Re: [PATCH 4/5] libav: upgrade to 9.18

From: Kang Kai <Kai.Kang@windriver.com>
To: Jussi Kukkonen <jussi.kukkonen@intel.com>
Cc: Patches and discussions about the oe-core layer
	<openembedded-core@lists.openembedded.org>
Subject: Re: [PATCH 4/5] libav: upgrade to 9.18
Date: Thu, 28 May 2015 16:18:24 +0800	[thread overview]
Message-ID: <5566CF50.8090503@windriver.com> (raw)
In-Reply-To: <CAHiDW_HYEW8+SYsLhbTLWpk1=z0XNvwYaGkBsEaSGi0Zk5Y4Ng@mail.gmail.com>

On 2015年05月28日 15:14, Jussi Kukkonen wrote:
> On 28 May 2015 at 04:26, Kai Kang <kai.kang@windriver.com> wrote:
>> Upgrade libav from version 9.16 to 9.18. Remove unused var INC_PR and
>> backport patch to fix CVE-2014-9676.
> I'm sorry I didn't ask this in the original discussion but... Is there
> a good reason for keeping 9.x in oe-core if we're bringing in 11.x
> (instead of either dropping 9.x or moving it to meta-oe)?
>
> I haven't found the API changes between 9 and 11 to be so large that
> they would warrant keeping two versions. Admittedly I'm not working
> with libav on daily basis so I might have missed things.

The original thought is just in case someone may want libav 9. According 
to release log, series 11
is

"Libav 11 is API-, but not ABI-compatible with the previous major
release."

So it is ok for us to use libav 11 as default. libav 9 recipe could be removed if no one opposes.

Ref:
https://libav.org/releases/libav-11.3.release

--Kai

>
> Jussi
>
>> Signed-off-by: Kai Kang <kai.kang@windriver.com>
>> ---
>>   meta/recipes-multimedia/libav/libav.inc            |  2 -
>>   .../libav/libav/libav-fix-CVE-2014-9676.patch      | 98 ++++++++++++++++++++++
>>   meta/recipes-multimedia/libav/libav_9.16.bb        |  4 -
>>   meta/recipes-multimedia/libav/libav_9.18.bb        |  6 ++
>>   4 files changed, 104 insertions(+), 6 deletions(-)
>>   create mode 100644 meta/recipes-multimedia/libav/libav/libav-fix-CVE-2014-9676.patch
>>   delete mode 100644 meta/recipes-multimedia/libav/libav_9.16.bb
>>   create mode 100644 meta/recipes-multimedia/libav/libav_9.18.bb
>>
>> diff --git a/meta/recipes-multimedia/libav/libav.inc b/meta/recipes-multimedia/libav/libav.inc
>> index cac836f..6ef273b 100644
>> --- a/meta/recipes-multimedia/libav/libav.inc
>> +++ b/meta/recipes-multimedia/libav/libav.inc
>> @@ -24,8 +24,6 @@ ARM_INSTRUCTION_SET = "arm"
>>
>>   DEPENDS = "alsa-lib zlib libogg yasm-native"
>>
>> -INC_PR = "r8"
>> -
>>   inherit autotools pkgconfig
>>
>>   B = "${S}/build.${HOST_SYS}.${TARGET_SYS}"
>> diff --git a/meta/recipes-multimedia/libav/libav/libav-fix-CVE-2014-9676.patch b/meta/recipes-multimedia/libav/libav/libav-fix-CVE-2014-9676.patch
>> new file mode 100644
>> index 0000000..1e31caa
>> --- /dev/null
>> +++ b/meta/recipes-multimedia/libav/libav/libav-fix-CVE-2014-9676.patch
>> @@ -0,0 +1,98 @@
>> +Upstream-Status: Backport
>> +
>> +Backport patch to fix CVE-2014-9676.
>> +
>> +https://security-tracker.debian.org/tracker/CVE-2014-9676
>> +https://git.libav.org/?p=libav.git;a=commit;h=b3f04657368a32a9903406395f865e230b1de348
>> +
>> +Signed-off-by: Kai Kang <kai.kang@windriver.com>
>> +---
>> +From b3f04657368a32a9903406395f865e230b1de348 Mon Sep 17 00:00:00 2001
>> +From: Luca Barbato <lu_zero@gentoo.org>
>> +Date: Mon, 5 Jan 2015 10:40:41 +0100
>> +Subject: [PATCH] segment: Fix the failure paths
>> +
>> +A failure in segment_end() or segment_start() would lead to freeing
>> +a dangling pointer and in general further calls to seg_write_packet()
>> +or to seg_write_trailer() would have the same faulty behaviour.
>> +
>> +CC: libav-stable@libav.org
>> +Reported-By: luodalongde@gmail.com
>> +---
>> + libavformat/segment.c | 32 ++++++++++++++++++++------------
>> + 1 file changed, 20 insertions(+), 12 deletions(-)
>> +
>> +diff --git a/libavformat/segment.c b/libavformat/segment.c
>> +index 52da6b9..bcfd1f9 100644
>> +--- a/libavformat/segment.c
>> ++++ b/libavformat/segment.c
>> +@@ -184,6 +184,13 @@ static void close_null_ctx(AVIOContext *pb)
>> +     av_free(pb);
>> + }
>> +
>> ++static void seg_free_context(SegmentContext *seg)
>> ++{
>> ++    avio_closep(&seg->pb);
>> ++    avformat_free_context(seg->avf);
>> ++    seg->avf = NULL;
>> ++}
>> ++
>> + static int seg_write_header(AVFormatContext *s)
>> + {
>> +     SegmentContext *seg = s->priv_data;
>> +@@ -265,12 +272,9 @@ static int seg_write_header(AVFormatContext *s)
>> +     }
>> +
>> + fail:
>> +-    if (ret) {
>> +-        if (seg->list)
>> +-            avio_close(seg->pb);
>> +-        if (seg->avf)
>> +-            avformat_free_context(seg->avf);
>> +-    }
>> ++    if (ret < 0)
>> ++        seg_free_context(seg);
>> ++
>> +     return ret;
>> + }
>> +
>> +@@ -282,6 +286,9 @@ static int seg_write_packet(AVFormatContext *s, AVPacket *pkt)
>> +     int64_t end_pts = seg->recording_time * seg->number;
>> +     int ret, can_split = 1;
>> +
>> ++    if (!oc)
>> ++        return AVERROR(EINVAL);
>> ++
>> +     if (seg->has_video) {
>> +         can_split = st->codec->codec_type == AVMEDIA_TYPE_VIDEO &&
>> +                     pkt->flags & AV_PKT_FLAG_KEY;
>> +@@ -322,11 +329,8 @@ static int seg_write_packet(AVFormatContext *s, AVPacket *pkt)
>> +     ret = ff_write_chained(oc, pkt->stream_index, pkt, s);
>> +
>> + fail:
>> +-    if (ret < 0) {
>> +-        if (seg->list)
>> +-            avio_close(seg->pb);
>> +-        avformat_free_context(oc);
>> +-    }
>> ++    if (ret < 0)
>> ++        seg_free_context(seg);
>> +
>> +     return ret;
>> + }
>> +@@ -335,7 +339,11 @@ static int seg_write_trailer(struct AVFormatContext *s)
>> + {
>> +     SegmentContext *seg = s->priv_data;
>> +     AVFormatContext *oc = seg->avf;
>> +-    int ret;
>> ++    int ret = 0;
>> ++
>> ++    if (!oc)
>> ++        goto fail;
>> ++
>> +     if (!seg->write_header_trailer) {
>> +         if ((ret = segment_end(oc, 0)) < 0)
>> +             goto fail;
>> +--
>> +2.4.1.314.g9532ead
>> +
>> diff --git a/meta/recipes-multimedia/libav/libav_9.16.bb b/meta/recipes-multimedia/libav/libav_9.16.bb
>> deleted file mode 100644
>> index 79ff3f8..0000000
>> --- a/meta/recipes-multimedia/libav/libav_9.16.bb
>> +++ /dev/null
>> @@ -1,4 +0,0 @@
>> -require libav.inc
>> -
>> -SRC_URI[md5sum] = "7b44b75cec24b8e7545e5029e76917e0"
>> -SRC_URI[sha256sum] = "ca846473b0b8ed8e3404c52e5e92df6d35cb5fa487eec498525de3ffda4367a0"
>> diff --git a/meta/recipes-multimedia/libav/libav_9.18.bb b/meta/recipes-multimedia/libav/libav_9.18.bb
>> new file mode 100644
>> index 0000000..210a649
>> --- /dev/null
>> +++ b/meta/recipes-multimedia/libav/libav_9.18.bb
>> @@ -0,0 +1,6 @@
>> +require libav.inc
>> +
>> +SRC_URI[md5sum] = "75e838068a75fb88e1b4ea0546bc16f0"
>> +SRC_URI[sha256sum] = "0875e835da683eef1a7bac75e1884634194149d7479d1538ba9fbe1614d066d7"
>> +
>> +SRC_URI += "file://libav-fix-CVE-2014-9676.patch"
>> --
>> 1.9.1
>>
>> --
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>

-- 
Regards,
Neil | Kai Kang