[dgit import tarball libde265 1.0.11-0+deb10u4 libde265_1.0.11-0+deb10u4.debian.tar.xz]
--- /dev/null
+include:
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
+
+variables:
+ RELEASE: 'buster'
+ SALSA_CI_COMPONENTS: 'main contrib non-free'
+ SALSA_CI_DISABLE_REPROTEST: 1
+ SALSA_CI_DISABLE_LINTIAN: 1
--- /dev/null
+libde265 (1.0.11-0+deb10u4) buster-security; urgency=medium
+
+ * Non-maintainer upload by the LTS Security Team.
+ * Import new upstream version, based on the 1.0.11-0+deb11u1 package
+ from bullseye.
+ - fixing:
+ CVE-2023-24751, CVE-2023-24752, CVE-2023-24754, CVE-2023-24755,
+ CVE-2023-24756, CVE-2023-24757, CVE-2023-24758 and CVE-2023-25221.
+ - dropping no longer needed patches that have been integrated or
+ made obsolete by the new upstream version.
+
+ -- Tobias Frost <tobi@debian.org> Sat, 04 Mar 2023 17:01:58 +0100
+
+libde265 (1.0.3-1+deb10u3) buster-security; urgency=medium
+
+ * Non-maintainer upload by the LTS Security Team.
+ * Source-only upload. (Last upload was accidentially a binary-upload)
+
+ -- Tobias Frost <tobi@debian.org> Tue, 24 Jan 2023 22:39:16 +0100
+
+libde265 (1.0.3-1+deb10u2) buster-security; urgency=medium
+
+ * Non-maintainer upload by the LTS Security Team.
+ * Add patches:
+ - reject_reference_pics_from_different_sps.patch
+ - use_sps_from_the_image.patch
+ - recycle_sps_if_possible.patch
+ * Cherry-pick additional patches from upstream:
+ check-4-negative-Q-value.patch
+ CVE-2022-43245-fix-asan-wildpointer-apply_sao_internal.patch
+ * Add patch "fix-invalid-memory-access.patch" to avoid out-of-bound
+ array access leading to crashes.
+ * Add patch CVE-2020-21596-global-buffer-overflow.patch
+ * Add patch to avoid use-after-free problems.
+ * Cumulative, the patches are fixing:
+ CVE-2020-21596, CVE-2020-21597, CVE-2020-21598, CVE-2022-43235,
+ CVE-2022-43236, CVE-2022-43237, CVE-2022-43238, CVE-2022-43239,
+ CVE-2022-43240, CVE-2022-43241, CVE-2022-43242, CVE-2022-43243,
+ CVE-2022-43244, CVE-2022-43245, CVE-2022-43248, CVE-2022-43249,
+ CVE-2022-43250, CVE-2022-43252, CVE-2022-43253, CVE-2022-47655.
+ (Closes: #1029357, #1029397, #1025816, #1027179)
+ * Amend changelog of 1.0.3-1+deb10u1, as it turned out that the
+ fix for CVE 2020-51999 and CVE 2021-36408 fixed other issues too.
+
+ -- Tobias Frost <tobi@debian.org> Tue, 24 Jan 2023 21:42:47 +0100
+
+libde265 (1.0.3-1+deb10u1) buster-security; urgency=medium
+
+ * Non-maintainer upload by the LTS Security Team.
+ * Cherry-pick upstream patches for:
+ - CVE-2020-21599 (Closes #1014999)
+ - CVE-2021-35452, CVE-2021-36408, CVE-2021-36409, CVE-2021-36410 and
+ CVE-2021-36411 (Closes: #1014977)
+ * The fix for CVE-2020-21599 also fixed:
+ CVE-2020-21595, CVE-2020-21600, CVE-2020-21601, CVE-2020-21602,
+ CVE-2020-21603, CVE-2020-21604, CVE-2020-21605, CVE-2020-21606
+ * The fix for CVE-2021-36408 also fixed:
+ CVE-2020-21597, CVE-2020-21598. (Closes: #1004963)
+
+ -- Tobias Frost <tobi@debian.org> Thu, 15 Dec 2022 17:40:12 +0100
+
+libde265 (1.0.3-1) unstable; urgency=medium
+
+ [ Ondřej Nový ]
+ * d/copyright: Use https protocol in Format field
+ * d/control: Set Vcs-* to salsa.debian.org
+
+ [ Felipe Sateler ]
+ * Change maintainer address to debian-multimedia@lists.debian.org
+
+ [ Joachim Bauch ]
+ * Imported Upstream version 1.0.3
+ * Update patches for new upstream version.
+ * Update symbols for new upstream version.
+ * Update standards version and switch to debhelper 10.
+
+ -- Joachim Bauch <bauch@struktur.de> Thu, 19 Apr 2018 11:44:40 +0200
+
+libde265 (1.0.2-2) unstable; urgency=low
+
+ [ Joachim Bauch ]
+ * Added patch by Andreas Cadhalpun to fix compilation with FFmpeg 2.9
+ (Closes: #803834)
+ * Updated symbols file for new C++11 symbols.
+
+ [ Sebastian Ramacher ]
+ * Migrate to automatic dbg packages.
+ * debian/control: Remove some unnecessary Build-Depends.
+
+ -- Joachim Bauch <bauch@struktur.de> Mon, 11 Jan 2016 19:12:19 +0100
+
+libde265 (1.0.2-1) unstable; urgency=low
+
+ * Imported Upstream version 1.0.2
+ * Added new files to copyright information.
+ * Only export decoder API and update symbols for new version.
+
+ -- Joachim Bauch <bauch@struktur.de> Thu, 16 Jul 2015 11:07:46 +0200
+
+libde265 (0.9-1) unstable; urgency=low
+
+ * Updated symbols to make all "std::vector" symbols optional.
+ * Imported Upstream version 0.9
+ * Removed deprecated patch to update symbols visibility. Changes were
+ applied upstream.
+ * Upstream supports compiling against Qt5, prefer that over Qt4.
+ * Added new symbols from new upstream release.
+
+ -- Joachim Bauch <bauch@struktur.de> Tue, 16 Sep 2014 18:47:14 +0200
+
+libde265 (0.8-1) unstable; urgency=low
+
+ * Initial release. (Closes: #744190)
+
+ -- Joachim Bauch <bauch@struktur.de> Fri, 08 Aug 2014 17:23:37 +0200
--- /dev/null
+Source: libde265
+Section: libs
+Priority: optional
+Maintainer: Debian Multimedia Maintainers <debian-multimedia@lists.debian.org>
+Uploaders:
+ Alessio Treglia <alessio@debian.org>,
+ Joachim Bauch <bauch@struktur.de>
+Build-Depends:
+ debhelper (>= 10),
+ libjpeg-dev,
+ libpng-dev,
+ qtbase5-dev | libqt4-dev,
+ libsdl-dev,
+ libswscale-dev,
+ libx11-dev,
+ libxext-dev,
+ libxv-dev,
+ pkg-config
+Standards-Version: 4.1.3
+Homepage: https://github.com/strukturag/libde265
+Vcs-Git: https://salsa.debian.org/multimedia-team/libde265.git
+Vcs-Browser: https://salsa.debian.org/multimedia-team/libde265
+
+Package: libde265-0
+Architecture: any
+Multi-Arch: same
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: Open H.265 video codec implementation
+ libde265 is an open source implementation of the H.265 video codec.
+ It is written from scratch in plain C for simplicity and efficiency.
+ Its simple API makes it easy to integrate it into other software.
+
+Package: libde265-dev
+Section: libdevel
+Multi-Arch: same
+Architecture: any
+Depends:
+ libde265-0 (= ${binary:Version}),
+ ${misc:Depends}
+Description: Open H.265 video codec implementation - development files
+ libde265 is an open source implementation of the H.265 video codec.
+ It is written from scratch in plain C for simplicity and efficiency.
+ Its simple API makes it easy to integrate it into other software.
+ .
+ The development headers for compiling programs that use libde265
+ are provided by this package.
+
+Package: libde265-examples
+Section: video
+Architecture: any
+Depends:
+ libde265-0 (= ${binary:Version}),
+ ${misc:Depends},
+ ${shlibs:Depends}
+Description: Open H.265 video codec implementation - examples
+ libde265 is an open source implementation of the H.265 video codec.
+ It is written from scratch in plain C for simplicity and efficiency.
+ Its simple API makes it easy to integrate it into other software.
+ .
+ Sample applications using libde265 are provided by this package.
--- /dev/null
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: libde265
+Upstream-Contact: struktur AG <opensource@struktur.de>
+Source: https://github.com/strukturag/libde265
+
+Files: *
+Copyright:
+ 2013-2014 struktur AG, Dirk Farin <farin@struktur.de>
+ 2013 openHEVC contributors
+License: LGPL-3+
+
+Files: dec265/dec265.cc
+ dec265/hdrcopy.cc
+ dec265/sdl.cc
+ dec265/sdl.hh
+ enc265/enc265.cc
+ sherlock265/VideoDecoder.cc
+ sherlock265/VideoDecoder.hh
+ sherlock265/VideoPlayer.cc
+ sherlock265/VideoPlayer.hh
+ sherlock265/VideoWidget.cc
+ sherlock265/VideoWidget.hh
+ sherlock265/sherlock265.cc
+ tools/bjoentegaard.cc
+ tools/block-rate-estim.cc
+ tools/gen-entropy-table.cc
+ tools/rd-curves.cc
+ tools/tests.cc
+ tools/yuv-distortion.cc
+Copyright:
+ 2013-2014 struktur AG, Dirk Farin <farin@struktur.de>
+ 2013-2014 struktur AG, Joachim Bauch <bauch@struktur.de>
+ 1998-2013 Free Software Foundation, Inc
+License: GPL-3+
+Comment: Please note that only the sample applications are GPL-3+ while
+ the decoding library itself is licensed as LGPL-3+.
+
+Files: extra/getopt.c
+ extra/getopt.h
+ extra/getopt_long.c
+Copyright: 1987-1996 The Regents of the University of California
+License: BSD-4-clause
+
+Files: libde265/md5.cc
+ libde265/md5.h
+Copyright: No copyright holder
+License: public-domain-1
+ This software was written by Alexander Peslyak in 2001. No copyright is
+ claimed, and the software is hereby placed in the public domain.
+ In case this attempt to disclaim copyright and place the software in the
+ public domain is deemed null and void, then the software is
+ Copyright (c) 2001 Alexander Peslyak and it is hereby released to the
+ general public under the following terms:
+ .
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted.
+ .
+ There's ABSOLUTELY NO WARRANTY, express or implied.
+ .
+ (This is a heavily cut-down "BSD license".)
+ .
+ This differs from Colin Plumb's older public domain implementation in that
+ no exactly 32-bit integer data type is required (any 32-bit or wider
+ unsigned integer data type will do), there's no compile-time endianness
+ configuration, and the function prototypes match OpenSSL's. No code from
+ Colin Plumb's implementation has been reused; this comment merely compares
+ the properties of the two independent implementations.
+ .
+ The primary goals of this implementation are portability and ease of use.
+ It is meant to be fast, but not as fast as possible. Some known
+ optimizations are not included to reduce source code size and avoid
+ compile-time configuration.
+
+Files: extra/win32cond.c
+ extra/win32cond.h
+Copyright:
+ 1993-2009 Douglas C. Schmidt and his research group at
+ Washington University, University of California, Irvine, and
+ Vanderbilt University
+License: other-1
+ ACE(TM), TAO(TM), CIAO(TM), DAnCE>(TM), and CoSMIC(TM) (henceforth
+ referred to as "DOC software") are copyrighted by Douglas C. Schmidt
+ and his research group at Washington University, University of California,
+ Irvine, and Vanderbilt University, Copyright (c) 1993-2009, all rights
+ reserved.
+ .
+ Since DOC software is open-source, freely available software, you are free
+ to use, modify, copy, and distribute--perpetually and irrevocably--the DOC
+ software source code and object code produced from the source, as well as
+ copy and distribute modified versions of this software. You must, however,
+ include this copyright statement along with any code built using DOC
+ software that you release.
+ .
+ No copyright statement needs to be provided if you just ship binary
+ executables of your software products.
+ .
+ See "Strategies for Implementing POSIX Condition Variables on Win32" at
+ http://www.cs.wustl.edu/~schmidt/win32-cv-1.html
+
+Files: debian/*
+Copyright:
+ 2014-2023 Joachim Bauch <jojo@struktur.de>
+ 2014 Alessio Treglia <alessio@debian.org>
+License: LGPL-3+
+
+License: GPL-3+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ On Debian systems the complete text of the GNU General Public License
+ can be found in the `/usr/share/common-licenses/GPL-3' file.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+License: LGPL-3+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ .
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ On Debian systems the complete text of the GNU Lesser General Public
+ License can be found in the `/usr/share/common-licenses/LGPL-3' file.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+License: BSD-4-clause
+ Copyright (c) 1987, 1993, 1994
+ The Regents of the University of California. All rights reserved.
+ .
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ 3. All advertising materials mentioning features or use of this software
+ must display the following acknowledgement:
+ This product includes software developed by the University of
+ California, Berkeley and its contributors.
+ 4. Neither the name of the University nor the names of its contributors
+ may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
--- /dev/null
+usr/lib/*/*.so.*
--- /dev/null
+libde265.so.0 libde265-0 #MINVER#
+* Build-Depends-Package: libde265-dev
+ (optional|c++|regex)"^std::_Sp_counted_base<.*@Base$" 1.0.2
+ (optional|c++|regex)"^std::_Sp_counted_ptr<.*@Base$" 1.0.3
+ (optional|c++|regex)"^std::__cxx11::basic_string<.*@Base$" 1.0.2
+ (optional|c++|regex)"^std::_Sp_make_shared_tag.*@Base$" 1.0.4
+ (optional|c++|regex)"^std::_Vector_base<.*@Base$" 1.0.7
+ (optional|c++|regex)"^std::__cxx11::basic_string<.*@Base$" 1.0.9
+ (optional|c++|regex)"^std::__cxx11::basic_stringbuf<.*@Base$" 1.0.2
+ (optional|c++|regex)"^std::vector<.*@Base$" 1.0.2
+ (optional|c++|regex)"^typeinfo for std::.*@Base$" 1.0.2
+ (optional|c++|regex)"^typeinfo name for std::.*@Base$" 1.0.2
+ (optional|c++|regex)"^void std::vector<.*@Base$" 1.0.2
+ (optional=only used internally by dec265|c++)"MSE(unsigned char const*, int, unsigned char const*, int, int, int)@Base" 1.0.2
+ (optional=only used internally by dec265|c++)"PSNR(double)@Base" 1.0.2
+ (optional=only used by the non-final encoder api)de265_alloc_image_plane@Base 1.0.2
+ (optional|c++)"void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag)@Base" 1.0.11
+ (optional|c++)"void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char*>(char*, char*, std::forward_iterator_tag)@Base" 1.0.11
+ de265_change_framerate@Base 0.8
+ de265_decode@Base 0.8
+ de265_decode_data@Base 0.8
+ de265_disable_logging@Base 0.8
+ de265_flush_data@Base 0.8
+ de265_free@Base 0.8
+ de265_free_decoder@Base 0.8
+ (optional=only used by the non-final encoder api)de265_free_image_plane@Base 1.0.2
+ de265_get_bits_per_pixel@Base 1.0.2
+ de265_get_chroma_format@Base 0.8
+ de265_get_current_TID@Base 0.8
+ de265_get_default_image_allocation_functions@Base 0.8
+ de265_get_error_text@Base 0.8
+ de265_get_highest_TID@Base 0.8
+ de265_get_image_NAL_header@Base 0.8
+ de265_get_image_PTS@Base 0.8
+ de265_get_image_colour_primaries@Base 1.0.7
+ de265_get_image_full_range_flag@Base 1.0.7
+ de265_get_image_height@Base 0.8
+ de265_get_image_matrix_coefficients@Base 1.0.7
+ de265_get_image_plane@Base 0.8
+ de265_get_image_plane_user_data@Base 0.8
+ de265_get_image_transfer_characteristics@Base 1.0.7
+ de265_get_image_user_data@Base 0.8
+ de265_get_image_width@Base 0.8
+ de265_get_next_picture@Base 0.8
+ de265_get_number_of_NAL_units_pending@Base 0.8
+ de265_get_number_of_input_bytes_pending@Base 0.8
+ de265_get_parameter_bool@Base 0.8
+ de265_get_version@Base 0.8
+ de265_get_version_number@Base 0.8
+ de265_get_version_number_maintenance@Base 1.0.2
+ de265_get_version_number_major@Base 1.0.2
+ de265_get_version_number_minor@Base 1.0.2
+ de265_get_warning@Base 0.8
+ de265_init@Base 0.8
+ de265_isOK@Base 0.8
+ de265_new_decoder@Base 0.8
+ de265_peek_next_picture@Base 0.8
+ de265_push_NAL@Base 0.8
+ de265_push_data@Base 0.8
+ de265_push_end_of_NAL@Base 0.8
+ de265_push_end_of_frame@Base 0.9
+ de265_release_next_picture@Base 0.8
+ de265_reset@Base 0.8
+ de265_set_framerate_ratio@Base 0.8
+ de265_set_image_allocation_functions@Base 0.8
+ de265_set_image_plane@Base 0.8
+ de265_set_image_user_data@Base 0.9
+ de265_set_limit_TID@Base 0.8
+ de265_set_parameter_bool@Base 0.8
+ de265_set_parameter_int@Base 0.8
+ de265_set_verbosity@Base 0.8
+ de265_start_worker_threads@Base 0.8
+ (optional=only used internally by sherlock265)draw_CB_grid@Base 0.8
+ (optional=only used internally by sherlock265)draw_Motion@Base 0.8
+ (optional=only used internally by sherlock265)draw_PB_grid@Base 0.8
+ (optional=only used internally by sherlock265)draw_PB_pred_modes@Base 0.8
+ (optional=only used internally by sherlock265)draw_QuantPY@Base 0.8
+ (optional=only used internally by sherlock265)draw_Slices@Base 0.8
+ (optional=only used internally by sherlock265)draw_TB_grid@Base 0.8
+ (optional=only used internally by sherlock265)draw_Tiles@Base 0.8
+ (optional=only used internally by sherlock265)draw_intra_pred_modes@Base 0.8
+ (optional=only used by the non-final encoder api|regex)en265_.*@Base 1.0.2
--- /dev/null
+usr/include/*
+usr/lib/*/*.so
+usr/lib/*/pkgconfig/*
--- /dev/null
+usr/lib/*/libde265.a
+usr/lib/*/libde265.la
--- /dev/null
+Description: Disable building of some internal tools that no longer link
+ because internal symbols are no longer exported.
+Author: Joachim Bauch <bauch@struktur.de>
+--- a/dec265/Makefile.am
++++ b/dec265/Makefile.am
+@@ -1,5 +1,5 @@
+
+-bin_PROGRAMS = dec265 hdrcopy
++bin_PROGRAMS = dec265
+
+ AM_CPPFLAGS = -I$(top_srcdir)/libde265 -I$(top_srcdir)
+
+@@ -9,12 +9,6 @@
+ dec265_LDADD = ../libde265/libde265.la -lstdc++
+ dec265_SOURCES = dec265.cc
+
+-hdrcopy_DEPENDENCIES = ../libde265/libde265.la
+-hdrcopy_CXXFLAGS =
+-hdrcopy_LDFLAGS =
+-hdrcopy_LDADD = ../libde265/libde265.la -lstdc++
+-hdrcopy_SOURCES = hdrcopy.cc
+-
+ if HAVE_VIDEOGFX
+ dec265_CXXFLAGS += $(VIDEOGFX_CFLAGS)
+ dec265_LDFLAGS += $(VIDEOGFX_LIBS)
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -8,13 +8,6 @@
+ SUBDIRS+=dec265
+ endif
+
+-if ENABLE_ENCODER
+-SUBDIRS+=enc265
+-endif
+-
+-SUBDIRS+=tools
+-SUBDIRS+=acceleration-speed
+-
+ if ENABLE_SHERLOCK265
+ SUBDIRS+=sherlock265
+ endif
--- /dev/null
+Description: Only export symbols defined in the decoder API.
+ The encoder API is not final yet, so upstream exports all symbols to make
+ development easier. For packaging we only want to expose the public API.
+Author: Joachim Bauch <bauch@struktur.de>
+--- a/libde265/encoder/Makefile.am
++++ b/libde265/encoder/Makefile.am
+@@ -12,6 +12,18 @@
+ encpicbuf.h encpicbuf.cc \
+ sop.h sop.cc
+
++libde265_encoder_la_CFLAGS = \
++ $(CFLAG_VISIBILITY) \
++ -DLIBDE265_EXPORTS
++libde265_encoder_la_CXXFLAGS += \
++ $(CFLAG_VISIBILITY) \
++ -DLIBDE265_EXPORTS
++
++if HAVE_VISIBILITY
++ libde265_encoder_la_CFLAGS += -DHAVE_VISIBILITY
++ libde265_encoder_la_CXXFLAGS += -DHAVE_VISIBILITY
++endif
++
+ SUBDIRS=algo
+ libde265_encoder_la_LIBADD = algo/libde265_encoder_algo.la
+
+--- a/libde265/encoder/algo/Makefile.am
++++ b/libde265/encoder/algo/Makefile.am
+@@ -17,5 +17,13 @@
+ tb-rateestim.h tb-rateestim.cc \
+ pb-mv.h pb-mv.cc
+
++libde265_encoder_algo_la_CXXFLAGS += \
++ $(CFLAG_VISIBILITY) \
++ -DLIBDE265_EXPORTS
++
++if HAVE_VISIBILITY
++ libde265_encoder_algo_la_CXXFLAGS += -DHAVE_VISIBILITY
++endif
++
+ EXTRA_DIST = \
+ CMakeLists.txt
+--- a/configure.ac
++++ b/configure.ac
+@@ -56,9 +56,7 @@
+ fi
+ changequote([,])dnl
+
+-dnl gl_VISIBILITY
+-dnl : In encoder branch, we still export all library symbols :
+-HAVE_VISIBILITY=0
++gl_VISIBILITY
+ AM_CONDITIONAL([HAVE_VISIBILITY], [test "x$HAVE_VISIBILITY" != "x0"])
+
+ # Checks for header files.
+--- a/libde265/image-io.cc
++++ b/libde265/image-io.cc
+@@ -186,7 +186,7 @@
+ }
+
+
+-LIBDE265_API PacketSink_File::~PacketSink_File()
++PacketSink_File::~PacketSink_File()
+ {
+ if (mFH) {
+ fclose(mFH);
+@@ -194,7 +194,7 @@
+ }
+
+
+-LIBDE265_API void PacketSink_File::set_filename(const char* filename)
++void PacketSink_File::set_filename(const char* filename)
+ {
+ assert(mFH==NULL);
+
+@@ -202,7 +202,7 @@
+ }
+
+
+-LIBDE265_API void PacketSink_File::send_packet(const uint8_t* data, int n)
++void PacketSink_File::send_packet(const uint8_t* data, int n)
+ {
+ uint8_t startCode[3];
+ startCode[0] = 0;
+--- a/libde265/image-io.h
++++ b/libde265/image-io.h
+@@ -30,17 +30,17 @@
+ class ImageSource
+ {
+ public:
+- LIBDE265_API ImageSource();
+- virtual LIBDE265_API ~ImageSource() { }
++ ImageSource();
++ virtual ~ImageSource() { }
+
+ //enum ImageStatus { Available, Waiting, EndOfVideo };
+
+ //virtual ImageStatus get_status() = 0;
+- virtual LIBDE265_API de265_image* get_image(bool block=true) = 0;
+- virtual LIBDE265_API void skip_frames(int n) = 0;
++ virtual de265_image* get_image(bool block=true) = 0;
++ virtual void skip_frames(int n) = 0;
+
+- virtual LIBDE265_API int get_width() const = 0;
+- virtual LIBDE265_API int get_height() const = 0;
++ virtual int get_width() const = 0;
++ virtual int get_height() const = 0;
+ };
+
+
+@@ -48,17 +48,17 @@
+ class ImageSource_YUV : public ImageSource
+ {
+ public:
+- LIBDE265_API ImageSource_YUV();
+- virtual LIBDE265_API ~ImageSource_YUV();
++ ImageSource_YUV();
++ virtual ~ImageSource_YUV();
+
+- bool LIBDE265_API set_input_file(const char* filename, int w,int h);
++ bool set_input_file(const char* filename, int w,int h);
+
+ //virtual ImageStatus get_status();
+- virtual LIBDE265_API de265_image* get_image(bool block=true);
+- virtual LIBDE265_API void skip_frames(int n);
++ virtual de265_image* get_image(bool block=true);
++ virtual void skip_frames(int n);
+
+- virtual LIBDE265_API int get_width() const { return width; }
+- virtual LIBDE265_API int get_height() const { return height; }
++ virtual int get_width() const { return width; }
++ virtual int get_height() const { return height; }
+
+ private:
+ FILE* mFH;
+@@ -74,20 +74,20 @@
+ class ImageSink
+ {
+ public:
+- virtual LIBDE265_API ~ImageSink() { }
++ virtual ~ImageSink() { }
+
+- virtual LIBDE265_API void send_image(const de265_image* img) = 0;
++ virtual void send_image(const de265_image* img) = 0;
+ };
+
+ class ImageSink_YUV : public ImageSink
+ {
+ public:
+- LIBDE265_API ImageSink_YUV() : mFH(NULL) { }
+- LIBDE265_API ~ImageSink_YUV();
++ ImageSink_YUV() : mFH(NULL) { }
++ ~ImageSink_YUV();
+
+- bool LIBDE265_API set_filename(const char* filename);
++ bool set_filename(const char* filename);
+
+- virtual LIBDE265_API void send_image(const de265_image* img);
++ virtual void send_image(const de265_image* img);
+
+ private:
+ FILE* mFH;
+@@ -98,21 +98,21 @@
+ class PacketSink
+ {
+ public:
+- virtual LIBDE265_API ~PacketSink() { }
++ virtual ~PacketSink() { }
+
+- virtual LIBDE265_API void send_packet(const uint8_t* data, int n) = 0;
++ virtual void send_packet(const uint8_t* data, int n) = 0;
+ };
+
+
+ class PacketSink_File : public PacketSink
+ {
+ public:
+- LIBDE265_API PacketSink_File();
+- virtual LIBDE265_API ~PacketSink_File();
++ PacketSink_File();
++ virtual ~PacketSink_File();
+
+- LIBDE265_API void set_filename(const char* filename);
++ void set_filename(const char* filename);
+
+- virtual LIBDE265_API void send_packet(const uint8_t* data, int n);
++ virtual void send_packet(const uint8_t* data, int n);
+
+ private:
+ FILE* mFH;
+--- a/libde265/configparam.h
++++ b/libde265/configparam.h
+@@ -95,7 +95,7 @@
+ bool hasLongOption() const { return true; } //mLongOption!=NULL; }
+ std::string getLongOption() const { return mLongOption ? std::string(mLongOption) : get_name(); }
+
+- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx) { return false; }
++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx) { return false; }
+
+
+
+@@ -132,7 +132,7 @@
+ virtual std::string get_default_string() const { return default_value ? "true":"false"; }
+
+ virtual std::string getTypeDescr() const { return "(boolean)"; }
+- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx) { set(true); return true; }
++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx) { set(true); return true; }
+
+ bool set(bool v) { value_set=true; value=v; return true; }
+
+@@ -162,10 +162,10 @@
+ virtual bool has_default() const { return default_set; }
+
+ void set_default(std::string v) { default_value=v; default_set=true; }
+- virtual LIBDE265_API std::string get_default_string() const { return default_value; }
++ virtual std::string get_default_string() const { return default_value; }
+
+- virtual LIBDE265_API std::string getTypeDescr() const { return "(string)"; }
+- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx);
++ virtual std::string getTypeDescr() const { return "(string)"; }
++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx);
+
+ bool set(std::string v) { value_set=true; value=v; return true; }
+
+@@ -201,10 +201,10 @@
+ virtual bool has_default() const { return default_set; }
+
+ void set_default(int v) { default_value=v; default_set=true; }
+- virtual LIBDE265_API std::string get_default_string() const;
++ virtual std::string get_default_string() const;
+
+- virtual LIBDE265_API std::string getTypeDescr() const;
+- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx);
++ virtual std::string getTypeDescr() const;
++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx);
+
+ bool set(int v) {
+ if (is_valid(v)) { value_set=true; value=v; return true; }
+@@ -239,7 +239,7 @@
+ virtual std::vector<std::string> get_choice_names() const = 0;
+
+ virtual std::string getTypeDescr() const;
+- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx);
++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx);
+
+ const char** get_choices_string_table() const;
+
+@@ -368,10 +368,10 @@
+ config_parameters() : param_string_table(NULL) { }
+ ~config_parameters() { delete[] param_string_table; }
+
+- void LIBDE265_API add_option(option_base* o);
++ void add_option(option_base* o);
+
+- void LIBDE265_API print_params() const;
+- bool LIBDE265_API parse_command_line_params(int* argc, char** argv, int* first_idx=NULL,
++ void print_params() const;
++ bool parse_command_line_params(int* argc, char** argv, int* first_idx=NULL,
+ bool ignore_unknown_options=false);
+
+
+--- a/libde265/quality.h
++++ b/libde265/quality.h
+@@ -26,11 +26,11 @@
+ #include <libde265/image.h>
+
+
+-LIBDE265_API uint32_t SSD(const uint8_t* img, int imgStride,
++uint32_t SSD(const uint8_t* img, int imgStride,
+ const uint8_t* ref, int refStride,
+ int width, int height);
+
+-LIBDE265_API uint32_t SAD(const uint8_t* img, int imgStride,
++uint32_t SAD(const uint8_t* img, int imgStride,
+ const uint8_t* ref, int refStride,
+ int width, int height);
+
+@@ -41,7 +41,7 @@
+ LIBDE265_API double PSNR(double mse);
+
+
+-LIBDE265_API uint32_t compute_distortion_ssd(const de265_image* img1, const de265_image* img2,
++uint32_t compute_distortion_ssd(const de265_image* img1, const de265_image* img2,
+ int x0, int y0, int log2size, int cIdx);
+
+ #endif
--- /dev/null
+Description: Don't update sps if they are only repeated
+Origin: https://github.com/strukturag/libde265/pull/372
+From 51f07f132f29832e025a8b913b61cbd20257c5fc Mon Sep 17 00:00:00 2001
+From: Tobias Frost <tobi@debian.org>
+Date: Fri, 13 Jan 2023 12:22:45 +0100
+Subject: [PATCH] Don't update sps if they are only repeated
+
+This is an attempt to improve the mitigations from #365 and #366 and picks up an idea I described at #345:
+
+> One way would be just to look at the pointers of the SPS (fast and easy, but
+> may reject more than required), or investigate if the SPS used for the image
+> generations are "compatible".
+
+This changes do exactly this: It (very conservativly) checks if the old and new sps have
+identical information -- except the reference picture set, which I believe is supposed
+to be updated by new sps'). If they are basically identical, the old sps will be
+used instead of the new one, (of course, reference image set is updated from the new one)
+
+I'm using standalone operator== and helper functions to avoid changing ABI of the library;
+if an ABI bump would be done, of course this should go to the respective classes.
+---
+ libde265/decctx.cc | 273 +++++++++++++++++++++++++++++++++++++++++++++
+ libde265/sps.cc | 6 +
+ 2 files changed, 279 insertions(+)
+
+diff --git a/libde265/decctx.cc b/libde265/decctx.cc
+index 6701725f..0000b25d 100644
+--- a/libde265/decctx.cc
++++ b/libde265/decctx.cc
+@@ -545,6 +545,263 @@ de265_error decoder_context::read_vps_NAL(bitreader& reader)
+ return DE265_OK;
+ }
+
++// implemented as freestanding functions to avoid changing API
++
++bool operator==(const profile_data &lhs, const profile_data &rhs) {
++ if(&lhs == &rhs) return true;
++ if(lhs.profile_present_flag != rhs.profile_present_flag ) return false;
++ if(lhs.profile_present_flag) {
++ if(lhs.profile_space != rhs.profile_space ) return false;
++ if(lhs.tier_flag != rhs.tier_flag ) return false;
++ if(lhs.profile_idc != rhs.profile_idc ) return false;
++
++ if(memcmp(lhs.profile_compatibility_flag, rhs.profile_compatibility_flag, sizeof(rhs.profile_compatibility_flag)) ) return false;
++
++ if(lhs.progressive_source_flag != rhs.progressive_source_flag ) return false;
++ if(lhs.interlaced_source_flag != rhs.interlaced_source_flag ) return false;
++ if(lhs.non_packed_constraint_flag != rhs.non_packed_constraint_flag ) return false;
++ if(lhs.frame_only_constraint_flag != rhs.frame_only_constraint_flag ) return false;
++ }
++
++ if(lhs.level_present_flag != rhs.level_present_flag) return false;
++ if(lhs.level_present_flag && lhs.level_idc != rhs.level_idc ) return false;
++
++ return true;
++}
++
++bool operator!=(const profile_data &lhs, const profile_data &rhs) {
++ if(&lhs == &rhs) return false;
++ return (!(lhs==rhs));
++}
++
++// class does not store max_sub_layers, so operator == cannot be done.
++bool isEqual(const profile_tier_level &lhs , const profile_tier_level &rhs, int sps_max_sub_layers ) {
++ if(&lhs == &rhs) return true;
++
++ if(lhs.general != rhs.general ) return false;
++ for(int i = 0 ; i < sps_max_sub_layers; i++ ) {
++ if(lhs.sub_layer[i] != rhs.sub_layer[i]) return false;
++ }
++ return true;
++}
++
++bool isEqual(const video_usability_information &lhs, const video_usability_information &rhs, const seq_parameter_set &sps) {
++ if(&lhs == &rhs) return true;
++
++ // not seen yet if(lhs.nal_hrd_parameters_present_flag != rhs.nal_hrd_parameters_present_flag ) return false;
++
++ // populated by video_usability_information::read()
++ if(lhs.aspect_ratio_info_present_flag != rhs.aspect_ratio_info_present_flag ) return false;
++ if(lhs.aspect_ratio_info_present_flag) {
++ if(lhs.sar_width != rhs.sar_width ) return false;
++ if(lhs.sar_height != rhs.sar_height ) return false;
++ }
++
++ if(lhs.overscan_info_present_flag != rhs.overscan_info_present_flag ) return false;
++ if(lhs.overscan_info_present_flag) {
++ if(lhs.overscan_appropriate_flag != rhs.overscan_appropriate_flag ) return false;
++ }
++
++ if(lhs.video_signal_type_present_flag != rhs.video_signal_type_present_flag ) return false;
++ if(lhs.video_signal_type_present_flag) {
++ if(lhs.video_format != rhs.video_format ) return false;
++ if(lhs.video_full_range_flag != rhs.video_full_range_flag) return false;
++ if(lhs.colour_description_present_flag != rhs.colour_description_present_flag) return false;
++ if(lhs.colour_primaries != rhs.colour_primaries ) return false;
++ if(lhs.transfer_characteristics != rhs.transfer_characteristics ) return false;
++ if(lhs.matrix_coeffs != rhs.matrix_coeffs ) return false;
++ }
++
++ if(lhs.chroma_loc_info_present_flag != rhs.chroma_loc_info_present_flag ) return false;
++ if(lhs.chroma_loc_info_present_flag) {
++ if(lhs.chroma_sample_loc_type_top_field != rhs.chroma_sample_loc_type_top_field ) return false;
++ if(lhs.chroma_sample_loc_type_bottom_field != rhs.chroma_sample_loc_type_bottom_field ) return false;
++ }
++ if(lhs.neutral_chroma_indication_flag != rhs.neutral_chroma_indication_flag ) return false;
++ if(lhs.field_seq_flag != rhs.field_seq_flag ) return false;
++ if(lhs.frame_field_info_present_flag != rhs.frame_field_info_present_flag ) return false;
++
++ if(lhs.default_display_window_flag != rhs.default_display_window_flag ) return false;
++ if(lhs.default_display_window_flag) {
++ if(lhs.def_disp_win_left_offset != rhs.def_disp_win_left_offset ) return false;
++ if(lhs.def_disp_win_right_offset != rhs.def_disp_win_right_offset ) return false;
++ if(lhs.def_disp_win_top_offset != rhs.def_disp_win_top_offset ) return false;
++ if(lhs.def_disp_win_bottom_offset != rhs.def_disp_win_bottom_offset ) return false;
++ }
++
++ if(lhs.vui_timing_info_present_flag != rhs.vui_timing_info_present_flag ) return false;
++ if(lhs.vui_timing_info_present_flag) {
++ if(lhs.vui_num_units_in_tick != rhs.vui_num_units_in_tick ) return false;
++ if(lhs.vui_time_scale != rhs.vui_time_scale ) return false;
++ if(lhs.vui_timing_info_present_flag != rhs.vui_timing_info_present_flag ) return false;
++ if(lhs.vui_timing_info_present_flag) {
++ if(lhs.vui_num_ticks_poc_diff_one != rhs.vui_num_ticks_poc_diff_one ) return false;
++ }
++ }
++
++ if(lhs.vui_hrd_parameters_present_flag != rhs.vui_hrd_parameters_present_flag ) return false;
++
++
++ if(lhs.vui_hrd_parameters_present_flag) {
++ // check things made by hrd_parametes
++
++ if(lhs.vui_hrd_parameters_present_flag != rhs.vui_hrd_parameters_present_flag ) return false;
++ if(lhs.vcl_hrd_parameters_present_flag != rhs.vcl_hrd_parameters_present_flag ) return false;
++
++ if(lhs.nal_hrd_parameters_present_flag || lhs.vcl_hrd_parameters_present_flag) {
++ if(lhs.sub_pic_hrd_params_present_flag != rhs.sub_pic_hrd_params_present_flag ) return false;
++ if(lhs.sub_pic_hrd_params_present_flag) {
++ if(lhs.tick_divisor_minus2 != rhs.tick_divisor_minus2 ) return false;
++ if(lhs.du_cpb_removal_delay_increment_length_minus1 != rhs.du_cpb_removal_delay_increment_length_minus1 ) return false;
++ if(lhs.sub_pic_cpb_params_in_pic_timing_sei_flag != rhs.sub_pic_cpb_params_in_pic_timing_sei_flag ) return false;
++ if(lhs.dpb_output_delay_du_length_minus1 != rhs.dpb_output_delay_du_length_minus1 ) return false;
++ }
++ if(lhs.bit_rate_scale != rhs.bit_rate_scale ) return false;
++ if(lhs.cpb_size_scale != rhs.cpb_size_scale ) return false;
++ if(lhs.sub_pic_hrd_params_present_flag) {
++ if(lhs.cpb_size_du_scale != rhs.cpb_size_du_scale ) return false;
++ }
++ if(lhs.initial_cpb_removal_delay_length_minus1 != rhs.initial_cpb_removal_delay_length_minus1 ) return false;
++ if(lhs.au_cpb_removal_delay_length_minus1 != rhs.au_cpb_removal_delay_length_minus1 ) return false;
++ if(lhs.dpb_output_delay_length_minus1 != rhs.dpb_output_delay_length_minus1 ) return false;
++ }
++
++ int i;
++ unsigned int j, nalOrVcl;
++
++ for (i = 0; i < sps.sps_max_sub_layers; i++) {
++ if(lhs.fixed_pic_rate_general_flag[i] != rhs.fixed_pic_rate_general_flag[i] ) return false;
++ if(lhs.fixed_pic_rate_general_flag[i]) {
++ if(lhs.elemental_duration_in_tc_minus1[i] != rhs.elemental_duration_in_tc_minus1[i] ) return false;
++ }
++ if(lhs.low_delay_hrd_flag[i] != rhs.low_delay_hrd_flag[i] ) return false;
++ if(lhs.cpb_cnt_minus1[i] != rhs.cpb_cnt_minus1[i] ) return false;
++
++ for (nalOrVcl = 0; nalOrVcl < 2; nalOrVcl++) {
++ if (((nalOrVcl == 0) && lhs.nal_hrd_parameters_present_flag) || ((nalOrVcl == 1) && lhs.vcl_hrd_parameters_present_flag)) {
++ for (j = 0; j <= lhs.cpb_cnt_minus1[i]; j++) {
++ if(lhs.bit_rate_value_minus1[i][j][nalOrVcl] != rhs.bit_rate_value_minus1[i][j][nalOrVcl]) return false;
++ if(lhs.cpb_size_value_minus1[i][j][nalOrVcl] != rhs.cpb_size_value_minus1[i][j][nalOrVcl]) return false;
++
++ if (lhs.sub_pic_hrd_params_present_flag) {
++ if(lhs.cpb_size_du_value_minus1[i][j][nalOrVcl] != rhs.cpb_size_du_value_minus1[i][j][nalOrVcl]) return false;
++ if(lhs.bit_rate_du_value_minus1[i][j][nalOrVcl] != rhs.bit_rate_du_value_minus1[i][j][nalOrVcl]) return false;
++ }
++ if( lhs.cbr_flag[i][j][nalOrVcl] != rhs.cbr_flag[i][j][nalOrVcl]) return false;
++ }
++ }
++ }
++ }
++ }
++ return true;
++}
++
++bool operator==(const sps_range_extension &lhs, const sps_range_extension &rhs) {
++ if(&lhs == &rhs) return true;
++ if(lhs.transform_skip_rotation_enabled_flag != rhs.transform_skip_rotation_enabled_flag ) return false;
++ if(lhs.transform_skip_context_enabled_flag != rhs.transform_skip_context_enabled_flag ) return false;
++ if(lhs.implicit_rdpcm_enabled_flag != rhs.implicit_rdpcm_enabled_flag ) return false;
++ if(lhs.explicit_rdpcm_enabled_flag != rhs.explicit_rdpcm_enabled_flag ) return false;
++ if(lhs.extended_precision_processing_flag != rhs.extended_precision_processing_flag ) return false;
++ if(lhs.intra_smoothing_disabled_flag != rhs.intra_smoothing_disabled_flag ) return false;
++ if(lhs.high_precision_offsets_enabled_flag != rhs.high_precision_offsets_enabled_flag ) return false;
++ if(lhs.persistent_rice_adaptation_enabled_flag != rhs.persistent_rice_adaptation_enabled_flag ) return false;
++ if(lhs.cabac_bypass_alignment_enabled_flag != rhs.cabac_bypass_alignment_enabled_flag ) return false;
++ return true;
++}
++
++bool operator!=(const sps_range_extension &lhs, const sps_range_extension &rhs) {
++ if(&lhs == &rhs) return false;
++ return !(lhs==rhs);
++}
++
++
++bool operator==(const seq_parameter_set &lhs, const seq_parameter_set &rhs) {
++
++ if(&lhs== &rhs) return true;
++
++ if(lhs.sps_read != rhs.sps_read) return false;
++
++ if(lhs.video_parameter_set_id != rhs.video_parameter_set_id) return false;
++ if(lhs.sps_max_sub_layers != rhs.sps_max_sub_layers) return false;
++ if(lhs.sps_temporal_id_nesting_flag != rhs.sps_temporal_id_nesting_flag) return false;
++
++ if(!isEqual(lhs.profile_tier_level_, rhs.profile_tier_level_, lhs.sps_max_sub_layers)) return false;
++
++ if(lhs.seq_parameter_set_id != rhs.seq_parameter_set_id) return false;
++ if(lhs.chroma_format_idc != rhs.chroma_format_idc) return false;
++
++ if(lhs.separate_colour_plane_flag != rhs.separate_colour_plane_flag) return false;
++ if(lhs.pic_width_in_luma_samples != rhs.pic_width_in_luma_samples) return false;
++ if(lhs.pic_height_in_luma_samples != rhs.pic_height_in_luma_samples) return false;
++ if(lhs.conformance_window_flag != rhs.conformance_window_flag) return false;
++
++ if(lhs.conformance_window_flag) {
++ if(lhs.conf_win_left_offset != rhs.conf_win_left_offset) return false;
++ if(lhs.conf_win_right_offset != rhs.conf_win_right_offset) return false;
++ if(lhs.conf_win_top_offset != rhs.conf_win_top_offset) return false;
++ if(lhs.conf_win_bottom_offset != rhs.conf_win_bottom_offset) return false;
++ }
++
++ if(lhs.bit_depth_luma != rhs.bit_depth_luma) return false;
++ if(lhs.bit_depth_chroma != rhs.bit_depth_chroma) return false;
++
++ if(lhs.log2_max_pic_order_cnt_lsb != rhs.log2_max_pic_order_cnt_lsb) return false;
++ if(lhs.sps_sub_layer_ordering_info_present_flag != rhs.sps_sub_layer_ordering_info_present_flag) return false;
++
++ if(memcmp(lhs.sps_max_dec_pic_buffering, rhs.sps_max_dec_pic_buffering, sizeof(rhs.sps_max_dec_pic_buffering))) return false;
++ if(memcmp(lhs.sps_max_num_reorder_pics, rhs.sps_max_num_reorder_pics, sizeof(rhs.sps_max_num_reorder_pics))) return false;
++ if(memcmp(lhs.sps_max_latency_increase_plus1, rhs.sps_max_latency_increase_plus1, sizeof(rhs.sps_max_latency_increase_plus1))) return false;
++
++ if(lhs.log2_min_luma_coding_block_size != rhs.log2_min_luma_coding_block_size) return false;
++ if(lhs.log2_diff_max_min_luma_coding_block_size != rhs.log2_diff_max_min_luma_coding_block_size) return false;
++ if(lhs.log2_min_transform_block_size != rhs.log2_min_transform_block_size) return false;
++ if(lhs.log2_diff_max_min_transform_block_size != rhs.log2_diff_max_min_transform_block_size) return false;
++ if(lhs.max_transform_hierarchy_depth_inter != rhs.max_transform_hierarchy_depth_inter) return false;
++ if(lhs.max_transform_hierarchy_depth_intra != rhs.max_transform_hierarchy_depth_intra) return false;
++
++ if(lhs.scaling_list_enable_flag != rhs.scaling_list_enable_flag) return false;
++ if(lhs.scaling_list_enable_flag) {
++ if(lhs.sps_scaling_list_data_present_flag != rhs.sps_scaling_list_data_present_flag) return false;
++ if(lhs.sps_scaling_list_data_present_flag) {
++ // compare only needed if present, otherwise it is the default scaling list.
++ if(memcmp(&lhs.scaling_list, &rhs.scaling_list, sizeof(rhs.scaling_list))) return false;
++ }
++ }
++
++ if(lhs.amp_enabled_flag != rhs.amp_enabled_flag) return false;
++ if(lhs.sample_adaptive_offset_enabled_flag != rhs.sample_adaptive_offset_enabled_flag) return false;
++ if(lhs.pcm_enabled_flag != rhs.pcm_enabled_flag) return false;
++
++ if(lhs.pcm_enabled_flag) {
++ if(lhs.pcm_sample_bit_depth_luma != rhs.pcm_sample_bit_depth_luma) return false;
++ if(lhs.pcm_sample_bit_depth_chroma != rhs.pcm_sample_bit_depth_chroma) return false;
++ if(lhs.log2_min_pcm_luma_coding_block_size != rhs.log2_min_pcm_luma_coding_block_size) return false;
++ if(lhs.log2_diff_max_min_pcm_luma_coding_block_size != rhs.log2_diff_max_min_pcm_luma_coding_block_size) return false;
++ if(lhs.pcm_loop_filter_disable_flag != rhs.pcm_loop_filter_disable_flag) return false;
++ }
++
++ // (longterm) reference pics likely to change with a new sps, so ignored here.
++
++ if(lhs.sps_temporal_mvp_enabled_flag != rhs.sps_temporal_mvp_enabled_flag) return false;
++ if(lhs.strong_intra_smoothing_enable_flag != rhs.strong_intra_smoothing_enable_flag) return false;
++
++ if(lhs.vui_parameters_present_flag != rhs.vui_parameters_present_flag) return false;
++ if(lhs.vui_parameters_present_flag) {
++ if(!isEqual(lhs.vui, rhs.vui, lhs )) return false;
++ }
++
++ if(lhs.sps_extension_present_flag != rhs.sps_extension_present_flag ) return false;
++ if(lhs.sps_extension_present_flag) {
++ if(lhs.sps_range_extension_flag != rhs.sps_range_extension_flag ) return false;
++ if(lhs.sps_multilayer_extension_flag != rhs.sps_multilayer_extension_flag ) return false;
++ if(lhs.sps_extension_6bits != rhs.sps_extension_6bits ) return false;
++ if(lhs.range_extension != rhs.range_extension) return false;
++ }
++
++ return true;
++}
++
+ de265_error decoder_context::read_sps_NAL(bitreader& reader)
+ {
+ logdebug(LogHeaders,"----> read SPS\n");
+@@ -560,6 +817,22 @@ de265_error decoder_context::read_sps_NAL(bitreader& reader)
+ new_sps->dump(param_sps_headers_fd);
+ }
+
++ if ( sps[ new_sps->seq_parameter_set_id ] ) {
++ auto old_sps = sps[ new_sps->seq_parameter_set_id ].get();
++ if ( *old_sps == *new_sps ) {
++ // printf(" **** keeping sps *****\n");
++ // the new sps is identical to the old one, so no replacing needed.
++ // however, reference pics and long-term reference pics might need updating.
++ old_sps->ref_pic_sets = new_sps->ref_pic_sets;
++ old_sps->long_term_ref_pics_present_flag = new_sps->long_term_ref_pics_present_flag;
++ memcpy(old_sps->lt_ref_pic_poc_lsb_sps, new_sps->lt_ref_pic_poc_lsb_sps, sizeof(old_sps->lt_ref_pic_poc_lsb_sps));
++ memcpy(old_sps->used_by_curr_pic_lt_sps_flag, new_sps->used_by_curr_pic_lt_sps_flag, sizeof(old_sps->used_by_curr_pic_lt_sps_flag));
++ return DE265_OK;
++ }
++ //printf(" **** replacing sps *****\n");
++
++ }
++
+ sps[ new_sps->seq_parameter_set_id ] = new_sps;
+
+ // Remove the all PPS that referenced the old SPS because parameters may have changed and we do not want to
+diff --git a/libde265/sps.cc b/libde265/sps.cc
+index f1c28255..31ce9470 100644
+--- a/libde265/sps.cc
++++ b/libde265/sps.cc
+@@ -287,6 +287,11 @@ de265_error seq_parameter_set::read(error_queue* errqueue, bitreader* br)
+ int firstLayer = (sps_sub_layer_ordering_info_present_flag ?
+ 0 : sps_max_sub_layers-1 );
+
++ // zero out so that comparing is easier.
++ memset(sps_max_dec_pic_buffering, 0 , sizeof(sps_max_dec_pic_buffering));
++ memset(sps_max_num_reorder_pics, 0 , sizeof(sps_max_num_reorder_pics));
++ memset(sps_max_latency_increase_plus1, 0 , sizeof(sps_max_latency_increase_plus1));
++
+ for (int i=firstLayer ; i <= sps_max_sub_layers-1; i++ ) {
+
+ // sps_max_dec_pic_buffering[i]
+@@ -347,6 +352,7 @@ de265_error seq_parameter_set::read(error_queue* errqueue, bitreader* br)
+ if (sps_scaling_list_data_present_flag) {
+
+ de265_error err;
++ memset(&scaling_list, 0 , sizeof(scaling_list)); // zero out, so that memcmp will do it to check for equality.
+ if ((err=read_scaling_list(br,this, &scaling_list, false)) != DE265_OK) {
+ return err;
+ }
--- /dev/null
+Description: Try to mitigate asan failures by rejecting reference pictures not created with the same sps.
+ The reference images might have different parameters (size, pixel depth, etc) and so different memory allocations,
+ leading to out of bound memory reads and writes.
+Origin: https://github.com/strukturag/libde265/pull/365
+Comment: Analysis of issue https://github.com/strukturag/libde265/issues/345#issuecomment-1346406079
+From 97dd15303085eae2695a511717bf3239e209df96 Mon Sep 17 00:00:00 2001
+From: Tobias Frost <tobi@debian.org>
+Date: Mon, 12 Dec 2022 14:03:12 +0100
+Subject: [PATCH] Try to mitigate asan failures.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+See #345 for my analysis and details…
+
+(This PR is just for discussion.)
+
+(The CVE references are obtained from the Debian security tracker,
+which links the issues.)
+
+This makes the following POCs stop failing:
+
+- poc3 (#337)
+- poc7-1 (#341) CVE-2022-43239 (note: does NOT fix poc7-2)
+- poc8-2, poc8-3, poc8-4 (#342) CVE-2022-43244 (note: does NOT fix poc8-1)
+- poc11-1, poc11-2 (#345) CVE-2022-43249
+- poc12 (#346)
+- poc13 (#347) CVE-2022-43252
+- poc16 (#350)
+---
+ libde265/motion.cc | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+Index: libde265/libde265/motion.cc
+===================================================================
+--- libde265.orig/libde265/motion.cc
++++ libde265/libde265/motion.cc
+@@ -361,6 +361,16 @@ void generate_inter_prediction_samples(b
+
+ logtrace(LogMotion, "refIdx: %d -> dpb[%d]\n", vi->refIdx[l], shdr->RefPicList[l][vi->refIdx[l]]);
+
++ if (refPic) {
++ auto nonconst_refPic = const_cast<de265_image*>(refPic); /* shared_ptr.get() chokes on const.*/
++ auto refsps = nonconst_refPic->get_shared_sps().get();
++ auto imgsps = img->get_shared_sps().get();
++ if(refsps != imgsps) {
++ // rejecting reference image created with different sps.
++ refPic = nullptr;
++ }
++ }
++
+ if (!refPic || refPic->PicState == UnusedForReference) {
+ img->integrity = INTEGRITY_DECODING_ERRORS;
+ ctx->add_warning(DE265_WARNING_NONEXISTING_REFERENCE_PICTURE_ACCESSED, false);
--- /dev/null
+only_export_decoder_api.patch
+disable_tools.patch
+reject_reference_pics_from_different_sps.patch
+use_sps_from_the_image.patch
+recycle_sps_if_possible.patch
--- /dev/null
+Description: Use sps of the image, not the sps of the pic parameter set (pps)
+ When decoding a slice, all decoding functions are using the sps of the target
+ image to determine the image properties, which are in the seqquence parameter
+ set) -- execpt generate_inter_prediction_samples(), which uses the sps from the
+ pps, which might have different properties and trick the decode to out-of-bound
+ memory accesses, leading to crashes.
+Origin: https://github.com/strukturag/libde265/pull/366
+From 36391cda3d4e4fb3269a2ce310e6e0f634729f0b Mon Sep 17 00:00:00 2001
+From: Tobias Frost <tobi@debian.org>
+Date: Mon, 12 Dec 2022 14:33:40 +0100
+Subject: [PATCH] Use the sps from the image
+
+(as e.g mc_chroma is using the sps to determine
+picture properties, like pic_width_in_luma_samples
+and pic_height_in_luma_samples, I *think* this is
+more correct.
+
+This PR is for discussion. (See #345.)
+It makes the failures go away, but that does not mean it's correct :)
+
+The following poc will be stop failing if (only) this
+patch is applied:
+
+ - poc2 #336 - CVE-2022-43238
+ - poc4 #338 - CVE-2022-43241
+ - poc6-1, poc6-2 #340 - CVE-2022-43242
+ - poc7-1, poc7-2 #341 - CVE-2022-43239
+ - poc8-1 #342 - CVE-2022-43244
+ - poc9-3 #343 - CVE-2022-43236
+ - poc10-2, poc10-3 #344 - CVE-2022-43237
+ - poc16 #350
+ - poc19 #353
+
+The following are still failing if only this patch is
+applied, but they stop failing if #365 is applied as well, but will
+still fail with ONLY #365 applied (IOW, both are needed)
+
+ - poc1 #335 - CVE-2022-43240
+ - poc3 #337 - CVE-2022-43235
+ - poc5 #339 - CVE-2022-43423
+ - poc9-1,poc9-2, poc9-4 #343 - CVE-2022-43236
+ - poc14 #348 - CVE-2022-43253
+ - poc15 #349 - CVE-2022-43248
+ - poc17-1, poc17-2 #351
+ - poc18 #352 - CVE-2022-43245
+---
+ libde265/motion.cc | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: libde265/libde265/motion.cc
+===================================================================
+--- libde265.orig/libde265/motion.cc
++++ libde265/libde265/motion.cc
+@@ -290,7 +290,7 @@ void generate_inter_prediction_samples(b
+ int stride[3];
+
+ const pic_parameter_set* pps = shdr->pps.get();
+- const seq_parameter_set* sps = pps->sps.get();
++ const seq_parameter_set* sps = img->get_shared_sps().get();
+
+ if (sps->BitDepth_Y != img->get_bit_depth(0) ||
+ sps->BitDepth_C != img->get_bit_depth(1)) {
--- /dev/null
+#!/usr/bin/make -f
+#export DH_VERBOSE=1
+
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all
+
+%:
+ dh $@
+
+override_dh_auto_install:
+ dh_auto_install
+ cd $(CURDIR)/debian/tmp/usr/bin/ && mv dec265 libde265-dec265
+ if [ -e "$(CURDIR)/debian/tmp/usr/bin/sherlock265" ]; then \
+ cd $(CURDIR)/debian/tmp/usr/bin/ && mv sherlock265 \
+ libde265-sherlock265; \
+ fi
+
+override_dh_strip:
+ dh_strip --ddeb-migration='libde265-dbg (<< 1.0.2-2~)'
--- /dev/null
+3.0 (quilt)
--- /dev/null
+Bug-Database: https://github.com/strukturag/libde265/issues
+Repository: https://github.com/strukturag/libde265.git
+Repository-Browse: https://github.com/strukturag/libde265
+Bug-Submit: https://github.com/strukturag/libde265/issues/new
--- /dev/null
+version=3
+opts=filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/libde265-$1\.tar\.gz/,\
+downloadurlmangle=s/.+\/v?(\d\S*)\.tar\.gz/https:\/\/github\.com\/strukturag\/libde265\/releases\/download\/v$1\/libde265-$1\.tar\.gz/ \
+ https://github.com/strukturag/libde265/tags .*/v?(\d\S*)\.tar\.gz
projects / libde265.git / commitdiff