openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete Yocto mirror with license table for TQMa6UL (2038-compliance)

Browse Source 
- 264 license table entries with exact download URLs (224/264 resolved)
- Complete sources/ directory with all BitBake recipes
- Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl)
- Full traceability for Softwarefreigabeantrag
- GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4
- License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
This commit is contained in:
Siggi (OpenClaw Agent)
2026-03-01 20:58:18 +00:00
commit 16accb6b24
15086 changed files with 1292356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49501.patch Normal file
View File

@@ -0,0 +1,30 @@
From 4adb93dff05dd947878c67784d98c9a4e13b57a7 Mon Sep 17 00:00:00 2001
From: Paul B Mahol <onemda@gmail.com>
Date: Thu, 23 Nov 2023 14:58:35 +0100
Subject: [PATCH] avfilter/asrc_afirsrc: fix by one smaller allocation of
buffer
CVE: CVE-2023-49501
Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/4adb93dff05dd947878c67784d98c9a4e13b57a7]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavfilter/asrc_afirsrc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavfilter/asrc_afirsrc.c b/libavfilter/asrc_afirsrc.c
index e2359c1..ea04c35 100644
--- a/libavfilter/asrc_afirsrc.c
+++ b/libavfilter/asrc_afirsrc.c
@@ -480,7 +480,7 @@ static av_cold int config_eq_output(AVFilterLink *outlink)
if (ret < 0)
return ret;
- s->magnitude = av_calloc(s->nb_magnitude, sizeof(*s->magnitude));
+ s->magnitude = av_calloc(s->nb_magnitude + 1, sizeof(*s->magnitude));
if (!s->magnitude)
return AVERROR(ENOMEM);
memcpy(s->magnitude, eq_presets[s->preset].gains, sizeof(*s->magnitude) * s->nb_magnitude);
--
2.40.0

107
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49502.patch Normal file
View File

@@ -0,0 +1,107 @@
From 737ede405b11a37fdd61d19cf25df296a0cb0b75 Mon Sep 17 00:00:00 2001
From: Cosmin Stejerean <cosmin@cosmin.at>
Date: Wed, 6 Dec 2023 18:39:32 +0800
Subject: [PATCH] avfilter/bwdif: account for chroma sub-sampling in min size
calculation
The current logic for detecting frames that are too small for the
algorithm does not account for chroma sub-sampling, and so a sample
where the luma plane is large enough, but the chroma planes are not
will not be rejected. In that event, a heap overflow will occur.
This change adjusts the logic to consider the chroma planes and makes
the change to all three bwdif implementations.
Fixes #10688
Signed-off-by: Cosmin Stejerean <cosmin@cosmin.at>
Reviewed-by: Thomas Mundt <tmundt75@gmail.com>
Signed-off-by: Philip Langdale <philipl@overt.org>
CVE: CVE-2023-49502
Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/737ede405b11a37f]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavfilter/vf_bwdif.c | 9 +++++----
libavfilter/vf_bwdif_cuda.c | 11 ++++++-----
libavfilter/vf_bwdif_vulkan.c | 11 +++++------
3 files changed, 16 insertions(+), 15 deletions(-)
diff --git a/libavfilter/vf_bwdif.c b/libavfilter/vf_bwdif.c
index 137cd5e..353cd0b 100644
--- a/libavfilter/vf_bwdif.c
+++ b/libavfilter/vf_bwdif.c
@@ -191,13 +191,14 @@ static int config_props(AVFilterLink *link)
return ret;
}
- if (link->w < 3 || link->h < 4) {
- av_log(ctx, AV_LOG_ERROR, "Video of less than 3 columns or 4 lines is not supported\n");
+ yadif->csp = av_pix_fmt_desc_get(link->format);
+ yadif->filter = filter;
+
+ if (AV_CEIL_RSHIFT(link->w, yadif->csp->log2_chroma_w) < 3 || AV_CEIL_RSHIFT(link->h, yadif->csp->log2_chroma_h) < 4) {
+ av_log(ctx, AV_LOG_ERROR, "Video with planes less than 3 columns or 4 lines is not supported\n");
return AVERROR(EINVAL);
}
- yadif->csp = av_pix_fmt_desc_get(link->format);
- yadif->filter = filter;
ff_bwdif_init_filter_line(&s->dsp, yadif->csp->comp[0].depth);
return 0;
diff --git a/libavfilter/vf_bwdif_cuda.c b/libavfilter/vf_bwdif_cuda.c
index a5ecfba..418f15f 100644
--- a/libavfilter/vf_bwdif_cuda.c
+++ b/libavfilter/vf_bwdif_cuda.c
@@ -296,15 +296,16 @@ static int config_output(AVFilterLink *link)
link->frame_rate = av_mul_q(ctx->inputs[0]->frame_rate,
(AVRational){2, 1});
- if (link->w < 3 || link->h < 3) {
- av_log(ctx, AV_LOG_ERROR, "Video of less than 3 columns or lines is not supported\n");
- ret = AVERROR(EINVAL);
- goto exit;
- }
y->csp = av_pix_fmt_desc_get(output_frames->sw_format);
y->filter = filter;
+ if (AV_CEIL_RSHIFT(link->w, y->csp->log2_chroma_w) < 3 || AV_CEIL_RSHIFT(link->h, y->csp->log2_chroma_h) < 3) {
+ av_log(ctx, AV_LOG_ERROR, "Video with planes less than 3 columns or lines is not supported\n");
+ ret = AVERROR(EINVAL);
+ goto exit;
+ }
+
ret = CHECK_CU(cu->cuCtxPushCurrent(s->hwctx->cuda_ctx));
if (ret < 0)
goto exit;
diff --git a/libavfilter/vf_bwdif_vulkan.c b/libavfilter/vf_bwdif_vulkan.c
index 690a89c..c51df9a 100644
--- a/libavfilter/vf_bwdif_vulkan.c
+++ b/libavfilter/vf_bwdif_vulkan.c
@@ -362,15 +362,14 @@ static int bwdif_vulkan_config_output(AVFilterLink *outlink)
outlink->frame_rate = av_mul_q(avctx->inputs[0]->frame_rate,
(AVRational){2, 1});
- if (outlink->w < 4 || outlink->h < 4) {
- av_log(avctx, AV_LOG_ERROR, "Video of less than 4 columns or lines is not "
- "supported\n");
- return AVERROR(EINVAL);
- }
-
y->csp = av_pix_fmt_desc_get(vkctx->frames->sw_format);
y->filter = bwdif_vulkan_filter_frame;
+ if (AV_CEIL_RSHIFT(outlink->w, y->csp->log2_chroma_w) < 4 || AV_CEIL_RSHIFT(outlink->h, y->csp->log2_chroma_h) < 4) {
+ av_log(avctx, AV_LOG_ERROR, "Video with planes less than 4 columns or lines is not supported\n");
+ return AVERROR(EINVAL);
+ }
+
return init_filter(avctx);
}
--
2.40.0

58
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49528.patch Normal file
View File

@@ -0,0 +1,58 @@
From 2d9ed64859c9887d0504cd71dbd5b2c15e14251a Mon Sep 17 00:00:00 2001
From: Paul B Mahol <onemda@gmail.com>
Date: Sat, 25 Nov 2023 12:54:28 +0100
Subject: [PATCH 3/3] avfilter/af_dialoguenhance: fix overreads
CVE: CVE-2023-49528
Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/2d9ed64859c9887d0504cd71dbd5b2c15e14251a]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavfilter/af_dialoguenhance.c | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/libavfilter/af_dialoguenhance.c b/libavfilter/af_dialoguenhance.c
index 1762ea7..29c8ab1 100644
--- a/libavfilter/af_dialoguenhance.c
+++ b/libavfilter/af_dialoguenhance.c
@@ -96,12 +96,12 @@ static int config_input(AVFilterLink *inlink)
if (!s->window)
return AVERROR(ENOMEM);
- s->in_frame = ff_get_audio_buffer(inlink, s->fft_size * 4);
- s->center_frame = ff_get_audio_buffer(inlink, s->fft_size * 4);
- s->out_dist_frame = ff_get_audio_buffer(inlink, s->fft_size * 4);
- s->windowed_frame = ff_get_audio_buffer(inlink, s->fft_size * 4);
- s->windowed_out = ff_get_audio_buffer(inlink, s->fft_size * 4);
- s->windowed_prev = ff_get_audio_buffer(inlink, s->fft_size * 4);
+ s->in_frame = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
+ s->center_frame = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
+ s->out_dist_frame = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
+ s->windowed_frame = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
+ s->windowed_out = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
+ s->windowed_prev = ff_get_audio_buffer(inlink, (s->fft_size + 2) * 2);
if (!s->in_frame || !s->windowed_out || !s->windowed_prev ||
!s->out_dist_frame || !s->windowed_frame || !s->center_frame)
return AVERROR(ENOMEM);
@@ -250,6 +250,7 @@ static int de_stereo(AVFilterContext *ctx, AVFrame *out)
float *right_osamples = (float *)out->extended_data[1];
float *center_osamples = (float *)out->extended_data[2];
const int offset = s->fft_size - s->overlap;
+ const int nb_samples = FFMIN(s->overlap, s->in->nb_samples);
float vad;
// shift in/out buffers
@@ -258,8 +259,8 @@ static int de_stereo(AVFilterContext *ctx, AVFrame *out)
memmove(left_out, &left_out[s->overlap], offset * sizeof(float));
memmove(right_out, &right_out[s->overlap], offset * sizeof(float));
- memcpy(&left_in[offset], left_samples, s->overlap * sizeof(float));
- memcpy(&right_in[offset], right_samples, s->overlap * sizeof(float));
+ memcpy(&left_in[offset], left_samples, nb_samples * sizeof(float));
+ memcpy(&right_in[offset], right_samples, nb_samples * sizeof(float));
memset(&left_out[offset], 0, s->overlap * sizeof(float));
memset(&right_out[offset], 0, s->overlap * sizeof(float));
--
2.40.0

78
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50007.patch Normal file
View File

@@ -0,0 +1,78 @@
From b1942734c7cbcdc9034034373abcc9ecb9644c47 Mon Sep 17 00:00:00 2001
From: Paul B Mahol <onemda@gmail.com>
Date: Mon, 27 Nov 2023 11:45:34 +0100
Subject: [PATCH 2/3] avfilter/af_afwtdn: fix crash with EOF handling
CVE: CVE-2023-50007
Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavfilter/af_afwtdn.c | 34 +++++++++++++++++++---------------
1 file changed, 19 insertions(+), 15 deletions(-)
diff --git a/libavfilter/af_afwtdn.c b/libavfilter/af_afwtdn.c
index 0fcfa77..63b7f5f 100644
--- a/libavfilter/af_afwtdn.c
+++ b/libavfilter/af_afwtdn.c
@@ -408,6 +408,7 @@ typedef struct AudioFWTDNContext {
uint64_t sn;
int64_t eof_pts;
+ int eof;
int wavelet_type;
int channels;
@@ -1069,7 +1070,7 @@ static int filter_frame(AVFilterLink *inlink, AVFrame *in)
s->drop_samples = 0;
} else {
if (s->padd_samples < 0 && eof) {
- out->nb_samples += s->padd_samples;
+ out->nb_samples = FFMAX(0, out->nb_samples + s->padd_samples);
s->padd_samples = 0;
}
if (!eof)
@@ -1208,23 +1209,26 @@ static int activate(AVFilterContext *ctx)
FF_FILTER_FORWARD_STATUS_BACK(outlink, inlink);
- ret = ff_inlink_consume_samples(inlink, s->nb_samples, s->nb_samples, &in);
- if (ret < 0)
- return ret;
- if (ret > 0)
- return filter_frame(inlink, in);
+ if (!s->eof) {
+ ret = ff_inlink_consume_samples(inlink, s->nb_samples, s->nb_samples, &in);
+ if (ret < 0)
+ return ret;
+ if (ret > 0)
+ return filter_frame(inlink, in);
+ }
if (ff_inlink_acknowledge_status(inlink, &status, &pts)) {
- if (status == AVERROR_EOF) {
- while (s->padd_samples != 0) {
- ret = filter_frame(inlink, NULL);
- if (ret < 0)
- return ret;
- }
- ff_outlink_set_status(outlink, status, pts);
- return ret;
- }
+ if (status == AVERROR_EOF)
+ s->eof = 1;
}
+
+ if (s->eof && s->padd_samples != 0) {
+ return filter_frame(inlink, NULL);
+ } else if (s->eof) {
+ ff_outlink_set_status(outlink, AVERROR_EOF, s->eof_pts);
+ return 0;
+ }
+
FF_FILTER_FORWARD_WANTED(outlink, inlink);
return FFERROR_NOT_READY;
--
2.40.0

29
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50008.patch Normal file
View File

@@ -0,0 +1,29 @@
From 5f87a68cf70dafeab2fb89b42e41a4c29053b89b Mon Sep 17 00:00:00 2001
From: Paul B Mahol <onemda@gmail.com>
Date: Mon, 27 Nov 2023 12:08:20 +0100
Subject: [PATCH] avfilter/vf_colorcorrect: fix memory leaks
CVE: CVE-2023-50008
Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/5f87a68cf70dafeab2fb89b42e41a4c29053b89b]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavfilter/vf_colorcorrect.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libavfilter/vf_colorcorrect.c b/libavfilter/vf_colorcorrect.c
index 1c4dea5..6bdec2c 100644
--- a/libavfilter/vf_colorcorrect.c
+++ b/libavfilter/vf_colorcorrect.c
@@ -497,6 +497,8 @@ static av_cold void uninit(AVFilterContext *ctx)
ColorCorrectContext *s = ctx->priv;
av_freep(&s->analyzeret);
+ av_freep(&s->uhistogram);
+ av_freep(&s->vhistogram);
}
static const AVFilterPad colorcorrect_inputs[] = {
--
2.40.0

37
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-28661.patch Normal file
View File

@@ -0,0 +1,37 @@
From 66b50445cb36cf6adb49c2397362509aedb42c71 Mon Sep 17 00:00:00 2001
From: James Almer <jamrial@gmail.com>
Date: Fri, 16 Feb 2024 11:17:13 -0300
Subject: [PATCH 1/3] avcodec/speexdec: check for sane frame_size values
Regression since ab39cc36c72bb73318bb911acb66873de850a107.
Fixes heap buffer overflows
Fixes ticket #10866
Reported-by: sploitem <sploitem@gmail.com>
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
CVE: CVE-2024-28661
Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/66b50445cb36cf6adb49c2397362509aedb42c71]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavcodec/speexdec.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libavcodec/speexdec.c b/libavcodec/speexdec.c
index 08c7e77..23b8605 100644
--- a/libavcodec/speexdec.c
+++ b/libavcodec/speexdec.c
@@ -1422,6 +1422,7 @@ static int parse_speex_extradata(AVCodecContext *avctx,
s->frame_size = bytestream_get_le32(&buf);
if (s->frame_size < NB_FRAME_SIZE << s->mode)
return AVERROR_INVALIDDATA;
+ s->frame_size *= 1 + (s->mode > 0);
s->vbr = bytestream_get_le32(&buf);
s->frames_per_packet = bytestream_get_le32(&buf);
if (s->frames_per_packet <= 0 ||
--
2.40.0

49
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31578.patch Normal file
View File

@@ -0,0 +1,49 @@
From edeeb35cecb5bc0d433b14dd0e544ae826b7ece5 Mon Sep 17 00:00:00 2001
From: Zhao Zhili <zhilizhao@tencent.com>
Date: Tue, 20 Feb 2024 20:08:55 +0800
Subject: [PATCH] avutil/hwcontext: Don't assume frames_uninit is reentrant
Fix heap use after free when vulkan_frames_init failed.
Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
CVE: CVE-2024-31578
Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/3bb00c0a420c3ce83]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavutil/hwcontext.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/libavutil/hwcontext.c b/libavutil/hwcontext.c
index 3650d46..0ef3479 100644
--- a/libavutil/hwcontext.c
+++ b/libavutil/hwcontext.c
@@ -363,7 +363,7 @@ int av_hwframe_ctx_init(AVBufferRef *ref)
if (ctx->internal->hw_type->frames_init) {
ret = ctx->internal->hw_type->frames_init(ctx);
if (ret < 0)
- goto fail;
+ return ret;
}
if (ctx->internal->pool_internal && !ctx->pool)
@@ -373,14 +373,10 @@ int av_hwframe_ctx_init(AVBufferRef *ref)
if (ctx->initial_pool_size > 0) {
ret = hwframe_pool_prealloc(ref);
if (ret < 0)
- goto fail;
+ return ret;
}
return 0;
-fail:
- if (ctx->internal->hw_type->frames_uninit)
- ctx->internal->hw_type->frames_uninit(ctx);
- return ret;
}
int av_hwframe_transfer_get_formats(AVBufferRef *hwframe_ref,
--
2.40.0

34
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch Normal file
View File

@@ -0,0 +1,34 @@
From 1d1a05b393ece9fa3df825bfef3724b7370aefdc Mon Sep 17 00:00:00 2001
From: Zhao Zhili <zhilizhao@tencent.com>
Date: Fri, 29 Dec 2023 05:56:43 +0800
Subject: [PATCH] avfilter/vf_codecview: fix heap buffer overflow
And improve the performance by a little bit.
Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
CVE: CVE-2024-31582
Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/99debe5f823f45a482e1dc08de35879aa9c74bd2]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavfilter/vf_codecview.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/libavfilter/vf_codecview.c b/libavfilter/vf_codecview.c
index 55d9c8c..f65ccbd 100644
--- a/libavfilter/vf_codecview.c
+++ b/libavfilter/vf_codecview.c
@@ -216,9 +216,6 @@ static void draw_block_rectangle(uint8_t *buf, int sx, int sy, int w, int h, ptr
buf[sx + w - 1] = color;
buf += stride;
}
-
- for (int x = sx; x < sx + w; x++)
- buf[x] = color;
}
static int filter_frame(AVFilterLink *inlink, AVFrame *frame)
--
2.40.0

62
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35365.patch Normal file
View File

@@ -0,0 +1,62 @@
From ced5c5fdb8634d39ca9472a2026b2d2fea16c4e5 Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Mon, 25 Mar 2024 16:54:25 +0100
Subject: [PATCH] fftools/ffmpeg_mux_init: Fix double-free on error
MATCH_PER_STREAM_OPT iterates over all options of a given
OptionDef and tests whether they apply to the current stream;
if so, they are set to ost->apad, otherwise, the code errors
out. If no error happens, ost->apad is av_strdup'ed in order
to take ownership of this pointer.
But this means that setting it originally was premature,
as it leads to double-frees when an error happens lateron.
This can simply be reproduced with
ffmpeg -filter_complex anullsrc -apad bar -apad:n baz -f null -
This is a regression since 83ace80bfd80fcdba2c65fa1d554923ea931d5bd.
Fix this by using a temporary variable instead of directly
setting ost->apad. Also only strdup the string if it actually
is != NULL.
Reviewed-by: Marth64 <marth64@proxyid.net>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
CVE: CVE-2024-35365
Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/ced5c5fdb8634d39ca9472a2026b2d2fea16c4e5]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
fftools/ffmpeg_mux_init.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/fftools/ffmpeg_mux_init.c b/fftools/ffmpeg_mux_init.c
index 63a25a3..685c064 100644
--- a/fftools/ffmpeg_mux_init.c
+++ b/fftools/ffmpeg_mux_init.c
@@ -845,6 +845,7 @@ static int new_stream_audio(Muxer *mux, const OptionsContext *o,
int channels = 0;
char *layout = NULL;
char *sample_fmt = NULL;
+ const char *apad = NULL;
MATCH_PER_STREAM_OPT(audio_channels, i, channels, oc, st);
if (channels) {
@@ -882,8 +883,12 @@ static int new_stream_audio(Muxer *mux, const OptionsContext *o,
MATCH_PER_STREAM_OPT(audio_sample_rate, i, audio_enc->sample_rate, oc, st);
- MATCH_PER_STREAM_OPT(apad, str, ost->apad, oc, st);
- ost->apad = av_strdup(ost->apad);
+ MATCH_PER_STREAM_OPT(apad, str, apad, oc, st);
+ if (apad) {
+ ost->apad = av_strdup(apad);
+ if (!ost->apad)
+ return AVERROR(ENOMEM);
+ }
#if FFMPEG_OPT_MAP_CHANNEL
/* check for channel mapping for this audio stream */
--
2.40.0

47
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35367.patch Normal file
View File

@@ -0,0 +1,47 @@
From 09e6840cf7a3ee07a73c3ae88a020bf27ca1a667 Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Wed, 13 Mar 2024 02:10:26 +0100
Subject: [PATCH] avcodec/ppc/vp8dsp_altivec: Fix out-of-bounds access
h_subpel_filters_inner[i] and h_subpel_filters_outer[i / 2]
belong together and the former allows the range 0..6,
so the latter needs to support 0..3. But it has only three
elements. Add another one.
The value for the last element has been guesstimated
from subpel_filters in libavcodec/vp8dsp.c.
This is also intended to fix FATE-failures with UBSan here:
https://fate.ffmpeg.org/report.cgi?time=20240312011016&slot=ppc-linux-gcc-13.2-ubsan-altivec-qemu
Tested-by: Sean McGovern <gseanmcg@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
CVE: CVE-2024-35367
Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/09e6840cf7a3ee07a73c3ae88a020bf27ca1a667]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavcodec/ppc/vp8dsp_altivec.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libavcodec/ppc/vp8dsp_altivec.c b/libavcodec/ppc/vp8dsp_altivec.c
index 12dac8b..061914f 100644
--- a/libavcodec/ppc/vp8dsp_altivec.c
+++ b/libavcodec/ppc/vp8dsp_altivec.c
@@ -50,11 +50,12 @@ static const vec_s8 h_subpel_filters_inner[7] =
// for 6tap filters, these are the outer two taps
// The zeros mask off pixels 4-7 when filtering 0-3
// and vice-versa
-static const vec_s8 h_subpel_filters_outer[3] =
+static const vec_s8 h_subpel_filters_outer[4] =
{
REPT4(0, 0, 2, 1),
REPT4(0, 0, 3, 3),
REPT4(0, 0, 1, 2),
+ REPT4(0, 0, 0, 0),
};
#define LOAD_H_SUBPEL_FILTER(i) \
--
2.40.0

41
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35368.patch Normal file
View File

@@ -0,0 +1,41 @@
From 4513300989502090c4fd6560544dce399a8cd53c Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Sun, 24 Sep 2023 13:15:48 +0200
Subject: [PATCH] avcodec/rkmppdec: Fix double-free on error
After having created the AVBuffer that is put into frame->buf[0],
ownership of several objects (namely an AVDRMFrameDescriptor,
an MppFrame and some AVBufferRefs framecontextref and decoder_ref)
has passed to the AVBuffer and therefore to the frame.
Yet it has nevertheless been freed manually on error
afterwards, which would lead to a double-free as soon
as the AVFrame is unreferenced.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
CVE: CVE-2024-35368
Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/4513300989502090c4fd6560544dce399a8cd53c]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavcodec/rkmppdec.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/libavcodec/rkmppdec.c b/libavcodec/rkmppdec.c
index 5768568..2ca368e 100644
--- a/libavcodec/rkmppdec.c
+++ b/libavcodec/rkmppdec.c
@@ -462,8 +462,8 @@ static int rkmpp_retrieve_frame(AVCodecContext *avctx, AVFrame *frame)
frame->hw_frames_ctx = av_buffer_ref(decoder->frames_ref);
if (!frame->hw_frames_ctx) {
- ret = AVERROR(ENOMEM);
- goto fail;
+ av_frame_unref(frame);
+ return AVERROR(ENOMEM);
}
return 0;
--
2.40.0

37
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35369.patch Normal file
View File

@@ -0,0 +1,37 @@
From 0895ef0d6d6406ee6cd158fc4d47d80f201b8e9c Mon Sep 17 00:00:00 2001
From: James Almer <jamrial@gmail.com>
Date: Sat, 17 Feb 2024 09:45:57 -0300
Subject: [PATCH] avcodec/speexdec: further check for sane frame_size values
Prevent potential integer overflows.
Signed-off-by: James Almer <jamrial@gmail.com>
CVE: CVE-2024-35369
Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/0895ef0d6d6406ee6cd158fc4d47d80f201b8e9c]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavcodec/speexdec.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/libavcodec/speexdec.c b/libavcodec/speexdec.c
index 23b8605..a034009 100644
--- a/libavcodec/speexdec.c
+++ b/libavcodec/speexdec.c
@@ -1420,9 +1420,10 @@ static int parse_speex_extradata(AVCodecContext *avctx,
return AVERROR_INVALIDDATA;
s->bitrate = bytestream_get_le32(&buf);
s->frame_size = bytestream_get_le32(&buf);
- if (s->frame_size < NB_FRAME_SIZE << s->mode)
+ if (s->frame_size < NB_FRAME_SIZE << (s->mode > 0) ||
+ s->frame_size > INT32_MAX >> (s->mode > 0))
return AVERROR_INVALIDDATA;
- s->frame_size *= 1 + (s->mode > 0);
+ s->frame_size <<= (s->mode > 0);
s->vbr = bytestream_get_le32(&buf);
s->frames_per_packet = bytestream_get_le32(&buf);
if (s->frames_per_packet <= 0 ||
--
2.40.0

36
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-36618.patch Normal file
View File

@@ -0,0 +1,36 @@
From 7a089ed8e049e3bfcb22de1250b86f2106060857 Mon Sep 17 00:00:00 2001
From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
Date: Tue, 12 Mar 2024 23:23:17 +0100
Subject: [PATCH] avformat/avidec: Fix integer overflow iff ULONG_MAX <
INT64_MAX
Affects many FATE-tests, see
https://fate.ffmpeg.org/report.cgi?time=20240312011016&slot=ppc-linux-gcc-13.2-ubsan-altivec-qemu
Reviewed-by: James Almer <jamrial@gmail.com>
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
CVE: CVE-2024-36618
Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/7a089ed8e049e3bfcb22de1250b86f2106060857]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavformat/avidec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavformat/avidec.c b/libavformat/avidec.c
index 00bd7a9..bc95466 100644
--- a/libavformat/avidec.c
+++ b/libavformat/avidec.c
@@ -1696,7 +1696,7 @@ static int check_stream_max_drift(AVFormatContext *s)
int *idx = av_calloc(s->nb_streams, sizeof(*idx));
if (!idx)
return AVERROR(ENOMEM);
- for (min_pos = pos = 0; min_pos != INT64_MAX; pos = min_pos + 1LU) {
+ for (min_pos = pos = 0; min_pos != INT64_MAX; pos = min_pos + 1ULL) {
int64_t max_dts = INT64_MIN / 2;
int64_t min_dts = INT64_MAX / 2;
int64_t max_buffer = 0;
--
2.40.0

34
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-0518.patch Normal file
View File

@@ -0,0 +1,34 @@
From b5b6391d64807578ab872dc58fb8aa621dcfc38a Mon Sep 17 00:00:00 2001
From: Michael Niedermayer <michael@niedermayer.cc>
Date: Mon, 6 Jan 2025 22:01:39 +0100
Subject: [PATCH] avfilter/af_pan: Fix sscanf() use
Fixes: Memory Data Leak
Found-by: Simcha Kosman <simcha.kosman@cyberark.com>
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
CVE: CVE-2025-0518
Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavfilter/af_pan.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libavfilter/af_pan.c b/libavfilter/af_pan.c
index cfed9f1..ffcd214 100644
--- a/libavfilter/af_pan.c
+++ b/libavfilter/af_pan.c
@@ -165,7 +165,7 @@ static av_cold int init(AVFilterContext *ctx)
sign = 1;
while (1) {
gain = 1;
- if (sscanf(arg, "%lf%n *%n", &gain, &len, &len))
+ if (sscanf(arg, "%lf%n *%n", &gain, &len, &len) >= 1)
arg += len;
if (parse_channel_name(&arg, &in_ch_id, &named)){
av_log(ctx, AV_LOG_ERROR,
--
2.40.0

39
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch Normal file
View File

@@ -0,0 +1,39 @@
From 1446e37d3d032e1452844778b3e6ba2c20f0c322 Mon Sep 17 00:00:00 2001
From: James Almer <jamrial@gmail.com>
Date: Mon, 30 Dec 2024 00:25:41 -0300
Subject: [PATCH] avfilter/buffersrc: check for valid sample rate
A sample rate <= 0 is invalid.
Fixes an assert in ffmpeg_enc.c that assumed a valid sample rate would be set.
Fixes ticket #11385.
Signed-off-by: James Almer <jamrial@gmail.com>
CVE: CVE-2025-22919
Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1446e37d3d032e1452844778b3e6ba2c20f0c322]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavfilter/buffersrc.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/libavfilter/buffersrc.c b/libavfilter/buffersrc.c
index 453fc0f..f49aa91 100644
--- a/libavfilter/buffersrc.c
+++ b/libavfilter/buffersrc.c
@@ -401,6 +401,11 @@ FF_ENABLE_DEPRECATION_WARNINGS
av_channel_layout_describe(&s->ch_layout, buf, sizeof(buf));
}
+ if (s->sample_rate <= 0) {
+ av_log(ctx, AV_LOG_ERROR, "Sample rate not set\n");
+ return AVERROR(EINVAL);
+ }
+
if (!s->time_base.num)
s->time_base = (AVRational){1, s->sample_rate};
--
2.40.0

34
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22921.patch Normal file
View File

@@ -0,0 +1,34 @@
From 7f9c7f9849a2155224711f0ff57ecdac6e4bfb57 Mon Sep 17 00:00:00 2001
From: James Almer <jamrial@gmail.com>
Date: Wed, 1 Jan 2025 23:58:39 -0300
Subject: [PATCH] avcodec/jpeg2000dec: clear array length when freeing it
Fixes NULL pointer dereferences.
Fixes ticket #11393.
Reviewed-by: Michael Niedermayer <michael@niedermayer.cc>
Signed-off-by: James Almer <jamrial@gmail.com>
CVE: CVE-2025-22921
Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7f9c7f9849a2155224711f0ff57ecdac6e4bfb57]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavcodec/jpeg2000dec.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libavcodec/jpeg2000dec.c b/libavcodec/jpeg2000dec.c
index 691cfbd..b56902c 100644
--- a/libavcodec/jpeg2000dec.c
+++ b/libavcodec/jpeg2000dec.c
@@ -1223,6 +1223,7 @@ static int jpeg2000_decode_packet(Jpeg2000DecoderContext *s, Jpeg2000Tile *tile,
}
}
av_freep(&cblk->lengthinc);
+ cblk->nb_lengthinc = 0;
}
}
// Save state of stream
--
2.40.0

36
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-25473.patch Normal file
View File

@@ -0,0 +1,36 @@
From c08d300481b8ebb846cd43a473988fdbc6793d1b Mon Sep 17 00:00:00 2001
From: James Almer <jamrial@gmail.com>
Date: Fri, 17 Jan 2025 00:05:31 -0300
Subject: [PATCH] avformat/avformat: also clear FFFormatContext packet queue
when closing a muxer
packet_buffer is used in mux.c, and if a muxing process fails at a point where
packets remained in said queue, they will leak.
Fixes ticket #11419
Signed-off-by: James Almer <jamrial@gmail.com>
CVE: CVE-2025-25473
Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/c08d300481b8ebb846cd43a473988fdbc6793d1b]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
libavformat/avformat.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/libavformat/avformat.c b/libavformat/avformat.c
index 5b8bb78..73f31cd 100644
--- a/libavformat/avformat.c
+++ b/libavformat/avformat.c
@@ -138,6 +138,7 @@ void avformat_free_context(AVFormatContext *s)
av_dict_free(&si->id3v2_meta);
av_packet_free(&si->pkt);
av_packet_free(&si->parse_pkt);
+ avpriv_packet_list_free(&si->packet_buffer);
av_freep(&s->streams);
ff_flush_packet_queue(s);
av_freep(&s->url);
--
2.40.0

91
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/av1_ordering_info.patch Normal file
View File

@@ -0,0 +1,91 @@
From cafb4c554845332eeb33284cf6498049997dc67e Mon Sep 17 00:00:00 2001
From: Mark Thompson <sw@jkqxz.net>
Date: Wed, 20 Mar 2024 20:35:28 +0000
Subject: [PATCH] lavc/cbs_av1: Save more frame ordering information
This is wanted by the Vulkan decoder.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/ecdc94b97f809d5f2b88640842fd0541951ad295]
---
libavcodec/cbs_av1.h | 5 +++++
libavcodec/cbs_av1_syntax_template.c | 25 +++++++++++++++++++++----
2 files changed, 26 insertions(+), 4 deletions(-)
diff --git a/libavcodec/cbs_av1.h b/libavcodec/cbs_av1.h
index a5402f069d..a027013bc7 100644
--- a/libavcodec/cbs_av1.h
+++ b/libavcodec/cbs_av1.h
@@ -427,6 +427,8 @@ typedef struct AV1ReferenceFrameState {
int bit_depth; // RefBitDepth
int order_hint; // RefOrderHint
+ int saved_order_hints[AV1_TOTAL_REFS_PER_FRAME]; // SavedOrderHints[ref]
+
int8_t loop_filter_ref_deltas[AV1_TOTAL_REFS_PER_FRAME];
int8_t loop_filter_mode_deltas[2];
uint8_t feature_enabled[AV1_MAX_SEGMENTS][AV1_SEG_LVL_MAX];
@@ -464,6 +466,9 @@ typedef struct CodedBitstreamAV1Context {
int tile_rows;
int tile_num;
+ int order_hints[AV1_TOTAL_REFS_PER_FRAME]; // OrderHints
+ int ref_frame_sign_bias[AV1_TOTAL_REFS_PER_FRAME]; // RefFrameSignBias
+
AV1ReferenceFrameState ref[AV1_NUM_REF_FRAMES];
// AVOptions
diff --git a/libavcodec/cbs_av1_syntax_template.c b/libavcodec/cbs_av1_syntax_template.c
index 3be1f2d30f..2979c5d98f 100644
--- a/libavcodec/cbs_av1_syntax_template.c
+++ b/libavcodec/cbs_av1_syntax_template.c
@@ -1414,6 +1414,8 @@ static int FUNC(uncompressed_header)(CodedBitstreamContext *ctx, RWContext *rw,
priv->ref[i].valid = 0;
priv->ref[i].order_hint = 0;
}
+ for (i = 0; i < AV1_REFS_PER_FRAME; i++)
+ priv->order_hints[i + AV1_REF_FRAME_LAST] = 0;
}
flag(disable_cdf_update);
@@ -1568,11 +1570,20 @@ static int FUNC(uncompressed_header)(CodedBitstreamContext *ctx, RWContext *rw,
else
flag(use_ref_frame_mvs);
- infer(allow_intrabc, 0);
- }
+ for (i = 0; i < AV1_REFS_PER_FRAME; i++) {
+ int ref_frame = AV1_REF_FRAME_LAST + i;
+ int hint = priv->ref[current->ref_frame_idx[i]].order_hint;
+ priv->order_hints[ref_frame] = hint;
+ if (!seq->enable_order_hint) {
+ priv->ref_frame_sign_bias[ref_frame] = 0;
+ } else {
+ priv->ref_frame_sign_bias[ref_frame] =
+ cbs_av1_get_relative_dist(seq, hint,
+ current->order_hint) > 0;
+ }
+ }
- if (!frame_is_intra) {
- // Derive reference frame sign biases.
+ infer(allow_intrabc, 0);
}
if (seq->reduced_still_picture_header || current->disable_cdf_update)
@@ -1674,6 +1685,12 @@ update_refs:
.bit_depth = priv->bit_depth,
.order_hint = priv->order_hint,
};
+
+ for (int j = 0; j < AV1_REFS_PER_FRAME; j++) {
+ priv->ref[i].saved_order_hints[j + AV1_REF_FRAME_LAST] =
+ priv->order_hints[j + AV1_REF_FRAME_LAST];
+ }
+
memcpy(priv->ref[i].loop_filter_ref_deltas, current->loop_filter_ref_deltas,
sizeof(current->loop_filter_ref_deltas));
memcpy(priv->ref[i].loop_filter_mode_deltas, current->loop_filter_mode_deltas,
--
2.25.1

1382
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/vulkan_av1_stable_API.patch Normal file
View File

File diff suppressed because it is too large Load Diff

102
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg/vulkan_fix_gcc14.patch Normal file
View File

@@ -0,0 +1,102 @@
From 2f24f10d9cf34ddce274496c4daa73f732d370c1 Mon Sep 17 00:00:00 2001
From: Sam James <sam@gentoo.org>
Date: Wed, 20 Dec 2023 12:32:43 +0000
Subject: [PATCH] libavcodec: fix -Wint-conversion in vulkan
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
FIx warnings (soon to be errors in GCC 14, already so in Clang 15):
```
src/libavcodec/vulkan_av1.c: In function vk_av1_create_params:
src/libavcodec/vulkan_av1.c:183:43: error: initialization of long long unsigned int from void * makes integer from pointer without a cast [-Wint-conversion]
183 | .videoSessionParametersTemplate = NULL,
| ^~~~
src/libavcodec/vulkan_av1.c:183:43: note: (near initialization for (anonymous).videoSessionParametersTemplate)
```
Use Vulkan's VK_NULL_HANDLE instead of bare NULL.
Fix Trac ticket #10724.
Was reported downstream in Gentoo at https://bugs.gentoo.org/919067.
Signed-off-by: Sam James <sam@gentoo.org>
Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/2f24f10d9cf34ddce274496c4daa73f732d370c1]
---
libavcodec/vulkan_av1.c | 2 +-
libavcodec/vulkan_decode.c | 6 +++---
libavcodec/vulkan_h264.c | 2 +-
libavcodec/vulkan_hevc.c | 2 +-
libavcodec/vulkan_video.c | 2 +-
5 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/libavcodec/vulkan_av1.c b/libavcodec/vulkan_av1.c
index 4998bf7ebc55f..9730e4b08dd40 100644
--- a/libavcodec/vulkan_av1.c
+++ b/libavcodec/vulkan_av1.c
@@ -180,7 +180,7 @@ static int vk_av1_create_params(AVCodecContext *avctx, AVBufferRef **buf)
.sType = VK_STRUCTURE_TYPE_VIDEO_SESSION_PARAMETERS_CREATE_INFO_KHR,
.pNext = &av1_params,
.videoSession = ctx->common.session,
- .videoSessionParametersTemplate = NULL,
+ .videoSessionParametersTemplate = VK_NULL_HANDLE,
};
err = ff_vk_decode_create_params(buf, avctx, ctx, &session_params_create);
diff --git a/libavcodec/vulkan_decode.c b/libavcodec/vulkan_decode.c
index a89d84fcaa972..fdbcbb450a1e0 100644
--- a/libavcodec/vulkan_decode.c
+++ b/libavcodec/vulkan_decode.c
@@ -188,9 +188,9 @@ int ff_vk_decode_prepare_frame(FFVulkanDecodeContext *dec, AVFrame *pic,
return 0;
vkpic->dpb_frame = NULL;
- vkpic->img_view_ref = NULL;
- vkpic->img_view_out = NULL;
- vkpic->img_view_dest = NULL;
+ vkpic->img_view_ref = VK_NULL_HANDLE;
+ vkpic->img_view_out = VK_NULL_HANDLE;
+ vkpic->img_view_dest = VK_NULL_HANDLE;
vkpic->destroy_image_view = vk->DestroyImageView;
vkpic->wait_semaphores = vk->WaitSemaphores;
diff --git a/libavcodec/vulkan_h264.c b/libavcodec/vulkan_h264.c
index e727aafb162d3..39c123ddca57e 100644
--- a/libavcodec/vulkan_h264.c
+++ b/libavcodec/vulkan_h264.c
@@ -315,7 +315,7 @@ static int vk_h264_create_params(AVCodecContext *avctx, AVBufferRef **buf)
.sType = VK_STRUCTURE_TYPE_VIDEO_SESSION_PARAMETERS_CREATE_INFO_KHR,
.pNext = &h264_params,
.videoSession = ctx->common.session,
- .videoSessionParametersTemplate = NULL,
+ .videoSessionParametersTemplate = VK_NULL_HANDLE,
};
/* SPS list */
diff --git a/libavcodec/vulkan_hevc.c b/libavcodec/vulkan_hevc.c
index 99fdcf3b45839..033172cbd6958 100644
--- a/libavcodec/vulkan_hevc.c
+++ b/libavcodec/vulkan_hevc.c
@@ -653,7 +653,7 @@ static int vk_hevc_create_params(AVCodecContext *avctx, AVBufferRef **buf)
.sType = VK_STRUCTURE_TYPE_VIDEO_SESSION_PARAMETERS_CREATE_INFO_KHR,
.pNext = &h265_params,
.videoSession = ctx->common.session,
- .videoSessionParametersTemplate = NULL,
+ .videoSessionParametersTemplate = VK_NULL_HANDLE,
};
HEVCHeaderSet *hdr;
diff --git a/libavcodec/vulkan_video.c b/libavcodec/vulkan_video.c
index 5fa8292b28eaf..fb20315db4bbf 100644
--- a/libavcodec/vulkan_video.c
+++ b/libavcodec/vulkan_video.c
@@ -287,7 +287,7 @@ av_cold void ff_vk_video_common_uninit(FFVulkanContext *s,
if (common->session) {
vk->DestroyVideoSessionKHR(s->hwctx->act_dev, common->session,
s->hwctx->alloc);
- common->session = NULL;
+ common->session = VK_NULL_HANDLE;
}
if (common->nb_mem && common->mem)

214
sources/poky/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.2.bb Normal file
View File

@@ -0,0 +1,214 @@
SUMMARY = "A complete, cross-platform solution to record, convert and stream audio and video."
DESCRIPTION = "FFmpeg is the leading multimedia framework, able to decode, encode, transcode, \
mux, demux, stream, filter and play pretty much anything that humans and machines \
have created. It supports the most obscure ancient formats up to the cutting edge."
HOMEPAGE = "https://www.ffmpeg.org/"
SECTION = "libs"
LICENSE = "GPL-2.0-or-later & LGPL-2.1-or-later & ISC & MIT & BSD-2-Clause & BSD-3-Clause & IJG"
LICENSE:${PN} = "GPL-2.0-or-later"
LICENSE:libavcodec = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPL-2.0-or-later', 'LGPL-2.1-or-later', d)}"
LICENSE:libavdevice = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPL-2.0-or-later', 'LGPL-2.1-or-later', d)}"
LICENSE:libavfilter = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPL-2.0-or-later', 'LGPL-2.1-or-later', d)}"
LICENSE:libavformat = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPL-2.0-or-later', 'LGPL-2.1-or-later', d)}"
LICENSE:libavutil = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPL-2.0-or-later', 'LGPL-2.1-or-later', d)}"
LICENSE:libpostproc = "GPL-2.0-or-later"
LICENSE:libswresample = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPL-2.0-or-later', 'LGPL-2.1-or-later', d)}"
LICENSE:libswscale = "${@bb.utils.contains('PACKAGECONFIG', 'gpl', 'GPL-2.0-or-later', 'LGPL-2.1-or-later', d)}"
LICENSE_FLAGS = "commercial"
LIC_FILES_CHKSUM = "file://COPYING.GPLv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
file://COPYING.GPLv3;md5=d32239bcb673463ab874e80d47fae504 \
file://COPYING.LGPLv2.1;md5=bd7a443320af8c812e4c18d1b79df004 \
file://COPYING.LGPLv3;md5=e6a600fd5e1d9cbde2d983680233ad02"
SRC_URI = " \
https://www.ffmpeg.org/releases/${BP}.tar.xz \
file://av1_ordering_info.patch \
file://vulkan_av1_stable_API.patch \
file://vulkan_fix_gcc14.patch \
file://CVE-2023-49502.patch \
file://CVE-2024-31578.patch \
file://CVE-2024-31582.patch \
file://CVE-2023-50008.patch \
file://CVE-2023-49501.patch \
file://CVE-2024-28661.patch \
file://CVE-2023-50007.patch \
file://CVE-2023-49528.patch \
file://CVE-2024-35367.patch \
file://CVE-2024-35368.patch \
file://CVE-2024-35365.patch \
file://CVE-2024-36618.patch \
file://CVE-2024-35369.patch \
file://CVE-2025-25473.patch \
file://CVE-2025-22919.patch \
file://CVE-2025-22921.patch \
file://CVE-2025-0518.patch \
"
SRC_URI[sha256sum] = "3b624649725ecdc565c903ca6643d41f33bd49239922e45c9b1442c63dca4e38"
# https://nvd.nist.gov/vuln/detail/CVE-2023-39018
# https://github.com/bramp/ffmpeg-cli-wrapper/issues/291
# https://security-tracker.debian.org/tracker/CVE-2023-39018
# https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-39018
CVE_STATUS[CVE-2023-39018] = "cpe-incorrect: This issue belongs to ffmpeg-cli-wrapper \
(Java wrapper around the FFmpeg CLI) and not ffmepg itself."
# Introduced: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/19f7dae81ab2c19643b97da7556383ee3f721e78
# Fixed: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/43be8d07281caca2e88bfd8ee2333633e1fb1a13
CVE_STATUS[CVE-2025-1373] = "fixed-version: Vulnerable code not present in any release"
# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
ARM_INSTRUCTION_SET:armv4 = "arm"
ARM_INSTRUCTION_SET:armv5 = "arm"
ARM_INSTRUCTION_SET:armv6 = "arm"
# Should be API compatible with libav (which was a fork of ffmpeg)
# libpostproc was previously packaged from a separate recipe
PROVIDES = "libav libpostproc"
DEPENDS = "nasm-native"
inherit autotools pkgconfig
PACKAGECONFIG ??= "avdevice avfilter avcodec avformat swresample swscale postproc \
alsa bzlib lzma theora zlib \
${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'xv xcb', '', d)}"
# libraries to build in addition to avutil
PACKAGECONFIG[avdevice] = "--enable-avdevice,--disable-avdevice"
PACKAGECONFIG[avfilter] = "--enable-avfilter,--disable-avfilter"
PACKAGECONFIG[avcodec] = "--enable-avcodec,--disable-avcodec"
PACKAGECONFIG[avformat] = "--enable-avformat,--disable-avformat"
PACKAGECONFIG[swresample] = "--enable-swresample,--disable-swresample"
PACKAGECONFIG[swscale] = "--enable-swscale,--disable-swscale"
PACKAGECONFIG[postproc] = "--enable-postproc,--disable-postproc"
# features to support
PACKAGECONFIG[alsa] = "--enable-alsa,--disable-alsa,alsa-lib"
PACKAGECONFIG[altivec] = "--enable-altivec,--disable-altivec,"
PACKAGECONFIG[bzlib] = "--enable-bzlib,--disable-bzlib,bzip2"
PACKAGECONFIG[fdk-aac] = "--enable-libfdk-aac --enable-nonfree,--disable-libfdk-aac,fdk-aac"
PACKAGECONFIG[gpl] = "--enable-gpl,--disable-gpl"
PACKAGECONFIG[gsm] = "--enable-libgsm,--disable-libgsm,libgsm"
PACKAGECONFIG[jack] = "--enable-indev=jack,--disable-indev=jack,jack"
PACKAGECONFIG[libopus] = "--enable-libopus,--disable-libopus,libopus"
PACKAGECONFIG[libvorbis] = "--enable-libvorbis,--disable-libvorbis,libvorbis"
PACKAGECONFIG[lzma] = "--enable-lzma,--disable-lzma,xz"
PACKAGECONFIG[mfx] = "--enable-libmfx,--disable-libmfx,intel-mediasdk"
PACKAGECONFIG[mp3lame] = "--enable-libmp3lame,--disable-libmp3lame,lame"
PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl"
PACKAGECONFIG[sdl2] = "--enable-sdl2,--disable-sdl2,virtual/libsdl2"
PACKAGECONFIG[speex] = "--enable-libspeex,--disable-libspeex,speex"
PACKAGECONFIG[srt] = "--enable-libsrt,--disable-libsrt,srt"
PACKAGECONFIG[theora] = "--enable-libtheora,--disable-libtheora,libtheora libogg"
PACKAGECONFIG[v4l2] = "--enable-libv4l2,--disable-libv4l2,v4l-utils"
PACKAGECONFIG[vaapi] = "--enable-vaapi,--disable-vaapi,libva"
PACKAGECONFIG[vdpau] = "--enable-vdpau,--disable-vdpau,libvdpau"
PACKAGECONFIG[vpx] = "--enable-libvpx,--disable-libvpx,libvpx"
PACKAGECONFIG[x264] = "--enable-libx264,--disable-libx264,x264"
PACKAGECONFIG[x265] = "--enable-libx265,--disable-libx265,x265"
PACKAGECONFIG[xcb] = "--enable-libxcb,--disable-libxcb,libxcb"
PACKAGECONFIG[xv] = "--enable-outdev=xv,--disable-outdev=xv,libxv"
PACKAGECONFIG[zlib] = "--enable-zlib,--disable-zlib,zlib"
# Check codecs that require --enable-nonfree
USE_NONFREE = "${@bb.utils.contains_any('PACKAGECONFIG', [ 'openssl' ], 'yes', '', d)}"
def cpu(d):
for arg in (d.getVar('TUNE_CCARGS') or '').split():
if arg.startswith('-mcpu='):
return arg[6:]
return 'generic'
EXTRA_OECONF = " \
--disable-stripping \
--enable-pic \
--enable-shared \
--enable-pthreads \
${@bb.utils.contains('USE_NONFREE', 'yes', '--enable-nonfree', '', d)} \
\
--cross-prefix=${TARGET_PREFIX} \
\
--ld='${CCLD}' \
--cc='${CC}' \
--cxx='${CXX}' \
--arch=${TARGET_ARCH} \
--target-os='linux' \
--enable-cross-compile \
--extra-cflags='${CFLAGS} ${HOST_CC_ARCH}${TOOLCHAIN_OPTIONS}' \
--extra-ldflags='${LDFLAGS}' \
--sysroot='${STAGING_DIR_TARGET}' \
${EXTRA_FFCONF} \
--libdir=${libdir} \
--shlibdir=${libdir} \
--datadir=${datadir}/ffmpeg \
${@bb.utils.contains('AVAILTUNES', 'mips32r2', '', '--disable-mipsdsp --disable-mipsdspr2', d)} \
--cpu=${@cpu(d)} \
--pkg-config=pkg-config \
"
EXTRA_OECONF:append:linux-gnux32 = " --disable-asm"
EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mipsisa64r6', '--disable-mips64r2 --disable-mips32r2', '', d)}"
EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mipsisa64r2', '--disable-mips64r6 --disable-mips32r6', '', d)}"
EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mips32r2', '--disable-mips64r6 --disable-mips32r6', '', d)}"
EXTRA_OECONF += "${@bb.utils.contains('TUNE_FEATURES', 'mips32r6', '--disable-mips64r2 --disable-mips32r2', '', d)}"
EXTRA_OECONF:append:mips = " --extra-libs=-latomic --disable-mips32r5 --disable-mipsdsp --disable-mipsdspr2 \
--disable-loongson2 --disable-loongson3 --disable-mmi --disable-msa"
EXTRA_OECONF:append:riscv32 = " --extra-libs=-latomic --disable-rvv --disable-asm"
EXTRA_OECONF:append:armv5 = " --extra-libs=-latomic"
EXTRA_OECONF:append:powerpc = " --extra-libs=-latomic"
EXTRA_OECONF:append:armv7a = "${@bb.utils.contains('TUNE_FEATURES','neon','',' --disable-neon',d)}"
EXTRA_OECONF:append:armv7ve = "${@bb.utils.contains('TUNE_FEATURES','neon','',' --disable-neon',d)}"
# gold crashes on x86, another solution is to --disable-asm but thats more hacky
# ld.gold: internal error in relocate_section, at ../../gold/i386.cc:3684
LDFLAGS:append:x86 = "${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-gold', ' -fuse-ld=bfd ', '', d)}"
LDFLAGS:append:x86 = "${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-lld', ' -fuse-ld=bfd ', '', d)}"
EXTRA_OEMAKE = "V=1"
do_configure() {
export TMPDIR="${B}/tmp"
mkdir -p ${B}/tmp
${S}/configure ${EXTRA_OECONF}
sed -i -e "s,^X86ASMFLAGS=.*,& --debug-prefix-map=${S}=${TARGET_DBGSRC_DIR} --debug-prefix-map=${B}=${TARGET_DBGSRC_DIR},g" ${B}/ffbuild/config.mak
}
# patch out build host paths for reproducibility
do_compile:prepend:class-target() {
sed -i -e "s,${WORKDIR},,g" ${B}/config.h
}
PACKAGES =+ "libavcodec \
libavdevice \
libavfilter \
libavformat \
libavutil \
libpostproc \
libswresample \
libswscale"
FILES:libavcodec = "${libdir}/libavcodec${SOLIBS}"
FILES:libavdevice = "${libdir}/libavdevice${SOLIBS}"
FILES:libavfilter = "${libdir}/libavfilter${SOLIBS}"
FILES:libavformat = "${libdir}/libavformat${SOLIBS}"
FILES:libavutil = "${libdir}/libavutil${SOLIBS}"
FILES:libpostproc = "${libdir}/libpostproc${SOLIBS}"
FILES:libswresample = "${libdir}/libswresample${SOLIBS}"
FILES:libswscale = "${libdir}/libswscale${SOLIBS}"
# ffmpeg disables PIC on some platforms (e.g. x86-32)
INSANE_SKIP:${MLPREFIX}libavcodec = "textrel"
INSANE_SKIP:${MLPREFIX}libavdevice = "textrel"
INSANE_SKIP:${MLPREFIX}libavfilter = "textrel"
INSANE_SKIP:${MLPREFIX}libavformat = "textrel"
INSANE_SKIP:${MLPREFIX}libavutil = "textrel"
INSANE_SKIP:${MLPREFIX}libswscale = "textrel"
INSANE_SKIP:${MLPREFIX}libswresample = "textrel"
INSANE_SKIP:${MLPREFIX}libpostproc = "textrel"
CVE_PRODUCT = "ffmpeg libswresample libavcodec"