~ruther/guix-local

c7c49446ebcc48c2b2136f4475ab66aecb63d18e — Mark H Weaver 9 years ago 93961f0 
gnu: libvpx: Add fix for CVE-2016-2818.

* gnu/packages/patches/libvpx-CVE-2016-2818.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/video.scm (libvpx)[source]: Add patch.
patch browse .tar.gz 
3 files changed, 39 insertions(+), 1 deletions(-)

M gnu/local.mk
A gnu/packages/patches/libvpx-CVE-2016-2818.patch
M gnu/packages/video.scm

M gnu/local.mk => gnu/local.mk +1 -0
@@ 606,6 606,7 @@ dist_patch_DATA =						\
  %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch	\
  %D%/packages/patches/libtool-skip-tests2.patch		\
  %D%/packages/patches/libunwind-CVE-2015-3239.patch		\
  %D%/packages/patches/libvpx-CVE-2016-2818.patch		\
  %D%/packages/patches/libwmf-CAN-2004-0941.patch		\
  %D%/packages/patches/libwmf-CVE-2006-3376.patch		\
  %D%/packages/patches/libwmf-CVE-2007-0455.patch		\


A gnu/packages/patches/libvpx-CVE-2016-2818.patch => gnu/packages/patches/libvpx-CVE-2016-2818.patch +36 -0
@@ 0,0 1,36 @@
Patch contents copied from Mozilla esr45 changeset 312077:7ebfe49f001c

  changeset:   312077:7ebfe49f001c
  user:        Randell Jesup <rjesup@jesup.org>
  Date:        Fri Apr 15 23:11:01 2016 -0400
  summary:     Bug 1263384: validate input frames against configured resolution in vp8 r=rillian, a=ritu,lizzard

  MozReview-Commit-ID: BxDCnJe0mzs

--- libvpx-1.5.0/vp8/vp8_cx_iface.c.orig	2015-11-09 17:12:38.000000000 -0500
+++ libvpx-1.5.0/vp8/vp8_cx_iface.c	2016-06-08 08:48:46.037213092 -0400
@@ -925,11 +925,19 @@
         {
             res = image2yuvconfig(img, &sd);
 
-            if (vp8_receive_raw_frame(ctx->cpi, ctx->next_frame_flag | lib_flags,
-                                      &sd, dst_time_stamp, dst_end_time_stamp))
-            {
-                VP8_COMP *cpi = (VP8_COMP *)ctx->cpi;
-                res = update_error_state(ctx, &cpi->common.error);
+            if (sd.y_width != ctx->cfg.g_w || sd.y_height != ctx->cfg.g_h) {
+                /* from vp8_encoder.h for g_w/g_h:
+                   "Note that the frames passed as input to the encoder must have this resolution"
+                */
+                ctx->base.err_detail = "Invalid input frame resolution";
+                res = VPX_CODEC_INVALID_PARAM;
+            } else {
+                if (vp8_receive_raw_frame(ctx->cpi, ctx->next_frame_flag | lib_flags,
+                                          &sd, dst_time_stamp, dst_end_time_stamp))
+                {
+                    VP8_COMP *cpi = (VP8_COMP *)ctx->cpi;
+                    res = update_error_state(ctx, &cpi->common.error);
+                }
             }
 
             /* reset for next frame */


M gnu/packages/video.scm => gnu/packages/video.scm +2 -1
@@ 839,7 839,8 @@ projects while introducing many more.")
                                  name "-" version ".tar.bz2"))
              (sha256
               (base32
                "15v7qw0ydyxn08ksb6lxn1l51pxgpwgshdwd3275yrr5hs86fv9h"))))
                "15v7qw0ydyxn08ksb6lxn1l51pxgpwgshdwd3275yrr5hs86fv9h"))
              (patches (search-patches "libvpx-CVE-2016-2818.patch"))))
    (build-system gnu-build-system)
    (arguments
     `(#:phases