openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete Yocto mirror with license table for TQMa6UL (2038-compliance)

Browse Source 
- 264 license table entries with exact download URLs (224/264 resolved)
- Complete sources/ directory with all BitBake recipes
- Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl)
- Full traceability for Softwarefreigabeantrag
- GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4
- License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
This commit is contained in:
Siggi (OpenClaw Agent)
2026-03-01 20:58:18 +00:00
commit 16accb6b24
15086 changed files with 1292356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
sources/poky/meta/recipes-multimedia/gstreamer/gst-devtools/0001-connect-has-a-different-signature-on-musl.patch Normal file
View File

@@ -0,0 +1,39 @@
From 0c73b8131efba63c5cd37ea8c7551434c3b57304 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Sun, 9 Sep 2018 17:38:10 -0700
Subject: [PATCH] connect has a different signature on musl
On linux when not using glibc and using musl for C library, connect
API has a different signature, this patch fixes this so it can compile
on musl, the functionality should remain same as it is immediately
typcasted to struct sockaddr_in* type inside the function before use
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
validate/plugins/fault_injection/socket_interposer.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/validate/plugins/fault_injection/socket_interposer.c b/validate/plugins/fault_injection/socket_interposer.c
index 53c1ebb..ad7adf8 100644
--- a/validate/plugins/fault_injection/socket_interposer.c
+++ b/validate/plugins/fault_injection/socket_interposer.c
@@ -100,10 +100,15 @@ socket_interposer_set_callback (struct sockaddr_in *addrin,
}
int
-connect (int socket, const struct sockaddr_in *addrin, socklen_t address_len)
+#if defined(__linux__) && !defined(__GLIBC__)
+connect (int socket, const struct sockaddr *addr, socklen_t address_len)
+#else
+connect (int socket, const struct sockaddr_in *addr, socklen_t address_len)
+#endif
{
size_t i;
int override_errno = 0;
+ struct sockaddr_in* addrin = (struct sockaddr_in*)addr;
typedef ssize_t (*real_connect_fn) (int, const struct sockaddr_in *,
socklen_t);
static real_connect_fn real_connect = 0;

52
sources/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.12.bb Normal file
View File

@@ -0,0 +1,52 @@
SUMMARY = "Gstreamer validation tool"
DESCRIPTION = "A Tool to test GStreamer components"
HOMEPAGE = "https://gstreamer.freedesktop.org/documentation/gst-devtools/index.html"
SECTION = "multimedia"
LICENSE = "LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://validate/COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
#S = "${WORKDIR}/gst-devtools-${PV}"
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-${PV}.tar.xz \
file://0001-connect-has-a-different-signature-on-musl.patch \
"
SRC_URI[sha256sum] = "015ff62789dab423edafe979b019c7de4c849a2b7e74912b20b74a70e5b68f72"
DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base"
RRECOMMENDS:${PN} = "git"
FILES:${PN} += "${datadir}/gstreamer-1.0/* ${libdir}/gst-validate-launcher/* ${libdir}/gstreamer-1.0/*"
inherit meson pkgconfig gettext upstream-version-is-even gobject-introspection
# TODO: put this in a gettext.bbclass patch
def gettext_oemeson(d):
if d.getVar('USE_NLS') == 'no':
return '-Dnls=disabled'
# Remove the NLS bits if USE_NLS is no or INHIBIT_DEFAULT_DEPS is set
if d.getVar('INHIBIT_DEFAULT_DEPS') and not oe.utils.inherits(d, 'cross-canadian'):
return '-Dnls=disabled'
return '-Dnls=enabled'
# Build GstValidateVideo
PACKAGECONFIG[cairo] = "-Dcairo=enabled,-Dcairo=disabled,cairo"
EXTRA_OEMESON += " \
-Ddoc=disabled \
-Ddebug_viewer=disabled \
-Dtests=disabled \
-Dvalidate=enabled \
${@gettext_oemeson(d)} \
"
do_install:append () {
for fn in ${bindir}/gst-validate-launcher \
${libdir}/gst-validate-launcher/python/launcher/config.py; do
sed -i -e 's,${B},/usr/src/debug/${PN},g' -e 's,${S},/usr/src/debug/${PN},g' ${D}$fn
done
}
GIR_MESON_ENABLE_FLAG = "enabled"
GIR_MESON_DISABLE_FLAG = "disabled"

37
sources/poky/meta/recipes-multimedia/gstreamer/gst-examples/0001-Make-player-examples-installable.patch Normal file
View File

@@ -0,0 +1,37 @@
From 7924016fce2d0b435891a335cdae52fc939c7e3b Mon Sep 17 00:00:00 2001
From: Jussi Kukkonen <jussi.kukkonen@intel.com>
Date: Thu, 17 Aug 2017 11:07:02 +0300
Subject: [PATCH] Make player examples installable
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Upstream-Status: Denied [Upstream considers these code examples, for now a least]
https://bugzilla.gnome.org/show_bug.cgi?id=777827
---
playback/player/gst-play/meson.build | 1 +
playback/player/gtk/meson.build | 1 +
2 files changed, 2 insertions(+)
diff --git a/playback/player/gst-play/meson.build b/playback/player/gst-play/meson.build
index 8ec021d..977cc5c 100644
--- a/playback/player/gst-play/meson.build
+++ b/playback/player/gst-play/meson.build
@@ -2,5 +2,6 @@ executable('gst-play',
['gst-play.c',
'gst-play-kb.c',
'gst-play-kb.h'],
+ install: true,
dependencies : [gst_dep, gstplayer_dep, m_dep])
diff --git a/playback/player/gtk/meson.build b/playback/player/gtk/meson.build
index f7a7419..6281130 100644
--- a/playback/player/gtk/meson.build
+++ b/playback/player/gtk/meson.build
@@ -13,5 +13,6 @@ if gtk_dep.found()
gtk_play_resources,
'gtk-video-renderer.h',
'gtk-video-renderer.c'],
+ install: true,
dependencies : [glib_dep, gobject_dep, gmodule_dep, gst_dep, gsttag_dep, gstplayer_dep, gtk_dep, x11_dep])
endif

10
sources/poky/meta/recipes-multimedia/gstreamer/gst-examples/gst-player.desktop Normal file
View File

@@ -0,0 +1,10 @@
[Desktop Entry]
Name=Media Player
Comment=Basic media player
Icon=video-player
TryExec=gtk-play
Exec=gtk-play
StartupNotify=true
Terminal=false
Type=Application
Categories=GTK;AudioVideo;

35
sources/poky/meta/recipes-multimedia/gstreamer/gst-examples_1.18.6.bb Normal file
View File

@@ -0,0 +1,35 @@
SUMMARY = "GStreamer examples (including gtk-play, gst-play)"
DESCRIPTION = "GStreamer example applications"
HOMEPAGE = "https://gitlab.freedesktop.org/gstreamer/gst-examples"
BUGTRACKER = "https://gitlab.freedesktop.org/gstreamer/gst-examples/-/issues"
LICENSE = "LGPL-2.0-or-later"
LIC_FILES_CHKSUM = "file://playback/player/gtk/gtk-play.c;beginline=1;endline=20;md5=f8c72dae3d36823ec716a9ebcae593b9"
DEPENDS = "glib-2.0 gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad gtk+3 libsoup-2.4 json-glib glib-2.0-native"
SRC_URI = "git://gitlab.freedesktop.org/gstreamer/gst-examples.git;protocol=https;branch=1.18 \
file://0001-Make-player-examples-installable.patch \
file://gst-player.desktop \
"
SRCREV = "70e4fcf4fc8ae19641aa990de5f37d758cdfcea4"
S = "${WORKDIR}/git"
inherit meson pkgconfig features_check
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.(\d*[02468])+(\.\d+)+)"
ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}"
do_install:append() {
install -m 0644 -D ${WORKDIR}/gst-player.desktop ${D}${datadir}/applications/gst-player.desktop
}
RDEPENDS:${PN} = "gstreamer1.0-plugins-base-playback"
RRECOMMENDS:${PN} = "gstreamer1.0-plugins-base-meta \
gstreamer1.0-plugins-good-meta \
gstreamer1.0-plugins-bad-meta \
${@bb.utils.contains("LICENSE_FLAGS_ACCEPTED", "commercial", "gstreamer1.0-libav", "", d)} \
${@bb.utils.contains("LICENSE_FLAGS_ACCEPTED", "commercial", "gstreamer1.0-plugins-ugly-meta", "", d)}"
RPROVIDES:${PN} += "gst-player gst-player-bin"

28
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.12.bb Normal file
View File

@@ -0,0 +1,28 @@
SUMMARY = "Libav-based GStreamer 1.x plugin"
DESCRIPTION = "Contains a GStreamer plugin for using the encoders, decoders, \
muxers, and demuxers provided by FFmpeg."
HOMEPAGE = "http://gstreamer.freedesktop.org/"
SECTION = "multimedia"
# ffmpeg has comercial license flags so add it as we need ffmpeg as a dependency
LICENSE_FLAGS = "commercial"
LICENSE = "LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=69333daa044cb77e486cc36129f7a770 \
file://ext/libav/gstav.h;beginline=1;endline=18;md5=a752c35267d8276fd9ca3db6994fca9c \
"
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz"
SRC_URI[sha256sum] = "3b60d4cac2fbcd085a93e9389ca23e0443bee1ca75574d31d4f12bb1bbecab48"
S = "${WORKDIR}/gst-libav-${PV}"
DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base ffmpeg"
inherit meson pkgconfig upstream-version-is-even
EXTRA_OEMESON += " \
-Dtests=disabled \
"
FILES:${PN} += "${libdir}/gstreamer-1.0/*.so"
FILES:${PN}-staticdev += "${libdir}/gstreamer-1.0/*.a"

67
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-meta-base.bb Normal file
View File

@@ -0,0 +1,67 @@
SUMMARY = "Gstreamer1.0 package groups"
LICENSE = "MIT"
# Due to use of COMBINED_FEATURES
PACKAGE_ARCH = "${MACHINE_ARCH}"
inherit packagegroup
COMMERCIAL_PLUGINS = "${COMMERCIAL_AUDIO_PLUGINS} ${COMMERCIAL_VIDEO_PLUGINS}"
DEPENDS_UGLY="${@'gstreamer1.0-plugins-ugly' if 'ugly' in COMMERCIAL_PLUGINS.split('-') else ''}"
DEPENDS_BAD="${@'gstreamer1.0-plugins-bad' if 'bad' in COMMERCIAL_PLUGINS.split('-') else ''}"
DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-good ${DEPENDS_UGLY} ${DEPENDS_BAD}"
PACKAGES = "\
gstreamer1.0-meta-base \
gstreamer1.0-meta-x11-base \
gstreamer1.0-meta-audio \
gstreamer1.0-meta-debug \
gstreamer1.0-meta-video"
ALLOW_EMPTY:gstreamer1.0-meta-base = "1"
ALLOW_EMPTY:gstreamer1.0-meta-x11-base = "1"
ALLOW_EMPTY:gstreamer1.0-meta-audio = "1"
ALLOW_EMPTY:gstreamer1.0-meta-debug = "1"
ALLOW_EMPTY:gstreamer1.0-meta-video = "1"
RDEPENDS:gstreamer1.0-meta-base = "\
${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'gstreamer1.0-meta-x11-base', '', d)} \
gstreamer1.0 \
gstreamer1.0-plugins-base-playback \
gstreamer1.0-plugins-base-gio \
${@bb.utils.contains('COMBINED_FEATURES', 'alsa', 'gstreamer1.0-plugins-base-alsa', '',d)} \
gstreamer1.0-plugins-base-volume \
gstreamer1.0-plugins-base-audioconvert \
gstreamer1.0-plugins-base-audioresample \
gstreamer1.0-plugins-base-typefindfunctions \
gstreamer1.0-plugins-base-videoconvertscale \
gstreamer1.0-plugins-good-autodetect \
gstreamer1.0-plugins-good-soup"
RRECOMMENDS:gstreamer1.0-meta-x11-base = "\
gstreamer1.0-plugins-base-ximagesink \
gstreamer1.0-plugins-base-xvimagesink"
RDEPENDS:gstreamer1.0-meta-audio = "\
gstreamer1.0-meta-base \
gstreamer1.0-plugins-base-vorbis \
gstreamer1.0-plugins-base-ogg \
gstreamer1.0-plugins-good-wavparse \
gstreamer1.0-plugins-good-flac \
${COMMERCIAL_AUDIO_PLUGINS}"
RDEPENDS:gstreamer1.0-meta-debug = "\
gstreamer1.0-meta-base \
gstreamer1.0-plugins-good-debug \
gstreamer1.0-plugins-base-audiotestsrc \
gstreamer1.0-plugins-base-videotestsrc"
RDEPENDS:gstreamer1.0-meta-video = "\
gstreamer1.0-meta-base \
gstreamer1.0-plugins-good-avi \
gstreamer1.0-plugins-good-matroska \
gstreamer1.0-plugins-base-theora \
${COMMERCIAL_VIDEO_PLUGINS}"
RRECOMMENDS:gstreamer1.0-meta-video = "\
gstreamer1.0-meta-audio"

47
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.12.bb Normal file
View File

@@ -0,0 +1,47 @@
SUMMARY = "OpenMAX IL plugins for GStreamer"
DESCRIPTION = "Wraps available OpenMAX IL components and makes them available as standard GStreamer elements."
HOMEPAGE = "http://gstreamer.freedesktop.org/"
SECTION = "multimedia"
LICENSE = "LGPL-2.1-or-later"
LICENSE_FLAGS = "commercial"
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \
file://omx/gstomx.h;beginline=1;endline=21;md5=5c8e1fca32704488e76d2ba9ddfa935f"
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz"
SRC_URI[sha256sum] = "6b0685b92ac735032d7987d1028afaeab0a98ab726e0c51e5b9bfc8f2da7c8b1"
S = "${WORKDIR}/gst-omx-${PV}"
DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad virtual/libomxil"
inherit meson pkgconfig upstream-version-is-even
GSTREAMER_1_0_OMX_TARGET ?= "bellagio"
GSTREAMER_1_0_OMX_CORE_NAME ?= "${libdir}/libomxil-bellagio.so.0"
EXTRA_OEMESON += "-Dtarget=${GSTREAMER_1_0_OMX_TARGET}"
python __anonymous () {
omx_target = d.getVar("GSTREAMER_1_0_OMX_TARGET")
if omx_target in ['generic', 'bellagio']:
# Bellagio headers are incomplete (they are missing the OMX_VERSION_MAJOR,#
# OMX_VERSION_MINOR, OMX_VERSION_REVISION, and OMX_VERSION_STEP macros);
# appending a directory path to gst-omx' internal OpenMAX IL headers fixes this
d.appendVar("CFLAGS", " -I${S}/omx/openmax")
elif omx_target == "rpi":
# Dedicated Raspberry Pi OpenMAX IL support makes this package machine specific
d.setVar("PACKAGE_ARCH", d.getVar("MACHINE_ARCH"))
}
set_omx_core_name() {
sed -i -e "s;^core-name=.*;core-name=${GSTREAMER_1_0_OMX_CORE_NAME};" "${D}${sysconfdir}/xdg/gstomx.conf"
}
do_install[postfuncs] += " set_omx_core_name "
FILES:${PN} += "${libdir}/gstreamer-1.0/*.so"
FILES:${PN}-staticdev += "${libdir}/gstreamer-1.0/*.a"
VIRTUAL-RUNTIME_libomxil ?= "libomxil"
RDEPENDS:${PN} = "${VIRTUAL-RUNTIME_libomxil}"

26
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad/0001-fix-maybe-uninitialized-warnings-when-compiling-with.patch Normal file
View File

@@ -0,0 +1,26 @@
From 8be0c6ac60c96e87d8aa443be9c431844dc3d92a Mon Sep 17 00:00:00 2001
From: Andre McCurdy <armccurdy@gmail.com>
Date: Tue, 26 Jan 2016 15:16:01 -0800
Subject: [PATCH] fix maybe-uninitialized warnings when compiling with -Os
Upstream-Status: Pending
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
gst-libs/gst/codecparsers/gstvc1parser.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gst-libs/gst/codecparsers/gstvc1parser.c b/gst-libs/gst/codecparsers/gstvc1parser.c
index 2c60ced..e8226d8 100644
--- a/gst-libs/gst/codecparsers/gstvc1parser.c
+++ b/gst-libs/gst/codecparsers/gstvc1parser.c
@@ -1730,7 +1730,7 @@ gst_vc1_parse_sequence_layer (const guint8 * data, gsize size,
GstVC1SeqLayer * seqlayer)
{
guint32 tmp;
- guint8 tmp8;
+ guint8 tmp8 = 0;
guint8 structA[8] = { 0, };
guint8 structB[12] = { 0, };
GstBitReader br;

28
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad/0002-avoid-including-sys-poll.h-directly.patch Normal file
View File

@@ -0,0 +1,28 @@
From 426ee79adeecc24605426030a486d7c5a755048c Mon Sep 17 00:00:00 2001
From: Andre McCurdy <armccurdy@gmail.com>
Date: Wed, 3 Feb 2016 18:05:41 -0800
Subject: [PATCH] avoid including <sys/poll.h> directly
musl libc generates warnings if <sys/poll.h> is included directly.
Upstream-Status: Pending
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
---
sys/dvb/gstdvbsrc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sys/dvb/gstdvbsrc.c b/sys/dvb/gstdvbsrc.c
index b8e5b1a..5bca6e5 100644
--- a/sys/dvb/gstdvbsrc.c
+++ b/sys/dvb/gstdvbsrc.c
@@ -98,7 +98,7 @@
#include <gst/gst.h>
#include <gst/glib-compat-private.h>
#include <sys/ioctl.h>
-#include <sys/poll.h>
+#include <poll.h>
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>

33
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad/0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch Normal file
View File

@@ -0,0 +1,33 @@
From e6eb7536fcfc2c75f7831f67b1f16f3f36ef2545 Mon Sep 17 00:00:00 2001
From: Andrey Zhizhikin <andrey.z@gmail.com>
Date: Mon, 27 Jan 2020 10:22:35 +0000
Subject: [PATCH] opencv: resolve missing opencv data dir in yocto build
When Yocto build is performed, opencv searches for data dir using simple
'test' command, this fails because pkg-config provides an absolute
path on the target which needs to be prepended by PKG_CONFIG_SYSROOT_DIR
in order for the 'test' utility to pick up the absolute path.
Upstream-Status: Inappropriate [OE-specific]
Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com>
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
---
ext/opencv/meson.build | 3 +++
1 file changed, 3 insertions(+)
diff --git a/ext/opencv/meson.build b/ext/opencv/meson.build
index 37e2015..326f737 100644
--- a/ext/opencv/meson.build
+++ b/ext/opencv/meson.build
@@ -87,6 +87,9 @@ if opencv_found
opencv_prefix = opencv_dep.get_variable('prefix')
gstopencv_cargs += ['-DOPENCV_PREFIX="' + opencv_prefix + '"']
+ pkgconf_sysroot = run_command(python3, '-c', 'import os; print(os.environ.get("PKG_CONFIG_SYSROOT_DIR"))').stdout().strip()
+ opencv_prefix = pkgconf_sysroot + opencv_prefix
+
# Check the data dir used by opencv for its xml data files
# Use prefix from pkg-config to be compatible with cross-compilation
r = run_command('test', '-d', opencv_prefix + '/share/opencv', check: false)

165
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.12.bb Normal file
View File

@@ -0,0 +1,165 @@
require gstreamer1.0-plugins-common.inc
require gstreamer1.0-plugins-license.inc
SUMMARY = "'Bad' GStreamer plugins and helper libraries "
HOMEPAGE = "https://gstreamer.freedesktop.org/"
BUGTRACKER = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/issues"
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad-${PV}.tar.xz \
file://0001-fix-maybe-uninitialized-warnings-when-compiling-with.patch \
file://0002-avoid-including-sys-poll.h-directly.patch \
file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \
"
SRC_URI[sha256sum] = "388b4c4412f42e36a38b17cc34119bc11879bd4d9fbd4ff6d03b2c7fc6b4d494"
S = "${WORKDIR}/gst-plugins-bad-${PV}"
LICENSE = "LGPL-2.1-or-later & GPL-2.0-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
DEPENDS += "gstreamer1.0-plugins-base"
inherit gobject-introspection
PACKAGECONFIG ??= " \
${GSTREAMER_ORC} \
${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \
${@bb.utils.filter('DISTRO_FEATURES', 'directfb vulkan x11', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'wayland', 'wayland', '', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'gl', '', d)} \
bz2 closedcaption curl dash dtls hls openssl sbc smoothstreaming \
sndfile ttml uvch264 webp \
${@bb.utils.contains('TUNE_FEATURES', 'mx32', '', 'rsvg', d)} \
"
PACKAGECONFIG[aom] = "-Daom=enabled,-Daom=disabled,aom"
PACKAGECONFIG[assrender] = "-Dassrender=enabled,-Dassrender=disabled,libass"
PACKAGECONFIG[avtp] = "-Davtp=enabled,-Davtp=disabled,libavtp"
PACKAGECONFIG[bluez] = "-Dbluez=enabled,-Dbluez=disabled,bluez5"
PACKAGECONFIG[bz2] = "-Dbz2=enabled,-Dbz2=disabled,bzip2"
PACKAGECONFIG[closedcaption] = "-Dclosedcaption=enabled,-Dclosedcaption=disabled,pango cairo"
PACKAGECONFIG[curl] = "-Dcurl=enabled,-Dcurl=disabled,curl"
PACKAGECONFIG[dash] = "-Ddash=enabled,-Ddash=disabled,libxml2"
PACKAGECONFIG[dc1394] = "-Ddc1394=enabled,-Ddc1394=disabled,libdc1394"
PACKAGECONFIG[directfb] = "-Ddirectfb=enabled,-Ddirectfb=disabled,directfb"
PACKAGECONFIG[dtls] = "-Ddtls=enabled,-Ddtls=disabled,openssl"
PACKAGECONFIG[faac] = "-Dfaac=enabled,-Dfaac=disabled,faac"
PACKAGECONFIG[faad] = "-Dfaad=enabled,-Dfaad=disabled,faad2"
PACKAGECONFIG[fluidsynth] = "-Dfluidsynth=enabled,-Dfluidsynth=disabled,fluidsynth"
PACKAGECONFIG[hls] = "-Dhls=enabled,-Dhls=disabled,"
# Pick atleast one crypto backend below when enabling hls
PACKAGECONFIG[nettle] = "-Dhls-crypto=nettle,,nettle"
PACKAGECONFIG[openssl] = "-Dhls-crypto=openssl,,openssl"
PACKAGECONFIG[gcrypt] = "-Dhls-crypto=libgcrypt,,libgcrypt"
# the gl packageconfig enables OpenGL elements that haven't been ported
# to -base yet. They depend on the gstgl library in -base, so we do
# not add GL dependencies here, since these are taken care of in -base.
PACKAGECONFIG[gl] = "-Dgl=enabled,-Dgl=disabled,"
PACKAGECONFIG[kms] = "-Dkms=enabled,-Dkms=disabled,libdrm"
PACKAGECONFIG[libde265] = "-Dlibde265=enabled,-Dlibde265=disabled,libde265"
PACKAGECONFIG[libssh2] = "-Dcurl-ssh2=enabled,-Dcurl-ssh2=disabled,libssh2"
PACKAGECONFIG[lcms2] = "-Dcolormanagement=enabled,-Dcolormanagement=disabled,lcms"
PACKAGECONFIG[modplug] = "-Dmodplug=enabled,-Dmodplug=disabled,libmodplug"
PACKAGECONFIG[msdk] = "-Dmsdk=enabled -Dmfx_api=oneVPL,-Dmsdk=disabled,onevpl-intel-gpu"
PACKAGECONFIG[neon] = "-Dneon=enabled,-Dneon=disabled,neon"
PACKAGECONFIG[openal] = "-Dopenal=enabled,-Dopenal=disabled,openal-soft"
PACKAGECONFIG[opencv] = "-Dopencv=enabled,-Dopencv=disabled,opencv"
PACKAGECONFIG[openh264] = "-Dopenh264=enabled,-Dopenh264=disabled,openh264"
PACKAGECONFIG[openjpeg] = "-Dopenjpeg=enabled,-Dopenjpeg=disabled,openjpeg"
PACKAGECONFIG[openmpt] = "-Dopenmpt=enabled,-Dopenmpt=disabled,libopenmpt"
# the opus encoder/decoder elements are now in the -base package,
# but the opus parser remains in -bad
PACKAGECONFIG[opusparse] = "-Dopus=enabled,-Dopus=disabled,libopus"
PACKAGECONFIG[resindvd] = "-Dresindvd=enabled,-Dresindvd=disabled,libdvdread libdvdnav"
PACKAGECONFIG[rsvg] = "-Drsvg=enabled,-Drsvg=disabled,librsvg"
PACKAGECONFIG[rtmp] = "-Drtmp=enabled,-Drtmp=disabled,rtmpdump"
PACKAGECONFIG[sbc] = "-Dsbc=enabled,-Dsbc=disabled,sbc"
PACKAGECONFIG[sctp] = "-Dsctp=enabled,-Dsctp=disabled"
PACKAGECONFIG[smoothstreaming] = "-Dsmoothstreaming=enabled,-Dsmoothstreaming=disabled,libxml2"
PACKAGECONFIG[sndfile] = "-Dsndfile=enabled,-Dsndfile=disabled,libsndfile1"
PACKAGECONFIG[srt] = "-Dsrt=enabled,-Dsrt=disabled,srt"
PACKAGECONFIG[srtp] = "-Dsrtp=enabled,-Dsrtp=disabled,libsrtp"
PACKAGECONFIG[tinyalsa] = "-Dtinyalsa=enabled,-Dtinyalsa=disabled,tinyalsa"
PACKAGECONFIG[ttml] = "-Dttml=enabled,-Dttml=disabled,libxml2 pango cairo"
PACKAGECONFIG[uvch264] = "-Duvch264=enabled,-Duvch264=disabled,libusb1 libgudev"
# this enables support for stateless V4L2 mem2mem codecs, which is a newer form of
# V4L2 codec; the V4L2 code in -base supports the older stateful V4L2 mem2mem codecs
PACKAGECONFIG[v4l2codecs] = "-Dv4l2codecs=enabled,-Dv4l2codecs=disabled,libgudev"
PACKAGECONFIG[va] = "-Dva=enabled,-Dva=disabled,libva"
PACKAGECONFIG[voaacenc] = "-Dvoaacenc=enabled,-Dvoaacenc=disabled,vo-aacenc"
PACKAGECONFIG[voamrwbenc] = "-Dvoamrwbenc=enabled,-Dvoamrwbenc=disabled,vo-amrwbenc"
PACKAGECONFIG[vulkan] = "-Dvulkan=enabled,-Dvulkan=disabled,vulkan-loader shaderc-native"
PACKAGECONFIG[wayland] = "-Dwayland=enabled,-Dwayland=disabled,wayland-native wayland wayland-protocols libdrm"
PACKAGECONFIG[webp] = "-Dwebp=enabled,-Dwebp=disabled,libwebp"
PACKAGECONFIG[webrtc] = "-Dwebrtc=enabled,-Dwebrtc=disabled,libnice"
PACKAGECONFIG[webrtcdsp] = "-Dwebrtcdsp=enabled,-Dwebrtcdsp=disabled,webrtc-audio-processing"
PACKAGECONFIG[zbar] = "-Dzbar=enabled,-Dzbar=disabled,zbar"
PACKAGECONFIG[x11] = "-Dx11=enabled,-Dx11=disabled,libxcb libxkbcommon"
PACKAGECONFIG[x265] = "-Dx265=enabled,-Dx265=disabled,x265"
GSTREAMER_GPL = "${@bb.utils.filter('PACKAGECONFIG', 'faad resindvd x265', d)}"
EXTRA_OEMESON += " \
-Ddoc=disabled \
-Daes=enabled \
-Dcodecalpha=enabled \
-Ddecklink=enabled \
-Ddvb=enabled \
-Dfbdev=enabled \
-Dipcpipeline=enabled \
-Dshm=enabled \
-Dtranscode=enabled \
-Dandroidmedia=disabled \
-Dapplemedia=disabled \
-Dasio=disabled \
-Dbs2b=disabled \
-Dchromaprint=disabled \
-Dd3dvideosink=disabled \
-Dd3d11=disabled \
-Ddirectsound=disabled \
-Ddts=disabled \
-Dfdkaac=disabled \
-Dflite=disabled \
-Dgme=disabled \
-Dgs=disabled \
-Dgsm=disabled \
-Diqa=disabled \
-Dkate=disabled \
-Dladspa=disabled \
-Dldac=disabled \
-Dlv2=disabled \
-Dmagicleap=disabled \
-Dmediafoundation=disabled \
-Dmicrodns=disabled \
-Dmpeg2enc=disabled \
-Dmplex=disabled \
-Dmusepack=disabled \
-Dnvcodec=disabled \
-Dopenexr=disabled \
-Dopenni2=disabled \
-Dopenaptx=disabled \
-Dopensles=disabled \
-Donnx=disabled \
-Dqroverlay=disabled \
-Dsoundtouch=disabled \
-Dspandsp=disabled \
-Dsvthevcenc=disabled \
-Dteletext=disabled \
-Dwasapi=disabled \
-Dwasapi2=disabled \
-Dwildmidi=disabled \
-Dwinks=disabled \
-Dwinscreencap=disabled \
-Dwpe=disabled \
-Dzxing=disabled \
"
export OPENCV_PREFIX = "${STAGING_DIR_TARGET}${prefix}"
ARM_INSTRUCTION_SET:armv4 = "arm"
ARM_INSTRUCTION_SET:armv5 = "arm"
FILES:${PN}-freeverb += "${datadir}/gstreamer-1.0/presets/GstFreeverb.prs"
FILES:${PN}-opencv += "${datadir}/gst-plugins-bad/1.0/opencv*"
FILES:${PN}-transcode += "${datadir}/gstreamer-1.0/encoding-profiles"
FILES:${PN}-voamrwbenc += "${datadir}/gstreamer-1.0/presets/GstVoAmrwbEnc.prs"

42
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0001-ENGR00312515-get-caps-from-src-pad-when-query-caps.patch Normal file
View File

@@ -0,0 +1,42 @@
From 63fe5a7b4ef70e2c490bad3b0838329935a8d77c Mon Sep 17 00:00:00 2001
From: zhouming <b42586@freescale.com>
Date: Wed, 14 May 2014 10:16:20 +0800
Subject: [PATCH] ENGR00312515: get caps from src pad when query caps
https://bugzilla.gnome.org/show_bug.cgi?id=728312
Upstream-Status: Pending
Signed-off-by: zhouming <b42586@freescale.com>
---
gst-libs/gst/tag/gsttagdemux.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
mode change 100644 => 100755 gst-libs/gst/tag/gsttagdemux.c
diff --git a/gst-libs/gst/tag/gsttagdemux.c b/gst-libs/gst/tag/gsttagdemux.c
old mode 100644
new mode 100755
index 173da37..2b7f34c
--- a/gst-libs/gst/tag/gsttagdemux.c
+++ b/gst-libs/gst/tag/gsttagdemux.c
@@ -1796,6 +1796,19 @@ gst_tag_demux_pad_query (GstPad * pad, GstObject * parent, GstQuery * query)
}
break;
}
+ case GST_QUERY_CAPS:
+ {
+
+ /* We can hijack caps query if we typefind already */
+ if (demux->priv->src_caps) {
+ gst_query_set_caps_result (query, demux->priv->src_caps);
+ res = TRUE;
+ } else {
+ res = gst_pad_query_default (pad, parent, query);
+ }
+ break;
+ }
+
default:
res = gst_pad_query_default (pad, parent, query);
break;

227
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0002-ssaparse-enhance-SSA-text-lines-parsing.patch Normal file
View File

@@ -0,0 +1,227 @@
From 7bf9525528c8f4a47413d7f82214d76f95f0c5f6 Mon Sep 17 00:00:00 2001
From: Mingke Wang <mingke.wang@freescale.com>
Date: Thu, 19 Mar 2015 14:17:10 +0800
Subject: [PATCH] ssaparse: enhance SSA text lines parsing.
some parser will pass in the original ssa text line which starts with "Dialog:"
and there's are maybe multiple Dialog lines in one input buffer.
Upstream-Status: Submitted [https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues/178]
Signed-off-by: Mingke Wang <mingke.wang@freescale.com>
---
gst/subparse/gstssaparse.c | 150 +++++++++++++++++++++++++++++++++----
1 file changed, 134 insertions(+), 16 deletions(-)
mode change 100644 => 100755 gst/subparse/gstssaparse.c
diff --git a/gst/subparse/gstssaparse.c b/gst/subparse/gstssaparse.c
old mode 100644
new mode 100755
index d6fdb9c..5ebe678
--- a/gst/subparse/gstssaparse.c
+++ b/gst/subparse/gstssaparse.c
@@ -270,6 +270,7 @@ gst_ssa_parse_remove_override_codes (GstSsaParse * parse, gchar * txt)
* gst_ssa_parse_push_line:
* @parse: caller element
* @txt: text to push
+ * @size: text size need to be parse
* @start: timestamp for the buffer
* @duration: duration for the buffer
*
@@ -279,27 +280,133 @@ gst_ssa_parse_remove_override_codes (GstSsaParse * parse, gchar * txt)
* Returns: result of the push of the created buffer
*/
static GstFlowReturn
-gst_ssa_parse_push_line (GstSsaParse * parse, gchar * txt,
+gst_ssa_parse_push_line (GstSsaParse * parse, gchar * txt, gint size,
GstClockTime start, GstClockTime duration)
{
GstFlowReturn ret;
GstBuffer *buf;
- gchar *t, *escaped;
+ gchar *t, *text, *p, *escaped, *p_start, *p_end;
gint num, i, len;
+ GstClockTime start_time = G_MAXUINT64, end_time = 0;
- num = atoi (txt);
- GST_LOG_OBJECT (parse, "Parsing line #%d at %" GST_TIME_FORMAT,
- num, GST_TIME_ARGS (start));
-
- /* skip all non-text fields before the actual text */
+ p = text = g_malloc(size + 1);
+ *p = '\0';
t = txt;
- for (i = 0; i < 8; ++i) {
- t = strchr (t, ',');
+
+ /* there are may have multiple dialogue lines at a time */
+ while (*t) {
+ /* ignore leading white space characters */
+ while (isspace(*t))
+ t++;
+
+ /* ignore Format: and Style: lines */
+ if (strncmp(t, "Format:", 7) == 0 || strncmp(t, "Style:", 6) == 0) {
+ while (*t != '\0' && *t != '\n') {
+ t++;
+ }
+ }
+
+ if (*t == '\0')
+ break;
+
+ /* continue with next line */
+ if (*t == '\n') {
+ t++;
+ continue;
+ }
+
+ if(strncmp(t, "Dialogue:", 9) != 0) {
+ /* not started with "Dialogue:", it must be a line trimmed by demuxer */
+ num = atoi (t);
+ GST_LOG_OBJECT (parse, "Parsing line #%d at %" GST_TIME_FORMAT,
+ num, GST_TIME_ARGS (start));
+
+ /* skip all non-text fields before the actual text */
+ for (i = 0; i < 8; ++i) {
+ t = strchr (t, ',');
+ if (t == NULL)
+ break;
+ ++t;
+ }
+ } else {
+ /* started with "Dialogue:", update timestamp and duration */
+ /* time format are like Dialog:Mark,0:00:01.02,0:00:03.04,xx,xxx,... */
+ guint hour, min, sec, msec, len;
+ GstClockTime tmp;
+ gchar t_str[12] = {0};
+
+ /* find the first ',' */
+ p_start = strchr (t, ',');
+ if (p_start)
+ p_end = strchr (++p_start, ',');
+
+ if (p_start && p_end) {
+ /* copy text between first ',' and second ',' */
+ strncpy(t_str, p_start, p_end - p_start);
+ if (sscanf (t_str, "%u:%u:%u.%u", &hour, &min, &sec, &msec) == 4) {
+ tmp = ((hour*3600) + (min*60) + sec) * GST_SECOND + msec*GST_MSECOND;
+ GST_DEBUG_OBJECT (parse, "Get start time:%02d:%02d:%02d:%03d\n",
+ hour, min, sec, msec);
+ if (start_time > tmp)
+ start_time = tmp;
+ } else {
+ GST_WARNING_OBJECT (parse,
+ "failed to parse ssa start timestamp string :%s", t_str);
+ }
+
+ p_start = p_end;
+ p_end = strchr (++p_start, ',');
+ if (p_end) {
+ /* copy text between second ',' and third ',' */
+ strncpy(t_str, p_start, p_end - p_start);
+ if (sscanf (t_str, "%u:%u:%u.%u", &hour, &min, &sec, &msec) == 4) {
+ tmp = ((hour*3600) + (min*60) + sec)*GST_SECOND + msec*GST_MSECOND;
+ GST_DEBUG_OBJECT(parse, "Get end time:%02d:%02d:%02d:%03d\n",
+ hour, min, sec, msec);
+ if (end_time < tmp)
+ end_time = tmp;
+ } else {
+ GST_WARNING_OBJECT (parse,
+ "failed to parse ssa end timestamp string :%s", t_str);
+ }
+ }
+ }
+
+ /* now skip all non-text fields before the actual text */
+ for (i = 0; i <= 8; ++i) {
+ t = strchr (t, ',');
+ if (t == NULL)
+ break;
+ ++t;
+ }
+ }
+
+ /* line end before expected number of ',', not a Dialogue line */
if (t == NULL)
- return GST_FLOW_ERROR;
- ++t;
+ break;
+
+ /* if not the first line, and the last character of previous line is '\0',
+ * then replace it with '\N' */
+ if (p != text && *p == '\0') {
+ *p++ = '\\';
+ *p++ = 'N';
+ }
+
+ /* copy all actual text of this line */
+ while ((*t != '\0') && (*t != '\n'))
+ *p++ = *t++;
+
+ /* add a terminator at the end */
+ *p = '\0';
+ }
+
+ /* not valid text found in this buffer return OK to let caller unref buffer */
+ if (strlen(text) <= 0) {
+ GST_WARNING_OBJECT (parse, "Not valid text found in this buffer\n");
+ return GST_FLOW_ERROR;
}
+ t = text;
GST_LOG_OBJECT (parse, "Text : %s", t);
if (gst_ssa_parse_remove_override_codes (parse, t)) {
@@ -317,13 +424,22 @@ gst_ssa_parse_push_line (GstSsaParse * parse, gchar * txt,
gst_buffer_fill (buf, 0, escaped, len + 1);
gst_buffer_set_size (buf, len);
g_free (escaped);
+ g_free(t);
+
+ if (start_time != G_MAXUINT64)
+ GST_BUFFER_TIMESTAMP (buf) = start_time;
+ else
+ GST_BUFFER_TIMESTAMP (buf) = start;
- GST_BUFFER_TIMESTAMP (buf) = start;
- GST_BUFFER_DURATION (buf) = duration;
+ if (end_time > start_time)
+ GST_BUFFER_DURATION (buf) = end_time - start_time;
+ else
+ GST_BUFFER_DURATION (buf) = duration;
GST_LOG_OBJECT (parse, "Pushing buffer with timestamp %" GST_TIME_FORMAT
- " and duration %" GST_TIME_FORMAT, GST_TIME_ARGS (start),
- GST_TIME_ARGS (duration));
+ " and duration %" GST_TIME_FORMAT,
+ GST_TIME_ARGS (GST_BUFFER_TIMESTAMP (buf)),
+ GST_TIME_ARGS (GST_BUFFER_DURATION (buf)));
ret = gst_pad_push (parse->srcpad, buf);
@@ -343,6 +459,7 @@ gst_ssa_parse_chain (GstPad * sinkpad, GstObject * parent, GstBuffer * buf)
GstClockTime ts;
gchar *txt;
GstMapInfo map;
+ gint size;
if (G_UNLIKELY (!parse->framed))
goto not_framed;
@@ -360,13 +477,14 @@ gst_ssa_parse_chain (GstPad * sinkpad, GstObject * parent, GstBuffer * buf)
/* make double-sure it's 0-terminated and all */
gst_buffer_map (buf, &map, GST_MAP_READ);
txt = g_strndup ((gchar *) map.data, map.size);
+ size = map.size;
gst_buffer_unmap (buf, &map);
if (txt == NULL)
goto empty_text;
ts = GST_BUFFER_TIMESTAMP (buf);
- ret = gst_ssa_parse_push_line (parse, txt, ts, GST_BUFFER_DURATION (buf));
+ ret = gst_ssa_parse_push_line (parse, txt, size, ts, GST_BUFFER_DURATION (buf));
if (ret != GST_FLOW_OK && GST_CLOCK_TIME_IS_VALID (ts)) {
GstSegment segment;

30
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0003-viv-fb-Make-sure-config.h-is-included.patch Normal file
View File

@@ -0,0 +1,30 @@
From 2b07840122bc2e83bd23dad59aa80d9479f2e1e4 Mon Sep 17 00:00:00 2001
From: Carlos Rafael Giani <crg7475@mailbox.org>
Date: Tue, 21 May 2019 14:01:11 +0200
Subject: [PATCH] viv-fb: Make sure config.h is included
This prevents build errors due to missing GST_API_* symbols
Upstream-Status: Pending
Signed-off-by: Carlos Rafael Giani <crg7475@mailbox.org>
---
gst-libs/gst/gl/gl-prelude.h | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/gst-libs/gst/gl/gl-prelude.h b/gst-libs/gst/gl/gl-prelude.h
index 85fca5a..946c729 100644
--- a/gst-libs/gst/gl/gl-prelude.h
+++ b/gst-libs/gst/gl/gl-prelude.h
@@ -22,6 +22,10 @@
#ifndef __GST_GL_PRELUDE_H__
#define __GST_GL_PRELUDE_H__
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif
+
#include <gst/gst.h>
#ifdef BUILDING_GST_GL

35
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0004-vorbisdec-Set-at-most-64-channels-to-NONE-position.patch Normal file
View File

@@ -0,0 +1,35 @@
From 3eee4954d70accf94262299994eb21107a65dea8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 21:35:07 +0300
Subject: [PATCH] vorbisdec: Set at most 64 channels to NONE position
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-115
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3869
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8035>
CVE: CVE-2024-47538
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/3eee4954d70accf94262299994eb21107a65dea8]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
ext/vorbis/gstvorbisdec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ext/vorbis/gstvorbisdec.c b/ext/vorbis/gstvorbisdec.c
index 6a410ed858..1fc4fa883e 100644
--- a/ext/vorbis/gstvorbisdec.c
+++ b/ext/vorbis/gstvorbisdec.c
@@ -204,7 +204,7 @@ vorbis_handle_identification_packet (GstVorbisDec * vd)
}
default:{
GstAudioChannelPosition position[64];
- gint i, max_pos = MAX (vd->vi.channels, 64);
+ gint i, max_pos = MIN (vd->vi.channels, 64);
GST_ELEMENT_WARNING (vd, STREAM, DECODE,
(NULL), ("Using NONE channel layout for more than 8 channels"));
--
2.30.2

41
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0005-opusdec-Set-at-most-64-channels-to-NONE-position.patch Normal file
View File

@@ -0,0 +1,41 @@
From 2838374d6ee4a0c9c4c4221ac46d5c1688f26e59 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Tue, 1 Oct 2024 13:22:50 +0300
Subject: [PATCH] opusdec: Set at most 64 channels to NONE position
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-116
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3871
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8037>
CVE: CVE-2024-47607
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/2838374d6ee4a0c9c4c4221ac46d5c1688f26e59]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
ext/opus/gstopusdec.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ext/opus/gstopusdec.c b/ext/opus/gstopusdec.c
index 99289fa7d2..d3f461d9a8 100644
--- a/ext/opus/gstopusdec.c
+++ b/ext/opus/gstopusdec.c
@@ -440,12 +440,12 @@ gst_opus_dec_parse_header (GstOpusDec * dec, GstBuffer * buf)
posn = gst_opus_channel_positions[dec->n_channels - 1];
break;
default:{
- gint i;
+ guint i, max_pos = MIN (dec->n_channels, 64);
GST_ELEMENT_WARNING (GST_ELEMENT (dec), STREAM, DECODE,
(NULL), ("Using NONE channel layout for more than 8 channels"));
- for (i = 0; i < dec->n_channels; i++)
+ for (i = 0; i < max_pos; i++)
pos[i] = GST_AUDIO_CHANNEL_POSITION_NONE;
posn = pos;
--
2.30.2

80
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0006-vorbis_parse-check-writes-to-GstOggStream.vorbis_mod.patch Normal file
View File

@@ -0,0 +1,80 @@
From 006047a23a4e4c146e40e5dab765bc6318a94744 Mon Sep 17 00:00:00 2001
From: Mathieu Duponchelle <mathieu@centricular.com>
Date: Wed, 2 Oct 2024 15:16:30 +0200
Subject: [PATCH 1/2] vorbis_parse: check writes to
GstOggStream.vorbis_mode_sizes
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-117 Fixes gstreamer#3875
Also perform out-of-bounds check for accesses to op->packet
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8038>
CVE: CVE-2024-47615
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/006047a23a4e4c146e40e5dab765bc6318a94744]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
ext/ogg/vorbis_parse.c | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/ext/ogg/vorbis_parse.c b/ext/ogg/vorbis_parse.c
index 65ef463808..757c7cd82b 100644
--- a/ext/ogg/vorbis_parse.c
+++ b/ext/ogg/vorbis_parse.c
@@ -165,6 +165,10 @@ gst_parse_vorbis_setup_packet (GstOggStream * pad, ogg_packet * op)
if (offset == 0) {
offset = 8;
current_pos -= 1;
+
+ /* have we underrun? */
+ if (current_pos < op->packet)
+ return -1;
}
}
@@ -178,6 +182,10 @@ gst_parse_vorbis_setup_packet (GstOggStream * pad, ogg_packet * op)
if (offset == 7)
current_pos -= 1;
+ /* have we underrun? */
+ if (current_pos < op->packet + 5)
+ return -1;
+
if (((current_pos[-5] & ~((1 << (offset + 1)) - 1)) != 0)
||
current_pos[-4] != 0
@@ -199,9 +207,18 @@ gst_parse_vorbis_setup_packet (GstOggStream * pad, ogg_packet * op)
/* Give ourselves a chance to recover if we went back too far by using
* the size check. */
for (ii = 0; ii < 2; ii++) {
+
if (offset > 4) {
+ /* have we underrun? */
+ if (current_pos < op->packet)
+ return -1;
+
size_check = (current_pos[0] >> (offset - 5)) & 0x3F;
} else {
+ /* have we underrun? */
+ if (current_pos < op->packet + 1)
+ return -1;
+
/* mask part of byte from current_pos */
size_check = (current_pos[0] & ((1 << (offset + 1)) - 1));
/* shift to appropriate position */
@@ -233,6 +250,10 @@ gst_parse_vorbis_setup_packet (GstOggStream * pad, ogg_packet * op)
mode_size_ptr = pad->vorbis_mode_sizes;
+ if (size > G_N_ELEMENTS (pad->vorbis_mode_sizes)) {
+ return -1;
+ }
+
for (i = 0; i < size; i++) {
offset = (offset + 1) % 8;
if (offset == 0)
--
2.30.2

168
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0007-oggstream-review-and-fix-per-format-min_packet_size.patch Normal file
View File

@@ -0,0 +1,168 @@
From e633ec642825466b91fc12da6629c307906fa206 Mon Sep 17 00:00:00 2001
From: Mathieu Duponchelle <mathieu@centricular.com>
Date: Wed, 2 Oct 2024 16:52:51 +0200
Subject: [PATCH 2/2] oggstream: review and fix per-format min_packet_size
This addresses all manually detected invalid reads in setup functions.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8038>
CVE: CVE-2024-47615
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/e633ec642825466b91fc12da6629c307906fa206]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
ext/ogg/gstoggstream.c | 40 ++++++++++++----------------------------
1 file changed, 12 insertions(+), 28 deletions(-)
diff --git a/ext/ogg/gstoggstream.c b/ext/ogg/gstoggstream.c
index a8883304a5..ab6be238dc 100644
--- a/ext/ogg/gstoggstream.c
+++ b/ext/ogg/gstoggstream.c
@@ -665,11 +665,6 @@ setup_vp8_mapper (GstOggStream * pad, ogg_packet * packet)
{
gint width, height, par_n, par_d, fps_n, fps_d;
- if (packet->bytes < 26) {
- GST_DEBUG ("Failed to parse VP8 BOS page");
- return FALSE;
- }
-
width = GST_READ_UINT16_BE (packet->packet + 8);
height = GST_READ_UINT16_BE (packet->packet + 10);
par_n = GST_READ_UINT24_BE (packet->packet + 12);
@@ -1221,11 +1216,6 @@ setup_fishead_mapper (GstOggStream * pad, ogg_packet * packet)
gint64 prestime_n, prestime_d;
gint64 basetime_n, basetime_d;
- if (packet->bytes < 44) {
- GST_DEBUG ("Not enough data for fishead header");
- return FALSE;
- }
-
data = packet->packet;
data += 8; /* header */
@@ -1256,8 +1246,8 @@ setup_fishead_mapper (GstOggStream * pad, ogg_packet * packet)
pad->prestime = -1;
/* Ogg Skeleton 3.3+ streams provide additional information in the header */
- if (packet->bytes >= SKELETON_FISHEAD_3_3_MIN_SIZE && pad->skeleton_major == 3
- && pad->skeleton_minor > 0) {
+ if (packet->bytes - 44 >= SKELETON_FISHEAD_3_3_MIN_SIZE
+ && pad->skeleton_major == 3 && pad->skeleton_minor > 0) {
gint64 firstsampletime_n, firstsampletime_d;
gint64 lastsampletime_n, lastsampletime_d;
gint64 firstsampletime, lastsampletime;
@@ -1296,7 +1286,7 @@ setup_fishead_mapper (GstOggStream * pad, ogg_packet * packet)
GST_INFO ("skeleton fishead parsed total: %" GST_TIME_FORMAT,
GST_TIME_ARGS (pad->total_time));
- } else if (packet->bytes >= SKELETON_FISHEAD_4_0_MIN_SIZE
+ } else if (packet->bytes - 44 >= SKELETON_FISHEAD_4_0_MIN_SIZE
&& pad->skeleton_major == 4) {
guint64 segment_length, content_offset;
@@ -1980,9 +1970,6 @@ setup_kate_mapper (GstOggStream * pad, ogg_packet * packet)
guint8 *data = packet->packet;
const char *category;
- if (packet->bytes < 64)
- return FALSE;
-
pad->granulerate_n = GST_READ_UINT32_LE (data + 24);
pad->granulerate_d = GST_READ_UINT32_LE (data + 28);
pad->granuleshift = GST_READ_UINT8 (data + 15);
@@ -2111,9 +2098,6 @@ setup_opus_mapper (GstOggStream * pad, ogg_packet * packet)
{
GstBuffer *buffer;
- if (packet->bytes < 19)
- return FALSE;
-
pad->granulerate_n = 48000;
pad->granulerate_d = 1;
pad->granuleshift = 0;
@@ -2394,7 +2378,7 @@ const GstOggMap mappers[] = {
NULL
},
{
- "\001vorbis", 7, 22,
+ "\001vorbis", 7, 29,
"audio/x-vorbis",
setup_vorbis_mapper,
NULL,
@@ -2426,7 +2410,7 @@ const GstOggMap mappers[] = {
NULL
},
{
- "PCM ", 8, 0,
+ "PCM ", 8, 28,
"audio/x-raw",
setup_pcm_mapper,
NULL,
@@ -2442,7 +2426,7 @@ const GstOggMap mappers[] = {
NULL
},
{
- "CMML\0\0\0\0", 8, 0,
+ "CMML\0\0\0\0", 8, 29,
"text/x-cmml",
setup_cmml_mapper,
NULL,
@@ -2458,7 +2442,7 @@ const GstOggMap mappers[] = {
NULL
},
{
- "Annodex", 7, 0,
+ "Annodex", 7, 44,
"application/x-annodex",
setup_fishead_mapper,
NULL,
@@ -2537,7 +2521,7 @@ const GstOggMap mappers[] = {
NULL
},
{
- "CELT ", 8, 0,
+ "CELT ", 8, 60,
"audio/x-celt",
setup_celt_mapper,
NULL,
@@ -2553,7 +2537,7 @@ const GstOggMap mappers[] = {
NULL
},
{
- "\200kate\0\0\0", 8, 0,
+ "\200kate\0\0\0", 8, 64,
"text/x-kate",
setup_kate_mapper,
NULL,
@@ -2585,7 +2569,7 @@ const GstOggMap mappers[] = {
NULL
},
{
- "OVP80\1\1", 7, 4,
+ "OVP80\1\1", 7, 26,
"video/x-vp8",
setup_vp8_mapper,
setup_vp8_mapper_from_caps,
@@ -2601,7 +2585,7 @@ const GstOggMap mappers[] = {
update_stats_vp8
},
{
- "OpusHead", 8, 0,
+ "OpusHead", 8, 19,
"audio/x-opus",
setup_opus_mapper,
NULL,
@@ -2649,7 +2633,7 @@ const GstOggMap mappers[] = {
NULL
},
{
- "\001text\0\0\0", 9, 9,
+ "\001text\0\0\0", 9, 25,
"application/x-ogm-text",
setup_ogmtext_mapper,
NULL,
--
2.30.2

38
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0008-ssaparse-Search-for-closing-brace-after-opening-brac.patch Normal file
View File

@@ -0,0 +1,38 @@
From 15bb318416e1bf6b6b557006a37d1da86c3a76a8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 21:40:44 +0300
Subject: [PATCH 1/2] ssaparse: Search for closing brace after opening brace
Otherwise removing anything between the braces leads to out of bound writes if
there is a closing brace before the first opening brace.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-228
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3870
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8036>
CVE: CVE-2024-47541
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/15bb318416e1bf6b6b557006a37d1da86c3a76a8]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/subparse/gstssaparse.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gst/subparse/gstssaparse.c b/gst/subparse/gstssaparse.c
index 42fbb42b99..37b892e928 100644
--- a/gst/subparse/gstssaparse.c
+++ b/gst/subparse/gstssaparse.c
@@ -238,7 +238,7 @@ gst_ssa_parse_remove_override_codes (GstSsaParse * parse, gchar * txt)
gboolean removed_any = FALSE;
while ((t = strchr (txt, '{'))) {
- end = strchr (txt, '}');
+ end = strchr (t, '}');
if (end == NULL) {
GST_WARNING_OBJECT (parse, "Missing { for style override code");
return removed_any;
--
2.30.2

99
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0009-ssaparse-Don-t-use-strstr-on-strings-that-are-potent.patch Normal file
View File

@@ -0,0 +1,99 @@
From 403b10eba06679319aa2e35d310236234782102f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 18:36:19 +0300
Subject: [PATCH 2/2] ssaparse: Don't use strstr() on strings that are
potentially not NULL-terminated
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8036>
CVE: CVE-2024-47541
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/403b10eba06679319aa2e35d310236234782102f]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/subparse/gstssaparse.c | 36 +++++++++++++++++++++++++++++++++++-
meson.build | 1 +
2 files changed, 36 insertions(+), 1 deletion(-)
diff --git a/gst/subparse/gstssaparse.c b/gst/subparse/gstssaparse.c
index 37b892e928..c162a542f5 100644
--- a/gst/subparse/gstssaparse.c
+++ b/gst/subparse/gstssaparse.c
@@ -146,6 +146,35 @@ gst_ssa_parse_sink_event (GstPad * pad, GstObject * parent, GstEvent * event)
return res;
}
+#ifndef HAVE_MEMMEM
+// memmem() is a GNU extension so if it's not available we'll need
+// our own implementation here. Thanks C.
+static void *
+my_memmem (const void *haystack, size_t haystacklen, const void *needle,
+ size_t needlelen)
+{
+ const guint8 *cur, *end;
+
+ if (needlelen > haystacklen)
+ return NULL;
+ if (needlelen == 0)
+ return (void *) haystack;
+
+
+ cur = haystack;
+ end = cur + haystacklen - needlelen;
+
+ for (; cur <= end; cur++) {
+ if (memcmp (cur, needle, needlelen) == 0)
+ return (void *) cur;
+ }
+
+ return NULL;
+}
+#else
+#define my_memmem memmem
+#endif
+
static gboolean
gst_ssa_parse_setcaps (GstPad * sinkpad, GstCaps * caps)
{
@@ -154,6 +183,7 @@ gst_ssa_parse_setcaps (GstPad * sinkpad, GstCaps * caps)
const GValue *val;
GstStructure *s;
const guchar bom_utf8[] = { 0xEF, 0xBB, 0xBF };
+ const guint8 header[] = "[Script Info]";
const gchar *end;
GstBuffer *priv;
GstMapInfo map;
@@ -193,7 +223,7 @@ gst_ssa_parse_setcaps (GstPad * sinkpad, GstCaps * caps)
left -= 3;
}
- if (!strstr (ptr, "[Script Info]"))
+ if (!my_memmem (ptr, left, header, sizeof (header) - 1))
goto invalid_init;
if (!g_utf8_validate (ptr, left, &end)) {
@@ -231,6 +261,10 @@ invalid_init:
}
}
+#ifdef my_memmem
+#undef my_memmem
+#endif
+
static gboolean
gst_ssa_parse_remove_override_codes (GstSsaParse * parse, gchar * txt)
{
diff --git a/meson.build b/meson.build
index d1033bef4a..65d0944114 100644
--- a/meson.build
+++ b/meson.build
@@ -199,6 +199,7 @@ check_functions = [
['HAVE_LRINTF', 'lrintf', '#include<math.h>'],
['HAVE_MMAP', 'mmap', '#include<sys/mman.h>'],
['HAVE_LOG2', 'log2', '#include<math.h>'],
+ ['HAVE_MEMMEM', 'memmem', '#include<string.h>'],
]
libm = cc.find_library('m', required : false)
--
2.30.2

64
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0010-id3v2-Don-t-try-parsing-extended-header-if-not-enoug.patch Normal file
View File

@@ -0,0 +1,64 @@
From 537161868f36048571f400648ac7909f26c73d53 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 26 Sep 2024 13:43:06 +0300
Subject: [PATCH] id3v2: Don't try parsing extended header if not enough data
is available
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-235
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3842
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8033>
CVE: CVE-2024-47542
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/537161868f36048571f400648ac7909f26c73d53]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst-libs/gst/tag/id3v2.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/gst-libs/gst/tag/id3v2.c b/gst-libs/gst/tag/id3v2.c
index 7db2cb7e12..70f975d133 100644
--- a/gst-libs/gst/tag/id3v2.c
+++ b/gst-libs/gst/tag/id3v2.c
@@ -29,7 +29,7 @@
#define HANDLE_INVALID_SYNCSAFE
-static gboolean id3v2_frames_to_tag_list (ID3TagsWorking * work, guint size);
+static gboolean id3v2_frames_to_tag_list (ID3TagsWorking * work);
#ifndef GST_DISABLE_GST_DEBUG
@@ -258,7 +258,7 @@ gst_tag_list_from_id3v2_tag (GstBuffer * buffer)
GST_MEMDUMP ("ID3v2 tag (un-unsyced)", uu_data, work.hdr.frame_data_size);
}
- id3v2_frames_to_tag_list (&work, work.hdr.frame_data_size);
+ id3v2_frames_to_tag_list (&work);
g_free (uu_data);
@@ -440,12 +440,17 @@ id3v2_add_id3v2_frame_blob_to_taglist (ID3TagsWorking * work,
}
static gboolean
-id3v2_frames_to_tag_list (ID3TagsWorking * work, guint size)
+id3v2_frames_to_tag_list (ID3TagsWorking * work)
{
guint frame_hdr_size;
/* Extended header if present */
if (work->hdr.flags & ID3V2_HDR_FLAG_EXTHDR) {
+ if (work->hdr.frame_data_size < 4) {
+ GST_DEBUG ("Tag has no extended header data. Broken tag");
+ return FALSE;
+ }
+
work->hdr.ext_hdr_size = id3v2_read_synch_uint (work->hdr.frame_data, 4);
/* In id3v2.4.x the header size is the size of the *whole*
--
2.30.2

38
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0011-discoverer-Don-t-print-channel-layout-for-more-than-.patch Normal file
View File

@@ -0,0 +1,38 @@
From aa07d94c10d71fac389dbbb264a59c1f6117eead Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 18:19:30 +0300
Subject: [PATCH] discoverer: Don't print channel layout for more than 64
channels
64+ channels are always unpositioned / unknown layout.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-248
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3864
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8034>
CVE: CVE-2024-47600
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/aa07d94c10d71fac389dbbb264a59c1f6117eead]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
tools/gst-discoverer.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/gst-discoverer.c b/tools/gst-discoverer.c
index e3f048bed5..4a2a1b4bc4 100644
--- a/tools/gst-discoverer.c
+++ b/tools/gst-discoverer.c
@@ -222,7 +222,7 @@ format_channel_mask (GstDiscovererAudioInfo * ainfo)
channel_mask = gst_discoverer_audio_info_get_channel_mask (ainfo);
- if (channel_mask != 0) {
+ if (channel_mask != 0 && channels <= 64) {
gst_audio_channel_positions_from_mask (channels, channel_mask, position);
for (i = 0; i < channels; i++) {
--
2.30.2

39
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/0012-subparse-Check-for-NULL-return-of-strchr-when-parsin.patch Normal file
View File

@@ -0,0 +1,39 @@
From 4c40f73b7002967e824ef34a5435282f4a0ea363 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Wed, 9 Oct 2024 11:23:47 -0400
Subject: [PATCH] subparse: Check for NULL return of strchr() when parsing LRC
subtitles
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-263
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3892
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8039>
CVE: CVE-2024-47835
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/4c40f73b7002967e824ef34a5435282f4a0ea363]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/subparse/gstsubparse.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/gst/subparse/gstsubparse.c b/gst/subparse/gstsubparse.c
index 8d925524a6..7d286ed318 100644
--- a/gst/subparse/gstsubparse.c
+++ b/gst/subparse/gstsubparse.c
@@ -1068,6 +1068,11 @@ parse_lrc (ParserState * state, const gchar * line)
return NULL;
start = strchr (line, ']');
+ // sscanf() does not check for the trailing ] but only up to the last
+ // placeholder, so there might be no ] at the end.
+ if (!start)
+ return NULL;
+
if (start - line == 9)
milli = 10;
else
--
2.30.2

105
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb Normal file
View File

@@ -0,0 +1,105 @@
require gstreamer1.0-plugins-common.inc
SUMMARY = "'Base' GStreamer plugins and helper libraries"
HOMEPAGE = "https://gstreamer.freedesktop.org/"
BUGTRACKER = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/issues"
LICENSE = "LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=69333daa044cb77e486cc36129f7a770"
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-base-${PV}.tar.xz \
file://0001-ENGR00312515-get-caps-from-src-pad-when-query-caps.patch \
file://0003-viv-fb-Make-sure-config.h-is-included.patch \
file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \
file://0004-vorbisdec-Set-at-most-64-channels-to-NONE-position.patch \
file://0005-opusdec-Set-at-most-64-channels-to-NONE-position.patch \
file://0006-vorbis_parse-check-writes-to-GstOggStream.vorbis_mod.patch \
file://0007-oggstream-review-and-fix-per-format-min_packet_size.patch \
file://0008-ssaparse-Search-for-closing-brace-after-opening-brac.patch \
file://0009-ssaparse-Don-t-use-strstr-on-strings-that-are-potent.patch \
file://0010-id3v2-Don-t-try-parsing-extended-header-if-not-enoug.patch \
file://0011-discoverer-Don-t-print-channel-layout-for-more-than-.patch \
file://0012-subparse-Check-for-NULL-return-of-strchr-when-parsin.patch \
"
SRC_URI[sha256sum] = "73cfadc3a6ffe77ed974cfd6fb391c605e4531f48db21dd6b9f42b8cb69bd8c1"
S = "${WORKDIR}/gst-plugins-base-${PV}"
DEPENDS += "iso-codes util-linux zlib"
inherit gobject-introspection
# opengl packageconfig factored out to make it easy for distros
# and BSP layers to choose OpenGL APIs/platforms/window systems
PACKAGECONFIG_X11 = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'opengl glx', '', d)}"
PACKAGECONFIG_GL ?= "${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'gles2 egl ${PACKAGECONFIG_X11}', '', d)}"
PACKAGECONFIG ??= " \
${GSTREAMER_ORC} \
${PACKAGECONFIG_GL} \
${@bb.utils.filter('DISTRO_FEATURES', 'alsa x11', d)} \
jpeg ogg pango png theora vorbis \
${@bb.utils.contains('DISTRO_FEATURES', 'wayland', 'wayland egl', '', d)} \
"
OPENGL_APIS = 'opengl gles2'
OPENGL_PLATFORMS = 'egl glx'
X11DEPENDS = "virtual/libx11 libsm libxrender libxv"
X11ENABLEOPTS = "-Dx11=enabled -Dxvideo=enabled -Dxshm=enabled"
X11DISABLEOPTS = "-Dx11=disabled -Dxvideo=disabled -Dxshm=disabled"
PACKAGECONFIG[alsa] = "-Dalsa=enabled,-Dalsa=disabled,alsa-lib"
PACKAGECONFIG[cdparanoia] = "-Dcdparanoia=enabled,-Dcdparanoia=disabled,cdparanoia"
PACKAGECONFIG[graphene] = "-Dgl-graphene=enabled,-Dgl-graphene=disabled,graphene"
PACKAGECONFIG[jpeg] = "-Dgl-jpeg=enabled,-Dgl-jpeg=disabled,jpeg"
PACKAGECONFIG[ogg] = "-Dogg=enabled,-Dogg=disabled,libogg"
PACKAGECONFIG[opus] = "-Dopus=enabled,-Dopus=disabled,libopus"
PACKAGECONFIG[pango] = "-Dpango=enabled,-Dpango=disabled,pango"
PACKAGECONFIG[png] = "-Dgl-png=enabled,-Dgl-png=disabled,libpng"
# This enables Qt5 QML examples in -base. The Qt5 GStreamer
# qmlglsink and qmlglsrc plugins still exist in -good.
PACKAGECONFIG[qt5] = "-Dqt5=enabled,-Dqt5=disabled,qtbase qtdeclarative qtbase-native"
PACKAGECONFIG[theora] = "-Dtheora=enabled,-Dtheora=disabled,libtheora"
PACKAGECONFIG[tremor] = "-Dtremor=enabled,-Dtremor=disabled,tremor"
PACKAGECONFIG[visual] = "-Dlibvisual=enabled,-Dlibvisual=disabled,libvisual"
PACKAGECONFIG[vorbis] = "-Dvorbis=enabled,-Dvorbis=disabled,libvorbis"
PACKAGECONFIG[x11] = "${X11ENABLEOPTS},${X11DISABLEOPTS},${X11DEPENDS}"
# OpenGL API packageconfigs
PACKAGECONFIG[opengl] = ",,virtual/libgl libglu"
PACKAGECONFIG[gles2] = ",,virtual/libgles2"
# OpenGL platform packageconfigs
PACKAGECONFIG[egl] = ",,virtual/egl"
PACKAGECONFIG[glx] = ",,virtual/libgl"
# OpenGL window systems (except for X11)
PACKAGECONFIG[gbm] = ",,virtual/libgbm libgudev libdrm"
PACKAGECONFIG[wayland] = ",,wayland-native wayland wayland-protocols libdrm"
PACKAGECONFIG[dispmanx] = ",,virtual/libomxil"
PACKAGECONFIG[viv-fb] = ",,virtual/libgles2 virtual/libg2d"
OPENGL_WINSYS = "${@bb.utils.filter('PACKAGECONFIG', 'x11 gbm wayland dispmanx egl viv-fb', d)}"
EXTRA_OEMESON += " \
-Ddoc=disabled \
${@get_opengl_cmdline_list('gl_api', d.getVar('OPENGL_APIS'), d)} \
${@get_opengl_cmdline_list('gl_platform', d.getVar('OPENGL_PLATFORMS'), d)} \
${@get_opengl_cmdline_list('gl_winsys', d.getVar('OPENGL_WINSYS'), d)} \
"
FILES:${PN}-dev += "${libdir}/gstreamer-1.0/include/gst/gl/gstglconfig.h"
FILES:${MLPREFIX}libgsttag-1.0 += "${datadir}/gst-plugins-base/1.0/license-translations.dict"
def get_opengl_cmdline_list(switch_name, options, d):
selected_options = []
if bb.utils.contains('DISTRO_FEATURES', 'opengl', True, False, d):
for option in options.split():
if bb.utils.contains('PACKAGECONFIG', option, True, False, d):
selected_options += [option]
if selected_options:
return '-D' + switch_name + '=' + ','.join(selected_options)
else:
return ''
CVE_PRODUCT += "gst-plugins-base"

47
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-common.inc Normal file
View File

@@ -0,0 +1,47 @@
# This .inc file contains the common setup for the gstreamer1.0-plugins-*
# plugin set recipes.
# SUMMARY is set in the actual .bb recipes
HOMEPAGE = "https://gstreamer.freedesktop.org/"
BUGTRACKER = "https://bugzilla.gnome.org/enter_bug.cgi?product=Gstreamer"
SECTION = "multimedia"
DEPENDS = "gstreamer1.0 glib-2.0-native"
inherit gettext meson pkgconfig upstream-version-is-even
require gstreamer1.0-plugins-packaging.inc
# Orc enables runtime JIT compilation of data processing routines from Orc
# bytecode to SIMD instructions for various architectures (currently SSE, MMX,
# MIPS, Altivec and NEON are supported).
# This value is used in the PACKAGECONFIG values for each plugin set recipe.
# By modifying it, Orc can be enabled/disabled in all of these recipes at once.
GSTREAMER_ORC ?= "orc"
# workaround to disable orc on mips to fix the build failure
# {standard input}: Assembler messages:
# {standard input}:46587: Error: branch out of range
GSTREAMER_ORC:mips = ""
PACKAGECONFIG[orc] = "-Dorc=enabled,-Dorc=disabled,orc orc-native"
# TODO: put this in a gettext.bbclass patch (with variables to allow for
# configuring the option name and the enabled/disabled values).
def gettext_oemeson(d):
if d.getVar('USE_NLS') == 'no':
return '-Dnls=disabled'
# Remove the NLS bits if USE_NLS is no or INHIBIT_DEFAULT_DEPS is set
if d.getVar('INHIBIT_DEFAULT_DEPS') and not oe.utils.inherits(d, 'cross-canadian'):
return '-Dnls=disabled'
return '-Dnls=enabled'
# Not all plugin sets contain examples, so the -Dexamples
# option needs to be added conditionally.
GST_PLUGIN_SET_HAS_EXAMPLES ?= "1"
EXTRA_OEMESON += " \
${@bb.utils.contains('GST_PLUGIN_SET_HAS_EXAMPLES', '1', '-Dexamples=disabled', '', d)} \
${@gettext_oemeson(d)} \
"
GIR_MESON_ENABLE_FLAG = "enabled"
GIR_MESON_DISABLE_FLAG = "disabled"

54
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch Normal file
View File

@@ -0,0 +1,54 @@
From 99f48716051ce5ddb8c1b77292213af1e462549e Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 31 Mar 2020 21:23:28 -0700
Subject: [PATCH] qt: include ext/qt/gstqtgl.h instead of gst/gl/gstglfuncs.h
gst/gl/gstglfuncs.h is included via ext/qt/gstqtgl.h which has logic to
prefer qt headers definitions for GLsync
This helps in fixing build errors like below
/mnt/b/yoe/build/tmp/work/cortexa7t2hf-neon-vfpv4-yoe-linux-gnueabi/gstreamer1.0-plugins-good/1.16.2-r0/recipe-sysroot/usr/include/QtGui/qopengles2ext.h:24:26: error: conflicting declaration 'typedef struct __GLsync* GLsync'
24 | typedef struct __GLsync *GLsync;
| ^~~~~~
In file included from /mnt/b/yoe/build/tmp/work/cortexa7t2hf-neon-vfpv4-yoe-linux-gnueabi/gstreamer1.0-plugins-good/1.16.2-r0/recipe-sysroot/usr/include/gstreamer-1.0/gst/gl/gstglfuncs.h:84,
from ../gst-plugins-good-1.16.2/ext/qt/gstqsgtexture.cc:30:
/mnt/b/yoe/build/tmp/work/cortexa7t2hf-neon-vfpv4-yoe-linux-gnueabi/gstreamer1.0-plugins-good/1.16.2-r0/recipe-sysroot/usr/include/gstreamer-1.0/gst/gl/glprototypes/gstgl_compat.h:40:18: note: previous declaration as 'typedef void* GLsync
'
40 | typedef gpointer GLsync;
| ^~~~~~
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
ext/qt/gstqsgtexture.cc | 2 +-
ext/qt/qtwindow.cc | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/ext/qt/gstqsgtexture.cc b/ext/qt/gstqsgtexture.cc
index 663696b..36b17d4 100644
--- a/ext/qt/gstqsgtexture.cc
+++ b/ext/qt/gstqsgtexture.cc
@@ -27,7 +27,7 @@
#include <gst/video/video.h>
#include <gst/gl/gl.h>
-#include <gst/gl/gstglfuncs.h>
+#include <ext/qt/gstqtgl.h>
#include "gstqsgtexture.h"
#define GST_CAT_DEFAULT gst_qsg_texture_debug
diff --git a/ext/qt/qtwindow.cc b/ext/qt/qtwindow.cc
index 2872cb5..5a36be9 100644
--- a/ext/qt/qtwindow.cc
+++ b/ext/qt/qtwindow.cc
@@ -25,7 +25,7 @@
#include <stdio.h>
#include <gst/video/video.h>
-#include <gst/gl/gstglfuncs.h>
+#include <ext/qt/gstqtgl.h>
#include "qtwindow.h"
#include "gstqsgtexture.h"
#include "gstqtglutility.h"

124
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0001-qtdemux-Skip-zero-sized-boxes-instead-of-stopping-to.patch Normal file
View File

@@ -0,0 +1,124 @@
From 62de06c7a443a5ac40ab2a4f2589625932bf9632 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Tue, 24 Sep 2024 09:50:34 +0300
Subject: [PATCH 01/13] qtdemux: Skip zero-sized boxes instead of stopping to
look at further boxes
A zero-sized box is not really a problem and can be skipped to look at any
possibly following ones.
BMD ATEM devices specifically write a zero-sized bmdc box in the sample
description, followed by the avcC box in case of h264. Previously the avcC box
would simply not be read at all and the file would be unplayable.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7620>
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/62de06c7a443a5ac40ab2a4f2589625932bf9632]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 54 +++++++++++++++++++++++++++++---------------
1 file changed, 36 insertions(+), 18 deletions(-)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index a53d61e649..2f2ca4459b 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -11666,9 +11666,12 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
else
size = len - 0x8;
- if (size < 1)
- /* No real data, so break out */
- break;
+ /* No real data, so skip */
+ if (size < 1) {
+ len -= 8;
+ avc_data += 8;
+ continue;
+ }
switch (QT_FOURCC (avc_data + 0x4)) {
case FOURCC_avcC:
@@ -11783,9 +11786,12 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
else
size = len - 0x8;
- if (size < 1)
- /* No real data, so break out */
- break;
+ /* No real data, so skip */
+ if (size < 1) {
+ len -= 8;
+ hevc_data += 8;
+ continue;
+ }
switch (QT_FOURCC (hevc_data + 0x4)) {
case FOURCC_hvcC:
@@ -12207,9 +12213,12 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
else
size = len - 8;
- if (size < 1)
- /* No real data, so break out */
- break;
+ /* No real data, so skip */
+ if (size < 1) {
+ len -= 8;
+ vc1_data += 8;
+ continue;
+ }
switch (QT_FOURCC (vc1_data + 0x4)) {
case GST_MAKE_FOURCC ('d', 'v', 'c', '1'):
@@ -12249,9 +12258,12 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
else
size = len - 0x8;
- if (size < 1)
- /* No real data, so break out */
- break;
+ /* No real data, so skip */
+ if (size < 1) {
+ len -= 8;
+ av1_data += 8;
+ continue;
+ }
switch (QT_FOURCC (av1_data + 0x4)) {
case FOURCC_av1C:
@@ -12359,9 +12371,12 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
else
size = len - 0x8;
- if (size < 1)
- /* No real data, so break out */
- break;
+ /* No real data, so skip */
+ if (size < 1) {
+ len -= 8;
+ vpcc_data += 8;
+ continue;
+ }
switch (QT_FOURCC (vpcc_data + 0x4)) {
case FOURCC_vpcC:
@@ -12861,9 +12876,12 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
else
size = len - 8;
- if (size < 1)
- /* No real data, so break out */
- break;
+ /* No real data, so skip */
+ if (size < 1) {
+ len -= 8;
+ wfex_data += 8;
+ continue;
+ }
switch (QT_FOURCC (wfex_data + 4)) {
case GST_MAKE_FOURCC ('w', 'f', 'e', 'x'):
--
2.30.2

38
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0001-v4l2-Define-ioctl_req_t-for-posix-linux-case.patch Normal file
View File

@@ -0,0 +1,38 @@
From b77d4806fd5de50d0b017a3e6a19c5bfdef7b3e4 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 13 Feb 2023 12:47:31 -0800
Subject: [PATCH] v4l2: Define ioctl_req_t for posix/linux case
this is an issue seen with musl based linux distros e.g. alpine [1]
musl is not going to change this since it breaks ABI/API interfaces
Newer compilers are stringent ( e.g. clang16 ) which can now detect
signature mismatches in function pointers too, existing code warned but
did not error with older clang
Fixes
gstv4l2object.c:544:23: error: incompatible function pointer types assigning to 'gint (*)(gint, ioctl_req_t, ...)' (aka 'int (*)(int, unsigned long, ...)') from 'int (int, int, ...)' [-Wincompatible-function-pointer-types]
v4l2object->ioctl = ioctl;
^ ~~~~~
[1] https://gitlab.alpinelinux.org/alpine/aports/-/issues/7580
Upstream-Status: Submitted [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/3950]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
sys/v4l2/gstv4l2object.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/sys/v4l2/gstv4l2object.h b/sys/v4l2/gstv4l2object.h
index d95b375..5223cbb 100644
--- a/sys/v4l2/gstv4l2object.h
+++ b/sys/v4l2/gstv4l2object.h
@@ -76,6 +76,8 @@ typedef gboolean (*GstV4l2UpdateFpsFunction) (GstV4l2Object * v4l2object);
* 'unsigned long' for the 2nd parameter */
#ifdef __ANDROID__
typedef unsigned ioctl_req_t;
+#elif defined(__linux__) && !defined(__GLIBC__) /* musl/linux */
+typedef int ioctl_req_t;
#else
typedef gulong ioctl_req_t;
#endif

63
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-qtdemux-Fix-integer-overflow-when-allocating-the-sam.patch Normal file
View File

@@ -0,0 +1,63 @@
From 0e58b2f7ad7b310201eada442a6782aaebe8e2bd Mon Sep 17 00:00:00 2001
From: Antonio Morales <antonio-morales@github.com>
Date: Thu, 26 Sep 2024 18:39:37 +0300
Subject: [PATCH 02/13] qtdemux: Fix integer overflow when allocating the
samples table for fragmented MP4
This can lead to out of bounds writes and NULL pointer dereferences.
Fixes GHSL-2024-094, GHSL-2024-237, GHSL-2024-241
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3839
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
CVE: CVE-2024-47537
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/0e58b2f7ad7b310201eada442a6782aaebe8e2bd]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index 2ccc9f3595..54f2dfead3 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -3342,6 +3342,7 @@ qtdemux_parse_trun (GstQTDemux * qtdemux, GstByteReader * trun,
gint i;
guint8 *data;
guint entry_size, dur_offset, size_offset, flags_offset = 0, ct_offset = 0;
+ guint new_n_samples;
QtDemuxSample *sample;
gboolean ismv = FALSE;
gint64 initial_offset;
@@ -3442,14 +3443,13 @@ qtdemux_parse_trun (GstQTDemux * qtdemux, GstByteReader * trun,
goto fail;
data = (guint8 *) gst_byte_reader_peek_data_unchecked (trun);
- if (stream->n_samples + samples_count >=
- QTDEMUX_MAX_SAMPLE_INDEX_SIZE / sizeof (QtDemuxSample))
+ if (!g_uint_checked_add (&new_n_samples, stream->n_samples, samples_count) ||
+ new_n_samples >= QTDEMUX_MAX_SAMPLE_INDEX_SIZE / sizeof (QtDemuxSample))
goto index_too_big;
GST_DEBUG_OBJECT (qtdemux, "allocating n_samples %u * %u (%.2f MB)",
- stream->n_samples + samples_count, (guint) sizeof (QtDemuxSample),
- (stream->n_samples + samples_count) *
- sizeof (QtDemuxSample) / (1024.0 * 1024.0));
+ new_n_samples, (guint) sizeof (QtDemuxSample),
+ (new_n_samples) * sizeof (QtDemuxSample) / (1024.0 * 1024.0));
/* create a new array of samples if it's the first sample parsed */
if (stream->n_samples == 0) {
@@ -3458,7 +3458,7 @@ qtdemux_parse_trun (GstQTDemux * qtdemux, GstByteReader * trun,
/* or try to reallocate it with space enough to insert the new samples */
} else
stream->samples = g_try_renew (QtDemuxSample, stream->samples,
- stream->n_samples + samples_count);
+ new_n_samples);
if (stream->samples == NULL)
goto out_of_memory;
--
2.30.2

72
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0003-qtdemux-Fix-debug-output-during-trun-parsing.patch Normal file
View File

@@ -0,0 +1,72 @@
From c077ff2585927540f038635f26ca4ba99dc92f10 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 26 Sep 2024 18:40:56 +0300
Subject: [PATCH 03/13] qtdemux: Fix debug output during trun parsing
Various integers are unsigned so print them as such. Also print the actual
allocation size if allocation fails, not only parts of it.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/c077ff2585927540f038635f26ca4ba99dc92f10]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index 54f2dfead3..4bb24b1b80 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -3348,8 +3348,8 @@ qtdemux_parse_trun (GstQTDemux * qtdemux, GstByteReader * trun,
gint64 initial_offset;
gint32 min_ct = 0;
- GST_LOG_OBJECT (qtdemux, "parsing trun track-id %d; "
- "default dur %d, size %d, flags 0x%x, base offset %" G_GINT64_FORMAT ", "
+ GST_LOG_OBJECT (qtdemux, "parsing trun track-id %u; "
+ "default dur %u, size %u, flags 0x%x, base offset %" G_GINT64_FORMAT ", "
"decode ts %" G_GINT64_FORMAT, stream->track_id, d_sample_duration,
d_sample_size, d_sample_flags, *base_offset, decode_ts);
@@ -3377,7 +3377,7 @@ qtdemux_parse_trun (GstQTDemux * qtdemux, GstByteReader * trun,
/* note this is really signed */
if (!gst_byte_reader_get_int32_be (trun, &data_offset))
goto fail;
- GST_LOG_OBJECT (qtdemux, "trun data offset %d", data_offset);
+ GST_LOG_OBJECT (qtdemux, "trun data offset %u", data_offset);
/* default base offset = first byte of moof */
if (*base_offset == -1) {
GST_LOG_OBJECT (qtdemux, "base_offset at moof");
@@ -3399,7 +3399,7 @@ qtdemux_parse_trun (GstQTDemux * qtdemux, GstByteReader * trun,
GST_LOG_OBJECT (qtdemux, "running offset now %" G_GINT64_FORMAT,
*running_offset);
- GST_LOG_OBJECT (qtdemux, "trun offset %d, flags 0x%x, entries %d",
+ GST_LOG_OBJECT (qtdemux, "trun offset %u, flags 0x%x, entries %u",
data_offset, flags, samples_count);
if (flags & TR_FIRST_SAMPLE_FLAGS) {
@@ -3608,14 +3608,15 @@ fail:
}
out_of_memory:
{
- GST_WARNING_OBJECT (qtdemux, "failed to allocate %d samples",
- stream->n_samples);
+ GST_WARNING_OBJECT (qtdemux, "failed to allocate %u + %u samples",
+ stream->n_samples, samples_count);
return FALSE;
}
index_too_big:
{
- GST_WARNING_OBJECT (qtdemux, "not allocating index of %d samples, would "
- "be larger than %uMB (broken file?)", stream->n_samples,
+ GST_WARNING_OBJECT (qtdemux,
+ "not allocating index of %u + %u samples, would "
+ "be larger than %uMB (broken file?)", stream->n_samples, samples_count,
QTDEMUX_MAX_SAMPLE_INDEX_SIZE >> 20);
return FALSE;
}
--
2.30.2

35
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0004-qtdemux-Don-t-iterate-over-all-trun-entries-if-none-.patch Normal file
View File

@@ -0,0 +1,35 @@
From 53464dd2cf1a03f838899f7355133766ff211fce Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 26 Sep 2024 18:41:39 +0300
Subject: [PATCH 04/13] qtdemux: Don't iterate over all trun entries if none of
the flags are set
Nothing would be printed anyway.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/53464dd2cf1a03f838899f7355133766ff211fce]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux_dump.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/gst/isomp4/qtdemux_dump.c b/gst/isomp4/qtdemux_dump.c
index 22da35e9e7..297b580ef0 100644
--- a/gst/isomp4/qtdemux_dump.c
+++ b/gst/isomp4/qtdemux_dump.c
@@ -836,6 +836,11 @@ qtdemux_dump_trun (GstQTDemux * qtdemux, GstByteReader * data, int depth)
GST_LOG ("%*s first-sample-flags: %u", depth, "", first_sample_flags);
}
+ /* Nothing to print below */
+ if ((flags & (TR_SAMPLE_DURATION | TR_SAMPLE_SIZE | TR_SAMPLE_FLAGS |
+ TR_COMPOSITION_TIME_OFFSETS)) == 0)
+ return TRUE;
+
for (i = 0; i < samples_count; i++) {
if (flags & TR_SAMPLE_DURATION) {
if (!gst_byte_reader_get_uint32_be (data, &sample_duration))
--
2.30.2

63
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0005-qtdemux-Check-sizes-of-stsc-stco-stts-before-trying-.patch Normal file
View File

@@ -0,0 +1,63 @@
From 1fac18a8fa269343dd43c9a4bca8d89f307fb7a0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 27 Sep 2024 15:50:54 +0300
Subject: [PATCH 05/13] qtdemux: Check sizes of stsc/stco/stts before trying to
merge entries
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-246
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3854
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
CVE: CVE-2024-47598
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/1fac18a8fa269343dd43c9a4bca8d89f307fb7a0]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index 4bb24b1b80..d1aa9ee5a0 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -9476,6 +9476,21 @@ qtdemux_merge_sample_table (GstQTDemux * qtdemux, QtDemuxStream * stream)
return;
}
+ if (gst_byte_reader_get_remaining (&stream->stts) < 8) {
+ GST_DEBUG_OBJECT (qtdemux, "Too small stts");
+ return;
+ }
+
+ if (stream->stco.size < 8) {
+ GST_DEBUG_OBJECT (qtdemux, "Too small stco");
+ return;
+ }
+
+ if (stream->n_samples_per_chunk == 0) {
+ GST_DEBUG_OBJECT (qtdemux, "No samples per chunk");
+ return;
+ }
+
/* Parse the stts to get the sample duration and number of samples */
gst_byte_reader_skip_unchecked (&stream->stts, 4);
stts_duration = gst_byte_reader_get_uint32_be_unchecked (&stream->stts);
@@ -9487,6 +9502,13 @@ qtdemux_merge_sample_table (GstQTDemux * qtdemux, QtDemuxStream * stream)
GST_DEBUG_OBJECT (qtdemux, "sample_duration %d, num_chunks %u", stts_duration,
num_chunks);
+ if (gst_byte_reader_get_remaining (&stream->stsc) <
+ stream->n_samples_per_chunk * 3 * 4 +
+ (stream->n_samples_per_chunk - 1) * 4) {
+ GST_DEBUG_OBJECT (qtdemux, "Too small stsc");
+ return;
+ }
+
/* Now parse stsc, convert chunks into single samples and generate a
* new stsc, stts and stsz from this information */
gst_byte_writer_init (&stsc);
--
2.30.2

44
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0006-qtdemux-Make-sure-only-an-even-number-of-bytes-is-pr.patch Normal file
View File

@@ -0,0 +1,44 @@
From 6cca274bf25a5679330debdd61a59840e50c68ab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 26 Sep 2024 09:20:28 +0300
Subject: [PATCH 06/13] qtdemux: Make sure only an even number of bytes is
processed when handling CEA608 data
An odd number of bytes would lead to out of bound reads and writes, and doesn't
make any sense as CEA608 comes in byte pairs.
Strip off any leftover bytes and assume everything before that is valid.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-195
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3841
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
CVE: CVE-2024-47539
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/6cca274bf25a5679330debdd61a59840e50c68ab]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index d1aa9ee5a0..ce1a1b8d59 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -5784,6 +5784,11 @@ convert_to_s334_1a (const guint8 * ccpair, guint8 ccpair_size, guint field,
guint8 *storage;
gsize i;
+ /* Strip off any leftover odd bytes and assume everything before is valid */
+ if (ccpair_size % 2 != 0) {
+ ccpair_size -= 1;
+ }
+
/* We are converting from pairs to triplets */
*res = ccpair_size / 2 * 3;
storage = g_malloc (*res);
--
2.30.2

120
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0007-qtdemux-Make-sure-enough-data-is-available-before-re.patch Normal file
View File

@@ -0,0 +1,120 @@
From 64fa1ec0de71db28387a45819681ba760a71e6bc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 26 Sep 2024 14:17:02 +0300
Subject: [PATCH 07/13] qtdemux: Make sure enough data is available before
reading wave header node
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-236
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3843
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
CVE: CVE-2024-47543
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/64fa1ec0de71db28387a45819681ba760a71e6bc]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 84 ++++++++++++++++++++++++--------------------
1 file changed, 45 insertions(+), 39 deletions(-)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index ce1a1b8d59..ed83227d70 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -13139,47 +13139,53 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
} else {
guint32 datalen = QT_UINT32 (stsd_entry_data + offset + 16);
const guint8 *data = stsd_entry_data + offset + 16;
- GNode *wavenode;
- GNode *waveheadernode;
-
- wavenode = g_node_new ((guint8 *) data);
- if (qtdemux_parse_node (qtdemux, wavenode, data, datalen)) {
- const guint8 *waveheader;
- guint32 headerlen;
-
- waveheadernode = qtdemux_tree_get_child_by_type (wavenode, fourcc);
- if (waveheadernode) {
- waveheader = (const guint8 *) waveheadernode->data;
- headerlen = QT_UINT32 (waveheader);
-
- if (headerlen > 8) {
- gst_riff_strf_auds *header = NULL;
- GstBuffer *headerbuf;
- GstBuffer *extra;
-
- waveheader += 8;
- headerlen -= 8;
-
- headerbuf = gst_buffer_new_and_alloc (headerlen);
- gst_buffer_fill (headerbuf, 0, waveheader, headerlen);
-
- if (gst_riff_parse_strf_auds (GST_ELEMENT_CAST (qtdemux),
- headerbuf, &header, &extra)) {
- gst_caps_unref (entry->caps);
- /* FIXME: Need to do something with the channel reorder map */
- entry->caps =
- gst_riff_create_audio_caps (header->format, NULL, header,
- extra, NULL, NULL, NULL);
-
- if (extra)
- gst_buffer_unref (extra);
- g_free (header);
+
+ if (len < datalen || len - datalen < offset + 16) {
+ GST_WARNING_OBJECT (qtdemux, "Not enough data for waveheadernode");
+ } else {
+ GNode *wavenode;
+ GNode *waveheadernode;
+
+ wavenode = g_node_new ((guint8 *) data);
+ if (qtdemux_parse_node (qtdemux, wavenode, data, datalen)) {
+ const guint8 *waveheader;
+ guint32 headerlen;
+
+ waveheadernode =
+ qtdemux_tree_get_child_by_type (wavenode, fourcc);
+ if (waveheadernode) {
+ waveheader = (const guint8 *) waveheadernode->data;
+ headerlen = QT_UINT32 (waveheader);
+
+ if (headerlen > 8) {
+ gst_riff_strf_auds *header = NULL;
+ GstBuffer *headerbuf;
+ GstBuffer *extra;
+
+ waveheader += 8;
+ headerlen -= 8;
+
+ headerbuf = gst_buffer_new_and_alloc (headerlen);
+ gst_buffer_fill (headerbuf, 0, waveheader, headerlen);
+
+ if (gst_riff_parse_strf_auds (GST_ELEMENT_CAST (qtdemux),
+ headerbuf, &header, &extra)) {
+ gst_caps_unref (entry->caps);
+ /* FIXME: Need to do something with the channel reorder map */
+ entry->caps =
+ gst_riff_create_audio_caps (header->format, NULL,
+ header, extra, NULL, NULL, NULL);
+
+ if (extra)
+ gst_buffer_unref (extra);
+ g_free (header);
+ }
}
- }
- } else
- GST_DEBUG ("Didn't find waveheadernode for this codec");
+ } else
+ GST_DEBUG ("Didn't find waveheadernode for this codec");
+ }
+ g_node_destroy (wavenode);
}
- g_node_destroy (wavenode);
}
} else if (esds) {
gst_qtdemux_handle_esds (qtdemux, stream, entry, esds,
--
2.30.2

450
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0008-qtdemux-Fix-length-checks-and-offsets-in-stsd-entry-.patch Normal file
View File

@@ -0,0 +1,450 @@
From 2fbd654d4702e396b61b3963caddcefd024be4bc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 27 Sep 2024 00:12:57 +0300
Subject: [PATCH 08/13] qtdemux: Fix length checks and offsets in stsd entry
parsing
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-242
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3845
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
CVE: CVE-2024-47545
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/2fbd654d4702e396b61b3963caddcefd024be4bc]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 218 ++++++++++++++++---------------------------
1 file changed, 79 insertions(+), 139 deletions(-)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index ed83227d70..94ce75b2d4 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -11679,43 +11679,35 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
case FOURCC_avc1:
case FOURCC_avc3:
{
- guint len = QT_UINT32 (stsd_entry_data);
+ guint32 len = QT_UINT32 (stsd_entry_data);
len = len <= 0x56 ? 0 : len - 0x56;
const guint8 *avc_data = stsd_entry_data + 0x56;
/* find avcC */
- while (len >= 0x8) {
- guint size;
+ while (len >= 8) {
+ guint32 size = QT_UINT32 (avc_data);
- if (QT_UINT32 (avc_data) <= 0x8)
- size = 0;
- else if (QT_UINT32 (avc_data) <= len)
- size = QT_UINT32 (avc_data) - 0x8;
- else
- size = len - 0x8;
+ if (size < 8 || size > len)
+ break;
- /* No real data, so skip */
- if (size < 1) {
- len -= 8;
- avc_data += 8;
- continue;
- }
-
- switch (QT_FOURCC (avc_data + 0x4)) {
+ switch (QT_FOURCC (avc_data + 4)) {
case FOURCC_avcC:
{
/* parse, if found */
GstBuffer *buf;
+ if (size < 8 + 1)
+ break;
+
GST_DEBUG_OBJECT (qtdemux, "found avcC codec_data in stsd");
/* First 4 bytes are the length of the atom, the next 4 bytes
* are the fourcc, the next 1 byte is the version, and the
* subsequent bytes are profile_tier_level structure like data. */
gst_codec_utils_h264_caps_set_level_and_profile (entry->caps,
- avc_data + 8 + 1, size - 1);
- buf = gst_buffer_new_and_alloc (size);
- gst_buffer_fill (buf, 0, avc_data + 0x8, size);
+ avc_data + 8 + 1, size - 8 - 1);
+ buf = gst_buffer_new_and_alloc (size - 8);
+ gst_buffer_fill (buf, 0, avc_data + 8, size - 8);
gst_caps_set_simple (entry->caps,
"codec_data", GST_TYPE_BUFFER, buf, NULL);
gst_buffer_unref (buf);
@@ -11726,6 +11718,9 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
{
GstBuffer *buf;
+ if (size < 8 + 40 + 1)
+ break;
+
GST_DEBUG_OBJECT (qtdemux, "found strf codec_data in stsd");
/* First 4 bytes are the length of the atom, the next 4 bytes
@@ -11733,17 +11728,14 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
* next 1 byte is the version, and the
* subsequent bytes are sequence parameter set like data. */
- size -= 40; /* we'll be skipping BITMAPINFOHEADER */
- if (size > 1) {
- gst_codec_utils_h264_caps_set_level_and_profile
- (entry->caps, avc_data + 8 + 40 + 1, size - 1);
+ gst_codec_utils_h264_caps_set_level_and_profile
+ (entry->caps, avc_data + 8 + 40 + 1, size - 8 - 40 - 1);
- buf = gst_buffer_new_and_alloc (size);
- gst_buffer_fill (buf, 0, avc_data + 8 + 40, size);
- gst_caps_set_simple (entry->caps,
- "codec_data", GST_TYPE_BUFFER, buf, NULL);
- gst_buffer_unref (buf);
- }
+ buf = gst_buffer_new_and_alloc (size - 8 - 40);
+ gst_buffer_fill (buf, 0, avc_data + 8 + 40, size - 8 - 40);
+ gst_caps_set_simple (entry->caps,
+ "codec_data", GST_TYPE_BUFFER, buf, NULL);
+ gst_buffer_unref (buf);
break;
}
case FOURCC_btrt:
@@ -11751,11 +11743,11 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
guint avg_bitrate, max_bitrate;
/* bufferSizeDB, maxBitrate and avgBitrate - 4 bytes each */
- if (size < 12)
+ if (size < 8 + 12)
break;
- max_bitrate = QT_UINT32 (avc_data + 0xc);
- avg_bitrate = QT_UINT32 (avc_data + 0x10);
+ max_bitrate = QT_UINT32 (avc_data + 8 + 4);
+ avg_bitrate = QT_UINT32 (avc_data + 8 + 8);
if (!max_bitrate && !avg_bitrate)
break;
@@ -11787,8 +11779,8 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
break;
}
- len -= size + 8;
- avc_data += size + 8;
+ len -= size;
+ avc_data += size;
}
break;
@@ -11799,44 +11791,36 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
case FOURCC_dvh1:
case FOURCC_dvhe:
{
- guint len = QT_UINT32 (stsd_entry_data);
+ guint32 len = QT_UINT32 (stsd_entry_data);
len = len <= 0x56 ? 0 : len - 0x56;
const guint8 *hevc_data = stsd_entry_data + 0x56;
/* find hevc */
- while (len >= 0x8) {
- guint size;
+ while (len >= 8) {
+ guint32 size = QT_UINT32 (hevc_data);
- if (QT_UINT32 (hevc_data) <= 0x8)
- size = 0;
- else if (QT_UINT32 (hevc_data) <= len)
- size = QT_UINT32 (hevc_data) - 0x8;
- else
- size = len - 0x8;
+ if (size < 8 || size > len)
+ break;
- /* No real data, so skip */
- if (size < 1) {
- len -= 8;
- hevc_data += 8;
- continue;
- }
-
- switch (QT_FOURCC (hevc_data + 0x4)) {
+ switch (QT_FOURCC (hevc_data + 4)) {
case FOURCC_hvcC:
{
/* parse, if found */
GstBuffer *buf;
+ if (size < 8 + 1)
+ break;
+
GST_DEBUG_OBJECT (qtdemux, "found hvcC codec_data in stsd");
/* First 4 bytes are the length of the atom, the next 4 bytes
* are the fourcc, the next 1 byte is the version, and the
* subsequent bytes are sequence parameter set like data. */
gst_codec_utils_h265_caps_set_level_tier_and_profile
- (entry->caps, hevc_data + 8 + 1, size - 1);
+ (entry->caps, hevc_data + 8 + 1, size - 8 - 1);
- buf = gst_buffer_new_and_alloc (size);
- gst_buffer_fill (buf, 0, hevc_data + 0x8, size);
+ buf = gst_buffer_new_and_alloc (size - 8);
+ gst_buffer_fill (buf, 0, hevc_data + 8, size - 8);
gst_caps_set_simple (entry->caps,
"codec_data", GST_TYPE_BUFFER, buf, NULL);
gst_buffer_unref (buf);
@@ -11845,8 +11829,8 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
default:
break;
}
- len -= size + 8;
- hevc_data += size + 8;
+ len -= size;
+ hevc_data += size;
}
break;
}
@@ -12226,36 +12210,25 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
}
case FOURCC_vc_1:
{
- guint len = QT_UINT32 (stsd_entry_data);
+ guint32 len = QT_UINT32 (stsd_entry_data);
len = len <= 0x56 ? 0 : len - 0x56;
const guint8 *vc1_data = stsd_entry_data + 0x56;
/* find dvc1 */
while (len >= 8) {
- guint size;
+ guint32 size = QT_UINT32 (vc1_data);
- if (QT_UINT32 (vc1_data) <= 8)
- size = 0;
- else if (QT_UINT32 (vc1_data) <= len)
- size = QT_UINT32 (vc1_data) - 8;
- else
- size = len - 8;
+ if (size < 8 || size > len)
+ break;
- /* No real data, so skip */
- if (size < 1) {
- len -= 8;
- vc1_data += 8;
- continue;
- }
-
- switch (QT_FOURCC (vc1_data + 0x4)) {
+ switch (QT_FOURCC (vc1_data + 4)) {
case GST_MAKE_FOURCC ('d', 'v', 'c', '1'):
{
GstBuffer *buf;
GST_DEBUG_OBJECT (qtdemux, "found dvc1 codec_data in stsd");
- buf = gst_buffer_new_and_alloc (size);
- gst_buffer_fill (buf, 0, vc1_data + 8, size);
+ buf = gst_buffer_new_and_alloc (size - 8);
+ gst_buffer_fill (buf, 0, vc1_data + 8, size - 8);
gst_caps_set_simple (entry->caps,
"codec_data", GST_TYPE_BUFFER, buf, NULL);
gst_buffer_unref (buf);
@@ -12264,36 +12237,25 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
default:
break;
}
- len -= size + 8;
- vc1_data += size + 8;
+ len -= size;
+ vc1_data += size;
}
break;
}
case FOURCC_av01:
{
- guint len = QT_UINT32 (stsd_entry_data);
+ guint32 len = QT_UINT32 (stsd_entry_data);
len = len <= 0x56 ? 0 : len - 0x56;
const guint8 *av1_data = stsd_entry_data + 0x56;
/* find av1C */
- while (len >= 0x8) {
- guint size;
+ while (len >= 8) {
+ guint32 size = QT_UINT32 (av1_data);
- if (QT_UINT32 (av1_data) <= 0x8)
- size = 0;
- else if (QT_UINT32 (av1_data) <= len)
- size = QT_UINT32 (av1_data) - 0x8;
- else
- size = len - 0x8;
+ if (size < 8 || size > len)
+ break;
- /* No real data, so skip */
- if (size < 1) {
- len -= 8;
- av1_data += 8;
- continue;
- }
-
- switch (QT_FOURCC (av1_data + 0x4)) {
+ switch (QT_FOURCC (av1_data + 4)) {
case FOURCC_av1C:
{
/* parse, if found */
@@ -12303,7 +12265,7 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
"found av1C codec_data in stsd of size %d", size);
/* not enough data, just ignore and hope for the best */
- if (size < 4)
+ if (size < 8 + 4)
break;
/* Content is:
@@ -12352,9 +12314,9 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
(gint) (pres_delay_field & 0x0F) + 1, NULL);
}
- buf = gst_buffer_new_and_alloc (size);
+ buf = gst_buffer_new_and_alloc (size - 8);
GST_BUFFER_FLAG_SET (buf, GST_BUFFER_FLAG_HEADER);
- gst_buffer_fill (buf, 0, av1_data + 8, size);
+ gst_buffer_fill (buf, 0, av1_data + 8, size - 8);
gst_caps_set_simple (entry->caps,
"codec_data", GST_TYPE_BUFFER, buf, NULL);
gst_buffer_unref (buf);
@@ -12372,8 +12334,8 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
break;
}
- len -= size + 8;
- av1_data += size + 8;
+ len -= size;
+ av1_data += size;
}
break;
@@ -12384,29 +12346,18 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
* vp08, vp09, and vp10 fourcc. */
case FOURCC_vp09:
{
- guint len = QT_UINT32 (stsd_entry_data);
+ guint32 len = QT_UINT32 (stsd_entry_data);
len = len <= 0x56 ? 0 : len - 0x56;
const guint8 *vpcc_data = stsd_entry_data + 0x56;
/* find vpcC */
- while (len >= 0x8) {
- guint size;
+ while (len >= 8) {
+ guint32 size = QT_UINT32 (vpcc_data);
- if (QT_UINT32 (vpcc_data) <= 0x8)
- size = 0;
- else if (QT_UINT32 (vpcc_data) <= len)
- size = QT_UINT32 (vpcc_data) - 0x8;
- else
- size = len - 0x8;
+ if (size < 8 || size > len)
+ break;
- /* No real data, so skip */
- if (size < 1) {
- len -= 8;
- vpcc_data += 8;
- continue;
- }
-
- switch (QT_FOURCC (vpcc_data + 0x4)) {
+ switch (QT_FOURCC (vpcc_data + 4)) {
case FOURCC_vpcC:
{
const gchar *profile_str = NULL;
@@ -12422,7 +12373,7 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
/* the meaning of "size" is length of the atom body, excluding
* atom length and fourcc fields */
- if (size < 12)
+ if (size < 8 + 12)
break;
/* Content is:
@@ -12528,8 +12479,8 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
break;
}
- len -= size + 8;
- vpcc_data += size + 8;
+ len -= size;
+ vpcc_data += size;
}
break;
@@ -12870,7 +12821,7 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
}
case FOURCC_wma_:
{
- guint len = QT_UINT32 (stsd_entry_data);
+ guint32 len = QT_UINT32 (stsd_entry_data);
len = len <= offset ? 0 : len - offset;
const guint8 *wfex_data = stsd_entry_data + offset;
const gchar *codec_name = NULL;
@@ -12895,21 +12846,10 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
/* find wfex */
while (len >= 8) {
- guint size;
+ guint32 size = QT_UINT32 (wfex_data);
- if (QT_UINT32 (wfex_data) <= 0x8)
- size = 0;
- else if (QT_UINT32 (wfex_data) <= len)
- size = QT_UINT32 (wfex_data) - 8;
- else
- size = len - 8;
-
- /* No real data, so skip */
- if (size < 1) {
- len -= 8;
- wfex_data += 8;
- continue;
- }
+ if (size < 8 || size > len)
+ break;
switch (QT_FOURCC (wfex_data + 4)) {
case GST_MAKE_FOURCC ('w', 'f', 'e', 'x'):
@@ -12954,12 +12894,12 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
"width", G_TYPE_INT, wfex.wBitsPerSample,
"depth", G_TYPE_INT, wfex.wBitsPerSample, NULL);
- if (size > wfex.cbSize) {
+ if (size > 8 + wfex.cbSize) {
GstBuffer *buf;
- buf = gst_buffer_new_and_alloc (size - wfex.cbSize);
+ buf = gst_buffer_new_and_alloc (size - 8 - wfex.cbSize);
gst_buffer_fill (buf, 0, wfex_data + 8 + wfex.cbSize,
- size - wfex.cbSize);
+ size - 8 - wfex.cbSize);
gst_caps_set_simple (entry->caps,
"codec_data", GST_TYPE_BUFFER, buf, NULL);
gst_buffer_unref (buf);
@@ -12976,8 +12916,8 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
default:
break;
}
- len -= size + 8;
- wfex_data += size + 8;
+ len -= size;
+ wfex_data += size;
}
break;
}
--
2.30.2

56
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0009-qtdemux-Fix-error-handling-when-parsing-cenc-sample-.patch Normal file
View File

@@ -0,0 +1,56 @@
From da3b4e903ae990193988a873368bdd1865350521 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 27 Sep 2024 09:47:50 +0300
Subject: [PATCH 09/13] qtdemux: Fix error handling when parsing cenc sample
groups fails
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-238, GHSL-2024-239, GHSL-2024-240
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3846
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
CVE: CVE-2024-47544
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/da3b4e903ae990193988a873368bdd1865350521]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index 94ce75b2d4..e7a79be45b 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -11400,12 +11400,15 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
if (stream->subtype != FOURCC_soun) {
GST_ERROR_OBJECT (qtdemux,
"Unexpeced stsd type 'aavd' outside 'soun' track");
+ goto corrupt_file;
} else {
/* encrypted audio with sound sample description v0 */
GNode *enc = qtdemux_tree_get_child_by_type (stsd, fourcc);
stream->protected = TRUE;
- if (!qtdemux_parse_protection_aavd (qtdemux, stream, enc, &fourcc))
+ if (!qtdemux_parse_protection_aavd (qtdemux, stream, enc, &fourcc)) {
GST_ERROR_OBJECT (qtdemux, "Failed to parse protection scheme info");
+ goto corrupt_file;
+ }
}
}
@@ -11414,8 +11417,10 @@ qtdemux_parse_trak (GstQTDemux * qtdemux, GNode * trak)
* with the same type */
GNode *enc = qtdemux_tree_get_child_by_type (stsd, fourcc);
stream->protected = TRUE;
- if (!qtdemux_parse_protection_scheme_info (qtdemux, stream, enc, &fourcc))
+ if (!qtdemux_parse_protection_scheme_info (qtdemux, stream, enc, &fourcc)) {
GST_ERROR_OBJECT (qtdemux, "Failed to parse protection scheme info");
+ goto corrupt_file;
+ }
}
if (stream->subtype == FOURCC_vide) {
--
2.30.2

49
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0010-qtdemux-Make-sure-there-are-enough-offsets-to-read-w.patch Normal file
View File

@@ -0,0 +1,49 @@
From 20503e5dd90e21ef170488b2a8b8529ae8a4cab9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 27 Sep 2024 10:38:50 +0300
Subject: [PATCH 10/13] qtdemux: Make sure there are enough offsets to read
when parsing samples
While this specific case is also caught when initializing co_chunk, the error
is ignored in various places and calling into the function would lead to out of
bounds reads if the error message doesn't cause the pipeline to be shut down
fast enough.
To avoid this, no matter what, make sure enough offsets are available when
parsing them. While this is potentially slower, the same is already done in the
non-chunks_are_samples case.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-245
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3847
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
CVE: CVE-2024-47597
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/20503e5dd90e21ef170488b2a8b8529ae8a4cab9]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index e7a79be45b..5277952c5e 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -10066,9 +10066,9 @@ qtdemux_parse_samples (GstQTDemux * qtdemux, QtDemuxStream * stream, guint32 n)
goto done;
}
- cur->offset =
- qt_atom_parser_get_offset_unchecked (&stream->co_chunk,
- stream->co_size);
+ if (!qt_atom_parser_get_offset (&stream->co_chunk,
+ stream->co_size, &cur->offset))
+ goto corrupt_file;
GST_LOG_OBJECT (qtdemux, "Created entry %d with offset "
"%" G_GUINT64_FORMAT, j, cur->offset);
--
2.30.2

97
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0011-qtdemux-Actually-handle-errors-returns-from-various-.patch Normal file
View File

@@ -0,0 +1,97 @@
From ed254790331a3fba2f68255a8f072552d622aac1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 27 Sep 2024 10:39:30 +0300
Subject: [PATCH 11/13] qtdemux: Actually handle errors returns from various
functions instead of ignoring them
Ignoring them might cause the element to continue as if all is fine despite the
internal state being inconsistent. This can lead to all kinds of follow-up
issues, including memory safety issues.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-245
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3847
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
CVE: CVE-2024-47597
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/ed254790331a3fba2f68255a8f072552d622aac1]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 29 +++++++++++++++++++++++------
1 file changed, 23 insertions(+), 6 deletions(-)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index 5277952c5e..1de70f184f 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -4853,10 +4853,15 @@ gst_qtdemux_loop_state_header (GstQTDemux * qtdemux)
beach:
if (ret == GST_FLOW_EOS && (qtdemux->got_moov || qtdemux->media_caps)) {
/* digested all data, show what we have */
- qtdemux_prepare_streams (qtdemux);
+ ret = qtdemux_prepare_streams (qtdemux);
+ if (ret != GST_FLOW_OK)
+ return ret;
+
QTDEMUX_EXPOSE_LOCK (qtdemux);
ret = qtdemux_expose_streams (qtdemux);
QTDEMUX_EXPOSE_UNLOCK (qtdemux);
+ if (ret != GST_FLOW_OK)
+ return ret;
qtdemux->state = QTDEMUX_STATE_MOVIE;
GST_DEBUG_OBJECT (qtdemux, "switching state to STATE_MOVIE (%d)",
@@ -7548,13 +7553,21 @@ gst_qtdemux_process_adapter (GstQTDemux * demux, gboolean force)
gst_qtdemux_stream_concat (demux,
demux->old_streams, demux->active_streams);
- qtdemux_parse_moov (demux, data, demux->neededbytes);
+ if (!qtdemux_parse_moov (demux, data, demux->neededbytes)) {
+ ret = GST_FLOW_ERROR;
+ break;
+ }
qtdemux_node_dump (demux, demux->moov_node);
qtdemux_parse_tree (demux);
- qtdemux_prepare_streams (demux);
+ ret = qtdemux_prepare_streams (demux);
+ if (ret != GST_FLOW_OK)
+ break;
+
QTDEMUX_EXPOSE_LOCK (demux);
- qtdemux_expose_streams (demux);
+ ret = qtdemux_expose_streams (demux);
QTDEMUX_EXPOSE_UNLOCK (demux);
+ if (ret != GST_FLOW_OK)
+ break;
demux->got_moov = TRUE;
@@ -7645,8 +7658,10 @@ gst_qtdemux_process_adapter (GstQTDemux * demux, gboolean force)
/* in MSS we need to expose the pads after the first moof as we won't get a moov */
if (demux->variant == VARIANT_MSS_FRAGMENTED && !demux->exposed) {
QTDEMUX_EXPOSE_LOCK (demux);
- qtdemux_expose_streams (demux);
+ ret = qtdemux_expose_streams (demux);
QTDEMUX_EXPOSE_UNLOCK (demux);
+ if (ret != GST_FLOW_OK)
+ goto done;
}
gst_qtdemux_check_send_pending_segment (demux);
@@ -13760,8 +13775,10 @@ qtdemux_prepare_streams (GstQTDemux * qtdemux)
/* parse the initial sample for use in setting the frame rate cap */
while (sample_num == 0 && sample_num < stream->n_samples) {
- if (!qtdemux_parse_samples (qtdemux, stream, sample_num))
+ if (!qtdemux_parse_samples (qtdemux, stream, sample_num)) {
+ ret = GST_FLOW_ERROR;
break;
+ }
++sample_num;
}
}
--
2.30.2

36
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0012-qtdemux-Check-for-invalid-atom-length-when-extractin.patch Normal file
View File

@@ -0,0 +1,36 @@
From 3153fda823cb91b1031dae69738c6c5d526fb6e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 26 Sep 2024 19:16:19 +0300
Subject: [PATCH 12/13] qtdemux: Check for invalid atom length when extracting
Closed Caption data
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-243
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3849
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
CVE: CVE-2024-47546
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/3153fda823cb91b1031dae69738c6c5d526fb6e1]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index 1de70f184f..8850d09321 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -5827,7 +5827,7 @@ extract_cc_from_data (QtDemuxStream * stream, const guint8 * data, gsize size,
goto invalid_cdat;
atom_length = QT_UINT32 (data);
fourcc = QT_FOURCC (data + 4);
- if (G_UNLIKELY (atom_length > size || atom_length == 8))
+ if (G_UNLIKELY (atom_length > size || atom_length <= 8))
goto invalid_cdat;
GST_DEBUG_OBJECT (stream->pad, "here");
--
2.30.2

37
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0013-qtdemux-Add-size-check-for-parsing-SMI-SEQH-atom.patch Normal file
View File

@@ -0,0 +1,37 @@
From 3ce1b812a9531611288af286b5dc6631a11e3f4a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 27 Sep 2024 00:31:36 +0300
Subject: [PATCH 13/13] qtdemux: Add size check for parsing SMI / SEQH atom
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-244
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3853
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8109>
CVE: CVE-2024-47596
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/3ce1b812a9531611288af286b5dc6631a11e3f4a]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index 8850d09321..dc70287a8a 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -10629,8 +10629,9 @@ qtdemux_parse_svq3_stsd_data (GstQTDemux * qtdemux,
GST_WARNING_OBJECT (qtdemux, "Unexpected second SEQH SMI atom "
" found, ignoring");
} else {
+ /* Note: The size does *not* include the fourcc and the size field itself */
seqh_size = QT_UINT32 (data + 4);
- if (seqh_size > 0) {
+ if (seqh_size > 0 && seqh_size <= size - 8) {
_seqh = gst_buffer_new_and_alloc (seqh_size);
gst_buffer_fill (_seqh, 0, data + 8, seqh_size);
}
--
2.30.2

53
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0014-gdkpixbufdec-Check-if-initializing-the-video-info-ac.patch Normal file
View File

@@ -0,0 +1,53 @@
From 1d1c9d63be51d85f9b80f0c227d4b3469fee2534 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Wed, 2 Oct 2024 14:44:21 +0300
Subject: [PATCH] gdkpixbufdec: Check if initializing the video info actually
succeeded
Otherwise a 0-byte buffer would be allocated, which gives NULL memory when
mapped.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-118
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3876
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8041>
CVE: CVE-2024-47613
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/1d1c9d63be51d85f9b80f0c227d4b3469fee2534]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
ext/gdk_pixbuf/gstgdkpixbufdec.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/ext/gdk_pixbuf/gstgdkpixbufdec.c b/ext/gdk_pixbuf/gstgdkpixbufdec.c
index 5482998c0d..de5f054964 100644
--- a/ext/gdk_pixbuf/gstgdkpixbufdec.c
+++ b/ext/gdk_pixbuf/gstgdkpixbufdec.c
@@ -322,7 +322,8 @@ gst_gdk_pixbuf_dec_flush (GstGdkPixbufDec * filter)
gst_video_info_init (&info);
- gst_video_info_set_format (&info, fmt, width, height);
+ if (!gst_video_info_set_format (&info, fmt, width, height))
+ goto format_not_supported;
info.fps_n = filter->in_fps_n;
info.fps_d = filter->in_fps_d;
caps = gst_video_info_to_caps (&info);
@@ -384,6 +385,12 @@ channels_not_supported:
("%d channels not supported", n_channels));
return GST_FLOW_ERROR;
}
+format_not_supported:
+ {
+ GST_ELEMENT_ERROR (filter, STREAM, DECODE, (NULL),
+ ("%d channels with %dx%d not supported", n_channels, width, height));
+ return GST_FLOW_ERROR;
+ }
no_buffer:
{
GST_DEBUG ("Failed to create outbuffer - %s", gst_flow_get_name (ret));
--
2.30.2

60
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0015-matroskademux-Only-unmap-GstMapInfo-in-WavPack-heade.patch Normal file
View File

@@ -0,0 +1,60 @@
From 008f0d52408f57f0704d5639b72db2f330b8f003 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 16:32:48 +0300
Subject: [PATCH 1/7] matroskademux: Only unmap GstMapInfo in WavPack header
extraction error paths if previously mapped
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-197
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3863
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8108>
CVE: CVE-2024-47597
CVE: CVE-2024-47601
CVE: CVE-2024-47602
CVE: CVE-2024-47603
CVE: CVE-2024-47834
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/008f0d52408f57f0704d5639b72db2f330b8f003]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/matroska/matroska-demux.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
index 9b3cf83adb..35e60b7147 100644
--- a/gst/matroska/matroska-demux.c
+++ b/gst/matroska/matroska-demux.c
@@ -3885,7 +3885,6 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
GstMatroskaTrackAudioContext *audiocontext =
(GstMatroskaTrackAudioContext *) stream;
GstBuffer *newbuf = NULL;
- GstMapInfo map, outmap;
guint8 *buf_data, *data;
Wavpack4Header wvh;
@@ -3902,11 +3901,11 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
if (audiocontext->channels <= 2) {
guint32 block_samples, tmp;
+ GstMapInfo outmap;
gsize size = gst_buffer_get_size (*buf);
if (size < 4) {
GST_ERROR_OBJECT (element, "Too small wavpack buffer");
- gst_buffer_unmap (*buf, &map);
return GST_FLOW_ERROR;
}
@@ -3944,6 +3943,7 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
*buf = newbuf;
audiocontext->wvpk_block_index += block_samples;
} else {
+ GstMapInfo map, outmap;
guint8 *outdata = NULL;
gsize buf_size, size;
guint32 block_samples, flags, crc;
--
2.30.2

35
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0016-matroskademux-Fix-off-by-one-when-parsing-multi-chan.patch Normal file
View File

@@ -0,0 +1,35 @@
From b7e1b13af70b7c042f29674f5482b502af82d829 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 16:33:39 +0300
Subject: [PATCH 2/7] matroskademux: Fix off-by-one when parsing multi-channel
WavPack
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8108>
CVE: CVE-2024-47597
CVE: CVE-2024-47601
CVE: CVE-2024-47602
CVE: CVE-2024-47603
CVE: CVE-2024-47834
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/b7e1b13af70b7c042f29674f5482b502af82d829]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/matroska/matroska-demux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
index 35e60b7147..583fbbe6e6 100644
--- a/gst/matroska/matroska-demux.c
+++ b/gst/matroska/matroska-demux.c
@@ -3970,7 +3970,7 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
data += 4;
size -= 4;
- while (size > 12) {
+ while (size >= 12) {
flags = GST_READ_UINT32_LE (data);
data += 4;
size -= 4;
--
2.30.2

43
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0017-matroskademux-Check-for-big-enough-WavPack-codec-pri.patch Normal file
View File

@@ -0,0 +1,43 @@
From 455393ef0f2bb0a49c5bf32ef208af914c44e806 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 18:25:53 +0300
Subject: [PATCH 3/7] matroskademux: Check for big enough WavPack codec private
data before accessing it
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-250
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3866
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8108>
CVE: CVE-2024-47597
CVE: CVE-2024-47601
CVE: CVE-2024-47602
CVE: CVE-2024-47603
CVE: CVE-2024-47834
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/455393ef0f2bb0a49c5bf32ef208af914c44e806]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/matroska/matroska-demux.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
index 583fbbe6e6..91e66fefc3 100644
--- a/gst/matroska/matroska-demux.c
+++ b/gst/matroska/matroska-demux.c
@@ -3888,6 +3888,11 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
guint8 *buf_data, *data;
Wavpack4Header wvh;
+ if (!stream->codec_priv || stream->codec_priv_size < 2) {
+ GST_ERROR_OBJECT (element, "No or too small wavpack codec private data");
+ return GST_FLOW_ERROR;
+ }
+
wvh.ck_id[0] = 'w';
wvh.ck_id[1] = 'v';
wvh.ck_id[2] = 'p';
--
2.30.2

51
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0018-matroskademux-Don-t-take-data-out-of-an-empty-adapte.patch Normal file
View File

@@ -0,0 +1,51 @@
From be0ac3f40949cb951d5f0761f4a3bd597a94947f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 19:04:51 +0300
Subject: [PATCH 4/7] matroskademux: Don't take data out of an empty adapter
when processing WavPack frames
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-249
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3865
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8108>
CVE: CVE-2024-47597
CVE: CVE-2024-47601
CVE: CVE-2024-47602
CVE: CVE-2024-47603
CVE: CVE-2024-47834
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/be0ac3f40949cb951d5f0761f4a3bd597a94947f]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
.../gst-plugins-good/gst/matroska/matroska-demux.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
index 91e66fefc3..98ed51e86a 100644
--- a/gst/matroska/matroska-demux.c
+++ b/gst/matroska/matroska-demux.c
@@ -4036,11 +4036,16 @@ gst_matroska_demux_add_wvpk_header (GstElement * element,
}
gst_buffer_unmap (*buf, &map);
- newbuf = gst_adapter_take_buffer (adapter, gst_adapter_available (adapter));
+ size = gst_adapter_available (adapter);
+ if (size > 0) {
+ newbuf = gst_adapter_take_buffer (adapter, size);
+ gst_buffer_copy_into (newbuf, *buf,
+ GST_BUFFER_COPY_TIMESTAMPS | GST_BUFFER_COPY_FLAGS, 0, -1);
+ } else {
+ newbuf = NULL;
+ }
g_object_unref (adapter);
- gst_buffer_copy_into (newbuf, *buf,
- GST_BUFFER_COPY_TIMESTAMPS | GST_BUFFER_COPY_FLAGS, 0, -1);
gst_buffer_unref (*buf);
*buf = newbuf;
--
2.30.2

52
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0019-matroskademux-Skip-over-laces-directly-when-postproc.patch Normal file
View File

@@ -0,0 +1,52 @@
From effbbfd771487cc06c79d5a7e447a849884cc6cf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 19:06:03 +0300
Subject: [PATCH 5/7] matroskademux: Skip over laces directly when
postprocessing the frame fails
Otherwise NULL buffers might be handled afterwards.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-249
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3865
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8108>
CVE: CVE-2024-47540
CVE: CVE-2024-47601
CVE: CVE-2024-47602
CVE: CVE-2024-47603
CVE: CVE-2024-47834
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/effbbfd771487cc06c79d5a7e447a849884cc6cf]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
.../gst-plugins-good/gst/matroska/matroska-demux.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
index 98ed51e86a..e0a4405dce 100644
--- a/gst/matroska/matroska-demux.c
+++ b/gst/matroska/matroska-demux.c
@@ -4982,6 +4982,18 @@ gst_matroska_demux_parse_blockgroup_or_simpleblock (GstMatroskaDemux * demux,
if (stream->postprocess_frame) {
GST_LOG_OBJECT (demux, "running post process");
ret = stream->postprocess_frame (GST_ELEMENT (demux), stream, &sub);
+ if (ret != GST_FLOW_OK) {
+ gst_clear_buffer (&sub);
+ goto next_lace;
+ }
+
+ if (sub == NULL) {
+ GST_WARNING_OBJECT (demux,
+ "Postprocessing buffer with timestamp %" GST_TIME_FORMAT
+ " for stream %d failed", GST_TIME_ARGS (buffer_timestamp),
+ stream_num);
+ goto next_lace;
+ }
}
/* At this point, we have a sub-buffer pointing at data within a larger
--
2.30.2

43
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0020-matroskademux-Skip-over-zero-sized-Xiph-stream-heade.patch Normal file
View File

@@ -0,0 +1,43 @@
From ed7b46bac3fa14f95422cc4bb4655d041df51454 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 19:19:42 +0300
Subject: [PATCH 6/7] matroskademux: Skip over zero-sized Xiph stream headers
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-251
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3867
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8108>
CVE: CVE-2024-47540
CVE: CVE-2024-47601
CVE: CVE-2024-47602
CVE: CVE-2024-47603
CVE: CVE-2024-47834
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/ed7b46bac3fa14f95422cc4bb4655d041df51454]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/matroska/matroska-ids.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/gst/matroska/matroska-ids.c b/gst/matroska/matroska-ids.c
index f11b7c2ce3..ba645f7306 100644
--- a/gst/matroska/matroska-ids.c
+++ b/gst/matroska/matroska-ids.c
@@ -189,8 +189,10 @@ gst_matroska_parse_xiph_stream_headers (gpointer codec_data,
if (offset + length[i] > codec_data_size)
goto error;
- hdr = gst_buffer_new_memdup (p + offset, length[i]);
- gst_buffer_list_add (list, hdr);
+ if (length[i] > 0) {
+ hdr = gst_buffer_new_memdup (p + offset, length[i]);
+ gst_buffer_list_add (list, hdr);
+ }
offset += length[i];
}
--
2.30.2

44
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0021-matroskademux-Put-a-copy-of-the-codec-data-into-the-.patch Normal file
View File

@@ -0,0 +1,44 @@
From 98e4356be7afa869373f96b4e8ca792c5f9707ee Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Wed, 9 Oct 2024 11:52:52 -0400
Subject: [PATCH 7/7] matroskademux: Put a copy of the codec data into the
A_MS/ACM caps
The original codec data buffer is owned by matroskademux and does not
necessarily live as long as the caps.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-280
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3894
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8108>
CVE: CVE-2024-47540
CVE: CVE-2024-47601
CVE: CVE-2024-47602
CVE: CVE-2024-47603
CVE: CVE-2024-47834
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/98e4356be7afa869373f96b4e8ca792c5f9707ee]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/matroska/matroska-demux.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/gst/matroska/matroska-demux.c b/gst/matroska/matroska-demux.c
index e0a4405dce..80da306731 100644
--- a/gst/matroska/matroska-demux.c
+++ b/gst/matroska/matroska-demux.c
@@ -7165,8 +7165,7 @@ gst_matroska_demux_audio_caps (GstMatroskaTrackAudioContext *
/* 18 is the waveformatex size */
if (size > 18) {
- codec_data = gst_buffer_new_wrapped_full (GST_MEMORY_FLAG_READONLY,
- data + 18, size - 18, 0, size - 18, NULL, NULL);
+ codec_data = gst_buffer_new_memdup (data + 18, size - 18);
}
if (riff_audio_fmt)
--
2.30.2

99
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0022-jpegdec-Directly-error-out-on-negotiation-failures.patch Normal file
View File

@@ -0,0 +1,99 @@
From 3cdf206f4fc5a9860bfe1437ed3d01e7d23c6c3e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Mon, 30 Sep 2024 16:22:19 +0300
Subject: [PATCH] jpegdec: Directly error out on negotiation failures
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-247
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3862
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8040>
CVE: CVE-2024-47599
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/3cdf206f4fc5a9860bfe1437ed3d01e7d23c6c3e]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
.../gst-plugins-good/ext/jpeg/gstjpegdec.c | 22 ++++++++++++++-----
1 file changed, 17 insertions(+), 5 deletions(-)
diff --git a/ext/jpeg/gstjpegdec.c b/ext/jpeg/gstjpegdec.c
index 51bc2d14bf..7523419835 100644
--- a/ext/jpeg/gstjpegdec.c
+++ b/ext/jpeg/gstjpegdec.c
@@ -1068,13 +1068,14 @@ gst_jpeg_turbo_parse_ext_fmt_convert (GstJpegDec * dec, gint * clrspc)
}
#endif
-static void
+static gboolean
gst_jpeg_dec_negotiate (GstJpegDec * dec, gint width, gint height, gint clrspc,
gboolean interlaced)
{
GstVideoCodecState *outstate;
GstVideoInfo *info;
GstVideoFormat format;
+ gboolean res;
#ifdef JCS_EXTENSIONS
if (dec->format_convert) {
@@ -1104,7 +1105,7 @@ gst_jpeg_dec_negotiate (GstJpegDec * dec, gint width, gint height, gint clrspc,
height == GST_VIDEO_INFO_HEIGHT (info) &&
format == GST_VIDEO_INFO_FORMAT (info)) {
gst_video_codec_state_unref (outstate);
- return;
+ return TRUE;
}
gst_video_codec_state_unref (outstate);
}
@@ -1118,6 +1119,8 @@ gst_jpeg_dec_negotiate (GstJpegDec * dec, gint width, gint height, gint clrspc,
outstate =
gst_video_decoder_set_output_state (GST_VIDEO_DECODER (dec), format,
width, height, dec->input_state);
+ if (!outstate)
+ return FALSE;
switch (clrspc) {
case JCS_RGB:
@@ -1142,10 +1145,12 @@ gst_jpeg_dec_negotiate (GstJpegDec * dec, gint width, gint height, gint clrspc,
gst_video_codec_state_unref (outstate);
- gst_video_decoder_negotiate (GST_VIDEO_DECODER (dec));
+ res = gst_video_decoder_negotiate (GST_VIDEO_DECODER (dec));
GST_DEBUG_OBJECT (dec, "max_v_samp_factor=%d", dec->cinfo.max_v_samp_factor);
GST_DEBUG_OBJECT (dec, "max_h_samp_factor=%d", dec->cinfo.max_h_samp_factor);
+
+ return res;
}
static GstFlowReturn
@@ -1425,8 +1430,9 @@ gst_jpeg_dec_handle_frame (GstVideoDecoder * bdec, GstVideoCodecFrame * frame)
num_fields = 1;
}
- gst_jpeg_dec_negotiate (dec, width, output_height,
- dec->cinfo.jpeg_color_space, num_fields == 2);
+ if (!gst_jpeg_dec_negotiate (dec, width, output_height,
+ dec->cinfo.jpeg_color_space, num_fields == 2))
+ goto negotiation_failed;
state = gst_video_decoder_get_output_state (bdec);
ret = gst_video_decoder_allocate_output_frame (bdec, frame);
@@ -1558,6 +1564,12 @@ map_failed:
ret = GST_FLOW_ERROR;
goto exit;
}
+negotiation_failed:
+ {
+ GST_ELEMENT_ERROR (dec, CORE, NEGOTIATION, (NULL), ("failed to negotiate"));
+ ret = GST_FLOW_NOT_NEGOTIATED;
+ goto exit;
+ }
decode_error:
{
gchar err_msg[JMSG_LENGTH_MAX];
--
2.30.2

44
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0023-qtdemux-Avoid-integer-overflow-when-parsing-Theora-e.patch Normal file
View File

@@ -0,0 +1,44 @@
From f8e398c46fc074f266edb3f20479c0ca31b52448 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 26 Sep 2024 22:16:06 +0300
Subject: [PATCH] qtdemux: Avoid integer overflow when parsing Theora extension
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-166
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3851
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8032>
CVE: CVE-2024-47606
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/f8e398c46fc074f266edb3f20479c0ca31b52448]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/isomp4/qtdemux.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gst/isomp4/qtdemux.c b/gst/isomp4/qtdemux.c
index 5e3cb1b9e6..c2d8b5e0f1 100644
--- a/gst/isomp4/qtdemux.c
+++ b/gst/isomp4/qtdemux.c
@@ -8279,7 +8279,7 @@ qtdemux_parse_theora_extension (GstQTDemux * qtdemux, QtDemuxStream * stream,
end -= 8;
while (buf < end) {
- gint size;
+ guint32 size;
guint32 type;
size = QT_UINT32 (buf);
@@ -8287,7 +8287,7 @@ qtdemux_parse_theora_extension (GstQTDemux * qtdemux, QtDemuxStream * stream,
GST_LOG_OBJECT (qtdemux, "%p %p", buf, end);
- if (buf + size > end || size <= 0)
+ if (end - buf < size || size < 8)
break;
buf += 8;
--
2.30.2

46
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0024-avisubtitle-Fix-size-checks-and-avoid-overflows-when.patch Normal file
View File

@@ -0,0 +1,46 @@
From 0870e87c7c02e28e22a09a7de0c5b1e5bed68c14 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 4 Oct 2024 14:04:03 +0300
Subject: [PATCH] avisubtitle: Fix size checks and avoid overflows when
checking sizes
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-262
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3890
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8043>
CVE: CVE-2024-47774
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/0870e87c7c02e28e22a09a7de0c5b1e5bed68c14]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/avi/gstavisubtitle.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/gst/avi/gstavisubtitle.c b/gst/avi/gstavisubtitle.c
index efc5f04051..c816934da6 100644
--- a/gst/avi/gstavisubtitle.c
+++ b/gst/avi/gstavisubtitle.c
@@ -196,7 +196,7 @@ gst_avi_subtitle_parse_gab2_chunk (GstAviSubtitle * sub, GstBuffer * buf)
/* read 'name' of subtitle */
name_length = GST_READ_UINT32_LE (map.data + 5 + 2);
GST_LOG_OBJECT (sub, "length of name: %u", name_length);
- if (map.size <= 17 + name_length)
+ if (G_MAXUINT32 - 17 < name_length || map.size < 17 + name_length)
goto wrong_name_length;
name_utf8 =
@@ -216,7 +216,8 @@ gst_avi_subtitle_parse_gab2_chunk (GstAviSubtitle * sub, GstBuffer * buf)
file_length = GST_READ_UINT32_LE (map.data + 13 + name_length);
GST_LOG_OBJECT (sub, "length srt/ssa file: %u", file_length);
- if (map.size < (17 + name_length + file_length))
+ if (G_MAXUINT32 - 17 - name_length < file_length
+ || map.size < 17 + name_length + file_length)
goto wrong_total_length;
/* store this, so we can send it again after a seek; note that we shouldn't
--
2.30.2

174
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0025-wavparse-Check-for-short-reads-when-parsing-headers-.patch Normal file
View File

@@ -0,0 +1,174 @@
From 13b48016b3ef1e822c393c2871b0a561ce19ecb3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 4 Oct 2024 13:00:57 +0300
Subject: [PATCH 1/7] wavparse: Check for short reads when parsing headers in
pull mode
And also return the actual flow return to the caller instead of always returning
GST_FLOW_ERROR.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-258, GHSL-2024-260
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3886
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3888
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042>
CVE: CVE-2024-47775
CVE: CVE-2024-47776
CVE: CVE-2024-47777
CVE: CVE-2024-47778
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/13b48016b3ef1e822c393c2871b0a561ce19ecb3]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/wavparse/gstwavparse.c | 63 ++++++++++++++++++++++++++++----------
1 file changed, 46 insertions(+), 17 deletions(-)
diff --git a/gst/wavparse/gstwavparse.c b/gst/wavparse/gstwavparse.c
index d074f273c5..97d5591fae 100644
--- a/gst/wavparse/gstwavparse.c
+++ b/gst/wavparse/gstwavparse.c
@@ -1096,6 +1096,24 @@ parse_ds64 (GstWavParse * wav, GstBuffer * buf)
return TRUE;
}
+static GstFlowReturn
+gst_wavparse_pull_range_exact (GstWavParse * wav, guint64 offset, guint size,
+ GstBuffer ** buffer)
+{
+ GstFlowReturn res;
+
+ res = gst_pad_pull_range (wav->sinkpad, offset, size, buffer);
+ if (res != GST_FLOW_OK)
+ return res;
+
+ if (gst_buffer_get_size (*buffer) < size) {
+ gst_clear_buffer (buffer);
+ return GST_FLOW_EOS;
+ }
+
+ return res;
+}
+
static GstFlowReturn
gst_wavparse_stream_headers (GstWavParse * wav)
{
@@ -1291,9 +1309,9 @@ gst_wavparse_stream_headers (GstWavParse * wav)
buf = NULL;
if ((res =
- gst_pad_pull_range (wav->sinkpad, wav->offset, 8,
+ gst_wavparse_pull_range_exact (wav, wav->offset, 8,
&buf)) != GST_FLOW_OK)
- goto header_read_error;
+ goto header_pull_error;
gst_buffer_map (buf, &map, GST_MAP_READ);
tag = GST_READ_UINT32_LE (map.data);
size = GST_READ_UINT32_LE (map.data + 4);
@@ -1396,9 +1414,9 @@ gst_wavparse_stream_headers (GstWavParse * wav)
gst_buffer_unref (buf);
buf = NULL;
if ((res =
- gst_pad_pull_range (wav->sinkpad, wav->offset + 8,
+ gst_wavparse_pull_range_exact (wav, wav->offset + 8,
data_size, &buf)) != GST_FLOW_OK)
- goto header_read_error;
+ goto header_pull_error;
gst_buffer_extract (buf, 0, &wav->fact, 4);
wav->fact = GUINT32_FROM_LE (wav->fact);
gst_buffer_unref (buf);
@@ -1443,9 +1461,9 @@ gst_wavparse_stream_headers (GstWavParse * wav)
gst_buffer_unref (buf);
buf = NULL;
if ((res =
- gst_pad_pull_range (wav->sinkpad, wav->offset + 8,
- size, &buf)) != GST_FLOW_OK)
- goto header_read_error;
+ gst_wavparse_pull_range_exact (wav, wav->offset + 8, size,
+ &buf)) != GST_FLOW_OK)
+ goto header_pull_error;
gst_buffer_map (buf, &map, GST_MAP_READ);
acid = (const gst_riff_acid *) map.data;
tempo = acid->tempo;
@@ -1483,9 +1501,9 @@ gst_wavparse_stream_headers (GstWavParse * wav)
gst_buffer_unref (buf);
buf = NULL;
if ((res =
- gst_pad_pull_range (wav->sinkpad, wav->offset, 12,
+ gst_wavparse_pull_range_exact (wav, wav->offset, 12,
&buf)) != GST_FLOW_OK)
- goto header_read_error;
+ goto header_pull_error;
gst_buffer_extract (buf, 8, &ltag, 4);
ltag = GUINT32_FROM_LE (ltag);
}
@@ -1512,9 +1530,9 @@ gst_wavparse_stream_headers (GstWavParse * wav)
buf = NULL;
if (data_size > 0) {
if ((res =
- gst_pad_pull_range (wav->sinkpad, wav->offset,
+ gst_wavparse_pull_range_exact (wav, wav->offset,
data_size, &buf)) != GST_FLOW_OK)
- goto header_read_error;
+ goto header_pull_error;
}
}
if (data_size > 0) {
@@ -1552,9 +1570,9 @@ gst_wavparse_stream_headers (GstWavParse * wav)
buf = NULL;
wav->offset += 12;
if ((res =
- gst_pad_pull_range (wav->sinkpad, wav->offset,
+ gst_wavparse_pull_range_exact (wav, wav->offset,
data_size, &buf)) != GST_FLOW_OK)
- goto header_read_error;
+ goto header_pull_error;
gst_buffer_map (buf, &map, GST_MAP_READ);
gst_wavparse_adtl_chunk (wav, (const guint8 *) map.data,
data_size);
@@ -1598,9 +1616,9 @@ gst_wavparse_stream_headers (GstWavParse * wav)
gst_buffer_unref (buf);
buf = NULL;
if ((res =
- gst_pad_pull_range (wav->sinkpad, wav->offset,
+ gst_wavparse_pull_range_exact (wav, wav->offset,
data_size, &buf)) != GST_FLOW_OK)
- goto header_read_error;
+ goto header_pull_error;
gst_buffer_map (buf, &map, GST_MAP_READ);
if (!gst_wavparse_cue_chunk (wav, (const guint8 *) map.data,
data_size)) {
@@ -1642,9 +1660,9 @@ gst_wavparse_stream_headers (GstWavParse * wav)
gst_buffer_unref (buf);
buf = NULL;
if ((res =
- gst_pad_pull_range (wav->sinkpad, wav->offset,
+ gst_wavparse_pull_range_exact (wav, wav->offset,
data_size, &buf)) != GST_FLOW_OK)
- goto header_read_error;
+ goto header_pull_error;
gst_buffer_map (buf, &map, GST_MAP_READ);
if (!gst_wavparse_smpl_chunk (wav, (const guint8 *) map.data,
data_size)) {
@@ -1796,6 +1814,17 @@ header_read_error:
("Couldn't read in header %d (%s)", res, gst_flow_get_name (res)));
goto fail;
}
+header_pull_error:
+ {
+ if (res == GST_FLOW_EOS) {
+ GST_WARNING_OBJECT (wav, "Couldn't pull header %d (%s)", res,
+ gst_flow_get_name (res));
+ } else {
+ GST_ELEMENT_ERROR (wav, STREAM, DEMUX, (NULL),
+ ("Couldn't pull header %d (%s)", res, gst_flow_get_name (res)));
+ }
+ goto exit;
+ }
}
/*
--
2.30.2

41
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0026-wavparse-Make-sure-enough-data-for-the-tag-list-tag-.patch Normal file
View File

@@ -0,0 +1,41 @@
From 4c198f4891cfabde868944d55ff98925e7beb757 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 4 Oct 2024 13:09:43 +0300
Subject: [PATCH 2/7] wavparse: Make sure enough data for the tag list tag is
available before parsing
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-258
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3886
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042>
CVE: CVE-2024-47775
CVE: CVE-2024-47776
CVE: CVE-2024-47777
CVE: CVE-2024-47778
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/4c198f4891cfabde868944d55ff98925e7beb757]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/wavparse/gstwavparse.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/gst/wavparse/gstwavparse.c b/gst/wavparse/gstwavparse.c
index 97d5591fae..21cb48c07e 100644
--- a/gst/wavparse/gstwavparse.c
+++ b/gst/wavparse/gstwavparse.c
@@ -1488,6 +1488,10 @@ gst_wavparse_stream_headers (GstWavParse * wav)
case GST_RIFF_TAG_LIST:{
guint32 ltag;
+ /* Need at least the ltag */
+ if (size < 4)
+ goto exit;
+
if (wav->streaming) {
const guint8 *data = NULL;
--
2.30.2

65
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0027-wavparse-Fix-parsing-of-acid-chunk.patch Normal file
View File

@@ -0,0 +1,65 @@
From 296e17b4ea81e5c228bb853f6037b654fdca7d47 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 4 Oct 2024 13:15:27 +0300
Subject: [PATCH 3/7] wavparse: Fix parsing of acid chunk
Simply casting the bytes to a struct can lead to crashes because of unaligned
reads, and is also missing the endianness swapping that is necessary on big
endian architectures.
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042>
CVE: CVE-2024-47775
CVE: CVE-2024-47776
CVE: CVE-2024-47777
CVE: CVE-2024-47778
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/296e17b4ea81e5c228bb853f6037b654fdca7d47]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/wavparse/gstwavparse.c | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/gst/wavparse/gstwavparse.c b/gst/wavparse/gstwavparse.c
index 21cb48c07e..6a0c44638e 100644
--- a/gst/wavparse/gstwavparse.c
+++ b/gst/wavparse/gstwavparse.c
@@ -1433,8 +1433,7 @@ gst_wavparse_stream_headers (GstWavParse * wav)
break;
}
case GST_RIFF_TAG_acid:{
- const gst_riff_acid *acid = NULL;
- const guint data_size = sizeof (gst_riff_acid);
+ const guint data_size = 24;
gfloat tempo;
GST_INFO_OBJECT (wav, "Have acid chunk");
@@ -1448,13 +1447,13 @@ gst_wavparse_stream_headers (GstWavParse * wav)
break;
}
if (wav->streaming) {
+ const guint8 *data;
if (!gst_wavparse_peek_chunk (wav, &tag, &size)) {
goto exit;
}
gst_adapter_flush (wav->adapter, 8);
- acid = (const gst_riff_acid *) gst_adapter_map (wav->adapter,
- data_size);
- tempo = acid->tempo;
+ data = gst_adapter_map (wav->adapter, data_size);
+ tempo = GST_READ_FLOAT_LE (data + 20);
gst_adapter_unmap (wav->adapter);
} else {
GstMapInfo map;
@@ -1465,8 +1464,7 @@ gst_wavparse_stream_headers (GstWavParse * wav)
&buf)) != GST_FLOW_OK)
goto header_pull_error;
gst_buffer_map (buf, &map, GST_MAP_READ);
- acid = (const gst_riff_acid *) map.data;
- tempo = acid->tempo;
+ tempo = GST_READ_FLOAT_LE (map.data + 20);
gst_buffer_unmap (buf, &map);
}
/* send data as tags */
--
2.30.2

37
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0028-wavparse-Check-that-at-least-4-bytes-are-available-b.patch Normal file
View File

@@ -0,0 +1,37 @@
From c72025cabdfcb2fe30d24eda7bb9d1d01a1b6555 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 4 Oct 2024 13:21:44 +0300
Subject: [PATCH 4/7] wavparse: Check that at least 4 bytes are available
before parsing cue chunks
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042>
CVE: CVE-2024-47775
CVE: CVE-2024-47776
CVE: CVE-2024-47777
CVE: CVE-2024-47778
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/c72025cabdfcb2fe30d24eda7bb9d1d01a1b6555]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/wavparse/gstwavparse.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/gst/wavparse/gstwavparse.c b/gst/wavparse/gstwavparse.c
index 6a0c44638e..5655ee3825 100644
--- a/gst/wavparse/gstwavparse.c
+++ b/gst/wavparse/gstwavparse.c
@@ -789,6 +789,11 @@ gst_wavparse_cue_chunk (GstWavParse * wav, const guint8 * data, guint32 size)
return TRUE;
}
+ if (size < 4) {
+ GST_WARNING_OBJECT (wav, "broken file %d", size);
+ return FALSE;
+ }
+
ncues = GST_READ_UINT32_LE (data);
if (size < 4 + ncues * 24) {
--
2.30.2

40
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0029-wavparse-Check-that-at-least-32-bytes-are-available-.patch Normal file
View File

@@ -0,0 +1,40 @@
From 93d79c22a82604adc5512557c1238f72f41188c4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 4 Oct 2024 13:22:02 +0300
Subject: [PATCH 5/7] wavparse: Check that at least 32 bytes are available
before parsing smpl chunks
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-259
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3887
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042>
CVE: CVE-2024-47775
CVE: CVE-2024-47776
CVE: CVE-2024-47777
CVE: CVE-2024-47778
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/93d79c22a82604adc5512557c1238f72f41188c4]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/wavparse/gstwavparse.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/gst/wavparse/gstwavparse.c b/gst/wavparse/gstwavparse.c
index 5655ee3825..8a04805ed4 100644
--- a/gst/wavparse/gstwavparse.c
+++ b/gst/wavparse/gstwavparse.c
@@ -893,6 +893,9 @@ gst_wavparse_smpl_chunk (GstWavParse * wav, const guint8 * data, guint32 size)
{
guint32 note_number;
+ if (size < 32)
+ return FALSE;
+
/*
manufacturer_id = GST_READ_UINT32_LE (data);
product_id = GST_READ_UINT32_LE (data + 4);
--
2.30.2

47
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0030-wavparse-Fix-clipping-of-size-to-the-file-size.patch Normal file
View File

@@ -0,0 +1,47 @@
From 526d0eef0d850c8f2fa1bf0aef15a836797f1a67 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 4 Oct 2024 13:27:27 +0300
Subject: [PATCH 6/7] wavparse: Fix clipping of size to the file size
The size does not include the 8 bytes tag and length, so an additional 8 bytes
must be removed here. 8 bytes are always available at this point because
otherwise the parsing of the tag and length right above would've failed.
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-260
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3888
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042>
CVE: CVE-2024-47775
CVE: CVE-2024-47776
CVE: CVE-2024-47777
CVE: CVE-2024-47778
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/526d0eef0d850c8f2fa1bf0aef15a836797f1a67]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/wavparse/gstwavparse.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/gst/wavparse/gstwavparse.c b/gst/wavparse/gstwavparse.c
index 8a04805ed4..998cbb276d 100644
--- a/gst/wavparse/gstwavparse.c
+++ b/gst/wavparse/gstwavparse.c
@@ -1337,10 +1337,11 @@ gst_wavparse_stream_headers (GstWavParse * wav)
}
/* Clip to upstream size if known */
- if (upstream_size > 0 && size + wav->offset > upstream_size) {
+ if (upstream_size > 0 && size + 8 + wav->offset > upstream_size) {
GST_WARNING_OBJECT (wav, "Clipping chunk size to file size");
g_assert (upstream_size >= wav->offset);
- size = upstream_size - wav->offset;
+ g_assert (upstream_size - wav->offset >= 8);
+ size = upstream_size - wav->offset - 8;
}
/* wav is a st00pid format, we don't know for sure where data starts.
--
2.30.2

41
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0031-wavparse-Check-size-before-reading-ds64-chunk.patch Normal file
View File

@@ -0,0 +1,41 @@
From 4f381d15014471b026020d0990a5f5a9f420a22b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Fri, 4 Oct 2024 13:51:00 +0300
Subject: [PATCH 7/7] wavparse: Check size before reading ds64 chunk
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-261
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3889
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042>
CVE: CVE-2024-47775
CVE: CVE-2024-47776
CVE: CVE-2024-47777
CVE: CVE-2024-47778
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/4f381d15014471b026020d0990a5f5a9f420a22b]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/wavparse/gstwavparse.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/gst/wavparse/gstwavparse.c b/gst/wavparse/gstwavparse.c
index 998cbb276d..958868de6d 100644
--- a/gst/wavparse/gstwavparse.c
+++ b/gst/wavparse/gstwavparse.c
@@ -1087,6 +1087,11 @@ parse_ds64 (GstWavParse * wav, GstBuffer * buf)
guint32 sampleCountLow, sampleCountHigh;
gst_buffer_map (buf, &map, GST_MAP_READ);
+ if (map.size < 6 * 4) {
+ GST_WARNING_OBJECT (wav, "Too small ds64 chunk (%" G_GSIZE_FORMAT ")",
+ map.size);
+ return FALSE;
+ }
dataSizeLow = GST_READ_UINT32_LE (map.data + 2 * 4);
dataSizeHigh = GST_READ_UINT32_LE (map.data + 3 * 4);
sampleCountLow = GST_READ_UINT32_LE (map.data + 4 * 4);
--
2.30.2

113
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.12.bb Normal file
View File

@@ -0,0 +1,113 @@
require gstreamer1.0-plugins-common.inc
SUMMARY = "'Good' GStreamer plugins"
HOMEPAGE = "https://gstreamer.freedesktop.org/"
BUGTRACKER = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/issues"
SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-good-${PV}.tar.xz \
file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \
file://0001-v4l2-Define-ioctl_req_t-for-posix-linux-case.patch \
file://0001-qtdemux-Skip-zero-sized-boxes-instead-of-stopping-to.patch \
file://0002-qtdemux-Fix-integer-overflow-when-allocating-the-sam.patch \
file://0003-qtdemux-Fix-debug-output-during-trun-parsing.patch \
file://0004-qtdemux-Don-t-iterate-over-all-trun-entries-if-none-.patch \
file://0005-qtdemux-Check-sizes-of-stsc-stco-stts-before-trying-.patch \
file://0006-qtdemux-Make-sure-only-an-even-number-of-bytes-is-pr.patch \
file://0007-qtdemux-Make-sure-enough-data-is-available-before-re.patch \
file://0008-qtdemux-Fix-length-checks-and-offsets-in-stsd-entry-.patch \
file://0009-qtdemux-Fix-error-handling-when-parsing-cenc-sample-.patch \
file://0010-qtdemux-Make-sure-there-are-enough-offsets-to-read-w.patch \
file://0011-qtdemux-Actually-handle-errors-returns-from-various-.patch \
file://0012-qtdemux-Check-for-invalid-atom-length-when-extractin.patch \
file://0013-qtdemux-Add-size-check-for-parsing-SMI-SEQH-atom.patch \
file://0014-gdkpixbufdec-Check-if-initializing-the-video-info-ac.patch \
file://0015-matroskademux-Only-unmap-GstMapInfo-in-WavPack-heade.patch \
file://0016-matroskademux-Fix-off-by-one-when-parsing-multi-chan.patch \
file://0017-matroskademux-Check-for-big-enough-WavPack-codec-pri.patch \
file://0018-matroskademux-Don-t-take-data-out-of-an-empty-adapte.patch \
file://0019-matroskademux-Skip-over-laces-directly-when-postproc.patch \
file://0020-matroskademux-Skip-over-zero-sized-Xiph-stream-heade.patch \
file://0021-matroskademux-Put-a-copy-of-the-codec-data-into-the-.patch \
file://0022-jpegdec-Directly-error-out-on-negotiation-failures.patch \
file://0023-qtdemux-Avoid-integer-overflow-when-parsing-Theora-e.patch \
file://0024-avisubtitle-Fix-size-checks-and-avoid-overflows-when.patch \
file://0025-wavparse-Check-for-short-reads-when-parsing-headers-.patch \
file://0026-wavparse-Make-sure-enough-data-for-the-tag-list-tag-.patch \
file://0027-wavparse-Fix-parsing-of-acid-chunk.patch \
file://0028-wavparse-Check-that-at-least-4-bytes-are-available-b.patch \
file://0029-wavparse-Check-that-at-least-32-bytes-are-available-.patch \
file://0030-wavparse-Fix-clipping-of-size-to-the-file-size.patch \
file://0031-wavparse-Check-size-before-reading-ds64-chunk.patch \
"
SRC_URI[sha256sum] = "9c1913f981900bd8867182639b20907b28ed78ef7a222cfbf2d8ba9dab992fa7"
S = "${WORKDIR}/gst-plugins-good-${PV}"
LICENSE = "LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343 \
file://gst/replaygain/rganalysis.c;beginline=1;endline=23;md5=b60ebefd5b2f5a8e0cab6bfee391a5fe"
DEPENDS += "gstreamer1.0-plugins-base libcap zlib"
RPROVIDES:${PN}-pulseaudio += "${PN}-pulse"
RPROVIDES:${PN}-soup += "${PN}-souphttpsrc"
RDEPENDS:${PN}-soup += "${MLPREFIX}${@bb.utils.contains('PACKAGECONFIG', 'soup2', 'libsoup-2.4', 'libsoup', d)}"
PACKAGECONFIG_SOUP ?= "soup3"
PACKAGECONFIG ??= " \
${GSTREAMER_ORC} \
${PACKAGECONFIG_SOUP} \
${@bb.utils.filter('DISTRO_FEATURES', 'pulseaudio x11', d)} \
${@bb.utils.contains('TUNE_FEATURES', 'm64', 'asm', '', d)} \
bz2 cairo flac gdk-pixbuf gudev jpeg lame libpng mpg123 speex taglib v4l2 \
"
X11DEPENDS = "virtual/libx11 libsm libxrender libxfixes libxdamage"
X11ENABLEOPTS = "-Dximagesrc=enabled -Dximagesrc-xshm=enabled -Dximagesrc-xfixes=enabled -Dximagesrc-xdamage=enabled"
X11DISABLEOPTS = "-Dximagesrc=disabled -Dximagesrc-xshm=disabled -Dximagesrc-xfixes=disabled -Dximagesrc-xdamage=disabled"
QT5WAYLANDDEPENDS = "${@bb.utils.contains("DISTRO_FEATURES", "wayland", "qtwayland", "", d)}"
PACKAGECONFIG[asm] = "-Dasm=enabled,-Dasm=disabled,nasm-native"
PACKAGECONFIG[bz2] = "-Dbz2=enabled,-Dbz2=disabled,bzip2"
PACKAGECONFIG[cairo] = "-Dcairo=enabled,-Dcairo=disabled,cairo"
PACKAGECONFIG[dv1394] = "-Ddv1394=enabled,-Ddv1394=disabled,libiec61883 libavc1394 libraw1394"
PACKAGECONFIG[flac] = "-Dflac=enabled,-Dflac=disabled,flac"
PACKAGECONFIG[gdk-pixbuf] = "-Dgdk-pixbuf=enabled,-Dgdk-pixbuf=disabled,gdk-pixbuf"
PACKAGECONFIG[gtk] = "-Dgtk3=enabled,-Dgtk3=disabled,gtk+3"
PACKAGECONFIG[gudev] = "-Dv4l2-gudev=enabled,-Dv4l2-gudev=disabled,libgudev"
PACKAGECONFIG[jack] = "-Djack=enabled,-Djack=disabled,jack"
PACKAGECONFIG[jpeg] = "-Djpeg=enabled,-Djpeg=disabled,jpeg"
PACKAGECONFIG[lame] = "-Dlame=enabled,-Dlame=disabled,lame"
PACKAGECONFIG[libpng] = "-Dpng=enabled,-Dpng=disabled,libpng"
PACKAGECONFIG[libv4l2] = "-Dv4l2-libv4l2=enabled,-Dv4l2-libv4l2=disabled,v4l-utils"
PACKAGECONFIG[mpg123] = "-Dmpg123=enabled,-Dmpg123=disabled,mpg123"
PACKAGECONFIG[pulseaudio] = "-Dpulse=enabled,-Dpulse=disabled,pulseaudio"
PACKAGECONFIG[qt5] = "-Dqt5=enabled,-Dqt5=disabled,qtbase qtdeclarative qtbase-native qttools-native ${QT5WAYLANDDEPENDS}"
PACKAGECONFIG[soup2] = "-Dsoup=enabled,,libsoup-2.4,,,soup3"
PACKAGECONFIG[soup3] = "-Dsoup=enabled,,libsoup,,,soup2"
PACKAGECONFIG[speex] = "-Dspeex=enabled,-Dspeex=disabled,speex"
PACKAGECONFIG[rpi] = "-Drpicamsrc=enabled,-Drpicamsrc=disabled,userland"
PACKAGECONFIG[taglib] = "-Dtaglib=enabled,-Dtaglib=disabled,taglib"
PACKAGECONFIG[v4l2] = "-Dv4l2=enabled -Dv4l2-probe=true,-Dv4l2=disabled -Dv4l2-probe=false"
PACKAGECONFIG[vpx] = "-Dvpx=enabled,-Dvpx=disabled,libvpx"
PACKAGECONFIG[wavpack] = "-Dwavpack=enabled,-Dwavpack=disabled,wavpack"
PACKAGECONFIG[x11] = "${X11ENABLEOPTS},${X11DISABLEOPTS},${X11DEPENDS}"
EXTRA_OEMESON += " \
-Ddoc=disabled \
-Daalib=disabled \
-Ddirectsound=disabled \
-Ddv=disabled \
-Dlibcaca=disabled \
-Doss=enabled \
-Doss4=disabled \
-Dosxaudio=disabled \
-Dosxvideo=disabled \
-Dshout2=disabled \
-Dtwolame=disabled \
-Dwaveform=disabled \
"
FILES:${PN}-equalizer += "${datadir}/gstreamer-1.0/presets/*.prs"

19
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-license.inc Normal file
View File

@@ -0,0 +1,19 @@
# This .inc file contains functionality for automatically setting
# the the license of all plugins according to the GSTREAMER_GPL.
PACKAGESPLITFUNCS += "set_gstreamer_license"
python set_gstreamer_license () {
import oe.utils
pn = d.getVar('PN') + '-'
gpl_plugins_names = [pn+plugin for plugin in d.getVar('GSTREAMER_GPL').split()]
for pkg in oe.utils.packages_filter_out_system(d):
if pkg in gpl_plugins_names:
d.setVar('LICENSE:' + pkg, 'GPL-2.0-or-later')
else:
d.setVar('LICENSE:' + pkg, 'LGPL-2.1-or-later')
}
EXTRA_OEMESON += " \
${@bb.utils.contains_any('PACKAGECONFIG', "${GSTREAMER_GPL}", '-Dgpl=enabled', '-Dgpl=disabled', d)} \
"

73
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-packaging.inc Normal file
View File

@@ -0,0 +1,73 @@
# This .inc file contains functionality for automatically splitting
# built plugins into individual packages for each plugin. A -meta
# package is also set up that has no files of its own, but contains
# the names of all plugin packages in its RDEPENDS list.
#
# This is mainly used by the gstreamer1.0-plugins-* plugin set recipes,
# but can be used in any recipe that produces GStreamer plugins.
# Dynamically generate packages for all enabled plugins
PACKAGES_DYNAMIC = "^${PN}-.* ^libgst.*"
PACKAGESPLITFUNCS =+ "split_gstreamer10_packages"
PACKAGESPLITFUNCS += "set_gstreamer10_metapkg_rdepends"
python split_gstreamer10_packages () {
gst_libdir = d.expand('${libdir}/gstreamer-1.0')
postinst = d.getVar('plugin_postinst')
glibdir = d.getVar('libdir')
# GStreamer libraries
do_split_packages(d, glibdir, r'^lib(.*)\.so\.*', 'lib%s', 'GStreamer 1.0 %s library', extra_depends='', allow_links=True)
# GStreamer plugin shared objects
do_split_packages(d, gst_libdir, r'libgst(.*)\.so$', d.expand('${PN}-%s'), 'GStreamer 1.0 plugin for %s', postinst=postinst, extra_depends='')
# GObject introspection files for GStreamer plugins
do_split_packages(d, glibdir+'/girepository-1.0', r'Gst(.*)-1.0\.typelib$', d.expand('${PN}-%s-typelib'), 'GStreamer 1.0 typelib file for %s', postinst=postinst, extra_depends='')
# Static GStreamer libraries for development
do_split_packages(d, gst_libdir, r'libgst(.*)\.a$', d.expand('${PN}-%s-staticdev'), 'GStreamer 1.0 plugin for %s (static development files)', extra_depends='${PN}-staticdev')
}
python set_gstreamer10_metapkg_rdepends () {
import os
import oe.utils
# Go through all generated packages (excluding the main package and
# the -meta package itself) and add them to the -meta package as RDEPENDS.
pn = d.getVar('PN')
metapkg = pn + '-meta'
d.setVar('ALLOW_EMPTY:' + metapkg, "1")
d.setVar('FILES:' + metapkg, "")
exclude = [ pn, pn + '-meta' ]
metapkg_rdepends = []
pkgdest = d.getVar('PKGDEST')
for pkg in oe.utils.packages_filter_out_system(d):
if pkg not in exclude and pkg not in metapkg_rdepends:
# See if the package is empty by looking at the contents of its PKGDEST subdirectory.
# If this subdirectory is empty, then the package is.
# Empty packages do not get added to the meta package's RDEPENDS
pkgdir = os.path.join(pkgdest, pkg)
if os.path.exists(pkgdir):
dir_contents = os.listdir(pkgdir) or []
else:
dir_contents = []
is_empty = len(dir_contents) == 0
if not is_empty:
metapkg_rdepends.append(pkg)
d.setVar('RDEPENDS:' + metapkg, ' '.join(metapkg_rdepends))
d.setVar('DESCRIPTION:' + metapkg, pn + ' meta package')
}
# each plugin-dev depends on PN-dev, plugin-staticdev on PN-staticdev
# so we need them even when empty (like in gst-plugins-good case)
ALLOW_EMPTY:${PN} = "1"
ALLOW_EMPTY:${PN}-dev = "1"
ALLOW_EMPTY:${PN}-staticdev = "1"
PACKAGES += "${PN}-apps ${PN}-meta ${PN}-glib"
FILES:${PN} = ""
FILES:${PN}-apps = "${bindir}"
FILES:${PN}-glib = "${datadir}/glib-2.0"
RRECOMMENDS:${PN} += "${PN}-meta"

47
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.12.bb Normal file
View File

@@ -0,0 +1,47 @@
require gstreamer1.0-plugins-common.inc
require gstreamer1.0-plugins-license.inc
SUMMARY = "'Ugly GStreamer plugins"
HOMEPAGE = "https://gstreamer.freedesktop.org/"
BUGTRACKER = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-ugly/-/issues"
LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343 \
"
LICENSE = "LGPL-2.1-or-later & GPL-2.0-or-later"
LICENSE_FLAGS = "commercial"
SRC_URI = " \
https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \
"
SRC_URI[sha256sum] = "d59a1aaf8dd2cc416dc5b5c0b7aecd02b1811bf1229aa724e6c2a503d3799083"
S = "${WORKDIR}/gst-plugins-ugly-${PV}"
DEPENDS += "gstreamer1.0-plugins-base"
GST_PLUGIN_SET_HAS_EXAMPLES = "0"
PACKAGECONFIG ??= " \
${GSTREAMER_ORC} \
a52dec mpeg2dec \
"
PACKAGECONFIG[amrnb] = "-Damrnb=enabled,-Damrnb=disabled,opencore-amr"
PACKAGECONFIG[amrwb] = "-Damrwbdec=enabled,-Damrwbdec=disabled,opencore-amr"
PACKAGECONFIG[a52dec] = "-Da52dec=enabled,-Da52dec=disabled,liba52"
PACKAGECONFIG[cdio] = "-Dcdio=enabled,-Dcdio=disabled,libcdio"
PACKAGECONFIG[dvdread] = "-Ddvdread=enabled,-Ddvdread=disabled,libdvdread"
PACKAGECONFIG[mpeg2dec] = "-Dmpeg2dec=enabled,-Dmpeg2dec=disabled,mpeg2dec"
PACKAGECONFIG[x264] = "-Dx264=enabled,-Dx264=disabled,x264"
GSTREAMER_GPL = "${@bb.utils.filter('PACKAGECONFIG', 'a52dec cdio dvdread mpeg2dec x264', d)}"
EXTRA_OEMESON += " \
-Ddoc=disabled \
-Dsidplay=disabled \
"
FILES:${PN}-amrnb += "${datadir}/gstreamer-1.0/presets/GstAmrnbEnc.prs"
FILES:${PN}-x264 += "${datadir}/gstreamer-1.0/presets/GstX264Enc.prs"

30
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.12.bb Normal file
View File

@@ -0,0 +1,30 @@
SUMMARY = "Python bindings for GStreamer 1.0"
DESCRIPTION = "GStreamer Python binding overrides (complementing the bindings \
provided by python-gi) "
HOMEPAGE = "http://cgit.freedesktop.org/gstreamer/gst-python/"
SECTION = "multimedia"
LICENSE = "LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740"
SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
SRC_URI[sha256sum] = "d98d3226efea20d5c440a28988a20319a953f7c594895df2bba4538633108e9f"
DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
PNREAL = "gst-python"
S = "${WORKDIR}/${PNREAL}-${PV}"
EXTRA_OEMESON += "\
-Dtests=disabled \
-Dplugin=enabled \
-Dlibpython-dir=${libdir} \
"
inherit meson pkgconfig setuptools3-base upstream-version-is-even features_check
FILES:${PN} += "${libdir}/gstreamer-1.0"
REQUIRED_DISTRO_FEATURES = "gobject-introspection-data"

44
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server/CVE-2024-44331.patch Normal file
View File

@@ -0,0 +1,44 @@
From aa3e97d67c05d4648ea58c7ff7675e24a81ca72b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 24 Oct 2024 20:12:55 +0300
Subject: [PATCH] rtsp-server: Remove pointless assertions that can happen if
client provides invalid rates
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3731
Fixes CVE-2024-44331
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/7739>
CVE: CVE-2024-44331
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/aa3e97d67c05d4648ea58c7ff7675e24a81ca72b]
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
gst/rtsp-server/rtsp-media.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/gst/rtsp-server/rtsp-media.c b/gst/rtsp-server/rtsp-media.c
index 8c62b0d..cbdc9f9 100644
--- a/gst/rtsp-server/rtsp-media.c
+++ b/gst/rtsp-server/rtsp-media.c
@@ -2755,15 +2755,13 @@ gst_rtsp_media_get_rates (GstRTSPMedia * media, gdouble * rate,
first_stream = FALSE;
} else {
if (save_rate != *rate || save_applied_rate != *applied_rate) {
- /* diffrent rate or applied_rate, weird */
- g_assert (FALSE);
+ /* different rate or applied_rate, weird */
result = FALSE;
break;
}
}
} else {
- /* complete stream withot rate and applied_rate, weird */
- g_assert (FALSE);
+ /* complete stream without rate and applied_rate, weird */
result = FALSE;
break;
}
--
2.40.0

33
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.12.bb Normal file
View File

@@ -0,0 +1,33 @@
SUMMARY = "A library on top of GStreamer for building an RTSP server"
HOMEPAGE = "http://cgit.freedesktop.org/gstreamer/gst-rtsp-server/"
SECTION = "multimedia"
LICENSE = "LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=69333daa044cb77e486cc36129f7a770"
DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base"
PNREAL = "gst-rtsp-server"
SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz \
file://CVE-2024-44331.patch \
"
SRC_URI[sha256sum] = "bf6c7871e7cf3528e4ec87ddc2f2949691cd269f98e536482ae744c1405cf451"
S = "${WORKDIR}/${PNREAL}-${PV}"
inherit meson pkgconfig upstream-version-is-even gobject-introspection
EXTRA_OEMESON += " \
-Ddoc=disabled \
-Dexamples=disabled \
-Dtests=disabled \
"
GIR_MESON_ENABLE_FLAG = "enabled"
GIR_MESON_DISABLE_FLAG = "disabled"
# Starting with 1.8.0 gst-rtsp-server includes dependency-less plugins as well
require gstreamer1.0-plugins-packaging.inc
CVE_PRODUCT += "gst-rtsp-server"

53
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.12.bb Normal file
View File

@@ -0,0 +1,53 @@
SUMMARY = "VA-API support to GStreamer"
HOMEPAGE = "https://gstreamer.freedesktop.org/"
DESCRIPTION = "gstreamer-vaapi consists of a collection of VA-API \
based plugins for GStreamer and helper libraries: `vaapidecode', \
`vaapiconvert', and `vaapisink'."
REALPN = "gstreamer-vaapi"
LICENSE = "LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c"
SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz"
SRC_URI[sha256sum] = "013ad729b2fe4fccda559bddc626bcb14230cfb90a2271049f8466bfec5d80df"
S = "${WORKDIR}/${REALPN}-${PV}"
DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad"
inherit meson pkgconfig features_check upstream-version-is-even
REQUIRED_DISTRO_FEATURES ?= "opengl"
EXTRA_OEMESON += " \
-Ddoc=disabled \
-Dexamples=disabled \
-Dtests=enabled \
"
PACKAGES =+ "${PN}-tests"
# OpenGL packageconfig factored out to make it easy for distros
# and BSP layers to pick either glx, egl, or no GL. By default,
# try detecting X11 first, and if found (with OpenGL), use GLX,
# otherwise try to check if EGL can be used.
PACKAGECONFIG_GL ?= "${@bb.utils.contains('DISTRO_FEATURES', 'x11 opengl', 'glx', \
bb.utils.contains('DISTRO_FEATURES', 'opengl', 'egl', \
'', d), d)}"
PACKAGECONFIG ??= "drm encoders \
${PACKAGECONFIG_GL} \
${@bb.utils.filter('DISTRO_FEATURES', 'wayland x11', d)}"
PACKAGECONFIG[drm] = "-Ddrm=enabled,-Ddrm=disabled,udev libdrm"
PACKAGECONFIG[egl] = "-Degl=enabled,-Degl=disabled,virtual/egl"
PACKAGECONFIG[encoders] = "-Dencoders=enabled,-Dencoders=disabled"
PACKAGECONFIG[glx] = "-Dglx=enabled,-Dglx=disabled,virtual/libgl"
PACKAGECONFIG[wayland] = "-Dwayland=enabled,-Dwayland=disabled,wayland-native wayland wayland-protocols"
PACKAGECONFIG[x11] = "-Dx11=enabled,-Dx11=disabled,virtual/libx11 libxrandr libxrender"
FILES:${PN} += "${libdir}/gstreamer-*/*.so"
FILES:${PN}-dbg += "${libdir}/gstreamer-*/.debug"
FILES:${PN}-dev += "${libdir}/gstreamer-*/*.a"
FILES:${PN}-tests = "${bindir}/*"

34
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0/0001-tests-respect-the-idententaion-used-in-meson.patch Normal file
View File

@@ -0,0 +1,34 @@
From 5372cd5bf2a9dd247b9c5fc6e4fe248046dbb085 Mon Sep 17 00:00:00 2001
From: Jose Quaresma <quaresma.jose@gmail.com>
Date: Sun, 11 Apr 2021 19:48:13 +0100
Subject: [PATCH] tests: respect the idententaion used in meson
Upstream-Status: Submitted [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/789]
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
---
tests/check/meson.build | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/tests/check/meson.build b/tests/check/meson.build
index 9787b0a..16caac7 100644
--- a/tests/check/meson.build
+++ b/tests/check/meson.build
@@ -145,11 +145,11 @@ foreach t : core_tests
if not skip_test
exe = executable(test_name, fname,
- c_args : gst_c_args + test_defines,
- cpp_args : gst_c_args + test_defines,
- include_directories : [configinc],
- link_with : link_with_libs,
- dependencies : gst_deps + test_deps,
+ c_args : gst_c_args + test_defines,
+ cpp_args : gst_c_args + test_defines,
+ include_directories : [configinc],
+ link_with : link_with_libs,
+ dependencies : gst_deps + test_deps,
)
env = environment()

107
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-tests-add-support-for-install-the-tests.patch Normal file
View File

@@ -0,0 +1,107 @@
From 27e977d03b0f7c1d0bf19621ef0cec0585410e7b Mon Sep 17 00:00:00 2001
From: Jose Quaresma <quaresma.jose@gmail.com>
Date: Sun, 11 Apr 2021 19:48:13 +0100
Subject: [PATCH] tests: add support for install the tests
This will provide to run the tests using the gnome-desktop-testing [1]
[1] https://wiki.gnome.org/Initiatives/GnomeGoals/InstalledTests
Upstream-Status: Submitted [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/789]
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
---
meson.build | 4 ++++
meson_options.txt | 1 +
tests/check/meson.build | 22 +++++++++++++++++++++-
tests/check/template.test.in | 3 +++
4 files changed, 29 insertions(+), 1 deletion(-)
create mode 100644 tests/check/template.test.in
diff --git a/meson.build b/meson.build
index 60c7bec..f7650b1 100644
--- a/meson.build
+++ b/meson.build
@@ -606,6 +606,10 @@ if bashcomp_dep.found()
endif
endif
+installed_tests_enabled = get_option('installed_tests')
+installed_tests_metadir = join_paths(datadir, 'installed-tests', meson.project_name())
+installed_tests_execdir = join_paths(libexecdir, 'installed-tests', meson.project_name())
+
plugins_install_dir = join_paths(get_option('libdir'), 'gstreamer-1.0')
pkgconfig = import('pkgconfig')
diff --git a/meson_options.txt b/meson_options.txt
index 7363bdb..a34ba37 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -15,6 +15,7 @@ option('poisoning', type : 'boolean', value : false, description : 'Enable poiso
option('memory-alignment', type: 'combo',
choices : ['1', '2', '4', '8', '16', '32', '64', '128', '256', '512', '1024', '2048', '4096', '8192', 'malloc', 'pagesize'],
value: 'malloc')
+option('installed_tests', type : 'boolean', value : false, description : 'Enable installed tests')
# Feature options
option('check', type : 'feature', value : 'auto', description : 'Build unit test libraries')
diff --git a/tests/check/meson.build b/tests/check/meson.build
index 16caac7..f2d400f 100644
--- a/tests/check/meson.build
+++ b/tests/check/meson.build
@@ -124,10 +124,16 @@ test_defines = [
'-UG_DISABLE_ASSERT',
'-UG_DISABLE_CAST_CHECKS',
'-DGST_CHECK_TEST_ENVIRONMENT_BEACON="GST_STATE_IGNORE_ELEMENTS"',
- '-DTESTFILE="' + meson.current_source_dir() + '/meson.build"',
'-DGST_DISABLE_DEPRECATED',
]
+testfile = meson.current_source_dir() + '/meson.build'
+if installed_tests_enabled
+ install_data(testfile, install_dir : installed_tests_metadir, rename : 'testfile')
+ testfile = installed_tests_metadir + '/testfile'
+endif
+test_defines += '-DTESTFILE="@0@"'.format(testfile)
+
# sanity checking
if get_option('check').disabled()
if get_option('tests').enabled()
@@ -150,6 +156,8 @@ foreach t : core_tests
include_directories : [configinc],
link_with : link_with_libs,
dependencies : gst_deps + test_deps,
+ install_dir: installed_tests_execdir,
+ install: installed_tests_enabled,
)
env = environment()
@@ -161,6 +169,18 @@ foreach t : core_tests
env.set('GST_PLUGIN_SCANNER_1_0', gst_scanner_dir + '/gst-plugin-scanner')
env.set('GST_PLUGIN_LOADING_WHITELIST', 'gstreamer')
+ if installed_tests_enabled
+ test_conf = configuration_data()
+ test_conf.set('installed_tests_dir', join_paths(prefix, installed_tests_execdir))
+ test_conf.set('program', test_name)
+ configure_file(
+ input: 'template.test.in',
+ output: test_name + '.test',
+ install_dir: installed_tests_metadir,
+ configuration: test_conf
+ )
+ endif
+
test(test_name, exe, env: env, timeout : 3 * 60)
endif
endforeach
diff --git a/tests/check/template.test.in b/tests/check/template.test.in
new file mode 100644
index 0000000..f701627
--- /dev/null
+++ b/tests/check/template.test.in
@@ -0,0 +1,3 @@
+[Test]
+Type=session
+Exec=@installed_tests_dir@/@program@

48
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0/0003-tests-use-a-dictionaries-for-environment.patch Normal file
View File

@@ -0,0 +1,48 @@
From 7041bc5adf9501beb1428d8bbae6b351a6bf07f9 Mon Sep 17 00:00:00 2001
From: Jose Quaresma <quaresma.jose@gmail.com>
Date: Sat, 24 Apr 2021 10:34:47 +0100
Subject: [PATCH] tests: use a dictionaries for environment
meson environment() can't be passed to configure_file and it is needed for installed_tests,
use a dictionary as this is simplest solution to install the environment.
Upstream-Status: Submitted [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/789]
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
---
tests/check/meson.build | 21 +++++++++++++--------
1 file changed, 13 insertions(+), 8 deletions(-)
diff --git a/tests/check/meson.build b/tests/check/meson.build
index f2d400f..50dff7f 100644
--- a/tests/check/meson.build
+++ b/tests/check/meson.build
@@ -160,14 +160,19 @@ foreach t : core_tests
install: installed_tests_enabled,
)
- env = environment()
- env.set('GST_PLUGIN_PATH_1_0', meson.project_build_root())
- env.set('GST_PLUGIN_SYSTEM_PATH_1_0', '')
- env.set('GST_STATE_IGNORE_ELEMENTS', '')
- env.set('CK_DEFAULT_TIMEOUT', '20')
- env.set('GST_REGISTRY', '@0@/@1@.registry'.format(meson.current_build_dir(), test_name))
- env.set('GST_PLUGIN_SCANNER_1_0', gst_scanner_dir + '/gst-plugin-scanner')
- env.set('GST_PLUGIN_LOADING_WHITELIST', 'gstreamer')
+ # meson environment object can't be passed to configure_file and
+ # installed tests uses configure_file to install the environment.
+ # use a dictionary as this is the simplest solution
+ # to install the environment.
+ env = {
+ 'GST_PLUGIN_PATH_1_0': meson.project_build_root(),
+ 'GST_PLUGIN_SYSTEM_PATH_1_0': '',
+ 'GST_STATE_IGNORE_ELEMENTS': '',
+ 'CK_DEFAULT_TIMEOUT': '20',
+ 'GST_REGISTRY': '@0@/@1@.registry'.format(meson.current_build_dir(), test_name),
+ 'GST_PLUGIN_SCANNER_1_0': gst_scanner_dir + '/gst-plugin-scanner',
+ 'GST_PLUGIN_LOADING_WHITELIST': 'gstreamer',
+ }
if installed_tests_enabled
test_conf = configuration_data()

72
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0/0004-tests-add-helper-script-to-run-the-installed_tests.patch Normal file
View File

@@ -0,0 +1,72 @@
From 1b1d1ce4227b6bea7c7def5dac4a663486e070c2 Mon Sep 17 00:00:00 2001
From: Jose Quaresma <quaresma.jose@gmail.com>
Date: Sun, 2 May 2021 01:58:01 +0100
Subject: [PATCH] tests: add helper script to run the installed_tests
- this is a bash script that will run the installed_tests
with some of the environment variables used in the meson
testing framework.
Upstream-Status: Submitted [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/789]
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
---
tests/check/meson.build | 17 +++++++++++++++++
tests/check/template.sh.in | 9 +++++++++
tests/check/template.test.in | 2 +-
3 files changed, 27 insertions(+), 1 deletion(-)
create mode 100755 tests/check/template.sh.in
diff --git a/tests/check/meson.build b/tests/check/meson.build
index 50dff7f..2b9e979 100644
--- a/tests/check/meson.build
+++ b/tests/check/meson.build
@@ -184,6 +184,23 @@ foreach t : core_tests
install_dir: installed_tests_metadir,
configuration: test_conf
)
+
+ # All the tests will be deployed on the target machine and
+ # we use the home folder ~ for the registry which will then expand at runtime.
+ # Using the /tmp/gstreamer-1.0/@0@.registry can be problematic as it mostly
+ # is mounted using tmpfs and if the machine crash from some reason we can lost the registry
+ # that is useful for debug propose of the tests itself.
+ env += {'GST_REGISTRY': '~/.cache/gstreamer-1.0/@0@.registry'.format(test_name)}
+
+ # Set the full path for the test it self.
+ env += {'TEST': '@0@/@1@'.format(join_paths(prefix, installed_tests_execdir), test_name)}
+
+ configure_file(
+ input : 'template.sh.in',
+ output: test_name + '.sh',
+ install_dir: installed_tests_execdir,
+ configuration : env,
+ )
endif
test(test_name, exe, env: env, timeout : 3 * 60)
diff --git a/tests/check/template.sh.in b/tests/check/template.sh.in
new file mode 100755
index 0000000..cf7d31b
--- /dev/null
+++ b/tests/check/template.sh.in
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+set -ax
+
+CK_DEFAULT_TIMEOUT="@CK_DEFAULT_TIMEOUT@"
+GST_PLUGIN_LOADING_WHITELIST="@GST_PLUGIN_LOADING_WHITELIST@"
+GST_REGISTRY=@GST_REGISTRY@
+GST_STATE_IGNORE_ELEMENTS="@GST_STATE_IGNORE_ELEMENTS@"
+exec @TEST@
diff --git a/tests/check/template.test.in b/tests/check/template.test.in
index f701627..b74ef6a 100644
--- a/tests/check/template.test.in
+++ b/tests/check/template.test.in
@@ -1,3 +1,3 @@
[Test]
Type=session
-Exec=@installed_tests_dir@/@program@
+Exec=@installed_tests_dir@/@program@.sh

56
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0/0005-allocator-Avoid-integer-overflow-when-allocating-sys.patch Normal file
View File

@@ -0,0 +1,56 @@
From f1cdc6f24340f6cce4cc7020628002f5c70dd6c7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
Date: Thu, 26 Sep 2024 22:07:22 +0300
Subject: [PATCH] allocator: Avoid integer overflow when allocating sysmem
Thanks to Antonio Morales for finding and reporting the issue.
Fixes GHSL-2024-166
Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3851
Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8032>
CVE: CVE-2024-47606
Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/f1cdc6f24340f6cce4cc7020628002f5c70dd6c7]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
gst/gstallocator.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/gst/gstallocator.c b/gst/gstallocator.c
index 996f5dc946..198cfe9523 100644
--- a/gst/gstallocator.c
+++ b/gst/gstallocator.c
@@ -430,8 +430,20 @@ _sysmem_new_block (GstMemoryFlags flags,
/* ensure configured alignment */
align |= gst_memory_alignment;
/* allocate more to compensate for alignment */
+ if (align > G_MAXSIZE || maxsize > G_MAXSIZE - align) {
+ GST_CAT_WARNING (GST_CAT_MEMORY,
+ "Allocating %" G_GSIZE_FORMAT " bytes with alignment %" G_GSIZE_FORMAT
+ "x overflows", maxsize, align);
+ return NULL;
+ }
maxsize += align;
/* alloc header and data in one block */
+ if (maxsize > G_MAXSIZE - sizeof (GstMemorySystem)) {
+ GST_CAT_WARNING (GST_CAT_MEMORY,
+ "Allocating %" G_GSIZE_FORMAT " bytes with alignment %" G_GSIZE_FORMAT
+ "x overflows", maxsize, align);
+ return NULL;
+ }
slice_size = sizeof (GstMemorySystem) + maxsize;
mem = g_slice_alloc (slice_size);
@@ -481,6 +493,8 @@ _sysmem_copy (GstMemorySystem * mem, gssize offset, gsize size)
size = mem->mem.size > offset ? mem->mem.size - offset : 0;
copy = _sysmem_new_block (0, size, mem->mem.align, 0, size);
+ if (!copy)
+ return NULL;
GST_CAT_DEBUG (GST_CAT_PERFORMANCE,
"memcpy %" G_GSIZE_FORMAT " memory %p -> %p", size, mem, copy);
memcpy (copy->data, mem->data + mem->mem.offset + offset, size);
--
2.30.2

26
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0/run-ptest Executable file
View File

@@ -0,0 +1,26 @@
#! /bin/sh
# Multiply all timeouts by five so they're more likely to work
# on a loaded system. The default timeout is 20s so this makes it
# one minute.
export CK_TIMEOUT_MULTIPLIER=5
# Skip some tests that we know are problematic
export GST_CHECKS_IGNORE=""
# gstnetclientclock.c:test_functioning is very sensitive to load
GST_CHECKS_IGNORE="$GST_CHECKS_IGNORE,test_functioning"
# aggregator.c:test_infinite_seek_50_src_live is known to be flaky
# https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/410
GST_CHECKS_IGNORE="$GST_CHECKS_IGNORE,test_infinite_seek_50_src_live"
# Known unreliable tests as per subprojects/gst-devtools/validate/launcher/testsuites/check.py:
GST_CHECKS_IGNORE="$GST_CHECKS_IGNORE,parser_pull_short_read"
# These tests are fragile
# https://bugzilla.yoctoproject.org/show_bug.cgi?id=14884
# https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/3524
GST_CHECKS_IGNORE="$GST_CHECKS_IGNORE,parser_convert_duration,parser_pull_frame_growth,parser_reverse_playback"
gnome-desktop-testing-runner gstreamer

90
sources/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.12.bb Normal file
View File

@@ -0,0 +1,90 @@
SUMMARY = "GStreamer 1.0 multimedia framework"
DESCRIPTION = "GStreamer is a multimedia framework for encoding and decoding video and sound. \
It supports a wide range of formats including mp3, ogg, avi, mpeg and quicktime."
HOMEPAGE = "http://gstreamer.freedesktop.org/"
BUGTRACKER = "https://bugzilla.gnome.org/enter_bug.cgi?product=Gstreamer"
SECTION = "multimedia"
LICENSE = "LGPL-2.1-or-later"
DEPENDS = "glib-2.0 glib-2.0-native libxml2 bison-native flex-native"
inherit meson pkgconfig gettext upstream-version-is-even gobject-introspection ptest-gnome
LIC_FILES_CHKSUM = "file://COPYING;md5=69333daa044cb77e486cc36129f7a770 \
file://gst/gst.h;beginline=1;endline=21;md5=e059138481205ee2c6fc1c079c016d0d"
S = "${WORKDIR}/gstreamer-${PV}"
SRC_URI = "https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${PV}.tar.xz \
file://run-ptest \
file://0001-tests-respect-the-idententaion-used-in-meson.patch \
file://0002-tests-add-support-for-install-the-tests.patch \
file://0003-tests-use-a-dictionaries-for-environment.patch \
file://0004-tests-add-helper-script-to-run-the-installed_tests.patch \
file://0005-allocator-Avoid-integer-overflow-when-allocating-sys.patch \
"
SRC_URI[sha256sum] = "ac352f3d02caa67f3b169daa9aa78b04dea0fc08a727de73cb28d89bd54c6f61"
PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \
check \
debug \
tools"
PACKAGECONFIG[debug] = "-Dgst_debug=true,-Dgst_debug=false"
PACKAGECONFIG[tracer-hooks] = "-Dtracer_hooks=true,-Dtracer_hooks=false"
PACKAGECONFIG[coretracers] = "-Dcoretracers=enabled,-Dcoretracers=disabled"
PACKAGECONFIG[check] = "-Dcheck=enabled,-Dcheck=disabled"
PACKAGECONFIG[tests] = "-Dtests=enabled -Dinstalled_tests=true,-Dtests=disabled -Dinstalled_tests=false"
PACKAGECONFIG[unwind] = "-Dlibunwind=enabled,-Dlibunwind=disabled,libunwind"
PACKAGECONFIG[dw] = "-Dlibdw=enabled,-Dlibdw=disabled,elfutils"
PACKAGECONFIG[bash-completion] = "-Dbash-completion=enabled,-Dbash-completion=disabled,bash-completion"
PACKAGECONFIG[tools] = "-Dtools=enabled,-Dtools=disabled"
PACKAGECONFIG[setcap] = "-Dptp-helper-permissions=capabilities,,libcap libcap-native"
# TODO: put this in a gettext.bbclass patch
def gettext_oemeson(d):
if d.getVar('USE_NLS') == 'no':
return '-Dnls=disabled'
# Remove the NLS bits if USE_NLS is no or INHIBIT_DEFAULT_DEPS is set
if d.getVar('INHIBIT_DEFAULT_DEPS') and not oe.utils.inherits(d, 'cross-canadian'):
return '-Dnls=disabled'
return '-Dnls=enabled'
EXTRA_OEMESON += " \
-Ddoc=disabled \
-Dexamples=disabled \
-Ddbghelp=disabled \
${@gettext_oemeson(d)} \
"
GIR_MESON_ENABLE_FLAG = "enabled"
GIR_MESON_DISABLE_FLAG = "disabled"
PACKAGES += "${PN}-bash-completion"
# Add the core element plugins to the main package
FILES:${PN} += "${libdir}/gstreamer-1.0/*.so"
FILES:${PN}-dev += "${libdir}/gstreamer-1.0/*.a ${libdir}/gstreamer-1.0/include"
FILES:${PN}-bash-completion += "${datadir}/bash-completion/completions/ ${datadir}/bash-completion/helpers/gst*"
FILES:${PN}-dbg += "${datadir}/gdb ${datadir}/gstreamer-1.0/gdb"
RDEPENDS:${PN}-ptest:append:libc-glibc = " glibc-gconv-iso8859-5"
CVE_PRODUCT = "gstreamer"
CVE_STATUS[CVE-2024-0444] = "cpe-incorrect: this is patched in gstreamer1.0-plugins-bad in 1.22 branch since 1.22.9"
CVE_STATUS_GROUPS += "CVE_STATUS_PLUGINS_BASE"
CVE_STATUS_PLUGINS_BASE = "CVE-2024-47538 CVE-2024-47541 CVE-2024-47542 CVE-2024-47600 CVE-2024-47607 CVE-2024-47615 CVE-2024-47835"
CVE_STATUS_PLUGINS_BASE[status] = "cpe-incorrect: this is patched ic gstreamer1.0-plugins-base"
CVE_STATUS_GROUPS += "CVE_STATUS_PLUGINS_GOOD"
CVE_STATUS_PLUGINS_GOOD = " \
CVE-2024-47537 CVE-2024-47539 CVE-2024-47540 CVE-2024-47543 CVE-2024-47544 CVE-2024-47545 \
CVE-2024-47546 CVE-2024-47596 CVE-2024-47597 CVE-2024-47598 CVE-2024-47599 CVE-2024-47601 \
CVE-2024-47602 CVE-2024-47603 CVE-2024-47613 CVE-2024-47774 CVE-2024-47775 CVE-2024-47776 \
CVE-2024-47777 CVE-2024-47778 CVE-2024-47834 \
"
CVE_STATUS_PLUGINS_GOOD[status] = "cpe-incorrect: this is patched ic gstreamer1.0-plugins-good"
PTEST_BUILD_HOST_FILES = ""