Wed Jun 17 2015 Fedora Release Engineering - 1.5.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Jun 08 2015 Wim Taymans - 1.5.1-1 +- Update to 1.5.1 +- Drop old patch + +* Mon May 04 2015 Kalev Lember - 1.4.5-5 +- Rebuilt for nettle soname bump + +* Sat May 02 2015 Kalev Lember - 1.4.5-4 +- Rebuilt for GCC 5 C++11 ABI change + +* Wed Mar 25 2015 Richard Hughes - 1.4.5-3 +- Register as an AppStream component. + +* Fri Mar 06 2015 David Woodhouse - 1.4.5-2 +- Fix RTP/RTCP muxing (#1199578) + +* Tue Feb 03 2015 Wim Taymans - 1.4.5-1 +- Update to 1.4.5 + +* Tue Nov 25 2014 Rex Dieter 1.4.4-2 +- rebuild (openexr) + +* Fri Nov 14 2014 Kalev Lember - 1.4.4-1 +- Update to 1.4.4 + +* Fri Nov 14 2014 Tom Callaway - 1.4.2-3 +- Rebuild for new libsrtp + +* Mon Sep 22 2014 Wim Taymans - 1.4.2-2 +- Remove celt buildreq, the plugin was removed and so is celt-devel + +* Mon Sep 22 2014 Wim Taymans - 1.4.2-1 +- Update to 1.4.2. + +* Fri Aug 29 2014 Wim Taymans - 1.4.1-1 +- Update to 1.4.1. + +* Sat Aug 16 2014 Fedora Release Engineering - 1.4.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Tue Jul 22 2014 Wim Taymans - 1.4.0-1 +- Update to 1.4.0. + +* Fri Jul 11 2014 Wim Taymans - 1.3.91-1 +- Update to 1.3.91. +- Remove old libraries + +* Tue Jun 17 2014 Wim Taymans - 1.2.4-1 +- Update to 1.2.4. + +* Sat Jun 07 2014 Fedora Release Engineering - 1.2.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu Mar 20 2014 Hans de Goede - 1.2.3-3 +- Put the fluidsynth plugin in its own subpackage and make it require + soundfont2-default (rhbz#1078925) + +* Wed Mar 19 2014 Peter Robinson 1.2.3-2 +- Bump (libass) + +* Mon Feb 10 2014 Brian Pepple - 1.2.3-1 +- Update to 1.2.3. + +* Thu Feb 6 2014 Brian Pepple - 1.2.2-2 +- Build the srtp plugin. (#1055669) + +* Fri Dec 27 2013 Brian Pepple - 1.2.2-1 +- Update to 1.2.2. + +* Fri Nov 15 2013 Brian Pepple - 1.2.1-4 +- Build fluidsynth plugin. (#1024906) + +* Thu Nov 14 2013 Brian Pepple - 1.2.1-3 +- Add BR on gnutls-devel for HLS support. (#1030491) + +* Mon Nov 11 2013 Brian Pepple - 1.2.1-2 +- Build ladspa, libkate, and wildmidi plugins. + +* Mon Nov 11 2013 Brian Pepple - 1.2.1-1 +- Update to 1.2.1. + +* Fri Nov 8 2013 Brian Pepple - 1.2.0-3 +- Build gobject-introspection support. (#1028156) + +* Fri Oct 04 2013 Bastien Nocera 1.2.0-2 +- Build the wayland video output plugin + +* Tue Sep 24 2013 Brian Pepple - 1.2.0-1 +- Update to 1.2.0. + +* Thu Sep 19 2013 Brian Pepple - 1.1.90-1 +- Update to 1.1.90. + +* Wed Aug 28 2013 Brian Pepple - 1.1.4-1 +- Update to 1.1.4. + +* Mon Jul 29 2013 Brian Pepple - 1.1.3-1 +- Update to 1.1.3. + +* Fri Jul 12 2013 Brian Pepple - 1.1.2-1 +- Update to 1.1.2. + +* Tue May 07 2013 Colin Walters - 1.0.7-2 +- Move libgstdecklink to its correct place in extras; needed for RHEL + +* Fri Apr 26 2013 Brian Pepple - 1.0.7-1 +- Update to 1.0.7. + +* Sun Mar 24 2013 Brian Pepple - 1.0.6-1 +- Update to 1.0.6. +- Drop BR on PyXML. + +* Thu Feb 14 2013 Fedora Release Engineering - 1.0.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Tue Jan 8 2013 Brian Pepple - 1.0.5-1 +- Update to 1.0.5 + +* Wed Dec 19 2012 Brian Pepple - 1.0.4-1 +- Update to 1.0.4 + +* Wed Nov 21 2012 Brian Pepple - 1.0.3-1 +- Update to 1.0.3 + +* Thu Oct 25 2012 Brian Pepple - 1.0.2-1 +- Update to 1.0.2 + +* Sun Oct 7 2012 Brian Pepple - 1.0.1-1 +- Update to 1.0.1 +- Add frei0r plugin to file list. + +* Mon Oct 1 2012 Peter Robinson - 1.0.0-3 +- Enable verbose build + +* Wed Sep 26 2012 Brian Pepple - 1.0.0-2 +- Build opus plugin. + +* Mon Sep 24 2012 Brian Pepple - 1.0.0-1 +- Update to 1.0.0. + +* Thu Sep 20 2012 Bastien Nocera 0.11.99-2 +- The soundtouch-devel BR should be on, even with extras disabled + +* Wed Sep 19 2012 Brian Pepple - 0.11.99-1 +- Update to 0.11.99 + +* Fri Sep 14 2012 Brian Pepple - 0.11.94-1 +- Update to 0.11.94. + +* Sat Aug 18 2012 Brian Pepple - 0.11.93-2 +- Fix permission on tarball clean-up script. +- Re-enable soundtouch-devel. +- Add COPYING.LIB to package. +- Use %%global instead of %%define. + +* Wed Aug 15 2012 Brian Pepple - 0.11.93-1 +- Update to 0.11.93. + +* Fri Jul 20 2012 Brian Pepple - 0.11.92-1 +- Initial Fedora spec file.