+++ /dev/null
-commit bceb03fd2be95097a7b409ea59914f332fb6bc86
-Author: Aurelien David <aurelien.david@telecom-paristech.fr>
-Date: Thu Jun 28 13:34:08 2018 +0200
-Description: CVE-2018-13005, CVE-2018-13006
-
- fixed 2 possible heap overflows (inc. #1088)
-
---- a/include/gpac/internal/isomedia_dev.h
-+++ b/include/gpac/internal/isomedia_dev.h
-@@ -3668,7 +3668,7 @@ GF_GenericSubtitleSample *gf_isom_parse_
- char __ptype[5];\
- strcpy(__ptype, gf_4cc_to_str(__parent->type) );\
- GF_LOG(GF_LOG_WARNING, GF_LOG_CONTAINER, ("[iso file] extra box %s found in %s, deleting\n", gf_4cc_to_str(__abox->type), __ptype)); \
-- gf_isom_box_del(a);\
-+ gf_isom_box_del(__abox);\
- return GF_OK;\
- }
-
---- a/src/isomedia/box_code_base.c
-+++ b/src/isomedia/box_code_base.c
-@@ -632,7 +632,7 @@ GF_Err urn_Read(GF_Box *s, GF_BitStream
-
- //then get the break
- i = 0;
-- while ( (tmpName[i] != 0) && (i < to_read) ) {
-+ while ( (i < to_read) && (tmpName[i] != 0) ) {
- i++;
- }
- //check the data is consistent
---- a/src/isomedia/box_dump.c
-+++ b/src/isomedia/box_dump.c
-@@ -484,7 +484,7 @@ GF_Err hdlr_dump(GF_Box *a, FILE * trace
- {
- GF_HandlerBox *p = (GF_HandlerBox *)a;
- gf_isom_box_dump_start(a, "HandlerBox", trace);
-- if (p->nameUTF8 && (u32) p->nameUTF8[0] == strlen(p->nameUTF8+1)) {
-+ if (p->nameUTF8 && (u32) p->nameUTF8[0] == strlen(p->nameUTF8)-1) {
- fprintf(trace, "hdlrType=\"%s\" Name=\"%s\" ", gf_4cc_to_str(p->handlerType), p->nameUTF8+1);
- } else {
- fprintf(trace, "hdlrType=\"%s\" Name=\"%s\" ", gf_4cc_to_str(p->handlerType), p->nameUTF8);
-@@ -4157,9 +4157,9 @@ static void oinf_entry_dump(GF_Operating
- fprintf(trace, " maxPicWidth=\"%u\" maxPicHeight=\"%u\"", op->maxPicWidth, op->maxPicHeight);
- fprintf(trace, " maxChromaFormat=\"%u\" maxBitDepth=\"%u\"", op->maxChromaFormat, op->maxBitDepth);
- fprintf(trace, " frame_rate_info_flag=\"%u\" bit_rate_info_flag=\"%u\"", op->frame_rate_info_flag, op->bit_rate_info_flag);
-- if (op->frame_rate_info_flag)
-+ if (op->frame_rate_info_flag)
- fprintf(trace, " avgFrameRate=\"%u\" constantFrameRate=\"%u\"", op->avgFrameRate, op->constantFrameRate);
-- if (op->bit_rate_info_flag)
-+ if (op->bit_rate_info_flag)
- fprintf(trace, " maxBitRate=\"%u\" avgBitRate=\"%u\"", op->maxBitRate, op->avgBitRate);
- fprintf(trace, "/>\n");
- }
-@@ -4261,14 +4261,14 @@ static void nalm_dump(FILE * trace, char
- fprintf(trace, "</NALUMap>\n");
- return;
- }
--
-+
- bs = gf_bs_new(data, data_size, GF_BITSTREAM_READ);
- gf_bs_read_int(bs, 6);
- large_size = gf_bs_read_int(bs, 1);
- rle = gf_bs_read_int(bs, 1);
- entry_count = gf_bs_read_int(bs, large_size ? 16 : 8);
- fprintf(trace, "<NALUMap rle=\"%d\" large_size=\"%d\">\n", rle, large_size);
--
-+
- while (entry_count) {
- u32 ID;
- fprintf(trace, "<NALUMapEntry ");
-@@ -4335,7 +4335,7 @@ GF_Err sgpd_dump(GF_Box *a, FILE * trace
- case GF_ISOM_SAMPLE_GROUP_TRIF:
- trif_dump(trace, (char *) ((GF_DefaultSampleGroupDescriptionEntry*)entry)->data, ((GF_DefaultSampleGroupDescriptionEntry*)entry)->length);
- break;
--
-+
- case GF_ISOM_SAMPLE_GROUP_NALM:
- nalm_dump(trace, (char *) ((GF_DefaultSampleGroupDescriptionEntry*)entry)->data, ((GF_DefaultSampleGroupDescriptionEntry*)entry)->length);
- break;
-@@ -4501,7 +4501,7 @@ GF_Err tenc_dump(GF_Box *a, FILE * trace
- fprintf(trace, "\" KID=\"");
- }
- dump_data_hex(trace, (char *) ptr->KID, 16);
-- if (ptr->version)
-+ if (ptr->version)
- fprintf(trace, "\" crypt_byte_block=\"%d\" skip_byte_block=\"%d", ptr->crypt_byte_block, ptr->skip_byte_block);
- fprintf(trace, "\">\n");
- gf_isom_box_dump_done("TrackEncryptionBox", a, trace);
+++ /dev/null
-commit 4c1360818fc8948e9307059fba4dc47ba8ad255d
-Author: Aurelien David <aurelien.david@telecom-paristech.fr>
-Date: Thu Dec 13 14:39:21 2018 +0100
-Description: CVE-2018-20760
-
- check error code on call to gf_utf8_wcstombs (#1177)
-
---- a/src/media_tools/text_import.c
-+++ b/src/media_tools/text_import.c
-@@ -292,6 +292,8 @@ char *gf_text_get_utf8_line(char *szLine
- }
- sptr = (u16 *)szLine;
- i = (u32) gf_utf8_wcstombs(szLineConv, 1024, (const unsigned short **) &sptr);
-+ if (i >= (u32)ARRAY_LENGTH(szLineConv))
-+ return NULL;
- szLineConv[i] = 0;
- strcpy(szLine, szLineConv);
- /*this is ugly indeed: since input is UTF16-LE, there are many chances the fgets never reads the \0 after a \n*/
+++ /dev/null
-commit 35ab4475a7df9b2a4bcab235e379c0c3ec543658
-Author: Aurelien David <aurelien.david@telecom-paristech.fr>
-Date: Fri Jan 11 11:32:54 2019 +0100
-Description: CVE-2018-20762
-
- fix some overflows due to strcpy
-
- fixes #1184, #1186, #1187 among other things
-
---- a/applications/mp4box/fileimport.c
-+++ b/applications/mp4box/fileimport.c
-@@ -2247,17 +2247,33 @@ GF_Err cat_multiple_files(GF_ISOFile *de
- cat_enum.align_timelines = align_timelines;
- cat_enum.allow_add_in_command = allow_add_in_command;
-
-+ if (strlen(fileName) >= sizeof(cat_enum.szPath)) {
-+ GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("File name %s is too long.\n", fileName));
-+ return GF_NOT_SUPPORTED;
-+ }
- strcpy(cat_enum.szPath, fileName);
- sep = strrchr(cat_enum.szPath, GF_PATH_SEPARATOR);
- if (!sep) sep = strrchr(cat_enum.szPath, '/');
- if (!sep) {
- strcpy(cat_enum.szPath, ".");
-+ if (strlen(fileName) >= sizeof(cat_enum.szRad1)) {
-+ GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("File name %s is too long.\n", fileName));
-+ return GF_NOT_SUPPORTED;
-+ }
- strcpy(cat_enum.szRad1, fileName);
- } else {
-+ if (strlen(sep + 1) >= sizeof(cat_enum.szRad1)) {
-+ GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("File name %s is too long.\n", (sep + 1)));
-+ return GF_NOT_SUPPORTED;
-+ }
- strcpy(cat_enum.szRad1, sep+1);
- sep[0] = 0;
- }
- sep = strchr(cat_enum.szRad1, '*');
-+ if (strlen(sep + 1) >= sizeof(cat_enum.szRad2)) {
-+ GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("File name %s is too long.\n", (sep + 1)));
-+ return GF_NOT_SUPPORTED;
-+ }
- strcpy(cat_enum.szRad2, sep+1);
- sep[0] = 0;
- sep = strchr(cat_enum.szRad2, '%');
-@@ -2265,6 +2281,10 @@ GF_Err cat_multiple_files(GF_ISOFile *de
- if (!sep) sep = strchr(cat_enum.szRad2, ':');
- strcpy(cat_enum.szOpt, "");
- if (sep) {
-+ if (strlen(sep) >= sizeof(cat_enum.szOpt)) {
-+ GF_LOG(GF_LOG_ERROR, GF_LOG_CONTAINER, ("Invalid option: %s.\n", sep));
-+ return GF_NOT_SUPPORTED;
-+ }
- strcpy(cat_enum.szOpt, sep);
- sep[0] = 0;
- }
---- a/applications/mp4client/main.c
-+++ b/applications/mp4client/main.c
-@@ -900,7 +900,8 @@ Bool GPAC_EventProc(void *ptr, GF_Event
- break;
- case GF_EVENT_NAVIGATE:
- if (gf_term_is_supported_url(term, evt->navigate.to_url, 1, no_mime_check)) {
-- strcpy(the_url, evt->navigate.to_url);
-+ strncpy(the_url, evt->navigate.to_url, sizeof(the_url)-1);
-+ the_url[sizeof(the_url) - 1] = 0;
- fprintf(stderr, "Navigating to URL %s\n", the_url);
- gf_term_navigate_to(term, evt->navigate.to_url);
- return 1;
-@@ -1089,6 +1090,11 @@ void set_cfg_option(char *opt_string)
- }
- {
- const size_t sepIdx = sep - opt_string;
-+ if (sepIdx >= sizeof(szSec)) {
-+ fprintf(stderr, "Badly formatted option %s - Section name is too long\n", opt_string);
-+ return;
-+ }
-+
- strncpy(szSec, opt_string, sepIdx);
- szSec[sepIdx] = 0;
- }
-@@ -1100,8 +1106,16 @@ void set_cfg_option(char *opt_string)
- }
- {
- const size_t sepIdx = sep2 - sep;
-+ if (sepIdx >= sizeof(szKey)) {
-+ fprintf(stderr, "Badly formatted option %s - key name is too long\n", opt_string);
-+ return;
-+ }
- strncpy(szKey, sep, sepIdx);
- szKey[sepIdx] = 0;
-+ if (strlen(sep2 + 1) >= sizeof(szVal)) {
-+ fprintf(stderr, "Badly formatted option %s - value is too long\n", opt_string);
-+ return;
-+ }
- strcpy(szVal, sep2+1);
- }
-
-@@ -1656,7 +1670,14 @@ int mp4client_main(int argc, char **argv
- else if (!gui_mode && url_arg) {
- char *ext;
-
-- strcpy(the_url, url_arg);
-+ if (strlen(url_arg) >= sizeof(the_url)) {
-+ fprintf(stderr, "Input url %s is too long, truncating to %d chars.\n", url_arg, (int)(sizeof(the_url) - 1));
-+ strncpy(the_url, url_arg, sizeof(the_url)-1);
-+ the_url[sizeof(the_url) - 1] = 0;
-+ }
-+ else {
-+ strcpy(the_url, url_arg);
-+ }
- ext = strrchr(the_url, '.');
- if (ext && (!stricmp(ext, ".m3u") || !stricmp(ext, ".pls"))) {
- GF_Err e = GF_OK;
-@@ -1668,7 +1689,10 @@ int mp4client_main(int argc, char **argv
- GF_DownloadSession *sess = gf_dm_sess_new(term->downloader, the_url, GF_NETIO_SESSION_NOT_THREADED, NULL, NULL, &e);
- if (sess) {
- e = gf_dm_sess_process(sess);
-- if (!e) strcpy(the_url, gf_dm_sess_get_cache_name(sess));
-+ if (!e) {
-+ strncpy(the_url, gf_dm_sess_get_cache_name(sess), sizeof(the_url) - 1);
-+ the_url[sizeof(the_cfg) - 1] = 0;
-+ }
- gf_dm_sess_del(sess);
- }
- }
-@@ -1691,7 +1715,8 @@ int mp4client_main(int argc, char **argv
- fprintf(stderr, "Hit 'h' for help\n\n");
- str = gf_cfg_get_key(cfg_file, "General", "StartupFile");
- if (str) {
-- strcpy(the_url, "MP4Client "GPAC_FULL_VERSION);
-+ strncpy(the_url, "MP4Client "GPAC_FULL_VERSION , sizeof(the_url)-1);
-+ the_url[sizeof(the_url) - 1] = 0;
- gf_term_connect(term, str);
- startup_file = 1;
- is_connected = 1;
---- a/modules/ffmpeg_in/ffmpeg_demux.c
-+++ b/modules/ffmpeg_in/ffmpeg_demux.c
-@@ -227,7 +227,7 @@ static Bool FFD_CanHandleURL(GF_InputSer
- AVFormatContext *ctx;
- AVOutputFormat *fmt_out;
- Bool ret = GF_FALSE;
-- char *ext, szName[1000], szExt[20];
-+ char *ext, szName[1024], szExt[20];
- const char *szExtList;
- FFDemux *ffd;
- if (!plug || !url)
-@@ -243,6 +243,9 @@ static Bool FFD_CanHandleURL(GF_InputSer
-
- ffd = (FFDemux*)plug->priv;
-
-+ if (strlen(url) >= sizeof(szName))
-+ return GF_FALSE;
-+
- strcpy(szName, url);
- ext = strrchr(szName, '#');
- if (ext) ext[0] = 0;
-@@ -252,7 +255,7 @@ static Bool FFD_CanHandleURL(GF_InputSer
- ext = strrchr(szName, '.');
- if (ext && strlen(ext) > 19) ext = NULL;
-
-- if (ext && strlen(ext) > 1) {
-+ if (ext && strlen(ext) > 1 && strlen(ext) <= sizeof(szExt)) {
- strcpy(szExt, &ext[1]);
- strlwr(szExt);
- #ifndef FFMPEG_DEMUX_ENABLE_MPEG2TS
---- a/src/scene_manager/scene_manager.c
-+++ b/src/scene_manager/scene_manager.c
-@@ -646,6 +646,10 @@ GF_Err gf_sm_load_init(GF_SceneLoader *l
- ext[0] = '.';
- ext = anext;
- }
-+ if (strlen(ext) < 2 || strlen(ext) > sizeof(szExt)) {
-+ GF_LOG(GF_LOG_ERROR, GF_LOG_SCENE, ("[Scene Manager] invalid extension in file name %s\n", load->fileName));
-+ return GF_NOT_SUPPORTED;
-+ }
- strcpy(szExt, &ext[1]);
- strlwr(szExt);
- if (strstr(szExt, "bt")) load->type = GF_SM_LOAD_BT;
+++ /dev/null
-commit 1c449a34fe0b50aaffb881bfb9d7c5ab0bb18cdd
-Author: Aurelien David <aurelien.david@telecom-paristech.fr>
-Date: Fri Jan 11 14:05:16 2019 +0100
-Description: CVE-2018-20763
-
- add some boundary checks on gf_text_get_utf8_line (#1188)
-
---- a/src/media_tools/text_import.c
-+++ b/src/media_tools/text_import.c
-@@ -201,49 +201,76 @@ char *gf_text_get_utf8_line(char *szLine
- if (unicode_type<=1) {
- j=0;
- len = (u32) strlen(szLine);
-- for (i=0; i<len; i++) {
-+ for (i=0; i<len && j < sizeof(szLineConv) - 1; i++, j++) {
-+
- if (!unicode_type && (szLine[i] & 0x80)) {
- /*non UTF8 (likely some win-CP)*/
- if ((szLine[i+1] & 0xc0) != 0x80) {
-- szLineConv[j] = 0xc0 | ( (szLine[i] >> 6) & 0x3 );
-- j++;
-- szLine[i] &= 0xbf;
-+ if (j + 1 < sizeof(szLineConv) - 1) {
-+ szLineConv[j] = 0xc0 | ((szLine[i] >> 6) & 0x3);
-+ j++;
-+ szLine[i] &= 0xbf;
-+ }
-+ else
-+ break;
- }
- /*UTF8 2 bytes char*/
- else if ( (szLine[i] & 0xe0) == 0xc0) {
-- szLineConv[j] = szLine[i];
-- i++;
-- j++;
-+
-+ // don't cut multibyte in the middle in there is no more room in dest
-+ if (j + 1 < sizeof(szLineConv) - 1 && i + 1 < len) {
-+ szLineConv[j] = szLine[i];
-+ i++;
-+ j++;
-+ }
-+ else {
-+ break;
-+ }
- }
- /*UTF8 3 bytes char*/
- else if ( (szLine[i] & 0xf0) == 0xe0) {
-- szLineConv[j] = szLine[i];
-- i++;
-- j++;
-- szLineConv[j] = szLine[i];
-- i++;
-- j++;
-+ if (j + 2 < sizeof(szLineConv) - 1 && i + 2 < len) {
-+ szLineConv[j] = szLine[i];
-+ i++;
-+ j++;
-+ szLineConv[j] = szLine[i];
-+ i++;
-+ j++;
-+ }
-+ else {
-+ break;
-+ }
- }
- /*UTF8 4 bytes char*/
- else if ( (szLine[i] & 0xf8) == 0xf0) {
-- szLineConv[j] = szLine[i];
-- i++;
-- j++;
-- szLineConv[j] = szLine[i];
-- i++;
-- j++;
-- szLineConv[j] = szLine[i];
-- i++;
-- j++;
-+ if (j + 3 < sizeof(szLineConv) - 1 && i + 3 < len) {
-+ szLineConv[j] = szLine[i];
-+ i++;
-+ j++;
-+ szLineConv[j] = szLine[i];
-+ i++;
-+ j++;
-+ szLineConv[j] = szLine[i];
-+ i++;
-+ j++;
-+ }
-+ else {
-+ break;
-+ }
- } else {
- i+=1;
- continue;
- }
- }
-- szLineConv[j] = szLine[i];
-- j++;
-+ if (j < sizeof(szLineConv)-1 && i<len)
-+ szLineConv[j] = szLine[i];
-+
- }
-- szLineConv[j] = 0;
-+ if (j >= sizeof(szLineConv))
-+ szLineConv[sizeof(szLineConv) - 1] = 0;
-+ else
-+ szLineConv[j] = 0;
-+
- strcpy(szLine, szLineConv);
- return sOK;
- }
+++ /dev/null
-Author: Aurelien David <aurelien.david@telecom-paristech.fr>
-Date: Tue Mar 6 11:23:31 2018 +0100
-Description: CVE-2018-7752
-Upstream: commit 90dc7f853d31b0a4e9441cba97feccf36d8b69a4
-
-fix some exploitable overflows (#994, #997)
-
---- a/include/gpac/tools.h
-+++ b/include/gpac/tools.h
-@@ -1067,6 +1067,7 @@ void gf_fm_request_call(u32 type, u32 pa
-
- /* \endcond */
-
-+#define ARRAY_LENGTH(a) (sizeof(a) / sizeof((a)[0]))
-
- #ifdef __cplusplus
- }
---- a/src/isomedia/avc_ext.c
-+++ b/src/isomedia/avc_ext.c
-@@ -2361,6 +2361,8 @@ GF_Err gf_isom_oinf_read_entry(void *ent
- op->output_layer_set_idx = gf_bs_read_u16(bs);
- op->max_temporal_id = gf_bs_read_u8(bs);
- op->layer_count = gf_bs_read_u8(bs);
-+ if (op->layer_count > ARRAY_LENGTH(op->layers_info))
-+ return GF_NON_COMPLIANT_BITSTREAM;
- for (j = 0; j < op->layer_count; j++) {
- op->layers_info[j].ptl_idx = gf_bs_read_u8(bs);
- op->layers_info[j].layer_id = gf_bs_read_int(bs, 6);
---- a/src/media_tools/av_parsers.c
-+++ b/src/media_tools/av_parsers.c
-@@ -2386,6 +2386,10 @@ s32 gf_media_avc_read_sps(const char *sp
- sps->offset_for_non_ref_pic = bs_get_se(bs);
- sps->offset_for_top_to_bottom_field = bs_get_se(bs);
- sps->poc_cycle_length = bs_get_ue(bs);
-+ if (sps->poc_cycle_length > ARRAY_LENGTH(sps->offset_for_ref_frame)) {
-+ GF_LOG(GF_LOG_ERROR, GF_LOG_CODING, ("[avc-h264] offset_for_ref_frame overflow from poc_cycle_length\n"));
-+ goto exit;
-+ }
- for(i=0; i<sps->poc_cycle_length; i++) sps->offset_for_ref_frame[i] = bs_get_se(bs);
- }
- if (sps->poc_type > 2) {
+++ /dev/null
-From f4616202e5578e65746cf7e7ceeba63bee1b094b Mon Sep 17 00:00:00 2001
-From: Aurelien David <aurelien.david@telecom-paristech.fr>
-Date: Thu, 11 Apr 2019 14:18:58 +0200
-Subject: [PATCH] fix a bunch of vsprintf -> vsnprintf
-
-closes #1203
----
- applications/mp4client/main.c | 2 +-
- applications/osmo4_sym/osmo4_view.cpp | 2 +-
- src/media_tools/media_export.c | 2 +-
- src/media_tools/media_import.c | 2 +-
- src/scene_manager/loader_bt.c | 4 ++--
- src/scene_manager/loader_isom.c | 2 +-
- src/scene_manager/loader_qt.c | 2 +-
- src/scene_manager/loader_svg.c | 8 ++++----
- src/scene_manager/loader_xmt.c | 14 +++++++-------
- src/scene_manager/swf_parse.c | 6 +++---
- src/scene_manager/swf_svg.c | 2 +-
- src/scenegraph/xbl_process.c | 2 +-
- src/utils/alloc.c | 2 +-
- src/utils/xml_parser.c | 24 +++++++++++++-----------
- 15 files changed, 49 insertions(+), 47 deletions(-)
-
---- a/applications/mp4client/main.c
-+++ b/applications/mp4client/main.c
-@@ -1038,7 +1038,7 @@ static void on_gpac_log(void *cbk, GF_LO
-
- if (rti_logs && (lm & GF_LOG_RTI)) {
- char szMsg[2048];
-- vsprintf(szMsg, fmt, list);
-+ vsnprintf(szMsg, 2048, fmt, list);
- UpdateRTInfo(szMsg + 6 /*"[RTI] "*/);
- } else {
- if (log_time_start) {
---- a/src/media_tools/media_export.c
-+++ b/src/media_tools/media_export.c
-@@ -57,7 +57,7 @@ static GF_Err gf_export_message(GF_Media
- va_list args;
- char szMsg[1024];
- va_start(args, format);
-- vsprintf(szMsg, format, args);
-+ vsnprintf(szMsg, 1024, format, args);
- va_end(args);
- GF_LOG((u32) (e ? GF_LOG_ERROR : GF_LOG_WARNING), GF_LOG_AUTHOR, ("%s\n", szMsg) );
- }
---- a/src/media_tools/media_import.c
-+++ b/src/media_tools/media_import.c
-@@ -52,7 +52,7 @@ GF_Err gf_import_message(GF_MediaImporte
- va_list args;
- char szMsg[1024];
- va_start(args, format);
-- vsprintf(szMsg, format, args);
-+ vsnprintf(szMsg, 1024, format, args);
- va_end(args);
- GF_LOG((u32) (e ? GF_LOG_WARNING : GF_LOG_INFO), GF_LOG_AUTHOR, ("%s\n", szMsg) );
- }
---- a/src/scene_manager/loader_bt.c
-+++ b/src/scene_manager/loader_bt.c
-@@ -121,7 +121,7 @@ static GF_Err gf_bt_report(GF_BTParser *
- char szMsg[2048];
- va_list args;
- va_start(args, format);
-- vsprintf(szMsg, format, args);
-+ vsnprintf(szMsg, 2048, format, args);
- va_end(args);
- GF_LOG((u32) (e ? GF_LOG_ERROR : GF_LOG_WARNING), GF_LOG_PARSER, ("[BT/WRL Parsing] %s (line %d)\n", szMsg, parser->line));
- }
---- a/src/scene_manager/loader_isom.c
-+++ b/src/scene_manager/loader_isom.c
-@@ -144,7 +144,7 @@ static void mp4_report(GF_SceneLoader *l
- char szMsg[1024];
- va_list args;
- va_start(args, format);
-- vsprintf(szMsg, format, args);
-+ vsnprintf(szMsg, 1024, format, args);
- va_end(args);
- GF_LOG((u32) (e ? GF_LOG_ERROR : GF_LOG_WARNING), GF_LOG_PARSER, ("[MP4 Loading] %s\n", szMsg) );
- }
---- a/src/scene_manager/loader_qt.c
-+++ b/src/scene_manager/loader_qt.c
-@@ -40,7 +40,7 @@ static GF_Err gf_qt_report(GF_SceneLoade
- char szMsg[1024];
- va_list args;
- va_start(args, format);
-- vsprintf(szMsg, format, args);
-+ vsnprintf(szMsg, 1024, format, args);
- va_end(args);
- GF_LOG((u32) (e ? GF_LOG_ERROR : GF_LOG_WARNING), GF_LOG_PARSER, ("[QT Parsing] %s\n", szMsg) );
- }
---- a/src/scene_manager/loader_svg.c
-+++ b/src/scene_manager/loader_svg.c
-@@ -134,7 +134,7 @@ static GF_Err svg_report(GF_SVG_Parser *
- char szMsg[2048];
- va_list args;
- va_start(args, format);
-- vsprintf(szMsg, format, args);
-+ vsnprintf(szMsg, 2048, format, args);
- va_end(args);
- GF_LOG((u32) (e ? GF_LOG_ERROR : GF_LOG_WARNING), GF_LOG_PARSER, ("[SVG Parsing] line %d - %s\n", gf_xml_sax_get_line(parser->sax_parser), szMsg));
- }
---- a/src/scene_manager/loader_xmt.c
-+++ b/src/scene_manager/loader_xmt.c
-@@ -144,7 +144,7 @@ static GF_Err xmt_report(GF_XMTParser *p
- char szMsg[2048];
- va_list args;
- va_start(args, format);
-- vsprintf(szMsg, format, args);
-+ vsnprintf(szMsg, 2048, format, args);
- va_end(args);
- GF_LOG((u32) (e ? GF_LOG_ERROR : GF_LOG_WARNING), GF_LOG_PARSER, ("[XMT Parsing] %s (line %d)\n", szMsg, gf_xml_sax_get_line(parser->sax_parser)) );
- }
---- a/src/scene_manager/swf_parse.c
-+++ b/src/scene_manager/swf_parse.c
-@@ -2428,7 +2428,7 @@ void swf_report(SWFReader *read, GF_Err
- char szMsg[2048];
- va_list args;
- va_start(args, format);
-- vsprintf(szMsg, format, args);
-+ vsnprintf(szMsg, 2048, format, args);
- va_end(args);
- GF_LOG((u32) (e ? GF_LOG_ERROR : GF_LOG_WARNING), GF_LOG_PARSER, ("[SWF Parsing] %s (frame %d)\n", szMsg, read->current_frame+1) );
- }
---- a/src/scene_manager/swf_svg.c
-+++ b/src/scene_manager/swf_svg.c
-@@ -51,7 +51,7 @@ static void swf_svg_print(SWFReader *rea
-
- /* print the line */
- va_start(args, format);
-- vsprintf(line, format, args);
-+ vsnprintf(line, 2000, format, args);
- va_end(args);
- /* add the line to the buffer */
- line_length = (u32)strlen(line);
---- a/src/scenegraph/xbl_process.c
-+++ b/src/scenegraph/xbl_process.c
-@@ -61,7 +61,7 @@ static GF_Err xbl_parse_report(GF_XBL_Pa
- char szMsg[2048];
- va_list args;
- va_start(args, format);
-- vsprintf(szMsg, format, args);
-+ vsnprintf(szMsg, 2048, format, args);
- va_end(args);
- GF_LOG((u32) (e ? GF_LOG_ERROR : GF_LOG_WARNING), GF_LOG_PARSER, ("[XBL Parsing] line %d - %s\n", gf_xml_sax_get_line(parser->sax_parser), szMsg));
- }
---- a/src/utils/alloc.c
-+++ b/src/utils/alloc.c
-@@ -815,7 +815,7 @@ static void gf_memory_log(unsigned int l
- char msg[1024];
- assert(strlen(fmt) < 200);
- va_start(vl, fmt);
-- vsprintf(msg, fmt, vl);
-+ vsnprintf(msg, 1024, fmt, vl);
- GF_LOG(level, GF_LOG_MEMORY, (msg));
- va_end(vl);
- }
---- a/src/utils/xml_parser.c
-+++ b/src/utils/xml_parser.c
-@@ -220,14 +220,16 @@ static void format_sax_error(GF_SAXParse
- char szM[20];
-
- va_start(args, fmt);
-- vsprintf(parser->err_msg, fmt, args);
-+ vsnprintf(parser->err_msg, ARRAY_LENGTH(parser->err_msg), fmt, args);
- va_end(args);
-
-- sprintf(szM, " - Line %d: ", parser->line + 1);
-- strcat(parser->err_msg, szM);
-- len = (u32) strlen(parser->err_msg);
-- strncpy(parser->err_msg + len, parser->buffer+ (linepos ? linepos : parser->current_pos), 10);
-- parser->err_msg[len + 10] = 0;
-+ if (strlen(parser->err_msg)+30 < ARRAY_LENGTH(parser->err_msg)) {
-+ snprintf(szM, 20, " - Line %d: ", parser->line + 1);
-+ strcat(parser->err_msg, szM);
-+ len = (u32) strlen(parser->err_msg);
-+ strncpy(parser->err_msg + len, parser->buffer+ (linepos ? linepos : parser->current_pos), 10);
-+ parser->err_msg[len + 10] = 0;
-+ }
- parser->sax_state = SAX_STATE_SYNTAX_ERROR;
- }
-
+++ /dev/null
-From f36525c5beafb78959c3a07d6622c9028de348da Mon Sep 17 00:00:00 2001
-From: Aurelien David <aurelien.david@telecom-paristech.fr>
-Date: Thu, 11 Apr 2019 14:54:53 +0200
-Subject: [PATCH] fix buffer overrun in gf_bin128_parse
-
-closes #1204
-closes #1205
----
- src/utils/os_divers.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
---- a/src/utils/os_divers.c
-+++ b/src/utils/os_divers.c
-@@ -1969,6 +1969,11 @@ GF_Err gf_bin128_parse(char *string, bin
- sscanf(szV, "%x", &v);
- value[i] = v;
- i++;
-+ if (i > 15) {
-+ // force error check below
-+ i++;
-+ break;
-+ }
- }
- }
- if (i != 16) {
--- a/include/gpac/configuration.h
+++ b/include/gpac/configuration.h
-@@ -159,8 +159,8 @@
+@@ -188,8 +188,8 @@
#define GPAC_HAS_JPEG
#define GPAC_HAS_PNG
+++ /dev/null
-Description: export gf_isom_set_pixel_aspect_ratio
- At least libx264 depends on it, and breaks when not linking statically
-Author: Reinhard Tartler <siretart@tauware.de>
-
----
- src/isomedia/isom_write.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/src/isomedia/isom_write.c
-+++ b/src/isomedia/isom_write.c
-@@ -1270,6 +1270,7 @@
- }
- }
-
-+GF_EXPORT
- GF_Err gf_isom_set_pixel_aspect_ratio(GF_ISOFile *movie, u32 trackNumber, u32 StreamDescriptionIndex, u32 hSpacing, u32 vSpacing)
- {
- GF_Err e;
+++ /dev/null
-Description: Replace deprecated FFmpeg API
-Author: Andreas Cadhalpun <Andreas.Cadhalpun@googlemail.com>
-Last-Update: <2015-11-02>
-
---- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/applications/dashcast/audio_decoder.c
-+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/applications/dashcast/audio_decoder.c
-@@ -205,11 +205,7 @@ int dc_audio_decoder_read(AudioInputFile
- packet.data = NULL;
- packet.size = 0;
-
--#ifndef FF_API_AVFRAME_LAVC
-- avcodec_get_frame_defaults(audio_input_data->aframe);
--#else
- av_frame_unref(audio_input_data->aframe);
--#endif
-
- avcodec_decode_audio4(codec_ctx, audio_input_data->aframe, &got_frame, &packet);
-
-@@ -240,11 +236,7 @@ int dc_audio_decoder_read(AudioInputFile
- if (packet.stream_index == audio_input_file->astream_idx) {
- /* Set audio frame to default */
-
--#ifndef FF_API_AVFRAME_LAVC
-- avcodec_get_frame_defaults(audio_input_data->aframe);
--#else
- av_frame_unref(audio_input_data->aframe);
--#endif
-
- /* Decode audio frame */
- if (avcodec_decode_audio4(codec_ctx, audio_input_data->aframe, &got_frame, &packet) < 0) {
---- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/applications/dashcast/audio_encoder.c
-+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/applications/dashcast/audio_encoder.c
-@@ -85,11 +85,7 @@ int dc_audio_encoder_open(AudioOutputFil
-
- audio_output_file->frame_bytes = audio_output_file->codec_ctx->frame_size * av_get_bytes_per_sample(DC_AUDIO_SAMPLE_FORMAT) * DC_AUDIO_NUM_CHANNELS;
-
--#ifndef FF_API_AVFRAME_LAVC
-- avcodec_get_frame_defaults(audio_output_file->aframe);
--#else
- av_frame_unref(audio_output_file->aframe);
--#endif
-
-
- audio_output_file->aframe->nb_samples = audio_output_file->codec_ctx->frame_size;
---- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/applications/dashcast/video_decoder.c
-+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/applications/dashcast/video_decoder.c
-@@ -253,11 +253,7 @@ int dc_video_decoder_read(VideoInputFile
- video_data_node->source_number = source_number;
- /* Flush decoder */
- memset(&packet, 0, sizeof(AVPacket));
--#ifndef FF_API_AVFRAME_LAVC
-- avcodec_get_frame_defaults(video_data_node->vframe);
--#else
- av_frame_unref(video_data_node->vframe);
--#endif
-
- avcodec_decode_video2(codec_ctx, video_data_node->vframe, &got_frame, &packet);
- if (got_frame) {
-@@ -292,11 +288,7 @@ int dc_video_decoder_read(VideoInputFile
- video_data_node->source_number = source_number;
-
- /* Set video frame to default */
--#ifndef FF_API_AVFRAME_LAVC
-- avcodec_get_frame_defaults(video_data_node->vframe);
--#else
- av_frame_unref(video_data_node->vframe);
--#endif
-
- /* Decode video frame */
- if (avcodec_decode_video2(codec_ctx, video_data_node->vframe, &got_frame, &packet) < 0) {
---- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/applications/dashcast/video_encoder.c
-+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/applications/dashcast/video_encoder.c
-@@ -86,7 +86,7 @@ int dc_video_encoder_open(VideoOutputFil
- video_output_file->codec_ctx->time_base.den = video_data_conf->time_base.den;
- video_output_file->codec_ctx->time_base.num = video_data_conf->time_base.num * video_data_conf->time_base.den / video_data_conf->framerate;
- }
-- video_output_file->codec_ctx->pix_fmt = PIX_FMT_YUV420P;
-+ video_output_file->codec_ctx->pix_fmt = AV_PIX_FMT_YUV420P;
- video_output_file->codec_ctx->gop_size = video_data_conf->framerate;
-
- // video_output_file->codec_ctx->codec_id = video_codec->id;
-@@ -96,7 +96,7 @@ int dc_video_encoder_open(VideoOutputFil
- // video_output_file->codec_ctx->height = video_data_conf->height;
- // video_output_file->codec_ctx->time_base = (AVRational) {1 ,
- // video_output_file->video_data_conf->framerate};
--// video_output_file->codec_ctx->codec->pix_fmt = PIX_FMT_YUV420P;
-+// video_output_file->codec_ctx->codec->pix_fmt = AV_PIX_FMT_YUV420P;
- video_output_file->codec_ctx->gop_size = video_data_conf->framerate;
- //
- // av_opt_set(video_output_file->codec_ctx->priv_data, "preset", "ultrafast", 0);
---- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/applications/dashcast/video_muxer.c
-+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/applications/dashcast/video_muxer.c
-@@ -636,7 +636,7 @@ int dc_ffmpeg_video_muxer_open(VideoOutp
-
- video_stream->codec->time_base = video_codec_ctx->time_base;
-
-- video_stream->codec->pix_fmt = PIX_FMT_YUV420P;
-+ video_stream->codec->pix_fmt = AV_PIX_FMT_YUV420P;
- video_stream->codec->gop_size = video_codec_ctx->time_base.den; //video_output_file->video_data_conf->framerate;
-
- av_opt_set(video_stream->codec->priv_data, "preset", "ultrafast", 0);
---- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/applications/dashcast/video_scaler.c
-+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/applications/dashcast/video_scaler.c
-@@ -125,7 +125,7 @@ int dc_video_scaler_data_init(VideoInput
- dc_consumer_init(&video_scaled_data->consumer, video_cb_size, name);
-
- video_scaled_data->num_producers = max_source;
-- video_scaled_data->out_pix_fmt = PIX_FMT_YUV420P;
-+ video_scaled_data->out_pix_fmt = AV_PIX_FMT_YUV420P;
- GF_SAFE_ALLOC_N(video_scaled_data->vsprop, max_source, VideoScaledProp);
- memset(video_scaled_data->vsprop, 0, max_source * sizeof(VideoScaledProp));
-
-@@ -198,7 +198,7 @@ int dc_video_scaler_scale(VideoInputData
- video_scaled_data_node->cropped_frame->width = video_input_data->vprop[index].width - video_input_data->vprop[index].crop_x;
- video_scaled_data_node->cropped_frame->height = video_input_data->vprop[index].height - video_input_data->vprop[index].crop_y;
- #endif
-- if (av_picture_crop((AVPicture*)video_scaled_data_node->cropped_frame, (AVPicture*)video_data_node->vframe, PIX_FMT_YUV420P, video_input_data->vprop[index].crop_y, video_input_data->vprop[index].crop_x) < 0) {
-+ if (av_picture_crop((AVPicture*)video_scaled_data_node->cropped_frame, (AVPicture*)video_data_node->vframe, AV_PIX_FMT_YUV420P, video_input_data->vprop[index].crop_y, video_input_data->vprop[index].crop_x) < 0) {
- GF_LOG(GF_LOG_ERROR, GF_LOG_DASH, ("Video scaler: error while cropping picture.\n"));
- return -1;
- }
---- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/modules/ffmpeg_in/ffmpeg_decode.c
-+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/modules/ffmpeg_in/ffmpeg_decode.c
-@@ -327,11 +327,7 @@ static GF_Err FFDEC_AttachStream(GF_Base
- }
- }
- }
--#if !defined(FF_API_AVFRAME_LAVC)
-- *frame = avcodec_alloc_frame();
--#else
- *frame = av_frame_alloc();
--#endif
-
- }
- #ifdef HAS_HEVC
-@@ -398,11 +394,7 @@ static GF_Err FFDEC_AttachStream(GF_Base
-
- #if defined(USE_AVCTX3)
-
--#if !defined(FF_API_AVFRAME_LAVC)
-- ffd->audio_frame = avcodec_alloc_frame();
--#else
- ffd->audio_frame = av_frame_alloc();
--#endif
-
- #endif
-
-@@ -415,7 +407,7 @@ static GF_Err FFDEC_AttachStream(GF_Base
- case AV_CODEC_ID_GIF:
- #endif
- case AV_CODEC_ID_RAWVIDEO:
-- if ((*ctx)->pix_fmt==PIX_FMT_YUV420P) {
-+ if ((*ctx)->pix_fmt==AV_PIX_FMT_YUV420P) {
- ffd->pix_fmt = GF_PIXEL_YV12;
- } else {
- ffd->pix_fmt = GF_PIXEL_RGB_24;
-@@ -423,11 +415,7 @@ static GF_Err FFDEC_AttachStream(GF_Base
- break;
-
- case AV_CODEC_ID_DVD_SUBTITLE:
--#if !defined(FF_API_AVFRAME_LAVC)
-- *frame = avcodec_alloc_frame();
--#else
- *frame = av_frame_alloc();
--#endif
-
- #ifdef USE_AVCODEC2
- {
-@@ -856,7 +844,7 @@ redecode:
- *outBufferLength = ffd->out_size;
- // assert(inBufferLength==ffd->out_size);
-
-- if (ffd->raw_pix_fmt==PIX_FMT_BGR24) {
-+ if (ffd->raw_pix_fmt==AV_PIX_FMT_BGR24) {
- s32 i, j;
- for (j=0; j<ctx->height; j++) {
- u8 *src = (u8 *) inBuffer + j*3*ctx->width;
-@@ -995,7 +983,7 @@ redecode:
-
- stride = frame->linesize[0];
- #ifndef NO_10bit
-- if ((ctx->pix_fmt == PIX_FMT_YUV420P10LE) && ffd->output_as_8bit && (frame->linesize[0] >= 2*w) ) {
-+ if ((ctx->pix_fmt == AV_PIX_FMT_YUV420P10LE) && ffd->output_as_8bit && (frame->linesize[0] >= 2*w) ) {
- ffd->conv_to_8bit = 1;
- stride=w;
- }
-@@ -1004,7 +992,7 @@ redecode:
- /*recompute outsize in case on-the-fly change*/
- if ((w != ctx->width) || (h != ctx->height)
- || (ffd->direct_output && (stride != ffd->stride))
-- || ((ffd->out_pix_fmt==GF_PIXEL_YV12) && (ctx->pix_fmt != PIX_FMT_YUV420P) && !ffd->output_as_8bit )
-+ || ((ffd->out_pix_fmt==GF_PIXEL_YV12) && (ctx->pix_fmt != AV_PIX_FMT_YUV420P) && !ffd->output_as_8bit )
- //need to realloc the conversion buffer
- || (ffd->conv_to_8bit && !ffd->conv_buffer && ffd->direct_output)
- ) {
-@@ -1015,7 +1003,7 @@ redecode:
- }
- #ifndef NO_10bit
- //this YUV format is handled natively in GPAC
-- else if ((ctx->pix_fmt == PIX_FMT_YUV420P10LE) && !ffd->output_as_8bit) {
-+ else if ((ctx->pix_fmt == AV_PIX_FMT_YUV420P10LE) && !ffd->output_as_8bit) {
- ffd->stride = ffd->direct_output ? frame->linesize[0] : ctx->width*2;
- outsize = ffd->stride * ctx->height * 3 / 2;
- ffd->out_pix_fmt = GF_PIXEL_YV12_10;
-@@ -1161,18 +1149,18 @@ redecode:
- if (ffd->out_pix_fmt==GF_PIXEL_RGB_24) {
- pict.data[0] = (uint8_t *)outBuffer;
- pict.linesize[0] = 3*ctx->width;
-- pix_out = PIX_FMT_RGB24;
-+ pix_out = AV_PIX_FMT_RGB24;
- } else {
- pict.data[0] = (uint8_t *)outBuffer;
- pict.data[1] = (uint8_t *)outBuffer + ffd->stride * ctx->height;
- pict.data[2] = (uint8_t *)outBuffer + 5 * ffd->stride * ctx->height / 4;
- pict.linesize[0] = ffd->stride;
- pict.linesize[1] = pict.linesize[2] = ffd->stride/2;
-- pix_out = PIX_FMT_YUV420P;
-+ pix_out = AV_PIX_FMT_YUV420P;
- #ifndef NO_10bit
- //this YUV format is handled natively in GPAC
-- if (ctx->pix_fmt==PIX_FMT_YUV420P10LE) {
-- pix_out = PIX_FMT_YUV420P10LE;
-+ if (ctx->pix_fmt==AV_PIX_FMT_YUV420P10LE) {
-+ pix_out = AV_PIX_FMT_YUV420P10LE;
- }
- #endif
- if (!mmlevel && frame->interlaced_frame) {
---- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/modules/redirect_av/ffmpeg_ts_muxer.c
-+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/modules/redirect_av/ffmpeg_ts_muxer.c
-@@ -16,7 +16,7 @@
-
- #define STREAM_FRAME_RATE 25 /* 25 images/s */
- #define STREAM_NB_FRAMES ((int)(STREAM_DURATION * STREAM_FRAME_RATE))
--#define STREAM_PIX_FMT PIX_FMT_YUV420P /* default pix_fmt */
-+#define STREAM_PIX_FMT AV_PIX_FMT_YUV420P /* default pix_fmt */
-
- #define PACKETS_BUFFER_LEN 1024
-
---- gpac-0.5.2-426-gc5ad4e4+dfsg5.orig/modules/redirect_av/redirect_av.c
-+++ gpac-0.5.2-426-gc5ad4e4+dfsg5/modules/redirect_av/redirect_av.c
-@@ -253,7 +253,7 @@ static u32 video_encoding_thread_run(voi
- assert( currentFrameTimeProcessed != avr->frameTime);
- currentFrameTimeProcessed = avr->frameTime;
- {
-- avpicture_fill ( ( AVPicture * ) avr->RGBpicture, avr->frame, PIX_FMT_RGB24, avr->srcWidth, avr->srcHeight );
-+ avpicture_fill ( ( AVPicture * ) avr->RGBpicture, avr->frame, AV_PIX_FMT_RGB24, avr->srcWidth, avr->srcHeight );
- assert( avr->swsContext );
- sws_scale ( avr->swsContext,
- #ifdef USE_AVCODEC2
-@@ -318,7 +318,7 @@ exit:
- #define VIDEO_RATE 400000
-
- static Bool start_if_needed(GF_AVRedirect *avr) {
-- enum PixelFormat pxlFormatForCodec = PIX_FMT_YUV420P;
-+ enum AVPixelFormat pxlFormatForCodec = AV_PIX_FMT_YUV420P;
- if (avr->is_open)
- return 0;
- gf_mx_p(avr->frameMutex);
-@@ -367,13 +367,13 @@ static Bool start_if_needed(GF_AVRedirec
- }
-
- if (avr->videoCodec->id == CODEC_ID_MJPEG) {
-- pxlFormatForCodec = PIX_FMT_YUVJ420P;
-+ pxlFormatForCodec = AV_PIX_FMT_YUVJ420P;
- }
-
-- avr->RGBpicture = avcodec_alloc_frame();
-+ avr->RGBpicture = av_frame_alloc();
- assert ( avr->RGBpicture );
- avr->RGBpicture->data[0] = NULL;
-- avr->YUVpicture = avcodec_alloc_frame();
-+ avr->YUVpicture = av_frame_alloc();
- assert ( avr->YUVpicture );
- {
- u32 sz = sizeof ( uint8_t ) * avpicture_get_size ( pxlFormatForCodec, avr->srcWidth, avr->srcHeight );
-@@ -524,7 +524,7 @@ static void avr_on_video_reconfig ( void
- avr->frame = gf_malloc ( sizeof ( char ) *avr->size );
- avr->srcWidth = width;
- avr->srcHeight = height;
-- avr->swsContext = sws_getCachedContext ( avr->swsContext, avr->srcWidth, avr->srcHeight, PIX_FMT_RGB24, avr->srcWidth, avr->srcHeight, PIX_FMT_YUV420P, SWS_BICUBIC, NULL, NULL, NULL );
-+ avr->swsContext = sws_getCachedContext ( avr->swsContext, avr->srcWidth, avr->srcHeight, AV_PIX_FMT_RGB24, avr->srcWidth, avr->srcHeight, AV_PIX_FMT_YUV420P, SWS_BICUBIC, NULL, NULL, NULL );
- gf_mx_v(avr->frameMutex);
- }
- }
-@@ -787,7 +787,7 @@ void avr_delete ( GF_BaseInterface *ifce
- avr->videoCodec = NULL;
- if ( avr->YUVpicture )
- {
-- av_free ( avr->YUVpicture );
-+ av_frame_free ( &avr->YUVpicture );
- }
- if ( avr->yuv_data )
- av_free ( avr->yuv_data );
-@@ -795,7 +795,7 @@ void avr_delete ( GF_BaseInterface *ifce
- avr->YUVpicture = NULL;
- if ( avr->RGBpicture )
- {
-- av_free ( avr->RGBpicture );
-+ av_frame_free ( &avr->RGBpicture );
- }
- avr->RGBpicture = NULL;
- if ( avr->swsContext )
+++ /dev/null
-Description: Fix FTBFS with FFmpeg 4.0
-Author: James Cowgill <jcowgill@debian.org>
-Bug: https://github.com/gpac/gpac/pull/1063
-Bug-Debian: https://bugs.debian.org/888343
----
-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
---- a/applications/dashcast/video_encoder.c
-+++ b/applications/dashcast/video_encoder.c
-@@ -144,7 +144,7 @@ int dc_video_encoder_open(VideoOutputFil
- }
-
- //the global header gives access to the extradata (SPS/PPS)
-- video_output_file->codec_ctx->flags |= CODEC_FLAG_GLOBAL_HEADER;
-+ video_output_file->codec_ctx->flags |= AV_CODEC_FLAG_GLOBAL_HEADER;
-
- video_output_file->vstream_idx = 0;//video_stream->index;
-
---- a/modules/ffmpeg_in/ffmpeg_decode.c
-+++ b/modules/ffmpeg_in/ffmpeg_decode.c
-@@ -49,7 +49,7 @@
- static uint8_t * ffmpeg_realloc_buffer(uint8_t * oldBuffer, u32 size) {
- uint8_t * buffer;
- /* Size of buffer must be larger, see avcodec_decode_video2 documentation */
-- u32 allocatedSz = sizeof( char ) * (FF_INPUT_BUFFER_PADDING_SIZE + size);
-+ u32 allocatedSz = sizeof( char ) * (AV_INPUT_BUFFER_PADDING_SIZE + size);
- if (oldBuffer)
- gf_free(oldBuffer);
- buffer = (uint8_t*)gf_malloc( allocatedSz );
-@@ -577,7 +577,7 @@ static GF_Err FFDEC_GetCapabilities(GF_B
- capability->cap.valueInt = 1;
- return GF_OK;
- case GF_CODEC_PADDING_BYTES:
-- capability->cap.valueInt = FF_INPUT_BUFFER_PADDING_SIZE;
-+ capability->cap.valueInt = AV_INPUT_BUFFER_PADDING_SIZE;
- return GF_OK;
- case GF_CODEC_REORDER:
- capability->cap.valueInt = 1;
-@@ -669,7 +669,7 @@ static GF_Err FFDEC_GetCapabilities(GF_B
- break;
-
- case GF_CODEC_PADDING_BYTES:
-- capability->cap.valueInt = FF_INPUT_BUFFER_PADDING_SIZE;
-+ capability->cap.valueInt = AV_INPUT_BUFFER_PADDING_SIZE;
- break;
- default:
- capability->cap.valueInt = 0;
---- a/modules/redirect_av/ffmpeg_ts_muxer.c
-+++ b/modules/redirect_av/ffmpeg_ts_muxer.c
-@@ -201,7 +201,7 @@ GF_AbstractTSMuxer * ts_amux_new(GF_AVRe
- c->time_base.den = 1000;
- // some formats want stream headers to be separate
- if (ts->oc->oformat->flags & AVFMT_GLOBALHEADER)
-- c->flags |= CODEC_FLAG_GLOBAL_HEADER;
-+ c->flags |= AV_CODEC_FLAG_GLOBAL_HEADER;
- }
- #endif
-
-@@ -240,7 +240,7 @@ GF_AbstractTSMuxer * ts_amux_new(GF_AVRe
- }
- // some formats want stream headers to be separate
- if (ts->oc->oformat->flags & AVFMT_GLOBALHEADER)
-- c->flags |= CODEC_FLAG_GLOBAL_HEADER;
-+ c->flags |= AV_CODEC_FLAG_GLOBAL_HEADER;
-
- }
- //av_set_pts_info(ts->audio_st, 33, 1, audioBitRateInBitsPerSec);
---- a/modules/redirect_av/redirect_av.c
-+++ b/modules/redirect_av/redirect_av.c
-@@ -133,7 +133,7 @@ static u32 audio_encoding_thread_run(voi
- AVCodecContext * ctx = NULL;
- assert( avr );
-
-- outBuffSize = FF_MIN_BUFFER_SIZE;
-+ outBuffSize = AV_INPUT_BUFFER_MIN_SIZE;
-
- outBuff = (u8*)gf_malloc(outBuffSize* sizeof(u8));
- inBuff = NULL;
+++ /dev/null
---- a/Makefile
-+++ b/Makefile
-@@ -140,6 +140,7 @@ ifneq ($(MP4BOX_STATIC),yes)
- endif
- $(INSTALL) -d "$(DESTDIR)$(mandir)"
- $(INSTALL) -d "$(DESTDIR)$(mandir)/man1"
-+ $(INSTALL) $(INSTFLAGS) -m 644 $(SRC_PATH)/doc/man/mp42ts.1 $(DESTDIR)$(mandir)/man1/MP42TS.1
- $(INSTALL) $(INSTFLAGS) -m 644 $(SRC_PATH)/doc/man/mp4box.1 $(DESTDIR)$(mandir)/man1/
- $(INSTALL) $(INSTFLAGS) -m 644 $(SRC_PATH)/doc/man/mp4client.1 $(DESTDIR)$(mandir)/man1/
- $(INSTALL) $(INSTFLAGS) -m 644 $(SRC_PATH)/doc/man/gpac.1 $(DESTDIR)$(mandir)/man1/
-@@ -149,7 +150,7 @@ endif
- $(INSTALL) $(INSTFLAGS) -m 644 $(SRC_PATH)/gui/gui.bt "$(DESTDIR)$(prefix)/share/gpac/gui/"
- $(INSTALL) $(INSTFLAGS) -m 644 $(SRC_PATH)/gui/gui.js "$(DESTDIR)$(prefix)/share/gpac/gui/"
- $(INSTALL) $(INSTFLAGS) -m 644 $(SRC_PATH)/gui/gwlib.js "$(DESTDIR)$(prefix)/share/gpac/gui/"
-- $(INSTALL) $(INSTFLAGS) -m 644 $(SRC_PATH)/gui/mpegu-core.js "$(DESTDIR)$(prefix)/share/gpac/gui/"
-+ -$(INSTALL) $(INSTFLAGS) -m 644 $(SRC_PATH)/gui/mpegu-core.js "$(DESTDIR)$(prefix)/share/gpac/gui/"
- $(INSTALL) $(INSTFLAGS) -m 644 $(SRC_PATH)/gui/webvtt-renderer.js "$(DESTDIR)$(prefix)/share/gpac/gui/"
- $(INSTALL) -d "$(DESTDIR)$(prefix)/share/gpac/gui/icons"
- $(INSTALL) -d "$(DESTDIR)$(prefix)/share/gpac/gui/extensions"
--- a/configure
+++ b/configure
-@@ -360,7 +360,7 @@ for opt do
+@@ -365,7 +365,7 @@
;;
--cpu=*) cpu=`echo $opt | cut -d '=' -f 2`
;;
;;
--disable-opt) no_gcc_opt="yes"
;;
-@@ -708,7 +708,7 @@ fi
+@@ -708,7 +708,7 @@
#GCC opt
if test "$no_gcc_opt" = "no"; then
+++ /dev/null
-Author: Reinhard Tartler <siretart@tauware.de>
-Description: Allow compilation against libav10
-
----
- applications/dashcast/video_decoder.c | 2 -
- modules/ffmpeg_in/ffmpeg_decode.c | 56 +++++++++++++++++-----------------
- modules/ffmpeg_in/ffmpeg_demux.c | 22 +++++--------
- 3 files changed, 38 insertions(+), 42 deletions(-)
-
---- a/modules/ffmpeg_in/ffmpeg_decode.c
-+++ b/modules/ffmpeg_in/ffmpeg_decode.c
-@@ -408,13 +408,13 @@
-
- } else {
- switch ((*codec)->id) {
-- case CODEC_ID_MJPEG:
-- case CODEC_ID_MJPEGB:
-- case CODEC_ID_LJPEG:
-+ case AV_CODEC_ID_MJPEG:
-+ case AV_CODEC_ID_MJPEGB:
-+ case AV_CODEC_ID_LJPEG:
- #if (LIBAVCODEC_VERSION_INT > AV_VERSION_INT(51, 20, 0))
-- case CODEC_ID_GIF:
-+ case AV_CODEC_ID_GIF:
- #endif
-- case CODEC_ID_RAWVIDEO:
-+ case AV_CODEC_ID_RAWVIDEO:
- if ((*ctx)->pix_fmt==PIX_FMT_YUV420P) {
- ffd->pix_fmt = GF_PIXEL_YV12;
- } else {
-@@ -422,7 +422,7 @@
- }
- break;
-
-- case CODEC_ID_DVD_SUBTITLE:
-+ case AV_CODEC_ID_DVD_SUBTITLE:
- #if !defined(FF_API_AVFRAME_LAVC)
- *frame = avcodec_alloc_frame();
- #else
---- a/modules/ffmpeg_in/ffmpeg_demux.c
-+++ b/modules/ffmpeg_in/ffmpeg_demux.c
-@@ -54,7 +54,7 @@
- #endif /* AVERROR_NOFMT */
-
-
--#if ((LIBAVFORMAT_VERSION_MAJOR == 54) && (LIBAVFORMAT_VERSION_MINOR >= 20)) || (LIBAVFORMAT_VERSION_MAJOR > 54)
-+#if ((LIBAVFORMAT_VERSION_MAJOR == 54) && (LIBAVFORMAT_VERSION_MINOR >= 20)) || (LIBAVFORMAT_VERSION_MAJOR > 55)
-
- #define av_find_stream_info(__c) avformat_find_stream_info(__c, NULL)
- #define USE_AVFORMAT_OPEN_INPUT 1
gcc-optflags.patch
-#libav10.patch
-#export_gf_isom_set_pixel_aspect_ratio.patch
dont-err-build-on-uknown-system.patch
-#skip-swf-test.patch
-#ffmpeg_2.9.patch
-ffmpeg_4.patch
-fix_makefile_install.patch
-CVE-2018-7752.patch
-CVE-2018-20762.patch
-CVE-2018-20763.patch
-CVE-2018-20760.patch
-CVE-2018-13005.patch
-CVE-2019-11221.patch
-CVE-2019-11222.patch
+++ /dev/null
-Description: Skip test using .swf file
-Author: Balint Reczey <balint@balintreczey.hu>
-
-diff --git a/regression_tests/xmlin4/run_tests.sh b/regression_tests/xmlin4/run_tests.sh
-index 584c6eb..37d8d4d 100644
---- a/regression_tests/xmlin4/run_tests.sh
-+++ b/regression_tests/xmlin4/run_tests.sh
-@@ -41,11 +41,11 @@ echo -e "\nTesting 'stxt' import without mime, default to text/plain"
- echo -e "\nTesting 'stxt' import with header"
- ./run_one_test.sh text-stxt-header
-
--echo -e "\n**************** Testing SWF conversion as SVG and import as 'stxt' stream "
--MP4Box -add anim.swf:fmt=svg -new text-stxt-svg.mp4
--MP4Box -info text-stxt-svg.mp4
--MP4Box -raw 1 text-stxt-svg.mp4
--MP4Box -raws 1 text-stxt-svg.mp4
-+#echo -e "\n**************** Testing SWF conversion as SVG and import as 'stxt' stream "
-+#MP4Box -add anim.swf:fmt=svg -new text-stxt-svg.mp4
-+#MP4Box -info text-stxt-svg.mp4
-+#MP4Box -raw 1 text-stxt-svg.mp4
-+#MP4Box -raws 1 text-stxt-svg.mp4
-
- #MP4Box -mp4 anim.swf
-
-@@ -56,4 +56,4 @@ MP4Box -raw 1 subt-stpp-ttml.mp4
- MP4Box -raws 1 subt-stpp-ttml.mp4
-
- echo -e "\n**************** Generating file with all text variants text-all.mp4 "
--MP4Box -add meta-mett.mp4 -add meta-mett-xml.mp4 -add meta-mett-xml-header.mp4 -add meta-metx.mp4 -add subt-sbtt.mp4 -add subt-stpp.mp4 -add subt-stpp-ttml.mp4 -add text-stxt.mp4 -add text-stxt-header.mp4 -add text-stxt-svg.mp4 -new text-all.mp4
-\ No newline at end of file
-+MP4Box -add meta-mett.mp4 -add meta-mett-xml.mp4 -add meta-mett-xml-header.mp4 -add meta-metx.mp4 -add subt-sbtt.mp4 -add subt-stpp.mp4 -add subt-stpp-ttml.mp4 -add text-stxt.mp4 -add text-stxt-header.mp4 -add text-stxt-svg.mp4 -new text-all.mp4
projects / gpac.git / commitdiff