Thomas Guillem authored 1 year ago and Jean-Baptiste Kempf committed 10 months ago

That could lead to a heap buffer overflow.

Thanks Andreas Fobian for the security report.

(cherry picked from commit 467b24dd0f9b0b3d8ba11dd813b393892f7f1ed2)
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>

Thomas Guillem authored 1 year ago and Jean-Baptiste Kempf committed 10 months ago

The function calling mms_ParsePacket() is expecting -1 (for error) or a
valid positive integer for success.

(cherry picked from commit f1e521b494bc87a254c6a6a47d27a528e35b5ca0)
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>

Thomas Guillem authored 1 year ago and Jean-Baptiste Kempf committed 10 months ago

(cherry picked from commit 67b2b79534d3f6a48a4fc363615a4221993ccc95)
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>

Thomas Guillem authored 1 year ago and Jean-Baptiste Kempf committed 10 months ago

(cherry picked from commit da84f3830856256d64073c31675cba7f6905919f)
Signed-off-by: Jean-Baptiste Kempf <jb@videolan.org>

Tristan Matthews authored 10 months ago and Jean-Baptiste Kempf committed 10 months ago

 This release includes enhancements and bug fixes.

  - Upgrading:
    This release is ABI compatible with the previous release.

  - Enhancement:
    Improved the detection of compiler support for AArch64 extensions,
    particularly SVE.

    Added vpx_codec_get_global_headers() support for VP9.

  - Bug fixes:

    Added buffer bounds checks to vpx_writer and vpx_write_bit_buffer.
    Fix to GetSegmentationData() crash in aq_mode=0 for RTC rate control.
    Fix to alloc for row_base_thresh_freq_fac.
    Free row mt memory before freeing cpi->tile_data.
    Fix to buffer alloc for vp9_bitstream_worker_data.
    Fix to VP8 race issue for multi-thread with pnsr_calc.
    Fix to uv width/height in vp9_scale_and_extend_frame_ssse3.
    Fix to integer division by zero and overflow in calc_pframe_target_size().
    Fix to integer overflow in vpx_img_alloc() & vpx_img_wrap()(CVE-2024-5197).
    Fix to UBSan error in vp9_rc_update_framerate().
    Fix to UBSan errors in vp8_new_framerate().
    Fix to integer overflow in vp8 encodeframe.c.
    Handle EINTR from sem_wait().

(cherry picked from commit f7a2b469)
(cherry picked from commit 3d230a44)

Steve Lhomme authored 10 months ago and Jean-Baptiste Kempf committed 10 months ago

After b6a3a8b1 we need to use the pool format.

Tristan Matthews authored 10 months ago and Felix Paul Kühne committed 10 months ago

Changes for 1.4.2 'Road Runner':
--------------------------------

1.4.2 is a small release of dav1d, improving notably ARM, AVX-512 and PowerPC
 - AVX2 optimizations for 8-tap and new variants for 6-tap
 - AVX-512 optimizations for 8-tap and new variants for 6-tap
 - Improve entropy decoding on ARM64
 - New ARM64 optimizations for convolutions based on DotProd extension
 - New ARM64 optimizations for convolutions based on i8mm extension
 - New ARM64 optimizations for subpel and prep filters for i8mm

(cherry picked from commit 918e9a33)

Tristan Matthews authored 1 year ago and Felix Paul Kühne committed 10 months ago

1.4.1 is a small release of dav1d, improving notably ARM and RISC-V speed

- Optimizations for 6tap filters for NEON (ARM)
- More RISC-V optimizations for itx (4x8, 8x4, 4x16, 16x4, 8x16, 16x8)
- Reduction of binary size on ARM64, ARM32 and RISC-V
- Fix out-of-bounds read in 8bpc SSE2/SSSE3 wiener_filter
- Msac optimizations

(cherry picked from commit 1d89e101)

Alaric Senat authored 10 months ago and Felix Paul Kühne committed 10 months ago

Previous implementation generated input item directories with URLs not
compliant with *RFC 3986* in an attempt to keep the original URL while
triggering the UPNP directory acces properly. Here's an exemple of a
previous upnp directory url:

> upnp://http://192.168.1.109:32469/cds?ObjectID=0

The stacking of schemes (`upnp://http://`) is problematic and leads to
most of the validators failing on those generated URLs (see the
referenced issue).

This patch fix the issue by simply replacing the original `http://`
scheme by `upnp://` instead of stacking both. To avoid any potential
regression with some obscure usage forcing https, a shortcut of the
directory access is introduced for https specificaly.

The example above would then be fixed like that:

> upnp://192.168.1.109:32469/cds?ObjectID=0

Potential use-cases with https would instead generate the following:

> upnps://192.168.1.109:32469/cds?ObjectID=0

Refs VLCKit#728

(cherry picked from commit 241fed31)

Alaric Senat authored 10 months ago and Felix Paul Kühne committed 10 months ago

In preparation for the next commit, explicitly refuse any protocols
that are not supported by libpupnp. It's unclear if it's needed and
pupnp probably already perform this check, but the next commit rely
heavily on the scheme matching "http" or "https" only.

(cherry picked from commit 44de051a)

Alaric Senat authored 10 months ago and Felix Paul Kühne committed 10 months ago

Switching to std::string simplifies the next patch changing the URL
scheme.

(cherry picked from commit bc1d58c0)

Alaric Senat authored 11 months ago and Felix Paul Kühne committed 10 months ago

This patch completes ac99cee9.
It avoids corrupting URLs with an already present query list.

(cherry picked from commit 0cba1475)

Alaric Senat authored 11 months ago and Felix Paul Kühne committed 10 months ago

Object ID is not supposed to be URI-encoded by default and can be pretty
much any valid string. Since we add it to a valid encoded URL, we need
to encode it to preserve the URL validity.

(cherry picked from commit 5d5ccbc0)

(cherry picked from commit 4125ad5a)

(cherry picked from commit 9815b7eb)

(cherry picked from commit 957db11f)

(cherry picked from commit 7bde5ce8)

Khalid Masum authored 2 years ago and Felix Paul Kühne committed 10 months ago

sha512sum uses --check, which is not supported by many other
implementations of sha512sum such as  busybox. Using -c instead
will let this script usable in more distros and OSes.

Khalid Masum authored 2 years ago and Felix Paul Kühne committed 10 months ago

Currently we are using commandname --version to check wheather a
command exists. Hence if a command is not shipped with --version the
check fails. For example busybox implementation of sha512sum fails
to get detected via this method.

Use command -v to check whether a command exists to fix this limitation.

Alexandre Janniaux authored 3 years ago and Felix Paul Kühne committed 10 months ago

libtool-2.4.6-san.patch is not used anymore, and other libtool patches
have been rebased on top of libtool-2.4.7.

Alexandre Janniaux authored 3 years ago and Felix Paul Kühne committed 10 months ago

The -fsanitize support has been added upstream in the commit
a5c6466528c060cc4660ad0319c00740db0e42ba which is shipped into 2.4.7.

Alexandre Janniaux authored 3 years ago and Felix Paul Kühne committed 10 months ago

libtool is notoriously known to have been patched over the time and was
provided as 2.4.7-dirty on archlinux, which makes the integer comparison
test fail since 7-dirty is not an integer.

Alexandre Janniaux authored 3 years ago and Felix Paul Kühne committed 10 months ago

shell || nicely handles the commands on the other lines without escaping
the end of line, which provides better error message in case of error.
In addition, priority of operators is much more obvious since the []
test syntax provides a visible scope-like feeling.

Alexandre Janniaux authored 3 years ago and Felix Paul Kühne committed 10 months ago

When building with bitcode enabled (*FLAGS+=-fembed-bitcode), the
following happens:

 - with LDFLAGS += -fembed-bitcode, the vanilla libtool version will
   remove the -fembed-bitcode flag, being an unknown flag, so bitcode
   won't actually be enabled, and final link steps might complain that
   the dylibs (libvlccore.dylib for instance) doesn't actually have
   bitcode embedded.

 - once fixed (either by this patch or by using -Wl,-fembed-bitcode),
   the plugins will be compiled with -module, which default to using
   MH_BUNDLE on iOS/tvOS/MacOSX instead of MH_DYLIB. Indeed, dylibs can
   be dlopened only since MacOSX 10.3/10.4, and can be dlclosed only
   since MacOSX 10.5, so MH_BUNDLE was the primary target for libtool
   module support. However, MH_BUNDLE is not compatible with the bitcode
   support from Clang.

Since we support MacOSX 10.11 as minimum, we can default to using
MH_DYLIB for plugins to have the bitcode support.

This new libtool patch add the explicit support for -fembed-bitcode in
libtool --mode=link flags, and change the flags used when using -module
in libtool to switch to dylibs.

Hugo Beauzée-Luyssen authored 3 years ago and Felix Paul Kühne committed 10 months ago

Instead of ltmain.sh, in order to ensure all changes will used.
If ltmain.sh gets modified as well, there is no way to guarantee that
all changes to the .in file will trigger a regenetation since both file
will likely have the same modification timestamps

Refs !182

An updated version of our current libtool patchset has been pushed to
https://github.com/chouquette/libtool/tree/vlc_patches

The asdcplib code contains a C++ template which refers to member
variables that doesn't exist. Earlier, this hasn't been an issue,
as the C++ template never is instantiated, but current Clang
versions (the upcoming 19.x version) diagnoses such issues already
before the class is instantiated, leading to compilation errors
on the asdcplib code.

This applies https://github.com/cinecert/asdcplib/pull/137 (which
hasn't yet received any attention), fixing
https://github.com/cinecert/asdcplib/issues/136.

(cherry picked from commit c481befc)

assert() may be disabled and you don't want to abort a whole process in
case of a parsing issue. So check the offset from samples_avail(), that
will return 0 (EOF) in case of a out of bounds read.

Patch already upstream.

(cherry picked from commit 8205482c)
Signed-off-by: Thomas Guillem <thomas@gllm.fr>

RFC9110 specifies that a client must handle a shorter response range
than requested in all circumstanges. Previously, RFC7233 only required
that behaviour for multipart ranges, which VLC did not use.

This matches the newer specification: VLC will try to resume from the
last received offset not only on unexpected error, but also on short
response.

Fixes #28627.

(cherry picked from commit 90dc0a02)

The Super Resolution filter doesn't handle RGB10A2.