dgit.raspbian.org Git - libde265.git/commit

author	Tobias Frost <tobi@debian.org>
	Mon, 12 Dec 2022 13:33:40 +0000 (14:33 +0100)
committer	Anton Gladky <gladk@debian.org>
	Thu, 30 Nov 2023 16:31:53 +0000 (17:31 +0100)
commit	6bc933e8b466fc5172a930e78013583c4f31b49b
tree	edf9655a30dad030bb4eaca21a57580e03f7838b	tree \| snapshot
parent	1bce621f021aa8571d7d13c5586b856e71101fac	commit \| diff

[PATCH] Use the sps from the image

(as e.g mc_chroma is using the sps to determine
picture properties, like pic_width_in_luma_samples
and pic_height_in_luma_samples, I *think* this is
more correct.

This PR is for discussion. (See #345.)
It makes the failures go away, but that does not mean it's correct :)

The following poc will be stop failing if (only) this
patch is applied:

- poc2  #336 - CVE-2022-43238
- poc4  #338 - CVE-2022-43241
- poc6-1, poc6-2 #340 - CVE-2022-43242
- poc7-1, poc7-2  #341 - CVE-2022-43239
- poc8-1 #342 - CVE-2022-43244
- poc9-3 #343 - CVE-2022-43236
- poc10-2, poc10-3 #344 - CVE-2022-43237
- poc16 #350
- poc19 #353

The following are still failing if only this patch is
applied, but they stop failing if #365 is applied as well, but will
still fail with ONLY #365 applied (IOW, both are needed)

- poc1  #335 - CVE-2022-43240
- poc3  #337 - CVE-2022-43235
- poc5   #339 - CVE-2022-43423
- poc9-1,poc9-2, poc9-4  #343 - CVE-2022-43236
- poc14  #348 - CVE-2022-43253
- poc15  #349 - CVE-2022-43248
- poc17-1, poc17-2  #351
- poc18 #352 - CVE-2022-43245

Gbp-Pq: Name use_sps_from_the_image.patch