Compare commits

...

No commits in common. 'c9' and 'i8c-beta' have entirely different histories.
c9 ... i8c-beta

2
.gitignore vendored

@ -1 +1 @@
SOURCES/gst-plugins-bad-free-1.22.1.tar.xz
SOURCES/gst-plugins-bad-free-1.16.1.tar.xz

@ -1 +1 @@
fb0172c16d7e8ab7c7c6497f302d64a6e0ff974b SOURCES/gst-plugins-bad-free-1.22.1.tar.xz
318b749af5a289650e380cbabc0293e422b9a3ba SOURCES/gst-plugins-bad-free-1.16.1.tar.xz

@ -1,8 +1,8 @@
From db2e5ccfcf4db7fc3d199d885b07e5eb34770c19 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 20 Oct 2023 00:09:57 +0300
Subject: [PATCH 1/2] mxfdemux: Store GstMXFDemuxEssenceTrack in their own
fixed allocation
From 24e891568537f4447d1c212dcb355a766296bdbb Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Tue, 12 Dec 2023 18:00:58 +0100
Subject: [PATCH] mxfdemux: Store GstMXFDemuxEssenceTrack in their own fixed
allocation
Previously they were stored inline inside a GArray, but as references to
the tracks were stored in various other places although the array could
@ -18,15 +18,15 @@ Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3055
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5638>
---
.../gst-plugins-bad/gst/mxf/mxfdemux.c | 116 ++++++++----------
.../gst-plugins-bad/gst/mxf/mxfdemux.h | 2 +-
2 files changed, 50 insertions(+), 68 deletions(-)
gst/mxf/mxfdemux.c | 114 +++++++++++++++++++++------------------------
gst/mxf/mxfdemux.h | 2 +-
2 files changed, 53 insertions(+), 63 deletions(-)
diff --git a/subprojects/gst-plugins-bad/gst/mxf/mxfdemux.c b/subprojects/gst-plugins-bad/gst/mxf/mxfdemux.c
index d9eb9a5844..1b58989631 100644
--- a/subprojects/gst-plugins-bad/gst/mxf/mxfdemux.c
+++ b/subprojects/gst-plugins-bad/gst/mxf/mxfdemux.c
@@ -170,10 +170,25 @@ gst_mxf_demux_partition_free (GstMXFDemuxPartition * partition)
diff --git a/gst/mxf/mxfdemux.c b/gst/mxf/mxfdemux.c
index f6e5ac048..b97dce1ad 100644
--- a/gst/mxf/mxfdemux.c
+++ b/gst/mxf/mxfdemux.c
@@ -154,10 +154,25 @@ gst_mxf_demux_partition_free (GstMXFDemuxPartition * partition)
}
static void
@ -54,11 +54,10 @@ index d9eb9a5844..1b58989631 100644
GST_DEBUG_OBJECT (demux, "Resetting MXF state");
g_list_foreach (demux->partitions, (GFunc) gst_mxf_demux_partition_free,
@@ -182,23 +197,7 @@ gst_mxf_demux_reset_mxf_state (GstMXFDemux * demux)
demux->partitions = NULL;
@@ -167,22 +182,7 @@ gst_mxf_demux_reset_mxf_state (GstMXFDemux * demux)
demux->current_partition = NULL;
-
- for (i = 0; i < demux->essence_tracks->len; i++) {
- GstMXFDemuxEssenceTrack *t =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i);
@ -79,7 +78,7 @@ index d9eb9a5844..1b58989631 100644
}
static void
@@ -216,7 +215,7 @@ gst_mxf_demux_reset_linked_metadata (GstMXFDemux * demux)
@@ -200,7 +200,7 @@ gst_mxf_demux_reset_linked_metadata (GstMXFDemux * demux)
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *track =
@ -87,17 +86,8 @@ index d9eb9a5844..1b58989631 100644
+ g_ptr_array_index (demux->essence_tracks, i);
track->source_package = NULL;
track->delta_id = -1;
@@ -419,7 +418,7 @@ gst_mxf_demux_partition_postcheck (GstMXFDemux * demux,
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *cand =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i);
+ g_ptr_array_index (demux->essence_tracks, i);
if (cand->body_sid != partition->partition.body_sid)
continue;
@@ -866,8 +865,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux)
track->source_track = NULL;
@@ -713,8 +713,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux)
for (k = 0; k < demux->essence_tracks->len; k++) {
GstMXFDemuxEssenceTrack *tmp =
@ -107,7 +97,7 @@ index d9eb9a5844..1b58989631 100644
if (tmp->track_number == track->parent.track_number &&
tmp->body_sid == edata->body_sid) {
@@ -885,24 +883,23 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux)
@@ -732,24 +731,23 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux)
}
if (!etrack) {
@ -142,7 +132,7 @@ index d9eb9a5844..1b58989631 100644
demux->essence_tracks->len - 1);
new = TRUE;
}
@@ -1050,13 +1047,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux)
@@ -876,13 +874,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux)
next:
if (new) {
@ -157,7 +147,7 @@ index d9eb9a5844..1b58989631 100644
demux->essence_tracks->len - 1);
}
}
@@ -1069,7 +1060,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux)
@@ -895,7 +887,7 @@ gst_mxf_demux_update_essence_tracks (GstMXFDemux * demux)
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *etrack =
@ -166,7 +156,7 @@ index d9eb9a5844..1b58989631 100644
if (!etrack->source_package || !etrack->source_track || !etrack->caps) {
GST_ERROR_OBJECT (demux, "Failed to update essence track %u", i);
@@ -1438,7 +1429,7 @@ gst_mxf_demux_update_tracks (GstMXFDemux * demux)
@@ -1117,7 +1109,7 @@ gst_mxf_demux_update_tracks (GstMXFDemux * demux)
for (k = 0; k < demux->essence_tracks->len; k++) {
GstMXFDemuxEssenceTrack *tmp =
@ -175,7 +165,7 @@ index d9eb9a5844..1b58989631 100644
if (tmp->source_package == source_package &&
tmp->source_track == source_track) {
@@ -1927,8 +1918,7 @@ gst_mxf_demux_pad_set_component (GstMXFDemux * demux, GstMXFDemuxPad * pad,
@@ -1598,8 +1590,7 @@ gst_mxf_demux_pad_set_component (GstMXFDemux * demux, GstMXFDemuxPad * pad,
pad->current_essence_track = NULL;
for (k = 0; k < demux->essence_tracks->len; k++) {
@ -185,78 +175,84 @@ index d9eb9a5844..1b58989631 100644
if (tmp->source_package == source_package &&
tmp->source_track == source_track) {
@@ -2712,7 +2702,7 @@ gst_mxf_demux_handle_generic_container_essence_element (GstMXFDemux * demux,
if (!etrack) {
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *tmp =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i);
+ g_ptr_array_index (demux->essence_tracks, i);
if (tmp->body_sid == demux->current_partition->partition.body_sid &&
(tmp->track_number == track_number || tmp->track_number == 0)) {
@@ -3916,8 +3906,7 @@ from_track_offset:
gst_mxf_demux_set_partition_for_offset (demux, demux->offset);
@@ -1731,7 +1722,7 @@ gst_mxf_demux_handle_generic_container_essence_element (GstMXFDemux * demux,
for (i = 0; i < demux->essence_tracks->len; i++) {
- GstMXFDemuxEssenceTrack *t =
GstMXFDemuxEssenceTrack *tmp =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i);
+ GstMXFDemuxEssenceTrack *t = g_ptr_array_index (demux->essence_tracks, i);
+ g_ptr_array_index (demux->essence_tracks, i);
if (tmp->body_sid == demux->current_partition->partition.body_sid &&
(tmp->track_number == track_number || tmp->track_number == 0)) {
@@ -2656,7 +2647,7 @@ gst_mxf_demux_handle_klv_packet (GstMXFDemux * demux, const MXFUL * key,
if (index_start_position != -1 && t == etrack)
t->position = index_start_position;
@@ -3941,8 +3930,7 @@ from_track_offset:
/* Handle EOS */
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *t =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack,
- i);
GstMXFDemuxEssenceTrack *etrack =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i);
+ g_ptr_array_index (demux->essence_tracks, i);
if (etrack->body_sid != demux->current_partition->partition.body_sid)
continue;
@@ -2719,7 +2710,7 @@ gst_mxf_demux_handle_klv_packet (GstMXFDemux * demux, const MXFUL * key,
guint i;
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *etrack =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i);
+ g_ptr_array_index (demux->essence_tracks, i);
if (t->position > 0)
t->duration = t->position;
@@ -4180,8 +4168,7 @@ gst_mxf_demux_pull_and_handle_klv_packet (GstMXFDemux * demux)
guint i;
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *etrack =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack,
- i);
+ g_ptr_array_index (demux->essence_tracks, i);
if (etrack->body_sid != demux->current_partition->partition.body_sid)
continue;
@@ -2914,7 +2905,7 @@ from_index:
if (etrack->body_sid != partition->partition.body_sid)
continue;
@@ -4652,9 +4639,8 @@ gst_mxf_demux_pad_to_track_and_position (GstMXFDemux * demux,
/* Get the corresponding essence track for the given source package and stream id */
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *track =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i);
- GST_LOG_OBJECT (pad,
- "Looking at essence track body_sid:%d index_sid:%d",
+ g_ptr_array_index (demux->essence_tracks, i);
+ GST_LOG_OBJECT (pad, "Looking at essence track body_sid:%d index_sid:%d",
track->body_sid, track->index_sid);
if (clip->source_track_id == 0 || (track->track_id == clip->source_track_id
&& mxf_umid_is_equal (&clip->source_package_id,
@@ -4903,8 +4889,7 @@ gst_mxf_demux_seek_push (GstMXFDemux * demux, GstEvent * event)
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *t =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i);
+ g_ptr_array_index (demux->essence_tracks, i);
if (index_start_position != -1 && t == etrack)
t->position = index_start_position;
@@ -2937,8 +2928,7 @@ from_index:
if (ret == GST_FLOW_EOS) {
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *t =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack,
- i);
+ g_ptr_array_index (demux->essence_tracks, i);
if (t->position > 0)
t->duration = t->position;
@@ -3020,7 +3010,7 @@ gst_mxf_demux_pull_and_handle_klv_packet (GstMXFDemux * demux)
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *t =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i);
+ g_ptr_array_index (demux->essence_tracks, i);
if (t->position > 0)
t->duration = t->position;
@@ -3627,8 +3617,8 @@ gst_mxf_demux_seek_push (GstMXFDemux * demux, GstEvent * event)
}
for (i = 0; i < demux->essence_tracks->len; i++) {
- GstMXFDemuxEssenceTrack *t =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i);
+ GstMXFDemuxEssenceTrack *t = g_ptr_array_index (demux->essence_tracks, i);
+
t->position = -1;
}
@@ -5342,8 +5327,7 @@ gst_mxf_demux_seek_pull (GstMXFDemux * demux, GstEvent * event)
@@ -4001,8 +3991,8 @@ gst_mxf_demux_seek_pull (GstMXFDemux * demux, GstEvent * event)
}
for (i = 0; i < demux->essence_tracks->len; i++) {
- GstMXFDemuxEssenceTrack *t =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack, i);
+ GstMXFDemuxEssenceTrack *t = g_ptr_array_index (demux->essence_tracks, i);
+
t->position = -1;
}
@@ -5642,7 +5626,7 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event)
@@ -4284,7 +4274,7 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event)
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *t =
@ -265,27 +261,29 @@ index d9eb9a5844..1b58989631 100644
if (t->position > 0)
t->duration = t->position;
@@ -5683,8 +5667,7 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event)
@@ -4325,8 +4315,8 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event)
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *etrack =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack,
- i);
+ g_ptr_array_index (demux->essence_tracks, i);
+
etrack->position = -1;
}
ret = TRUE;
@@ -5708,8 +5691,7 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event)
@@ -4350,8 +4340,8 @@ gst_mxf_demux_sink_event (GstPad * pad, GstObject * parent, GstEvent * event)
for (i = 0; i < demux->essence_tracks->len; i++) {
GstMXFDemuxEssenceTrack *t =
- &g_array_index (demux->essence_tracks, GstMXFDemuxEssenceTrack,
- i);
+ g_ptr_array_index (demux->essence_tracks, i);
+
t->position = -1;
}
demux->current_partition = NULL;
@@ -5982,7 +5964,7 @@ gst_mxf_demux_finalize (GObject * object)
@@ -4624,7 +4614,7 @@ gst_mxf_demux_finalize (GObject * object)
g_ptr_array_free (demux->src, TRUE);
demux->src = NULL;
@ -294,7 +292,7 @@ index d9eb9a5844..1b58989631 100644
demux->essence_tracks = NULL;
g_hash_table_destroy (demux->metadata);
@@ -6059,8 +6041,8 @@ gst_mxf_demux_init (GstMXFDemux * demux)
@@ -4701,8 +4691,8 @@ gst_mxf_demux_init (GstMXFDemux * demux)
g_rw_lock_init (&demux->metadata_lock);
demux->src = g_ptr_array_new ();
@ -305,11 +303,11 @@ index d9eb9a5844..1b58989631 100644
gst_segment_init (&demux->segment, GST_FORMAT_TIME);
diff --git a/subprojects/gst-plugins-bad/gst/mxf/mxfdemux.h b/subprojects/gst-plugins-bad/gst/mxf/mxfdemux.h
index d079a1de1a..1dc8a4edb5 100644
--- a/subprojects/gst-plugins-bad/gst/mxf/mxfdemux.h
+++ b/subprojects/gst-plugins-bad/gst/mxf/mxfdemux.h
@@ -266,7 +266,7 @@ struct _GstMXFDemux
diff --git a/gst/mxf/mxfdemux.h b/gst/mxf/mxfdemux.h
index aac3e67d0..a452980ee 100644
--- a/gst/mxf/mxfdemux.h
+++ b/gst/mxf/mxfdemux.h
@@ -182,7 +182,7 @@ struct _GstMXFDemux
GList *partitions;
GstMXFDemuxPartition *current_partition;

@ -1,65 +0,0 @@
From 73f1409447033b8e3291a51893d5a027e2be15fc Mon Sep 17 00:00:00 2001
From: Benjamin Gaignard <benjamin.gaignard@collabora.com>
Date: Tue, 21 Nov 2023 14:26:54 +0100
Subject: [PATCH 2/2] codecparsers: av1: Clip max tile rows and cols values
Clip tile rows and cols to 64 as describe in AV1 specification
to avoid writing outside array range but preserve sb_cols
and sb_rows value which are used to futher computation.
Fixes ZDI-CAN-22226 / CVE-2023-44429
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5734>
---
.../gst-libs/gst/codecparsers/gstav1parser.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/subprojects/gst-plugins-bad/gst-libs/gst/codecparsers/gstav1parser.c b/subprojects/gst-plugins-bad/gst-libs/gst/codecparsers/gstav1parser.c
index 22ffefd168..7ef583c7f5 100644
--- a/subprojects/gst-plugins-bad/gst-libs/gst/codecparsers/gstav1parser.c
+++ b/subprojects/gst-plugins-bad/gst-libs/gst/codecparsers/gstav1parser.c
@@ -2243,7 +2243,9 @@ gst_av1_parse_tile_info (GstAV1Parser * parser, GstBitReader * br,
tile_width_sb = (sb_cols + (1 << parser->state.tile_cols_log2) -
1) >> parser->state.tile_cols_log2;
i = 0;
- for (start_sb = 0; start_sb < sb_cols; start_sb += tile_width_sb) {
+ /* Fill mi_col_starts[] and make sure to not exceed array range */
+ for (start_sb = 0; start_sb < sb_cols && i < GST_AV1_MAX_TILE_COLS;
+ start_sb += tile_width_sb) {
parser->state.mi_col_starts[i] = start_sb << sb_shift;
i += 1;
}
@@ -2272,7 +2274,9 @@ gst_av1_parse_tile_info (GstAV1Parser * parser, GstBitReader * br,
tile_height_sb = (sb_rows + (1 << parser->state.tile_rows_log2) -
1) >> parser->state.tile_rows_log2;
i = 0;
- for (start_sb = 0; start_sb < sb_rows; start_sb += tile_height_sb) {
+ /* Fill mi_row_starts[] and make sure to not exceed array range */
+ for (start_sb = 0; start_sb < sb_rows && i < GST_AV1_MAX_TILE_ROWS;
+ start_sb += tile_height_sb) {
parser->state.mi_row_starts[i] = start_sb << sb_shift;
i += 1;
}
@@ -2287,7 +2291,8 @@ gst_av1_parse_tile_info (GstAV1Parser * parser, GstBitReader * br,
} else {
widest_tile_sb = 0;
start_sb = 0;
- for (i = 0; start_sb < sb_cols; i++) {
+ /* Fill mi_col_starts[] and make sure to not exceed array range */
+ for (i = 0; start_sb < sb_cols && i < GST_AV1_MAX_TILE_COLS; i++) {
parser->state.mi_col_starts[i] = start_sb << sb_shift;
max_width = MIN (sb_cols - start_sb, max_tile_width_sb);
tile_info->width_in_sbs_minus_1[i] =
@@ -2312,7 +2317,8 @@ gst_av1_parse_tile_info (GstAV1Parser * parser, GstBitReader * br,
max_tile_height_sb = MAX (max_tile_area_sb / widest_tile_sb, 1);
start_sb = 0;
- for (i = 0; start_sb < sb_rows; i++) {
+ /* Fill mi_row_starts[] and make sure to not exceed array range */
+ for (i = 0; start_sb < sb_rows && i < GST_AV1_MAX_TILE_ROWS; i++) {
parser->state.mi_row_starts[i] = start_sb << sb_shift;
max_height = MIN (sb_rows - start_sb, max_tile_height_sb);
tile_info->height_in_sbs_minus_1[i] =
--
2.43.0

@ -0,0 +1,114 @@
From b6353c44ca9f005d3b57ee07fda0570d80eecc0f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 10 Aug 2023 15:45:01 +0300
Subject: [PATCH 3/5] mxfdemux: Fix integer overflow causing out of bounds
writes when handling invalid uncompressed video
Check ahead of time when parsing the track information whether
width, height and bpp are valid and usable without overflows.
Fixes ZDI-CAN-21660, CVE-2023-40474
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2896
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5362>
---
gst/mxf/mxfup.c | 51 +++++++++++++++++++++++++++++++++++++++++--------
1 file changed, 43 insertions(+), 8 deletions(-)
diff --git a/gst/mxf/mxfup.c b/gst/mxf/mxfup.c
index d8b6664da..ba86255f2 100644
--- a/gst/mxf/mxfup.c
+++ b/gst/mxf/mxfup.c
@@ -134,6 +134,8 @@ mxf_up_handle_essence_element (const MXFUL * key, GstBuffer * buffer,
gpointer mapping_data, GstBuffer ** outbuf)
{
MXFUPMappingData *data = mapping_data;
+ gsize expected_in_stride = 0, out_stride = 0;
+ gsize expected_in_size = 0, out_size = 0;
/* SMPTE 384M 7.1 */
if (key->u[12] != 0x15 || (key->u[14] != 0x01 && key->u[14] != 0x02
@@ -162,22 +164,25 @@ mxf_up_handle_essence_element (const MXFUL * key, GstBuffer * buffer,
}
}
- if (gst_buffer_get_size (buffer) != data->bpp * data->width * data->height) {
+ // Checked for overflows when parsing the descriptor
+ expected_in_stride = data->bpp * data->width;
+ out_stride = GST_ROUND_UP_4 (expected_in_stride);
+ expected_in_size = expected_in_stride * data->height;
+ out_size = out_stride * data->height;
+
+ if (gst_buffer_get_size (buffer) != expected_in_size) {
GST_ERROR ("Invalid buffer size");
gst_buffer_unref (buffer);
return GST_FLOW_ERROR;
}
- if (data->bpp != 4
- || GST_ROUND_UP_4 (data->width * data->bpp) != data->width * data->bpp) {
+ if (data->bpp != 4 || out_stride != expected_in_stride) {
guint y;
GstBuffer *ret;
GstMapInfo inmap, outmap;
guint8 *indata, *outdata;
- ret =
- gst_buffer_new_and_alloc (GST_ROUND_UP_4 (data->width * data->bpp) *
- data->height);
+ ret = gst_buffer_new_and_alloc (out_size);
gst_buffer_map (buffer, &inmap, GST_MAP_READ);
gst_buffer_map (ret, &outmap, GST_MAP_WRITE);
indata = inmap.data;
@@ -185,8 +190,8 @@ mxf_up_handle_essence_element (const MXFUL * key, GstBuffer * buffer,
for (y = 0; y < data->height; y++) {
memcpy (outdata, indata, data->width * data->bpp);
- outdata += GST_ROUND_UP_4 (data->width * data->bpp);
- indata += data->width * data->bpp;
+ outdata += out_stride;
+ indata += expected_in_stride;
}
gst_buffer_unmap (buffer, &inmap);
@@ -394,6 +399,36 @@ mxf_up_create_caps (MXFMetadataTimelineTrack * track, GstTagList ** tags,
return NULL;
}
+ if (caps) {
+ MXFUPMappingData *data = *mapping_data;
+ gsize expected_in_stride = 0, out_stride = 0;
+ gsize expected_in_size = 0, out_size = 0;
+
+ // Do some checking of the parameters to see if they're valid and
+ // we can actually work with them.
+ if (data->image_start_offset > data->image_end_offset) {
+ GST_WARNING ("Invalid image start/end offset");
+ g_free (data);
+ *mapping_data = NULL;
+ gst_clear_caps (&caps);
+
+ return NULL;
+ }
+
+ if (!g_size_checked_mul (&expected_in_stride, data->bpp, data->width) ||
+ (out_stride = GST_ROUND_UP_4 (expected_in_stride)) < expected_in_stride
+ || !g_size_checked_mul (&expected_in_size, expected_in_stride,
+ data->height)
+ || !g_size_checked_mul (&out_size, out_stride, data->height)) {
+ GST_ERROR ("Invalid resolution or bit depth");
+ g_free (data);
+ *mapping_data = NULL;
+ gst_clear_caps (&caps);
+
+ return NULL;
+ }
+ }
+
return caps;
}
--
2.43.0

@ -0,0 +1,45 @@
From 706abb367ab366be142fbea4e454fdaa7e7e2bcb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 10 Aug 2023 15:47:03 +0300
Subject: [PATCH 4/5] mxfdemux: Check number of channels for AES3 audio
Only up to 8 channels are allowed and using a higher number would cause
integer overflows when copying the data, and lead to out of bound
writes.
Also check that each buffer is at least 4 bytes long to avoid another
overflow.
Fixes ZDI-CAN-21661, CVE-2023-40475
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2897
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5362>
---
gst/mxf/mxfd10.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/gst/mxf/mxfd10.c b/gst/mxf/mxfd10.c
index 21401cf52..99c197ab9 100644
--- a/gst/mxf/mxfd10.c
+++ b/gst/mxf/mxfd10.c
@@ -119,7 +119,7 @@ mxf_d10_sound_handle_essence_element (const MXFUL * key, GstBuffer * buffer,
gst_buffer_map (buffer, &map, GST_MAP_READ);
/* Now transform raw AES3 into raw audio, see SMPTE 331M */
- if ((map.size - 4) % 32 != 0) {
+ if (map.size < 4 || (map.size - 4) % 32 != 0) {
gst_buffer_unmap (buffer, &map);
GST_ERROR ("Invalid D10 sound essence buffer size");
return GST_FLOW_ERROR;
@@ -219,6 +219,7 @@ mxf_d10_create_caps (MXFMetadataTimelineTrack * track, GstTagList ** tags,
GstAudioFormat audio_format;
if (s->channel_count == 0 ||
+ s->channel_count > 8 ||
s->quantization_bits == 0 ||
s->audio_sampling_rate.n == 0 || s->audio_sampling_rate.d == 0) {
GST_ERROR ("Invalid descriptor");
--
2.43.0

@ -0,0 +1,42 @@
From 33868442087aac6f26f18aeafd527c1a75946f34 Mon Sep 17 00:00:00 2001
From: Nicolas Dufresne <nicolas.dufresne@collabora.com>
Date: Wed, 17 Jan 2024 12:50:34 +0100
Subject: [PATCH 5/5] h265parser: Fix possible overflow using
max_sub_layers_minus1
This fixes a possible overflow that can be triggered by an invalid value of
max_sub_layers_minus1 being set in the bitstream. The bitstream uses 3 bits,
but the allowed range is 0 to 6 only.
Fixes ZDI-CAN-21768, CVE-2023-40476
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/2895
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5364>
---
gst-libs/gst/codecparsers/gsth265parser.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/gst-libs/gst/codecparsers/gsth265parser.c b/gst-libs/gst/codecparsers/gsth265parser.c
index 16fce006b..2e8ef182b 100644
--- a/gst-libs/gst/codecparsers/gsth265parser.c
+++ b/gst-libs/gst/codecparsers/gsth265parser.c
@@ -1490,6 +1490,7 @@ gst_h265_parse_vps (GstH265NalUnit * nalu, GstH265VPS * vps)
READ_UINT8 (&nr, vps->max_layers_minus1, 6);
READ_UINT8 (&nr, vps->max_sub_layers_minus1, 3);
+ CHECK_ALLOWED (vps->max_sub_layers_minus1, 0, 6);
READ_UINT8 (&nr, vps->temporal_id_nesting_flag, 1);
/* skip reserved_0xffff_16bits */
@@ -1669,6 +1670,7 @@ gst_h265_parse_sps (GstH265Parser * parser, GstH265NalUnit * nalu,
sps->vps = vps;
READ_UINT8 (&nr, sps->max_sub_layers_minus1, 3);
+ CHECK_ALLOWED (sps->max_sub_layers_minus1, 0, 6);
READ_UINT8 (&nr, sps->temporal_id_nesting_flag, 1);
if (!gst_h265_parse_profile_tier_level (&sps->profile_tier_level, &nr,
--
2.43.0

@ -41,7 +41,6 @@ dataurisrc
dccp
debugutils
dtmf
dvbsubenc
faceoverlay
festival
fieldanalysis
@ -85,8 +84,6 @@ proxy
qtmux
rawparse
removesilence
rist
rtmp2
rtp
rtpmux
rtpvp8
@ -99,9 +96,7 @@ smooth
speed
stereo
subenc
switchbin
timecode
transcode
tta
valve
videofilters
@ -169,6 +164,20 @@ for subdir in gst ext sys; do
echo "**** Removing $MODULE ****"
echo "Removing directory $dir"
rm -r $dir || error "Cannot remove $dir"
if grep -q "AG_GST_CHECK_PLUGIN($MODULE)" configure.ac ; then
echo "Removing element check for $MODULE"
grep -v "AG_GST_CHECK_PLUGIN($MODULE)" configure.ac > configure.ac.new && mv configure.ac.new configure.ac
fi
echo "Removing Makefile generation for $MODULE"
grep -v "$dir/Makefile" configure.ac > configure.ac.new && mv configure.ac.new configure.ac
# Urgh
if test $MODULE = real ; then
grep -v "AG_GST_DISABLE_PLUGIN(real)" configure.ac > configure.ac.new && mv configure.ac.new configure.ac
fi
echo "Removing documentation for $MODULE"
if grep -q "$MODULE" docs/plugins/Makefile.am ; then
grep -v $dir docs/plugins/Makefile.am > docs/plugins/Makefile.am.new && mv docs/plugins/Makefile.am.new docs/plugins/Makefile.am
fi
echo
elif test $subdir = ext || test $subdir = sys; then
# Ignore library or system non-blacklisted plugins
@ -188,6 +197,10 @@ if test "x$unknown" != "x"; then
exit 1
fi
#autoreconf
NOCONFIGURE=1 \
./autogen.sh
popd > /dev/null
tar cJf $NEW_SOURCE $DIRECTORY

@ -1,7 +1,7 @@
%global majorminor 1.0
%global _gobject_introspection 1.31.1
# Only have extras package on fedora
# Only build extras on Fedora
%if 0%{?fedora}
%bcond_without extras
%else
@ -13,8 +13,8 @@
#global shortcommit %(c=%{gitcommit}; echo ${c:0:5})
Name: gstreamer1-plugins-bad-free
Version: 1.22.1
Release: 2%{?gitcommit:.git%{shortcommit}}%{?dist}
Version: 1.16.1
Release: 4%{?gitcommit:.git%{shortcommit}}%{?dist}
Summary: GStreamer streaming media framework "bad" plugins
License: LGPLv2+ and LGPLv2
@ -31,29 +31,30 @@ URL: http://gstreamer.freedesktop.org/
Source0: gst-plugins-bad-free-%{version}.tar.xz
Source1: gst-p-bad-cleanup.sh
#upstream patches
Patch0: 0001-mxfdemux-Store-GstMXFDemuxEssenceTrack-in-their-own-.patch
Patch1: 0002-codecparsers-av1-Clip-max-tile-rows-and-cols-values.patch
Patch1: 0003-mxfdemux-Fix-integer-overflow-causing-out-of-bounds-.patch
Patch2: 0004-mxfdemux-Check-number-of-channels-for-AES3-audio.patch
Patch3: 0005-h265parser-Fix-possible-overflow-using-max_sub_layer.patch
BuildRequires: meson >= 0.48.0
BuildRequires: gcc-c++
BuildRequires: gstreamer1-devel >= %{version}
BuildRequires: gstreamer1-plugins-base-devel >= %{version}
BuildRequires: check
BuildRequires: gettext-devel
BuildRequires: libXt-devel
BuildRequires: gtk-doc
BuildRequires: gobject-introspection-devel >= %{_gobject_introspection}
BuildRequires: bzip2-devel
BuildRequires: exempi-devel
%if 0%{?fedora} >= 31 || 0%{?rhel} >= 9
BuildRequires: fdk-aac-free-devel
%endif
BuildRequires: gsm-devel
BuildRequires: jasper-devel
BuildRequires: ladspa-devel
BuildRequires: lcms2-devel
BuildRequires: libdvdnav-devel
BuildRequires: libexif-devel
BuildRequires: libmpcdec-devel
BuildRequires: librsvg2-devel
BuildRequires: libsndfile-devel
BuildRequires: mesa-libGL-devel
@ -61,12 +62,14 @@ BuildRequires: mesa-libGLES-devel
BuildRequires: mesa-libGLU-devel
BuildRequires: openssl-devel
BuildRequires: orc-devel
BuildRequires: python3-devel
BuildRequires: soundtouch-devel
BuildRequires: wavpack-devel
BuildRequires: opus-devel
BuildRequires: nettle-devel
BuildRequires: libgcrypt-devel
%if 0%{?fedora} || 0%{?rhel} > 7
BuildRequires: wayland-devel
BuildRequires: wayland-protocols-devel
%endif
BuildRequires: gnutls-devel
BuildRequires: libsrtp-devel
@ -76,24 +79,11 @@ BuildRequires: gtk3-devel >= 3.4
BuildRequires: bluez-libs-devel >= 5.0
BuildRequires: libwebp-devel
BuildRequires: mesa-libEGL-devel
BuildRequires: vulkan-devel
#BuildRequires: vulkan-devel
#BuildRequires: mesa-vulkan-devel
BuildRequires: webrtc-audio-processing-devel
%if 0
BuildRequires: wpewebkit-devel
BuildRequires: wpebackend-fdo-devel
%endif
BuildRequires: glslc
BuildRequires: libdrm-devel
%if %{with extras}
BuildRequires: ladspa-devel
BuildRequires: libmicrodns-devel
BuildRequires: liblrdf-devel
BuildRequires: srt-devel
BuildRequires: zvbi-devel
BuildRequires: libopenmpt-devel
BuildRequires: libaom-devel
BuildRequires: libbs2b-devel >= 3.1.0
## Plugins not ported
#BuildRequires: dirac-devel
@ -104,44 +94,26 @@ BuildRequires: libchromaprint-devel
## Plugin not ported
#BuildRequires: libcdaudio-devel
BuildRequires: libcurl-devel
BuildRequires: libssh2-devel
BuildRequires: libxml2-devel
BuildRequires: game-music-emu-devel
BuildRequires: libkate-devel
BuildRequires: libmodplug-devel
BuildRequires: libofa-devel
## Plugins not ported
#BuildRequires: libmusicbrainz-devel
#BuildRequires: libtimidity-devel
BuildRequires: libva-devel
BuildRequires: libvdpau-devel
BuildRequires: openal-soft-devel
## If enabled, adds ~90 additional deps; perhaps can be moved to a
## subpackage?
#BuildRequires: opencv-devel
BuildRequires: openjpeg2-devel
BuildRequires: pkgconfig(spandsp) >= 0.0.6
## Plugins not ported
#BuildRequires: SDL-devel
BuildRequires: lilv-devel
#BuildRequires: slv2-devel
BuildRequires: wildmidi-devel
BuildRequires: zbar-devel
BuildRequires: zvbi-devel
BuildRequires: OpenEXR-devel
BuildRequires: libnice-devel
# libldac is not built on x390x, see rhbz#1677491
%ifnarch s390x
BuildRequires: pkgconfig(ldacBT-enc)
%endif
BuildRequires: qrencode-devel
BuildRequires: json-glib-devel
%endif
%if 0%{?fedora} >= 31 || 0%{?rhel} >= 9
# libgstfdkaac.so used to be shipped in -nonfree
Obsoletes: gstreamer1-plugins-bad-nonfree < 1.16.1-2
%endif
# Drop after f36
Provides: gst-transcoder = 1.16.0-4
Obsoletes: gst-transcoder < 1.16.0-4
%description
GStreamer is a streaming media framework, based on graphs of elements which
@ -168,19 +140,6 @@ extra "bad" plugins for sources (mythtv), sinks (fbdev) and
effects (pitch) which are not used very much and require additional
libraries to be installed.
%package zbar
Summary: GStreamer "bad" plugins zbar plugin
Requires: %{name}%{?_isa} = %{version}-%{release}
%description zbar
GStreamer is a streaming media framework, based on graphs of elements which
operate on media data.
gstreamer-plugins-bad contains plug-ins that aren't tested well enough,
or the code is not of good enough quality.
This package (%{name}-zbar) contains the zbar
plugin which allows decode bar codes.
%package fluidsynth
Summary: GStreamer "bad" plugins fluidsynth plugin
@ -219,11 +178,6 @@ Summary: Development files for the GStreamer media framework "bad" plug-i
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: gstreamer1-plugins-base-devel
# Drop after f36
Provides: gst-transcoder-devel = 1.16.0-4
Obsoletes: gst-transcoder-devel < 1.16.0-4
%description devel
GStreamer is a streaming media framework, based on graphs of elements which
operate on media data.
@ -234,58 +188,27 @@ aren't tested well enough, or the code is not of good enough quality.
%prep
%setup -q -n gst-plugins-bad-%{version}
%patch0 -p3
%patch1 -p3
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%build
%meson \
-D package-name="Fedora GStreamer-plugins-bad package" \
-D package-origin="http://download.fedoraproject.org" \
-D tests=disabled \
%{!?with_extras:-D fbdev=disabled -D decklink=disabled } \
%{!?with_extras:-D assrender=disabled -D bs2b=disabled } \
%{!?with_extras:-D chromaprint=disabled -D d3dvideosink=disabled } \
%{!?with_extras:-D directsound=disabled -D dts=disabled } \
%{!?with_extras:-D fluidsynth=disabled -D openexr=disabled } \
%{!?with_extras:-D curl=disabled -D curl-ssh2=disabled } \
%{!?with_extras:-D ttml=disabled -D kate=disabled } \
%{!?with_extras:-D modplug=disabled } \
%{!?with_extras:-D openal=disabled } \
%{!?with_extras:-D opencv=disabled -D openjpeg=disabled } \
%{!?with_extras:-D wildmidi=disabled -D zbar=disabled } \
%{!?with_extras:-D gme=disabled -D lv2=disabled } \
%{!?with_extras:-D webrtc=disabled -D aom=disabled } \
%{!?with_extras:-D teletext=disabled -D srt=disabled } \
%{!?with_extras:-D openmpt=disabled -D microdns=disabled } \
%{!?with_extras:-D ladspa=disabled } \
-D doc=disabled -D magicleap=disabled -D msdk=disabled \
-D dts=disabled -D faac=disabled -D faad=disabled \
-D mpeg2enc=disabled -D mplex=disabled \
-D neon=disabled -D rtmp=disabled \
-D flite=disabled -D sbc=disabled -D opencv=disabled \
%{!?with_extras:-D spandsp=disabled -D va=disabled } \
-D voamrwbenc=disabled -D x265=disabled \
-D dvbsuboverlay=disabled -D dvdspu=disabled -D siren=disabled \
-D opensles=disabled -D tinyalsa=disabled \
-D wasapi=disabled -D wasapi2=disabled -D avtp=disabled \
-D dc1394=disabled -D directfb=disabled -D iqa=disabled \
-D libde265=disabled -D musepack=disabled -D openni2=disabled \
-D svthevcenc=disabled -D voaacenc=disabled \
-D zxing=disabled -D wpe=disabled -D x11=disabled \
%ifarch s390x
-D ldac=disabled \
%else
%{!?with_extras:-D ldac=disabled } \
%endif
%{!?with_extras:-D qroverlay=disabled } \
-D openh264=disabled -D gs=disabled -D isac=disabled \
-D onnx=disabled -D openaptx=disabled -Dgpl=enabled \
-D amfcodec=disabled -D directshow=disabled -D qsv=disabled
%meson_build
%configure --disable-silent-rules --disable-fatal-warnings \
--with-package-name="GStreamer-plugins-bad package" \
--with-package-origin="http://www.redhat.com" \
%{!?with_extras:--disable-fbdev --disable-decklink --disable-linsys} \
--enable-debug --disable-static --enable-gtk-doc --enable-experimental \
--disable-dts --disable-faac --disable-faad --disable-nas \
--disable-mimic --disable-libmms --disable-mpeg2enc --disable-mplex \
--disable-neon --disable-rtmp --disable-xvid \
--disable-flite --disable-mpg123 --disable-sbc --disable-opencv \
--disable-spandsp --disable-voamrwbenc --disable-x265
%make_build
%install
%meson_install
%make_install
# Register as an AppStream component to be visible in the software center
#
@ -294,8 +217,8 @@ aren't tested well enough, or the code is not of good enough quality.
#
# See http://www.freedesktop.org/software/appstream/docs/ for more details.
#
mkdir -p $RPM_BUILD_ROOT%{_metainfodir}
cat > $RPM_BUILD_ROOT%{_metainfodir}/gstreamer-bad-free.appdata.xml <<EOF
mkdir -p $RPM_BUILD_ROOT%{_datadir}/appdata
cat > $RPM_BUILD_ROOT%{_datadir}/appdata/gstreamer-bad-free.appdata.xml <<EOF
<?xml version="1.0" encoding="UTF-8"?>
<!-- Copyright 2013 Richard Hughes <richard@hughsie.com> -->
<component type="codec">
@ -340,31 +263,20 @@ EOF
%find_lang gst-plugins-bad-%{majorminor}
# unpackaged files
rm $RPM_BUILD_ROOT%{_bindir}/playout
find $RPM_BUILD_ROOT -name '*.la' -exec rm -fv {} ';'
%ldconfig_scriptlets
%files -f gst-plugins-bad-%{majorminor}.lang
%license COPYING
%doc AUTHORS NEWS README.md README.static-linking RELEASE REQUIREMENTS
%license COPYING COPYING.LIB
%doc AUTHORS README REQUIREMENTS
%{_metainfodir}/*.appdata.xml
%{_bindir}/gst-transcoder-%{majorminor}
%{_datadir}/appdata/*.appdata.xml
# presets
%dir %{_datadir}/gstreamer-%{majorminor}/presets/
%{_datadir}/gstreamer-%{majorminor}/presets/GstFreeverb.prs
%{_datadir}/gstreamer-%{majorminor}/encoding-profiles/device/dvd.gep
%{_datadir}/gstreamer-%{majorminor}/encoding-profiles/file-extension/avi.gep
%{_datadir}/gstreamer-%{majorminor}/encoding-profiles/file-extension/flv.gep
%{_datadir}/gstreamer-%{majorminor}/encoding-profiles/file-extension/mkv.gep
%{_datadir}/gstreamer-%{majorminor}/encoding-profiles/file-extension/mp3.gep
%{_datadir}/gstreamer-%{majorminor}/encoding-profiles/file-extension/mp4.gep
%{_datadir}/gstreamer-%{majorminor}/encoding-profiles/file-extension/oga.gep
%{_datadir}/gstreamer-%{majorminor}/encoding-profiles/file-extension/ogv.gep
%{_datadir}/gstreamer-%{majorminor}/encoding-profiles/file-extension/ts.gep
%{_datadir}/gstreamer-%{majorminor}/encoding-profiles/file-extension/webm.gep
%{_datadir}/gstreamer-%{majorminor}/encoding-profiles/online-services/youtube.gep
# opencv data
#{_datadir}/gst-plugins-bad/%{majorminor}/opencv_haarcascades/
@ -373,44 +285,21 @@ rm $RPM_BUILD_ROOT%{_bindir}/playout
%{_libdir}/libgstbasecamerabinsrc-%{majorminor}.so.*
%{_libdir}/libgstbadaudio-%{majorminor}.so.*
%{_libdir}/libgstcodecparsers-%{majorminor}.so.*
%{_libdir}/libgstcodecs-%{majorminor}.so.*
%{_libdir}/libgstcuda-%{majorminor}.so.*
%{_libdir}/libgstinsertbin-%{majorminor}.so.*
%{_libdir}/libgstisoff-%{majorminor}.so.*
%{_libdir}/libgstmpegts-%{majorminor}.so.*
#{_libdir}/libgstopencv-%{majorminor}.so.*
%{_libdir}/libgstplay-%{majorminor}.so.*
%{_libdir}/libgstplayer-%{majorminor}.so.*
%{_libdir}/libgstphotography-%{majorminor}.so.*
%{_libdir}/libgstsctp-%{majorminor}.so.*
%{_libdir}/libgsttranscoder-%{majorminor}.so.*
%{_libdir}/libgsturidownloader-%{majorminor}.so.*
%{_libdir}/libgstvulkan-%{majorminor}.so.*
%if %{with extras}
%{_libdir}/libgstva-%{majorminor}.so.*
%endif
%{_libdir}/libgstwebrtc-%{majorminor}.so.*
%if %{with extras}
%{_libdir}/libgstwebrtcnice-%{majorminor}.so.*
%endif
%if 0%{?fedora} || 0%{?rhel} > 7
%{_libdir}/libgstwayland-%{majorminor}.so.*
%endif
%{_libdir}/girepository-1.0/CudaGst-1.0.typelib
%{_libdir}/girepository-1.0/GstBadAudio-1.0.typelib
%{_libdir}/girepository-1.0/GstCodecs-1.0.typelib
%{_libdir}/girepository-1.0/GstCuda-1.0.typelib
%{_libdir}/girepository-1.0/GstInsertBin-1.0.typelib
%{_libdir}/girepository-1.0/GstMpegts-1.0.typelib
%{_libdir}/girepository-1.0/GstPlay-1.0.typelib
%{_libdir}/girepository-1.0/GstPlayer-1.0.typelib
%{_libdir}/girepository-1.0/GstTranscoder-1.0.typelib
%if %{with extras}
%{_libdir}/girepository-1.0/GstVa-1.0.typelib
%endif
%{_libdir}/girepository-1.0/GstVulkan-1.0.typelib
%{_libdir}/girepository-1.0/GstVulkanWayland-1.0.typelib
%{_libdir}/girepository-1.0/GstWebRTC-1.0.typelib
# Plugins without external dependencies
@ -427,19 +316,13 @@ rm $RPM_BUILD_ROOT%{_bindir}/playout
%{_libdir}/gstreamer-%{majorminor}/libgstautoconvert.so
%{_libdir}/gstreamer-%{majorminor}/libgstbayer.so
%{_libdir}/gstreamer-%{majorminor}/libgstcamerabin.so
%{_libdir}/gstreamer-%{majorminor}/libgstcodecalpha.so
%{_libdir}/gstreamer-%{majorminor}/libgstcodectimestamper.so
%{_libdir}/gstreamer-%{majorminor}/libgstcoloreffects.so
%{_libdir}/gstreamer-%{majorminor}/libgstdash.so
%{_libdir}/gstreamer-%{majorminor}/libgstdvbsubenc.so
%{_libdir}/gstreamer-%{majorminor}/libgstdashdemux.so
%{_libdir}/gstreamer-%{majorminor}/libgstfaceoverlay.so
%if %{with extras}
%{_libdir}/gstreamer-%{majorminor}/libgstfbdevsink.so
%endif
%if 0%{?fedora} >= 31 || 0%{?rhel} >= 9
%{_libdir}/gstreamer-%{majorminor}/libgstfdkaac.so
%endif
%{_libdir}/gstreamer-%{majorminor}/libgstfestival.so
%{_libdir}/gstreamer-%{majorminor}/libgstfieldanalysis.so
%{_libdir}/gstreamer-%{majorminor}/libgstfreeverb.so
@ -470,8 +353,6 @@ rm $RPM_BUILD_ROOT%{_bindir}/playout
%{_libdir}/gstreamer-%{majorminor}/libgstresindvd.so
%{_libdir}/gstreamer-%{majorminor}/libgstrfbsrc.so
%{_libdir}/gstreamer-%{majorminor}/libgstrsvg.so
%{_libdir}/gstreamer-%{majorminor}/libgstrtmp2.so
%{_libdir}/gstreamer-%{majorminor}/libgstrtpmanagerbad.so
%{_libdir}/gstreamer-%{majorminor}/libgstrtponvif.so
%{_libdir}/gstreamer-%{majorminor}/libgstsdpelem.so
%{_libdir}/gstreamer-%{majorminor}/libgstsegmentclip.so
@ -480,24 +361,20 @@ rm $RPM_BUILD_ROOT%{_bindir}/playout
%{_libdir}/gstreamer-%{majorminor}/libgstsmoothstreaming.so
%{_libdir}/gstreamer-%{majorminor}/libgstspeed.so
%{_libdir}/gstreamer-%{majorminor}/libgstsubenc.so
%{_libdir}/gstreamer-%{majorminor}/libgstswitchbin.so
%{_libdir}/gstreamer-%{majorminor}/libgsttimecode.so
%{_libdir}/gstreamer-%{majorminor}/libgsttranscode.so
%{_libdir}/gstreamer-%{majorminor}/libgstuvch264.so
%{_libdir}/gstreamer-%{majorminor}/libgstvideofiltersbad.so
%{_libdir}/gstreamer-%{majorminor}/libgstvideoframe_audiolevel.so
%{_libdir}/gstreamer-%{majorminor}/libgstvideoparsersbad.so
%{_libdir}/gstreamer-%{majorminor}/libgstvideosignal.so
%{_libdir}/gstreamer-%{majorminor}/libgstvmnc.so
%{_libdir}/gstreamer-%{majorminor}/libgstyadif.so
%{_libdir}/gstreamer-%{majorminor}/libgsty4mdec.so
# System (Linux) specific plugins
%{_libdir}/gstreamer-%{majorminor}/libgstdvb.so
%{_libdir}/gstreamer-%{majorminor}/libgstv4l2codecs.so
# Plugins with external dependencies
%{_libdir}/gstreamer-%{majorminor}/libgstaes.so
%{_libdir}/gstreamer-%{majorminor}/libgstbluez.so
%{_libdir}/gstreamer-%{majorminor}/libgstbz2.so
%{_libdir}/gstreamer-%{majorminor}/libgstclosedcaption.so
@ -505,29 +382,19 @@ rm $RPM_BUILD_ROOT%{_bindir}/playout
%{_libdir}/gstreamer-%{majorminor}/libgstdtls.so
%{_libdir}/gstreamer-%{majorminor}/libgsthls.so
%{_libdir}/gstreamer-%{majorminor}/libgstgsm.so
%{_libdir}/gstreamer-%{majorminor}/libgstgtkwayland.so
%{_libdir}/gstreamer-%{majorminor}/libgstkms.so
%{_libdir}/gstreamer-%{majorminor}/libgstnvcodec.so
%{_libdir}/gstreamer-%{majorminor}/libgstladspa.so
%{_libdir}/gstreamer-%{majorminor}/libgstopusparse.so
%{_libdir}/gstreamer-%{majorminor}/libgstrist.so
%{_libdir}/gstreamer-%{majorminor}/libgstsctp.so
%{_libdir}/gstreamer-%{majorminor}/libgstsndfile.so
%{_libdir}/gstreamer-%{majorminor}/libgstsoundtouch.so
%{_libdir}/gstreamer-%{majorminor}/libgstsrtp.so
%{_libdir}/gstreamer-%{majorminor}/libgstvulkan.so
%{_libdir}/gstreamer-%{majorminor}/libgstttmlsubs.so
#{_libdir}/gstreamer-%{majorminor}/libgstvulkan.so
%if 0%{?fedora} || 0%{?rhel} > 7
%{_libdir}/gstreamer-%{majorminor}/libgstwaylandsink.so
%endif
%{_libdir}/gstreamer-%{majorminor}/libgstwebp.so
%{_libdir}/gstreamer-%{majorminor}/libgstwebrtcdsp.so
%if 0
%{_libdir}/gstreamer-%{majorminor}/libgstwpe.so
%endif
%if %{with extras}
%{_libdir}/gstreamer-%{majorminor}/libgstwebrtc.so
%{_libdir}/gstreamer-%{majorminor}/libgstlv2.so
%{_libdir}/gstreamer-%{majorminor}/libgstttmlsubs.so
%endif
#debugging plugin
%{_libdir}/gstreamer-%{majorminor}/libgstdebugutilsbad.so
@ -536,7 +403,6 @@ rm $RPM_BUILD_ROOT%{_bindir}/playout
%if %{with extras}
%files extras
# Plugins with external dependencies
%{_libdir}/gstreamer-%{majorminor}/libgstaom.so
%{_libdir}/gstreamer-%{majorminor}/libgstassrender.so
%{_libdir}/gstreamer-%{majorminor}/libgstbs2b.so
%{_libdir}/gstreamer-%{majorminor}/libgstchromaprint.so
@ -544,27 +410,17 @@ rm $RPM_BUILD_ROOT%{_bindir}/playout
%{_libdir}/gstreamer-%{majorminor}/libgstdecklink.so
%{_libdir}/gstreamer-%{majorminor}/libgstgme.so
%{_libdir}/gstreamer-%{majorminor}/libgstkate.so
%{_libdir}/gstreamer-%{majorminor}/libgstladspa.so
%ifnarch s390x
%{_libdir}/gstreamer-%{majorminor}/libgstldac.so
%endif
%{_libdir}/gstreamer-%{majorminor}/libgstmicrodns.so
%{_libdir}/gstreamer-%{majorminor}/libgstmodplug.so
%{_libdir}/gstreamer-%{majorminor}/libgstofa.so
%{_libdir}/gstreamer-%{majorminor}/libgstopenal.so
#{_libdir}/gstreamer-%{majorminor}/libgstopencv.so
%{_libdir}/gstreamer-%{majorminor}/libgstopenexr.so
%{_libdir}/gstreamer-%{majorminor}/libgstopenjpeg.so
%{_libdir}/gstreamer-%{majorminor}/libgstopenmpt.so
%{_libdir}/gstreamer-%{majorminor}/libgstqroverlay.so
%{_libdir}/gstreamer-%{majorminor}/libgstspandsp.so
%{_libdir}/gstreamer-%{majorminor}/libgstsrt.so
%{_libdir}/gstreamer-%{majorminor}/libgstteletext.so
%{_libdir}/gstreamer-%{majorminor}/libgstva.so
%files zbar
# Plugins with external dependencies
%{_libdir}/gstreamer-%{majorminor}/libgstvdpau.so
%{_libdir}/gstreamer-%{majorminor}/libgstzbar.so
%files fluidsynth
# Plugins with external dependencies
%{_libdir}/gstreamer-%{majorminor}/libgstfluidsynthmidi.so
@ -574,52 +430,28 @@ rm $RPM_BUILD_ROOT%{_bindir}/playout
%{_libdir}/gstreamer-%{majorminor}/libgstwildmidi.so
%endif
%files devel
%if 0
%doc %{_datadir}/gtk-doc/html/gst-plugins-bad-plugins-%{majorminor}
%doc %{_datadir}/gtk-doc/html/gst-plugins-bad-libs-%{majorminor}
%endif
%{_datadir}/gir-1.0/CudaGst-%{majorminor}.gir
%{_datadir}/gir-1.0/GstBadAudio-%{majorminor}.gir
%{_datadir}/gir-1.0/GstCodecs-%{majorminor}.gir
%{_datadir}/gir-1.0/GstCuda-%{majorminor}.gir
%{_datadir}/gir-1.0/GstInsertBin-%{majorminor}.gir
%{_datadir}/gir-1.0/GstMpegts-%{majorminor}.gir
%{_datadir}/gir-1.0/GstPlay-%{majorminor}.gir
%{_datadir}/gir-1.0/GstPlayer-%{majorminor}.gir
%{_datadir}/gir-1.0/GstTranscoder-%{majorminor}.gir
%if %{with extras}
%{_datadir}/gir-1.0/GstVa-%{majorminor}.gir
%endif
%{_datadir}/gir-1.0/GstVulkan-%{majorminor}.gir
%{_datadir}/gir-1.0/GstVulkanWayland-%{majorminor}.gir
%{_datadir}/gir-1.0/GstWebRTC-%{majorminor}.gir
%{_libdir}/libgstadaptivedemux-%{majorminor}.so
%{_libdir}/libgstbasecamerabinsrc-%{majorminor}.so
%{_libdir}/libgstbadaudio-%{majorminor}.so
%{_libdir}/libgstcuda-%{majorminor}.so
%{_libdir}/libgstcodecparsers-%{majorminor}.so
%{_libdir}/libgstcodecs-%{majorminor}.so
%{_libdir}/libgstinsertbin-%{majorminor}.so
%{_libdir}/libgstisoff-%{majorminor}.so
%{_libdir}/libgstmpegts-%{majorminor}.so
#{_libdir}/libgstopencv-%{majorminor}.so
%{_libdir}/libgstplay-%{majorminor}.so
%{_libdir}/libgstplayer-%{majorminor}.so
%{_libdir}/libgstphotography-%{majorminor}.so
%{_libdir}/libgstsctp-%{majorminor}.so
%{_libdir}/libgsttranscoder-%{majorminor}.so
%{_libdir}/libgsturidownloader-%{majorminor}.so
%{_libdir}/libgstvulkan-%{majorminor}.so
%if %{with extras}
%{_libdir}/libgstva-%{majorminor}.so
%endif
%{_libdir}/libgstwebrtc-%{majorminor}.so
%if %{with extras}
%{_libdir}/libgstwebrtcnice-%{majorminor}.so
%endif
%if 0%{?fedora} || 0%{?rhel} > 7
%{_libdir}/libgstwayland-%{majorminor}.so
%endif
@ -627,236 +459,68 @@ rm $RPM_BUILD_ROOT%{_bindir}/playout
%{_includedir}/gstreamer-%{majorminor}/gst/audio
%{_includedir}/gstreamer-%{majorminor}/gst/basecamerabinsrc
%{_includedir}/gstreamer-%{majorminor}/gst/codecparsers
%{_includedir}/gstreamer-%{majorminor}/gst/cuda/
%{_includedir}/gstreamer-%{majorminor}/gst/insertbin
%{_includedir}/gstreamer-%{majorminor}/gst/interfaces/photography*
%{_includedir}/gstreamer-%{majorminor}/gst/isoff/
%{_includedir}/gstreamer-%{majorminor}/gst/mpegts
#{_includedir}/gstreamer-%{majorminor}/gst/opencv
%{_includedir}/gstreamer-%{majorminor}/gst/play
%{_includedir}/gstreamer-%{majorminor}/gst/player
%{_includedir}/gstreamer-%{majorminor}/gst/sctp
%{_includedir}/gstreamer-%{majorminor}/gst/transcoder
%{_includedir}/gstreamer-%{majorminor}/gst/uridownloader
%if %{with extras}
%{_includedir}/gstreamer-%{majorminor}/gst/va/
%endif
%{_includedir}/gstreamer-%{majorminor}/gst/vulkan/
%{_includedir}/gstreamer-%{majorminor}/gst/wayland/
%{_includedir}/gstreamer-%{majorminor}/gst/webrtc/
# pkg-config files
%{_libdir}/pkgconfig/gstreamer-bad-audio-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-cuda-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-codecparsers-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-insertbin-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-mpegts-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-photography-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-play-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-player-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-plugins-bad-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-sctp-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-transcoder-%{majorminor}.pc
%if %{with extras}
%{_libdir}/pkgconfig/gstreamer-va-%{majorminor}.pc
%endif
%{_libdir}/pkgconfig/gstreamer-vulkan-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-vulkan-wayland-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-wayland-%{majorminor}.pc
%{_libdir}/pkgconfig/gstreamer-webrtc-%{majorminor}.pc
%if %{with extras}
%{_libdir}/pkgconfig/gstreamer-webrtc-nice-%{majorminor}.pc
%endif
%changelog
* Tue Dec 12 2023 Wim Taymans <wtaymans@redhat.com> - 1.22.1-2
- Patch CVE-2023-44429: AV1 codec parser heap-based buffer overflow
- Patch CVE-2023-44446: MXF demuxer use-after-free
- Resolves: RHEL-17030, RHEL-17039
* Thu Apr 13 2023 Wim Taymans <wtaymans@redhat.com> - 1.22.1-1
- Update to 1.22.1
* Mon Nov 07 2022 Tomas Popela <tpopela@redhat.com> - 1.18.4-6
- Fix FTBFS by BR wayland-protocols-devel
- Resolves: rhbz#2140540
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com>
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com>
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Mon Jun 07 2021 Wim Taymans <wtaymans@redhat.com> - 1.18.4-3
- Apply vulkan multilib patch
- Resolves: rhbz#1915341
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com>
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Mar 16 2021 Wim Taymans <wtaymans@redhat.com> - 1.18.4-1
- Update to 1.18.4
* Tue Mar 09 2021 Wim Taymans <wtaymans@redhat.com> - 1.18.2-9
- Fix typo when disabling microdns
* Thu Feb 25 2021 Wim Taymans <wtaymans@redhat.com> - 1.18.2-8
- Move ladspa, microdns, openmpt, srt and zvbi to extras
* Mon Feb 08 2021 Wim Taymans <wtaymans@redhat.com> - 1.18.2-7
- Rebuild for updated libmicrodns
* Wed Jan 20 2021 Wim Taymans <wtaymans@redhat.com> - 1.18.2-6
- Move libaom to extras
- Remove unused musepack buildreq
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.18.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Sun Jan 24 2021 Leigh Scott <leigh123linux@gmail.com> - 1.18.2-4
- Rebuild for new libmicrodns .so version
* Tue Jan 12 2021 Wim Taymans <wtaymans@redhat.com> - 1.18.2-3
- Move libnice and webrtc to extras
* Fri Jan 01 2021 Richard Shaw <hobbes1069@gmail.com> - 1.18.2-2
- Rebuild for OpenEXR 2.5.3.
* Thu Dec 10 2020 Wim Taymans <wtaymans@redhat.com> - 1.18.2-1
- Update to 1.18.2
* Fri Oct 30 2020 Wim Taymans <wtaymans@redhat.com> - 1.18.1-1
- Update to 1.18.1
- Remove COPYING.LIB
* Mon Oct 19 2020 Troy Dawson <tdawson@redhat.com> - 1.18.0-5
- Do not run va tests when va is disabled
* Sat Oct 17 2020 Dominik Mierzejewski <rpm@greysector.net> - 1.18.0-4
- rebuild for libdvdread-6.1 ABI bump
* Tue Sep 22 2020 Gwyn Ciesla <gwync@protonmail.com> - 1.18.0-3
- Obsolete/Provide gst-transcoder
* Thu Sep 10 2020 Adam Williamson <awilliam@redhat.com> - 1.18.0-2
- Disable opencv again (pulls in huge number of deps)
* Tue Sep 8 2020 Wim Taymans <wtaymans@redhat.com> - 1.18.0-1
- Update to 1.18.0
- Enable opencv
* Fri Aug 21 2020 Wim Taymans <wtaymans@redhat.com> - 1.17.90-1
- Update to 1.17.90
- Remove obsolete -bad-transcoder .pc file
- Add vulkan wayland
* Fri Mar 29 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1.16.1-4
- Rebuilt for MSVSphere 8.10 beta
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.17.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 17 2024 Wim Taymans <wtaymans@redhat.com> - 1.16.1-4
- Patch CVE-2023-40474: Integer overflow
- Patch CVE-2023-40475: Integer overflow
- Patch CVE-2023-40476: Integer overflow in H.265 video parser
- Resolves: RHEL-19500, RHEL-19504, RHEL-19507
* Tue Jul 07 2020 Robert-André Mauchin <zebob.m@gmail.com> - 1.17.2-2
- Rebuilt for aom 2.0.0
* Thu Jan 11 2024 Wim Taymans <wtaymans@redhat.com> - 1.16.1-3
- Bump to avoid conflict with z stream.
- Resolves: RHEL-16794
* Mon Jul 6 2020 Wim Taymans <wtaymans@redhat.com> - 1.17.2-1
- Update to 1.17.2
- Add new libva plugin
- Add new pkgconfig files
* Mon Jun 22 2020 Wim Taymans <wtaymans@redhat.com> - 1.17.1-1
- Update to 1.17.1
- Add sources
- Disable wpe for now
* Fri Mar 20 2020 Debarshi Ray <rishi@fedoraproject.org> - 1.16.2-4
- Enable the spandsp plugin
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.16.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Tue Jan 7 2020 Tom Callaway <spot@fedoraproject.org> - 1.16.2-2
- rebuild for libsrtp2
* Thu Jan 2 2020 Wim Taymans <wtaymans@redhat.com> - 1.16.2-1
- Update to 1.16.2
* Fri Nov 15 2019 Dominik 'Rathann' Mierzejewski <rpm@greysector.net> - 1.16.1-3
- rebuild for libdvdread ABI bump
* Fri Oct 04 2019 Kalev Lember <klember@redhat.com> - 1.16.1-2
- Bump gstreamer1-plugins-bad-nonfree obsoletes version
* Wed Dec 13 2023 Wim Taymans <wtaymans@redhat.com> - 1.16.1-2
- Patch CVE-2023-44446: MXF demuxer use-after-free
- Resolves: RHEL-16794
* Tue Sep 24 2019 Wim Taymans <wtaymans@redhat.com> - 1.16.1-1
* Mon Nov 18 2019 Wim Taymans <wtaymans@redhat.com> - 1.16.1-1
- Update to 1.16.1
* Mon Sep 23 2019 Kalev Lember <klember@redhat.com> - 1.16.0-4
- Enable AAC support through fdk-aac-free
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.16.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Mon Jun 24 2019 Rex Dieter <rdieter@fedoraproject.org> - 1.16.0-2
- BR: lilv-devel, enables lv2 plugin
- use %%_metainfodir macro
* Tue Apr 23 2019 Wim Taymans <wtaymans@redhat.com> - 1.16.0-1
- Update to 1.16.0
* Fri Mar 01 2019 Wim Taymans <wtaymans@redhat.com> - 1.15.2-1
- Update to 1.15.2
- The vcdsrc plugin was removed
* Thu Feb 28 2019 Pete Walter <pwalter@fedoraproject.org> - 1.15.1-3
- Update wayland deps
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.15.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jan 25 2019 Wim Taymans <wtaymans@redhat.com> - 1.15.1-1
- Update to 1.15.1
- Remove upstreamed patches
- Remove dependency on removed package
- Add sctp and closedcaption plugins
- The vcdsrc plugin was removed
- Resolves: rhbz#1756299
* Wed Oct 03 2018 Wim Taymans <wtaymans@redhat.com> - 1.14.4-1
- Update to 1.14.4
* Tue Sep 18 2018 Wim Taymans <wtaymans@redhat.com> - 1.14.3-1
- Update to 1.14.3
* Wed Aug 15 2018 Rex Dieter <rdieter@fedoraproject.org> - 1.14.2-2
- Enable LV2 plugin support (#1616070)
* Thu Aug 16 2018 Wim Taymans <wtaymans@redhat.com> - 1.14.0-5
- Fixes for problems found by covscan
- Resolves: rhbz#1602534
* Mon Jul 23 2018 Wim Taymans <wtaymans@redhat.com> - 1.14.2-1
- Update to 1.14.2
* Mon Aug 13 2018 Troy Dawson <tdawson@redhat.com> - 1.14.0-4
- Add BuildRequest python3-devel
* Tue Jul 17 2018 Wim Taymans <wtaymans@redhat.org> - 1.14.1-7
* Tue Jul 17 2018 Wim Taymans <wtaymans@redhat.com> - 1.14.0-3
- Remove obsolete liboil BR (#1588303)
- Only build extras on Fedora
- bluez is not in extras
- vdpau is in extras
* Tue Jul 17 2018 Wim Taymans <wtaymans@redhat.org> - 1.14.1-6
- remove unused liboil BR
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.14.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jun 14 2018 Simone Caronni <negativo17@gmail.com> - 1.14.1-4
- Rebuild for updated libass.
* Fri May 25 2018 Wim Taymans <wtaymans@redhat.com> - 1.14.1-3
- rebuild (#1581325) to update Provides
* Tue May 22 2018 Rex Dieter <rdieter@fedoraproject.org> - 1.14.1-2
- rebuild (file)
* Mon May 21 2018 Wim Taymans <wtaymans@redhat.com> - 1.14.1-1
- Update to 1.14.1
* Tue Jul 17 2018 Wim Taymans <wtaymans@redhat.com> - 1.14.0-2
- Use openjpeg2 instead of openjpeg (#1553079)
* Thu May 10 2018 Wim Taymans <wtaymans@redhat.com> - 1.14.0-2
- Add libnice-devel to get webrtc plugin (#1575244)
* Tue Mar 20 2018 Wim Taymans <wtaymans@redhat.com> - 1.14.0-1
- Update to 1.14.0
- add webrtc gir and typelib

Loading…
Cancel
Save