From: Thorsten Alteholz Date: Fri, 29 Dec 2023 22:03:02 +0000 (+0100) Subject: Import libde265_1.0.11-0+deb10u6.debian.tar.xz X-Git-Tag: archive/raspbian/1.0.11-0+deb10u6+rpi1^2~13^2 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=01e4af404ec5f76aaf6d8141f0f2eeecb866fac6;p=libde265.git Import libde265_1.0.11-0+deb10u6.debian.tar.xz [dgit import tarball libde265 1.0.11-0+deb10u6 libde265_1.0.11-0+deb10u6.debian.tar.xz] --- 01e4af404ec5f76aaf6d8141f0f2eeecb866fac6 diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..eff1842 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,8 @@ +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml + +variables: + RELEASE: 'buster' + SALSA_CI_COMPONENTS: 'main contrib non-free' + SALSA_CI_DISABLE_REPROTEST: 1 + SALSA_CI_DISABLE_LINTIAN: 1 diff --git a/changelog b/changelog new file mode 100644 index 0000000..08bac60 --- /dev/null +++ b/changelog @@ -0,0 +1,134 @@ +libde265 (1.0.11-0+deb10u6) buster-security; urgency=high + + * Non-maintainer upload by the LTS Team. + * CVE-2023-49465 + heap-buffer-overflow in derive_spatial_luma_vector_prediction() + * CVE-2023-49467 + heap-buffer-overflow in derive_combined_bipredictive_merging_candidates() + * CVE-2023-49468 + global buffer overflow in read_coding_unit() + + -- Thorsten Alteholz Fri, 29 Dec 2023 23:03:02 +0100 + +libde265 (1.0.11-0+deb10u5) buster-security; urgency=medium + + * Non-maintainer upload by the LTS Security Team. + * Fix: CVE-2023-27102, CVE-2023-27103, CVE-2023-43887 and CVE-2023-47471. + + -- Anton Gladky Thu, 30 Nov 2023 17:31:53 +0100 + +libde265 (1.0.11-0+deb10u4) buster-security; urgency=medium + + * Non-maintainer upload by the LTS Security Team. + * Import new upstream version, based on the 1.0.11-0+deb11u1 package + from bullseye. + - fixing: + CVE-2023-24751, CVE-2023-24752, CVE-2023-24754, CVE-2023-24755, + CVE-2023-24756, CVE-2023-24757, CVE-2023-24758 and CVE-2023-25221. + - dropping no longer needed patches that have been integrated or + made obsolete by the new upstream version. + + -- Tobias Frost Sat, 04 Mar 2023 17:01:58 +0100 + +libde265 (1.0.3-1+deb10u3) buster-security; urgency=medium + + * Non-maintainer upload by the LTS Security Team. + * Source-only upload. (Last upload was accidentially a binary-upload) + + -- Tobias Frost Tue, 24 Jan 2023 22:39:16 +0100 + +libde265 (1.0.3-1+deb10u2) buster-security; urgency=medium + + * Non-maintainer upload by the LTS Security Team. + * Add patches: + - reject_reference_pics_from_different_sps.patch + - use_sps_from_the_image.patch + - recycle_sps_if_possible.patch + * Cherry-pick additional patches from upstream: + check-4-negative-Q-value.patch + CVE-2022-43245-fix-asan-wildpointer-apply_sao_internal.patch + * Add patch "fix-invalid-memory-access.patch" to avoid out-of-bound + array access leading to crashes. + * Add patch CVE-2020-21596-global-buffer-overflow.patch + * Add patch to avoid use-after-free problems. + * Cumulative, the patches are fixing: + CVE-2020-21596, CVE-2020-21597, CVE-2020-21598, CVE-2022-43235, + CVE-2022-43236, CVE-2022-43237, CVE-2022-43238, CVE-2022-43239, + CVE-2022-43240, CVE-2022-43241, CVE-2022-43242, CVE-2022-43243, + CVE-2022-43244, CVE-2022-43245, CVE-2022-43248, CVE-2022-43249, + CVE-2022-43250, CVE-2022-43252, CVE-2022-43253, CVE-2022-47655. + (Closes: #1029357, #1029397, #1025816, #1027179) + * Amend changelog of 1.0.3-1+deb10u1, as it turned out that the + fix for CVE 2020-51999 and CVE 2021-36408 fixed other issues too. + + -- Tobias Frost Tue, 24 Jan 2023 21:42:47 +0100 + +libde265 (1.0.3-1+deb10u1) buster-security; urgency=medium + + * Non-maintainer upload by the LTS Security Team. + * Cherry-pick upstream patches for: + - CVE-2020-21599 (Closes #1014999) + - CVE-2021-35452, CVE-2021-36408, CVE-2021-36409, CVE-2021-36410 and + CVE-2021-36411 (Closes: #1014977) + * The fix for CVE-2020-21599 also fixed: + CVE-2020-21595, CVE-2020-21600, CVE-2020-21601, CVE-2020-21602, + CVE-2020-21603, CVE-2020-21604, CVE-2020-21605, CVE-2020-21606 + * The fix for CVE-2021-36408 also fixed: + CVE-2020-21597, CVE-2020-21598. (Closes: #1004963) + + -- Tobias Frost Thu, 15 Dec 2022 17:40:12 +0100 + +libde265 (1.0.3-1) unstable; urgency=medium + + [ Ondřej Nový ] + * d/copyright: Use https protocol in Format field + * d/control: Set Vcs-* to salsa.debian.org + + [ Felipe Sateler ] + * Change maintainer address to debian-multimedia@lists.debian.org + + [ Joachim Bauch ] + * Imported Upstream version 1.0.3 + * Update patches for new upstream version. + * Update symbols for new upstream version. + * Update standards version and switch to debhelper 10. + + -- Joachim Bauch Thu, 19 Apr 2018 11:44:40 +0200 + +libde265 (1.0.2-2) unstable; urgency=low + + [ Joachim Bauch ] + * Added patch by Andreas Cadhalpun to fix compilation with FFmpeg 2.9 + (Closes: #803834) + * Updated symbols file for new C++11 symbols. + + [ Sebastian Ramacher ] + * Migrate to automatic dbg packages. + * debian/control: Remove some unnecessary Build-Depends. + + -- Joachim Bauch Mon, 11 Jan 2016 19:12:19 +0100 + +libde265 (1.0.2-1) unstable; urgency=low + + * Imported Upstream version 1.0.2 + * Added new files to copyright information. + * Only export decoder API and update symbols for new version. + + -- Joachim Bauch Thu, 16 Jul 2015 11:07:46 +0200 + +libde265 (0.9-1) unstable; urgency=low + + * Updated symbols to make all "std::vector" symbols optional. + * Imported Upstream version 0.9 + * Removed deprecated patch to update symbols visibility. Changes were + applied upstream. + * Upstream supports compiling against Qt5, prefer that over Qt4. + * Added new symbols from new upstream release. + + -- Joachim Bauch Tue, 16 Sep 2014 18:47:14 +0200 + +libde265 (0.8-1) unstable; urgency=low + + * Initial release. (Closes: #744190) + + -- Joachim Bauch Fri, 08 Aug 2014 17:23:37 +0200 diff --git a/compat b/compat new file mode 100644 index 0000000..f599e28 --- /dev/null +++ b/compat @@ -0,0 +1 @@ +10 diff --git a/control b/control new file mode 100644 index 0000000..44c614b --- /dev/null +++ b/control @@ -0,0 +1,62 @@ +Source: libde265 +Section: libs +Priority: optional +Maintainer: Debian Multimedia Maintainers +Uploaders: + Alessio Treglia , + Joachim Bauch +Build-Depends: + debhelper (>= 10), + libjpeg-dev, + libpng-dev, + qtbase5-dev | libqt4-dev, + libsdl-dev, + libswscale-dev, + libx11-dev, + libxext-dev, + libxv-dev, + pkg-config +Standards-Version: 4.1.3 +Homepage: https://github.com/strukturag/libde265 +Vcs-Git: https://salsa.debian.org/multimedia-team/libde265.git +Vcs-Browser: https://salsa.debian.org/multimedia-team/libde265 + +Package: libde265-0 +Architecture: any +Multi-Arch: same +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Description: Open H.265 video codec implementation + libde265 is an open source implementation of the H.265 video codec. + It is written from scratch in plain C for simplicity and efficiency. + Its simple API makes it easy to integrate it into other software. + +Package: libde265-dev +Section: libdevel +Multi-Arch: same +Architecture: any +Depends: + libde265-0 (= ${binary:Version}), + ${misc:Depends} +Description: Open H.265 video codec implementation - development files + libde265 is an open source implementation of the H.265 video codec. + It is written from scratch in plain C for simplicity and efficiency. + Its simple API makes it easy to integrate it into other software. + . + The development headers for compiling programs that use libde265 + are provided by this package. + +Package: libde265-examples +Section: video +Architecture: any +Depends: + libde265-0 (= ${binary:Version}), + ${misc:Depends}, + ${shlibs:Depends} +Description: Open H.265 video codec implementation - examples + libde265 is an open source implementation of the H.265 video codec. + It is written from scratch in plain C for simplicity and efficiency. + Its simple API makes it easy to integrate it into other software. + . + Sample applications using libde265 are provided by this package. diff --git a/copyright b/copyright new file mode 100644 index 0000000..091f5f7 --- /dev/null +++ b/copyright @@ -0,0 +1,170 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: libde265 +Upstream-Contact: struktur AG +Source: https://github.com/strukturag/libde265 + +Files: * +Copyright: + 2013-2014 struktur AG, Dirk Farin + 2013 openHEVC contributors +License: LGPL-3+ + +Files: dec265/dec265.cc + dec265/hdrcopy.cc + dec265/sdl.cc + dec265/sdl.hh + enc265/enc265.cc + sherlock265/VideoDecoder.cc + sherlock265/VideoDecoder.hh + sherlock265/VideoPlayer.cc + sherlock265/VideoPlayer.hh + sherlock265/VideoWidget.cc + sherlock265/VideoWidget.hh + sherlock265/sherlock265.cc + tools/bjoentegaard.cc + tools/block-rate-estim.cc + tools/gen-entropy-table.cc + tools/rd-curves.cc + tools/tests.cc + tools/yuv-distortion.cc +Copyright: + 2013-2014 struktur AG, Dirk Farin + 2013-2014 struktur AG, Joachim Bauch + 1998-2013 Free Software Foundation, Inc +License: GPL-3+ +Comment: Please note that only the sample applications are GPL-3+ while + the decoding library itself is licensed as LGPL-3+. + +Files: extra/getopt.c + extra/getopt.h + extra/getopt_long.c +Copyright: 1987-1996 The Regents of the University of California +License: BSD-4-clause + +Files: libde265/md5.cc + libde265/md5.h +Copyright: No copyright holder +License: public-domain-1 + This software was written by Alexander Peslyak in 2001. No copyright is + claimed, and the software is hereby placed in the public domain. + In case this attempt to disclaim copyright and place the software in the + public domain is deemed null and void, then the software is + Copyright (c) 2001 Alexander Peslyak and it is hereby released to the + general public under the following terms: + . + Redistribution and use in source and binary forms, with or without + modification, are permitted. + . + There's ABSOLUTELY NO WARRANTY, express or implied. + . + (This is a heavily cut-down "BSD license".) + . + This differs from Colin Plumb's older public domain implementation in that + no exactly 32-bit integer data type is required (any 32-bit or wider + unsigned integer data type will do), there's no compile-time endianness + configuration, and the function prototypes match OpenSSL's. No code from + Colin Plumb's implementation has been reused; this comment merely compares + the properties of the two independent implementations. + . + The primary goals of this implementation are portability and ease of use. + It is meant to be fast, but not as fast as possible. Some known + optimizations are not included to reduce source code size and avoid + compile-time configuration. + +Files: extra/win32cond.c + extra/win32cond.h +Copyright: + 1993-2009 Douglas C. Schmidt and his research group at + Washington University, University of California, Irvine, and + Vanderbilt University +License: other-1 + ACE(TM), TAO(TM), CIAO(TM), DAnCE>(TM), and CoSMIC(TM) (henceforth + referred to as "DOC software") are copyrighted by Douglas C. Schmidt + and his research group at Washington University, University of California, + Irvine, and Vanderbilt University, Copyright (c) 1993-2009, all rights + reserved. + . + Since DOC software is open-source, freely available software, you are free + to use, modify, copy, and distribute--perpetually and irrevocably--the DOC + software source code and object code produced from the source, as well as + copy and distribute modified versions of this software. You must, however, + include this copyright statement along with any code built using DOC + software that you release. + . + No copyright statement needs to be provided if you just ship binary + executables of your software products. + . + See "Strategies for Implementing POSIX Condition Variables on Win32" at + http://www.cs.wustl.edu/~schmidt/win32-cv-1.html + +Files: debian/* +Copyright: + 2014-2023 Joachim Bauch + 2014 Alessio Treglia +License: LGPL-3+ + +License: GPL-3+ + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + On Debian systems the complete text of the GNU General Public License + can be found in the `/usr/share/common-licenses/GPL-3' file. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +License: LGPL-3+ + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + On Debian systems the complete text of the GNU Lesser General Public + License can be found in the `/usr/share/common-licenses/LGPL-3' file. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +License: BSD-4-clause + Copyright (c) 1987, 1993, 1994 + The Regents of the University of California. All rights reserved. + . + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + This product includes software developed by the University of + California, Berkeley and its contributors. + 4. Neither the name of the University nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. diff --git a/libde265-0.install b/libde265-0.install new file mode 100644 index 0000000..3de3b10 --- /dev/null +++ b/libde265-0.install @@ -0,0 +1 @@ +usr/lib/*/*.so.* diff --git a/libde265-0.symbols b/libde265-0.symbols new file mode 100644 index 0000000..15776df --- /dev/null +++ b/libde265-0.symbols @@ -0,0 +1,82 @@ +libde265.so.0 libde265-0 #MINVER# +* Build-Depends-Package: libde265-dev + (optional|c++|regex)"^std::_Sp_counted_base<.*@Base$" 1.0.2 + (optional|c++|regex)"^std::_Sp_counted_ptr<.*@Base$" 1.0.3 + (optional|c++|regex)"^std::__cxx11::basic_string<.*@Base$" 1.0.2 + (optional|c++|regex)"^std::_Sp_make_shared_tag.*@Base$" 1.0.4 + (optional|c++|regex)"^std::_Vector_base<.*@Base$" 1.0.7 + (optional|c++|regex)"^std::__cxx11::basic_string<.*@Base$" 1.0.9 + (optional|c++|regex)"^std::__cxx11::basic_stringbuf<.*@Base$" 1.0.2 + (optional|c++|regex)"^std::vector<.*@Base$" 1.0.2 + (optional|c++|regex)"^typeinfo for std::.*@Base$" 1.0.2 + (optional|c++|regex)"^typeinfo name for std::.*@Base$" 1.0.2 + (optional|c++|regex)"^void std::vector<.*@Base$" 1.0.2 + (optional=only used internally by dec265|c++)"MSE(unsigned char const*, int, unsigned char const*, int, int, int)@Base" 1.0.2 + (optional=only used internally by dec265|c++)"PSNR(double)@Base" 1.0.2 + (optional=only used by the non-final encoder api)de265_alloc_image_plane@Base 1.0.2 + (optional|c++)"void std::__cxx11::basic_string, std::allocator >::_M_construct(char const*, char const*, std::forward_iterator_tag)@Base" 1.0.11 + (optional|c++)"void std::__cxx11::basic_string, std::allocator >::_M_construct(char*, char*, std::forward_iterator_tag)@Base" 1.0.11 + de265_change_framerate@Base 0.8 + de265_decode@Base 0.8 + de265_decode_data@Base 0.8 + de265_disable_logging@Base 0.8 + de265_flush_data@Base 0.8 + de265_free@Base 0.8 + de265_free_decoder@Base 0.8 + (optional=only used by the non-final encoder api)de265_free_image_plane@Base 1.0.2 + de265_get_bits_per_pixel@Base 1.0.2 + de265_get_chroma_format@Base 0.8 + de265_get_current_TID@Base 0.8 + de265_get_default_image_allocation_functions@Base 0.8 + de265_get_error_text@Base 0.8 + de265_get_highest_TID@Base 0.8 + de265_get_image_NAL_header@Base 0.8 + de265_get_image_PTS@Base 0.8 + de265_get_image_colour_primaries@Base 1.0.7 + de265_get_image_full_range_flag@Base 1.0.7 + de265_get_image_height@Base 0.8 + de265_get_image_matrix_coefficients@Base 1.0.7 + de265_get_image_plane@Base 0.8 + de265_get_image_plane_user_data@Base 0.8 + de265_get_image_transfer_characteristics@Base 1.0.7 + de265_get_image_user_data@Base 0.8 + de265_get_image_width@Base 0.8 + de265_get_next_picture@Base 0.8 + de265_get_number_of_NAL_units_pending@Base 0.8 + de265_get_number_of_input_bytes_pending@Base 0.8 + de265_get_parameter_bool@Base 0.8 + de265_get_version@Base 0.8 + de265_get_version_number@Base 0.8 + de265_get_version_number_maintenance@Base 1.0.2 + de265_get_version_number_major@Base 1.0.2 + de265_get_version_number_minor@Base 1.0.2 + de265_get_warning@Base 0.8 + de265_init@Base 0.8 + de265_isOK@Base 0.8 + de265_new_decoder@Base 0.8 + de265_peek_next_picture@Base 0.8 + de265_push_NAL@Base 0.8 + de265_push_data@Base 0.8 + de265_push_end_of_NAL@Base 0.8 + de265_push_end_of_frame@Base 0.9 + de265_release_next_picture@Base 0.8 + de265_reset@Base 0.8 + de265_set_framerate_ratio@Base 0.8 + de265_set_image_allocation_functions@Base 0.8 + de265_set_image_plane@Base 0.8 + de265_set_image_user_data@Base 0.9 + de265_set_limit_TID@Base 0.8 + de265_set_parameter_bool@Base 0.8 + de265_set_parameter_int@Base 0.8 + de265_set_verbosity@Base 0.8 + de265_start_worker_threads@Base 0.8 + (optional=only used internally by sherlock265)draw_CB_grid@Base 0.8 + (optional=only used internally by sherlock265)draw_Motion@Base 0.8 + (optional=only used internally by sherlock265)draw_PB_grid@Base 0.8 + (optional=only used internally by sherlock265)draw_PB_pred_modes@Base 0.8 + (optional=only used internally by sherlock265)draw_QuantPY@Base 0.8 + (optional=only used internally by sherlock265)draw_Slices@Base 0.8 + (optional=only used internally by sherlock265)draw_TB_grid@Base 0.8 + (optional=only used internally by sherlock265)draw_Tiles@Base 0.8 + (optional=only used internally by sherlock265)draw_intra_pred_modes@Base 0.8 + (optional=only used by the non-final encoder api|regex)en265_.*@Base 1.0.2 diff --git a/libde265-dev.docs b/libde265-dev.docs new file mode 100644 index 0000000..b43bf86 --- /dev/null +++ b/libde265-dev.docs @@ -0,0 +1 @@ +README.md diff --git a/libde265-dev.install b/libde265-dev.install new file mode 100644 index 0000000..60fe5cb --- /dev/null +++ b/libde265-dev.install @@ -0,0 +1,3 @@ +usr/include/* +usr/lib/*/*.so +usr/lib/*/pkgconfig/* diff --git a/libde265-examples.install b/libde265-examples.install new file mode 100644 index 0000000..1df36c6 --- /dev/null +++ b/libde265-examples.install @@ -0,0 +1 @@ +usr/bin/* diff --git a/not-installed b/not-installed new file mode 100644 index 0000000..86d06e2 --- /dev/null +++ b/not-installed @@ -0,0 +1,2 @@ +usr/lib/*/libde265.a +usr/lib/*/libde265.la diff --git a/patches/CVE-2023-27102.patch b/patches/CVE-2023-27102.patch new file mode 100644 index 0000000..e75a3eb --- /dev/null +++ b/patches/CVE-2023-27102.patch @@ -0,0 +1,26 @@ +From 0b1752abff97cb542941d317a0d18aa50cb199b1 Mon Sep 17 00:00:00 2001 +From: Dirk Farin +Date: Sat, 4 Mar 2023 10:32:43 +0100 +Subject: [PATCH] check whether referenced PPS exists (fixes #393) + +--- + libde265/decctx.cc | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +Index: libde265/libde265/decctx.cc +=================================================================== +--- libde265.orig/libde265/decctx.cc ++++ libde265/libde265/decctx.cc +@@ -2276,9 +2276,10 @@ bool decoder_context::process_slice_segm + // get PPS and SPS for this slice + + int pps_id = hdr->slice_pic_parameter_set_id; +- if (pps[pps_id]->pps_read==false) { ++ if (pps[pps_id]==nullptr || pps[pps_id]->pps_read==false) { + logerror(LogHeaders, "PPS %d has not been read\n", pps_id); +- assert(false); // TODO ++ img->decctx->add_warning(DE265_WARNING_NONEXISTING_PPS_REFERENCED, false); ++ return false; + } + + current_pps = pps[pps_id]; diff --git a/patches/CVE-2023-27103.patch b/patches/CVE-2023-27103.patch new file mode 100644 index 0000000..aebda5f --- /dev/null +++ b/patches/CVE-2023-27103.patch @@ -0,0 +1,59 @@ +From d6bf73e765b7a23627bfd7a8645c143fd9097995 Mon Sep 17 00:00:00 2001 +From: Dirk Farin +Date: Sat, 4 Mar 2023 10:27:59 +0100 +Subject: [PATCH] check for valid slice header index access (fixes #394) + +--- + libde265/de265.cc | 2 ++ + libde265/de265.h | 3 ++- + libde265/motion.cc | 10 ++++++++++ + 3 files changed, 14 insertions(+), 1 deletion(-) + +Index: libde265/libde265/de265.cc +=================================================================== +--- libde265.orig/libde265/de265.cc ++++ libde265/libde265/de265.cc +@@ -174,6 +174,8 @@ LIBDE265_API const char* de265_get_error + return "Bit-depth of current image does not match SPS"; + case DE265_WARNING_REFERENCE_IMAGE_CHROMA_FORMAT_DOES_NOT_MATCH: + return "Chroma format of reference image does not match current image"; ++ case DE265_WARNING_INVALID_SLICE_HEADER_INDEX_ACCESS: ++ return "Access with invalid slice header index"; + + default: return "unknown error"; + } +Index: libde265/libde265/de265.h +=================================================================== +--- libde265.orig/libde265/de265.h ++++ libde265/libde265/de265.h +@@ -145,7 +145,8 @@ typedef enum { + DE265_WARNING_REFERENCE_IMAGE_SIZE_DOES_NOT_MATCH_SPS=1029, + DE265_WARNING_CHROMA_OF_CURRENT_IMAGE_DOES_NOT_MATCH_SPS=1030, + DE265_WARNING_BIT_DEPTH_OF_CURRENT_IMAGE_DOES_NOT_MATCH_SPS=1031, +- DE265_WARNING_REFERENCE_IMAGE_CHROMA_FORMAT_DOES_NOT_MATCH=1032 ++ DE265_WARNING_REFERENCE_IMAGE_CHROMA_FORMAT_DOES_NOT_MATCH=1032, ++ DE265_WARNING_INVALID_SLICE_HEADER_INDEX_ACCESS=1033 + } de265_error; + + LIBDE265_API const char* de265_get_error_text(de265_error err); +Index: libde265/libde265/motion.cc +=================================================================== +--- libde265.orig/libde265/motion.cc ++++ libde265/libde265/motion.cc +@@ -1266,6 +1266,16 @@ void derive_collocated_motion_vectors(ba + + + ++ int slice_hdr_idx = colImg->get_SliceHeaderIndex(xColPb,yColPb); ++ if (slice_hdr_idx >= colImg->slices.size()) { ++ ctx->add_warning(DE265_WARNING_INVALID_SLICE_HEADER_INDEX_ACCESS, false); ++ ++ *out_availableFlagLXCol = 0; ++ out_mvLXCol->x = 0; ++ out_mvLXCol->y = 0; ++ return; ++ } ++ + const slice_segment_header* colShdr = colImg->slices[ colImg->get_SliceHeaderIndex(xColPb,yColPb) ]; + + if (shdr->LongTermRefPic[X][refIdxLX] != diff --git a/patches/CVE-2023-43887.patch b/patches/CVE-2023-43887.patch new file mode 100644 index 0000000..779c416 --- /dev/null +++ b/patches/CVE-2023-43887.patch @@ -0,0 +1,35 @@ +From 63b596c915977f038eafd7647d1db25488a8c133 Mon Sep 17 00:00:00 2001 +From: Dirk Farin +Date: Fri, 1 Sep 2023 21:18:48 +0200 +Subject: [PATCH] fix #418 + +--- + libde265/decctx.cc | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +Index: libde265/libde265/decctx.cc +=================================================================== +--- libde265.orig/libde265/decctx.cc ++++ libde265/libde265/decctx.cc +@@ -854,16 +854,17 @@ de265_error decoder_context::read_pps_NA + std::shared_ptr new_pps = std::make_shared(); + + bool success = new_pps->read(&reader,this); ++ if (!success) { ++ return DE265_WARNING_PPS_HEADER_INVALID; ++ } + + if (param_pps_headers_fd>=0) { + new_pps->dump(param_pps_headers_fd); + } + +- if (success) { +- pps[ (int)new_pps->pic_parameter_set_id ] = new_pps; +- } ++ pps[ (int)new_pps->pic_parameter_set_id ] = new_pps; + +- return success ? DE265_OK : DE265_WARNING_PPS_HEADER_INVALID; ++ return DE265_OK; + } + + de265_error decoder_context::read_sei_NAL(bitreader& reader, bool suffix) diff --git a/patches/CVE-2023-47471.patch b/patches/CVE-2023-47471.patch new file mode 100644 index 0000000..fa9276d --- /dev/null +++ b/patches/CVE-2023-47471.patch @@ -0,0 +1,38 @@ +From e36b4a1b0bafa53df47514c419d5be3e8916ebc7 Mon Sep 17 00:00:00 2001 +From: Dirk Farin +Date: Sat, 4 Nov 2023 15:20:50 +0100 +Subject: [PATCH] null-pointer check in debug output (fixes #426) + +--- + libde265/slice.cc | 11 ++++++++++- + 1 file changed, 10 insertions(+), 1 deletion(-) + +Index: libde265/libde265/slice.cc +=================================================================== +--- libde265.orig/libde265/slice.cc ++++ libde265/libde265/slice.cc +@@ -1277,14 +1277,23 @@ void slice_segment_header::dump_slice_se + #define LOG3(t,d1,d2,d3) log2fh(fh, t,d1,d2,d3) + #define LOG4(t,d1,d2,d3,d4) log2fh(fh, t,d1,d2,d3,d4) + ++ LOG0("----------------- SLICE -----------------\n"); ++ + const pic_parameter_set* pps = ctx->get_pps(slice_pic_parameter_set_id); ++ if (!pps) { ++ LOG0("invalid PPS referenced\n"); ++ return; ++ } + assert(pps->pps_read); // TODO: error handling + + const seq_parameter_set* sps = ctx->get_sps((int)pps->seq_parameter_set_id); ++ if (!sps) { ++ LOG0("invalid SPS referenced\n"); ++ return; ++ } + assert(sps->sps_read); // TODO: error handling + + +- LOG0("----------------- SLICE -----------------\n"); + LOG1("first_slice_segment_in_pic_flag : %d\n", first_slice_segment_in_pic_flag); + if (ctx->get_nal_unit_type() >= NAL_UNIT_BLA_W_LP && + ctx->get_nal_unit_type() <= NAL_UNIT_RESERVED_IRAP_VCL23) { diff --git a/patches/CVE-2023-49465.patch b/patches/CVE-2023-49465.patch new file mode 100644 index 0000000..39d2f84 --- /dev/null +++ b/patches/CVE-2023-49465.patch @@ -0,0 +1,26 @@ +commit 1475c7d2f0a6dc35c27e18abc4db9679bfd32568 +Author: Dirk Farin +Date: Thu Nov 23 19:43:55 2023 +0100 + + possible fix for #435 + +Index: libde265-1.0.11/libde265/motion.cc +=================================================================== +--- libde265-1.0.11.orig/libde265/motion.cc 2023-12-26 00:57:38.881002145 +0100 ++++ libde265-1.0.11/libde265/motion.cc 2023-12-26 00:57:38.877002144 +0100 +@@ -1859,7 +1859,14 @@ + logmvcand(vi); + + const de265_image* imgX = NULL; +- if (vi.predFlag[X]) imgX = ctx->get_image(shdr->RefPicList[X][ vi.refIdx[X] ]); ++ if (vi.predFlag[X]) { ++ if (vi.refIdx[X] < 0 || vi.refIdx[X] >= MAX_NUM_REF_PICS) { ++ return; ++ } ++ ++ imgX = ctx->get_image(shdr->RefPicList[X][ vi.refIdx[X] ]); ++ } ++ + const de265_image* imgY = NULL; + if (vi.predFlag[Y]) imgY = ctx->get_image(shdr->RefPicList[Y][ vi.refIdx[Y] ]); + diff --git a/patches/CVE-2023-49467.patch b/patches/CVE-2023-49467.patch new file mode 100644 index 0000000..8af159d --- /dev/null +++ b/patches/CVE-2023-49467.patch @@ -0,0 +1,22 @@ +commit 7e4faf254bbd2e52b0f216cb987573a2cce97b54 +Author: Dirk Farin +Date: Thu Nov 23 19:38:34 2023 +0100 + + prevent endless loop for #434 input + +diff --git a/libde265/slice.cc b/libde265/slice.cc +index 435123dc..3a8a8de1 100644 +--- a/libde265/slice.cc ++++ b/libde265/slice.cc +@@ -2582,6 +2582,11 @@ static int decode_rqt_root_cbf(thread_context* tctx) + + static int decode_ref_idx_lX(thread_context* tctx, int numRefIdxLXActive) + { ++ // prevent endless loop when 'numRefIdxLXActive' is invalid ++ if (numRefIdxLXActive <= 1) { ++ return 0; ++ } ++ + logtrace(LogSlice,"# ref_idx_lX\n"); + + int cMax = numRefIdxLXActive-1; diff --git a/patches/CVE-2023-49468.patch b/patches/CVE-2023-49468.patch new file mode 100644 index 0000000..3dda7c8 --- /dev/null +++ b/patches/CVE-2023-49468.patch @@ -0,0 +1,26 @@ +commit 3e822a3ccf88df1380b165d6ce5a00494a27ceeb +Author: Dirk Farin +Date: Thu Nov 23 19:11:34 2023 +0100 + + fix #432 (undefined IPM) + +diff --git a/libde265/image.h b/libde265/image.h +index 0b536054..0a0c0e32 100644 +--- a/libde265/image.h ++++ b/libde265/image.h +@@ -624,7 +624,14 @@ public: + + enum IntraPredMode get_IntraPredMode(int x,int y) const + { +- return (enum IntraPredMode)intraPredMode.get(x,y); ++ uint8_t ipm = intraPredMode.get(x,y); ++ ++ // sanitize values if IPM is uninitialized (because of earlier read error) ++ if (ipm > 34) { ++ ipm = 0; ++ } ++ ++ return static_cast(ipm); + } + + enum IntraPredMode get_IntraPredMode_atIndex(int idx) const diff --git a/patches/disable_tools.patch b/patches/disable_tools.patch new file mode 100644 index 0000000..506b19d --- /dev/null +++ b/patches/disable_tools.patch @@ -0,0 +1,41 @@ +Description: Disable building of some internal tools that no longer link + because internal symbols are no longer exported. +Author: Joachim Bauch +--- a/dec265/Makefile.am ++++ b/dec265/Makefile.am +@@ -1,5 +1,5 @@ + +-bin_PROGRAMS = dec265 hdrcopy ++bin_PROGRAMS = dec265 + + AM_CPPFLAGS = -I$(top_srcdir)/libde265 -I$(top_srcdir) + +@@ -9,12 +9,6 @@ + dec265_LDADD = ../libde265/libde265.la -lstdc++ + dec265_SOURCES = dec265.cc + +-hdrcopy_DEPENDENCIES = ../libde265/libde265.la +-hdrcopy_CXXFLAGS = +-hdrcopy_LDFLAGS = +-hdrcopy_LDADD = ../libde265/libde265.la -lstdc++ +-hdrcopy_SOURCES = hdrcopy.cc +- + if HAVE_VIDEOGFX + dec265_CXXFLAGS += $(VIDEOGFX_CFLAGS) + dec265_LDFLAGS += $(VIDEOGFX_LIBS) +--- a/Makefile.am ++++ b/Makefile.am +@@ -8,13 +8,6 @@ + SUBDIRS+=dec265 + endif + +-if ENABLE_ENCODER +-SUBDIRS+=enc265 +-endif +- +-SUBDIRS+=tools +-SUBDIRS+=acceleration-speed +- + if ENABLE_SHERLOCK265 + SUBDIRS+=sherlock265 + endif diff --git a/patches/only_export_decoder_api.patch b/patches/only_export_decoder_api.patch new file mode 100644 index 0000000..53b25ce --- /dev/null +++ b/patches/only_export_decoder_api.patch @@ -0,0 +1,285 @@ +Description: Only export symbols defined in the decoder API. + The encoder API is not final yet, so upstream exports all symbols to make + development easier. For packaging we only want to expose the public API. +Author: Joachim Bauch +--- a/libde265/encoder/Makefile.am ++++ b/libde265/encoder/Makefile.am +@@ -12,6 +12,18 @@ + encpicbuf.h encpicbuf.cc \ + sop.h sop.cc + ++libde265_encoder_la_CFLAGS = \ ++ $(CFLAG_VISIBILITY) \ ++ -DLIBDE265_EXPORTS ++libde265_encoder_la_CXXFLAGS += \ ++ $(CFLAG_VISIBILITY) \ ++ -DLIBDE265_EXPORTS ++ ++if HAVE_VISIBILITY ++ libde265_encoder_la_CFLAGS += -DHAVE_VISIBILITY ++ libde265_encoder_la_CXXFLAGS += -DHAVE_VISIBILITY ++endif ++ + SUBDIRS=algo + libde265_encoder_la_LIBADD = algo/libde265_encoder_algo.la + +--- a/libde265/encoder/algo/Makefile.am ++++ b/libde265/encoder/algo/Makefile.am +@@ -17,5 +17,13 @@ + tb-rateestim.h tb-rateestim.cc \ + pb-mv.h pb-mv.cc + ++libde265_encoder_algo_la_CXXFLAGS += \ ++ $(CFLAG_VISIBILITY) \ ++ -DLIBDE265_EXPORTS ++ ++if HAVE_VISIBILITY ++ libde265_encoder_algo_la_CXXFLAGS += -DHAVE_VISIBILITY ++endif ++ + EXTRA_DIST = \ + CMakeLists.txt +--- a/configure.ac ++++ b/configure.ac +@@ -56,9 +56,7 @@ + fi + changequote([,])dnl + +-dnl gl_VISIBILITY +-dnl : In encoder branch, we still export all library symbols : +-HAVE_VISIBILITY=0 ++gl_VISIBILITY + AM_CONDITIONAL([HAVE_VISIBILITY], [test "x$HAVE_VISIBILITY" != "x0"]) + + # Checks for header files. +--- a/libde265/image-io.cc ++++ b/libde265/image-io.cc +@@ -186,7 +186,7 @@ + } + + +-LIBDE265_API PacketSink_File::~PacketSink_File() ++PacketSink_File::~PacketSink_File() + { + if (mFH) { + fclose(mFH); +@@ -194,7 +194,7 @@ + } + + +-LIBDE265_API void PacketSink_File::set_filename(const char* filename) ++void PacketSink_File::set_filename(const char* filename) + { + assert(mFH==NULL); + +@@ -202,7 +202,7 @@ + } + + +-LIBDE265_API void PacketSink_File::send_packet(const uint8_t* data, int n) ++void PacketSink_File::send_packet(const uint8_t* data, int n) + { + uint8_t startCode[3]; + startCode[0] = 0; +--- a/libde265/image-io.h ++++ b/libde265/image-io.h +@@ -30,17 +30,17 @@ + class ImageSource + { + public: +- LIBDE265_API ImageSource(); +- virtual LIBDE265_API ~ImageSource() { } ++ ImageSource(); ++ virtual ~ImageSource() { } + + //enum ImageStatus { Available, Waiting, EndOfVideo }; + + //virtual ImageStatus get_status() = 0; +- virtual LIBDE265_API de265_image* get_image(bool block=true) = 0; +- virtual LIBDE265_API void skip_frames(int n) = 0; ++ virtual de265_image* get_image(bool block=true) = 0; ++ virtual void skip_frames(int n) = 0; + +- virtual LIBDE265_API int get_width() const = 0; +- virtual LIBDE265_API int get_height() const = 0; ++ virtual int get_width() const = 0; ++ virtual int get_height() const = 0; + }; + + +@@ -48,17 +48,17 @@ + class ImageSource_YUV : public ImageSource + { + public: +- LIBDE265_API ImageSource_YUV(); +- virtual LIBDE265_API ~ImageSource_YUV(); ++ ImageSource_YUV(); ++ virtual ~ImageSource_YUV(); + +- bool LIBDE265_API set_input_file(const char* filename, int w,int h); ++ bool set_input_file(const char* filename, int w,int h); + + //virtual ImageStatus get_status(); +- virtual LIBDE265_API de265_image* get_image(bool block=true); +- virtual LIBDE265_API void skip_frames(int n); ++ virtual de265_image* get_image(bool block=true); ++ virtual void skip_frames(int n); + +- virtual LIBDE265_API int get_width() const { return width; } +- virtual LIBDE265_API int get_height() const { return height; } ++ virtual int get_width() const { return width; } ++ virtual int get_height() const { return height; } + + private: + FILE* mFH; +@@ -74,20 +74,20 @@ + class ImageSink + { + public: +- virtual LIBDE265_API ~ImageSink() { } ++ virtual ~ImageSink() { } + +- virtual LIBDE265_API void send_image(const de265_image* img) = 0; ++ virtual void send_image(const de265_image* img) = 0; + }; + + class ImageSink_YUV : public ImageSink + { + public: +- LIBDE265_API ImageSink_YUV() : mFH(NULL) { } +- LIBDE265_API ~ImageSink_YUV(); ++ ImageSink_YUV() : mFH(NULL) { } ++ ~ImageSink_YUV(); + +- bool LIBDE265_API set_filename(const char* filename); ++ bool set_filename(const char* filename); + +- virtual LIBDE265_API void send_image(const de265_image* img); ++ virtual void send_image(const de265_image* img); + + private: + FILE* mFH; +@@ -98,21 +98,21 @@ + class PacketSink + { + public: +- virtual LIBDE265_API ~PacketSink() { } ++ virtual ~PacketSink() { } + +- virtual LIBDE265_API void send_packet(const uint8_t* data, int n) = 0; ++ virtual void send_packet(const uint8_t* data, int n) = 0; + }; + + + class PacketSink_File : public PacketSink + { + public: +- LIBDE265_API PacketSink_File(); +- virtual LIBDE265_API ~PacketSink_File(); ++ PacketSink_File(); ++ virtual ~PacketSink_File(); + +- LIBDE265_API void set_filename(const char* filename); ++ void set_filename(const char* filename); + +- virtual LIBDE265_API void send_packet(const uint8_t* data, int n); ++ virtual void send_packet(const uint8_t* data, int n); + + private: + FILE* mFH; +--- a/libde265/configparam.h ++++ b/libde265/configparam.h +@@ -95,7 +95,7 @@ + bool hasLongOption() const { return true; } //mLongOption!=NULL; } + std::string getLongOption() const { return mLongOption ? std::string(mLongOption) : get_name(); } + +- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx) { return false; } ++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx) { return false; } + + + +@@ -132,7 +132,7 @@ + virtual std::string get_default_string() const { return default_value ? "true":"false"; } + + virtual std::string getTypeDescr() const { return "(boolean)"; } +- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx) { set(true); return true; } ++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx) { set(true); return true; } + + bool set(bool v) { value_set=true; value=v; return true; } + +@@ -162,10 +162,10 @@ + virtual bool has_default() const { return default_set; } + + void set_default(std::string v) { default_value=v; default_set=true; } +- virtual LIBDE265_API std::string get_default_string() const { return default_value; } ++ virtual std::string get_default_string() const { return default_value; } + +- virtual LIBDE265_API std::string getTypeDescr() const { return "(string)"; } +- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx); ++ virtual std::string getTypeDescr() const { return "(string)"; } ++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx); + + bool set(std::string v) { value_set=true; value=v; return true; } + +@@ -201,10 +201,10 @@ + virtual bool has_default() const { return default_set; } + + void set_default(int v) { default_value=v; default_set=true; } +- virtual LIBDE265_API std::string get_default_string() const; ++ virtual std::string get_default_string() const; + +- virtual LIBDE265_API std::string getTypeDescr() const; +- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx); ++ virtual std::string getTypeDescr() const; ++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx); + + bool set(int v) { + if (is_valid(v)) { value_set=true; value=v; return true; } +@@ -239,7 +239,7 @@ + virtual std::vector get_choice_names() const = 0; + + virtual std::string getTypeDescr() const; +- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx); ++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx); + + const char** get_choices_string_table() const; + +@@ -368,10 +368,10 @@ + config_parameters() : param_string_table(NULL) { } + ~config_parameters() { delete[] param_string_table; } + +- void LIBDE265_API add_option(option_base* o); ++ void add_option(option_base* o); + +- void LIBDE265_API print_params() const; +- bool LIBDE265_API parse_command_line_params(int* argc, char** argv, int* first_idx=NULL, ++ void print_params() const; ++ bool parse_command_line_params(int* argc, char** argv, int* first_idx=NULL, + bool ignore_unknown_options=false); + + +--- a/libde265/quality.h ++++ b/libde265/quality.h +@@ -26,11 +26,11 @@ + #include + + +-LIBDE265_API uint32_t SSD(const uint8_t* img, int imgStride, ++uint32_t SSD(const uint8_t* img, int imgStride, + const uint8_t* ref, int refStride, + int width, int height); + +-LIBDE265_API uint32_t SAD(const uint8_t* img, int imgStride, ++uint32_t SAD(const uint8_t* img, int imgStride, + const uint8_t* ref, int refStride, + int width, int height); + +@@ -41,7 +41,7 @@ + LIBDE265_API double PSNR(double mse); + + +-LIBDE265_API uint32_t compute_distortion_ssd(const de265_image* img1, const de265_image* img2, ++uint32_t compute_distortion_ssd(const de265_image* img1, const de265_image* img2, + int x0, int y0, int log2size, int cIdx); + + #endif diff --git a/patches/recycle_sps_if_possible.patch b/patches/recycle_sps_if_possible.patch new file mode 100644 index 0000000..5ce2fe5 --- /dev/null +++ b/patches/recycle_sps_if_possible.patch @@ -0,0 +1,340 @@ +Description: Don't update sps if they are only repeated +Origin: https://github.com/strukturag/libde265/pull/372 +From 51f07f132f29832e025a8b913b61cbd20257c5fc Mon Sep 17 00:00:00 2001 +From: Tobias Frost +Date: Fri, 13 Jan 2023 12:22:45 +0100 +Subject: [PATCH] Don't update sps if they are only repeated + +This is an attempt to improve the mitigations from #365 and #366 and picks up an idea I described at #345: + +> One way would be just to look at the pointers of the SPS (fast and easy, but +> may reject more than required), or investigate if the SPS used for the image +> generations are "compatible". + +This changes do exactly this: It (very conservativly) checks if the old and new sps have +identical information -- except the reference picture set, which I believe is supposed +to be updated by new sps'). If they are basically identical, the old sps will be +used instead of the new one, (of course, reference image set is updated from the new one) + +I'm using standalone operator== and helper functions to avoid changing ABI of the library; +if an ABI bump would be done, of course this should go to the respective classes. +--- + libde265/decctx.cc | 273 +++++++++++++++++++++++++++++++++++++++++++++ + libde265/sps.cc | 6 + + 2 files changed, 279 insertions(+) + +diff --git a/libde265/decctx.cc b/libde265/decctx.cc +index 6701725f..0000b25d 100644 +--- a/libde265/decctx.cc ++++ b/libde265/decctx.cc +@@ -545,6 +545,263 @@ de265_error decoder_context::read_vps_NAL(bitreader& reader) + return DE265_OK; + } + ++// implemented as freestanding functions to avoid changing API ++ ++bool operator==(const profile_data &lhs, const profile_data &rhs) { ++ if(&lhs == &rhs) return true; ++ if(lhs.profile_present_flag != rhs.profile_present_flag ) return false; ++ if(lhs.profile_present_flag) { ++ if(lhs.profile_space != rhs.profile_space ) return false; ++ if(lhs.tier_flag != rhs.tier_flag ) return false; ++ if(lhs.profile_idc != rhs.profile_idc ) return false; ++ ++ if(memcmp(lhs.profile_compatibility_flag, rhs.profile_compatibility_flag, sizeof(rhs.profile_compatibility_flag)) ) return false; ++ ++ if(lhs.progressive_source_flag != rhs.progressive_source_flag ) return false; ++ if(lhs.interlaced_source_flag != rhs.interlaced_source_flag ) return false; ++ if(lhs.non_packed_constraint_flag != rhs.non_packed_constraint_flag ) return false; ++ if(lhs.frame_only_constraint_flag != rhs.frame_only_constraint_flag ) return false; ++ } ++ ++ if(lhs.level_present_flag != rhs.level_present_flag) return false; ++ if(lhs.level_present_flag && lhs.level_idc != rhs.level_idc ) return false; ++ ++ return true; ++} ++ ++bool operator!=(const profile_data &lhs, const profile_data &rhs) { ++ if(&lhs == &rhs) return false; ++ return (!(lhs==rhs)); ++} ++ ++// class does not store max_sub_layers, so operator == cannot be done. ++bool isEqual(const profile_tier_level &lhs , const profile_tier_level &rhs, int sps_max_sub_layers ) { ++ if(&lhs == &rhs) return true; ++ ++ if(lhs.general != rhs.general ) return false; ++ for(int i = 0 ; i < sps_max_sub_layers; i++ ) { ++ if(lhs.sub_layer[i] != rhs.sub_layer[i]) return false; ++ } ++ return true; ++} ++ ++bool isEqual(const video_usability_information &lhs, const video_usability_information &rhs, const seq_parameter_set &sps) { ++ if(&lhs == &rhs) return true; ++ ++ // not seen yet if(lhs.nal_hrd_parameters_present_flag != rhs.nal_hrd_parameters_present_flag ) return false; ++ ++ // populated by video_usability_information::read() ++ if(lhs.aspect_ratio_info_present_flag != rhs.aspect_ratio_info_present_flag ) return false; ++ if(lhs.aspect_ratio_info_present_flag) { ++ if(lhs.sar_width != rhs.sar_width ) return false; ++ if(lhs.sar_height != rhs.sar_height ) return false; ++ } ++ ++ if(lhs.overscan_info_present_flag != rhs.overscan_info_present_flag ) return false; ++ if(lhs.overscan_info_present_flag) { ++ if(lhs.overscan_appropriate_flag != rhs.overscan_appropriate_flag ) return false; ++ } ++ ++ if(lhs.video_signal_type_present_flag != rhs.video_signal_type_present_flag ) return false; ++ if(lhs.video_signal_type_present_flag) { ++ if(lhs.video_format != rhs.video_format ) return false; ++ if(lhs.video_full_range_flag != rhs.video_full_range_flag) return false; ++ if(lhs.colour_description_present_flag != rhs.colour_description_present_flag) return false; ++ if(lhs.colour_primaries != rhs.colour_primaries ) return false; ++ if(lhs.transfer_characteristics != rhs.transfer_characteristics ) return false; ++ if(lhs.matrix_coeffs != rhs.matrix_coeffs ) return false; ++ } ++ ++ if(lhs.chroma_loc_info_present_flag != rhs.chroma_loc_info_present_flag ) return false; ++ if(lhs.chroma_loc_info_present_flag) { ++ if(lhs.chroma_sample_loc_type_top_field != rhs.chroma_sample_loc_type_top_field ) return false; ++ if(lhs.chroma_sample_loc_type_bottom_field != rhs.chroma_sample_loc_type_bottom_field ) return false; ++ } ++ if(lhs.neutral_chroma_indication_flag != rhs.neutral_chroma_indication_flag ) return false; ++ if(lhs.field_seq_flag != rhs.field_seq_flag ) return false; ++ if(lhs.frame_field_info_present_flag != rhs.frame_field_info_present_flag ) return false; ++ ++ if(lhs.default_display_window_flag != rhs.default_display_window_flag ) return false; ++ if(lhs.default_display_window_flag) { ++ if(lhs.def_disp_win_left_offset != rhs.def_disp_win_left_offset ) return false; ++ if(lhs.def_disp_win_right_offset != rhs.def_disp_win_right_offset ) return false; ++ if(lhs.def_disp_win_top_offset != rhs.def_disp_win_top_offset ) return false; ++ if(lhs.def_disp_win_bottom_offset != rhs.def_disp_win_bottom_offset ) return false; ++ } ++ ++ if(lhs.vui_timing_info_present_flag != rhs.vui_timing_info_present_flag ) return false; ++ if(lhs.vui_timing_info_present_flag) { ++ if(lhs.vui_num_units_in_tick != rhs.vui_num_units_in_tick ) return false; ++ if(lhs.vui_time_scale != rhs.vui_time_scale ) return false; ++ if(lhs.vui_timing_info_present_flag != rhs.vui_timing_info_present_flag ) return false; ++ if(lhs.vui_timing_info_present_flag) { ++ if(lhs.vui_num_ticks_poc_diff_one != rhs.vui_num_ticks_poc_diff_one ) return false; ++ } ++ } ++ ++ if(lhs.vui_hrd_parameters_present_flag != rhs.vui_hrd_parameters_present_flag ) return false; ++ ++ ++ if(lhs.vui_hrd_parameters_present_flag) { ++ // check things made by hrd_parametes ++ ++ if(lhs.vui_hrd_parameters_present_flag != rhs.vui_hrd_parameters_present_flag ) return false; ++ if(lhs.vcl_hrd_parameters_present_flag != rhs.vcl_hrd_parameters_present_flag ) return false; ++ ++ if(lhs.nal_hrd_parameters_present_flag || lhs.vcl_hrd_parameters_present_flag) { ++ if(lhs.sub_pic_hrd_params_present_flag != rhs.sub_pic_hrd_params_present_flag ) return false; ++ if(lhs.sub_pic_hrd_params_present_flag) { ++ if(lhs.tick_divisor_minus2 != rhs.tick_divisor_minus2 ) return false; ++ if(lhs.du_cpb_removal_delay_increment_length_minus1 != rhs.du_cpb_removal_delay_increment_length_minus1 ) return false; ++ if(lhs.sub_pic_cpb_params_in_pic_timing_sei_flag != rhs.sub_pic_cpb_params_in_pic_timing_sei_flag ) return false; ++ if(lhs.dpb_output_delay_du_length_minus1 != rhs.dpb_output_delay_du_length_minus1 ) return false; ++ } ++ if(lhs.bit_rate_scale != rhs.bit_rate_scale ) return false; ++ if(lhs.cpb_size_scale != rhs.cpb_size_scale ) return false; ++ if(lhs.sub_pic_hrd_params_present_flag) { ++ if(lhs.cpb_size_du_scale != rhs.cpb_size_du_scale ) return false; ++ } ++ if(lhs.initial_cpb_removal_delay_length_minus1 != rhs.initial_cpb_removal_delay_length_minus1 ) return false; ++ if(lhs.au_cpb_removal_delay_length_minus1 != rhs.au_cpb_removal_delay_length_minus1 ) return false; ++ if(lhs.dpb_output_delay_length_minus1 != rhs.dpb_output_delay_length_minus1 ) return false; ++ } ++ ++ int i; ++ unsigned int j, nalOrVcl; ++ ++ for (i = 0; i < sps.sps_max_sub_layers; i++) { ++ if(lhs.fixed_pic_rate_general_flag[i] != rhs.fixed_pic_rate_general_flag[i] ) return false; ++ if(lhs.fixed_pic_rate_general_flag[i]) { ++ if(lhs.elemental_duration_in_tc_minus1[i] != rhs.elemental_duration_in_tc_minus1[i] ) return false; ++ } ++ if(lhs.low_delay_hrd_flag[i] != rhs.low_delay_hrd_flag[i] ) return false; ++ if(lhs.cpb_cnt_minus1[i] != rhs.cpb_cnt_minus1[i] ) return false; ++ ++ for (nalOrVcl = 0; nalOrVcl < 2; nalOrVcl++) { ++ if (((nalOrVcl == 0) && lhs.nal_hrd_parameters_present_flag) || ((nalOrVcl == 1) && lhs.vcl_hrd_parameters_present_flag)) { ++ for (j = 0; j <= lhs.cpb_cnt_minus1[i]; j++) { ++ if(lhs.bit_rate_value_minus1[i][j][nalOrVcl] != rhs.bit_rate_value_minus1[i][j][nalOrVcl]) return false; ++ if(lhs.cpb_size_value_minus1[i][j][nalOrVcl] != rhs.cpb_size_value_minus1[i][j][nalOrVcl]) return false; ++ ++ if (lhs.sub_pic_hrd_params_present_flag) { ++ if(lhs.cpb_size_du_value_minus1[i][j][nalOrVcl] != rhs.cpb_size_du_value_minus1[i][j][nalOrVcl]) return false; ++ if(lhs.bit_rate_du_value_minus1[i][j][nalOrVcl] != rhs.bit_rate_du_value_minus1[i][j][nalOrVcl]) return false; ++ } ++ if( lhs.cbr_flag[i][j][nalOrVcl] != rhs.cbr_flag[i][j][nalOrVcl]) return false; ++ } ++ } ++ } ++ } ++ } ++ return true; ++} ++ ++bool operator==(const sps_range_extension &lhs, const sps_range_extension &rhs) { ++ if(&lhs == &rhs) return true; ++ if(lhs.transform_skip_rotation_enabled_flag != rhs.transform_skip_rotation_enabled_flag ) return false; ++ if(lhs.transform_skip_context_enabled_flag != rhs.transform_skip_context_enabled_flag ) return false; ++ if(lhs.implicit_rdpcm_enabled_flag != rhs.implicit_rdpcm_enabled_flag ) return false; ++ if(lhs.explicit_rdpcm_enabled_flag != rhs.explicit_rdpcm_enabled_flag ) return false; ++ if(lhs.extended_precision_processing_flag != rhs.extended_precision_processing_flag ) return false; ++ if(lhs.intra_smoothing_disabled_flag != rhs.intra_smoothing_disabled_flag ) return false; ++ if(lhs.high_precision_offsets_enabled_flag != rhs.high_precision_offsets_enabled_flag ) return false; ++ if(lhs.persistent_rice_adaptation_enabled_flag != rhs.persistent_rice_adaptation_enabled_flag ) return false; ++ if(lhs.cabac_bypass_alignment_enabled_flag != rhs.cabac_bypass_alignment_enabled_flag ) return false; ++ return true; ++} ++ ++bool operator!=(const sps_range_extension &lhs, const sps_range_extension &rhs) { ++ if(&lhs == &rhs) return false; ++ return !(lhs==rhs); ++} ++ ++ ++bool operator==(const seq_parameter_set &lhs, const seq_parameter_set &rhs) { ++ ++ if(&lhs== &rhs) return true; ++ ++ if(lhs.sps_read != rhs.sps_read) return false; ++ ++ if(lhs.video_parameter_set_id != rhs.video_parameter_set_id) return false; ++ if(lhs.sps_max_sub_layers != rhs.sps_max_sub_layers) return false; ++ if(lhs.sps_temporal_id_nesting_flag != rhs.sps_temporal_id_nesting_flag) return false; ++ ++ if(!isEqual(lhs.profile_tier_level_, rhs.profile_tier_level_, lhs.sps_max_sub_layers)) return false; ++ ++ if(lhs.seq_parameter_set_id != rhs.seq_parameter_set_id) return false; ++ if(lhs.chroma_format_idc != rhs.chroma_format_idc) return false; ++ ++ if(lhs.separate_colour_plane_flag != rhs.separate_colour_plane_flag) return false; ++ if(lhs.pic_width_in_luma_samples != rhs.pic_width_in_luma_samples) return false; ++ if(lhs.pic_height_in_luma_samples != rhs.pic_height_in_luma_samples) return false; ++ if(lhs.conformance_window_flag != rhs.conformance_window_flag) return false; ++ ++ if(lhs.conformance_window_flag) { ++ if(lhs.conf_win_left_offset != rhs.conf_win_left_offset) return false; ++ if(lhs.conf_win_right_offset != rhs.conf_win_right_offset) return false; ++ if(lhs.conf_win_top_offset != rhs.conf_win_top_offset) return false; ++ if(lhs.conf_win_bottom_offset != rhs.conf_win_bottom_offset) return false; ++ } ++ ++ if(lhs.bit_depth_luma != rhs.bit_depth_luma) return false; ++ if(lhs.bit_depth_chroma != rhs.bit_depth_chroma) return false; ++ ++ if(lhs.log2_max_pic_order_cnt_lsb != rhs.log2_max_pic_order_cnt_lsb) return false; ++ if(lhs.sps_sub_layer_ordering_info_present_flag != rhs.sps_sub_layer_ordering_info_present_flag) return false; ++ ++ if(memcmp(lhs.sps_max_dec_pic_buffering, rhs.sps_max_dec_pic_buffering, sizeof(rhs.sps_max_dec_pic_buffering))) return false; ++ if(memcmp(lhs.sps_max_num_reorder_pics, rhs.sps_max_num_reorder_pics, sizeof(rhs.sps_max_num_reorder_pics))) return false; ++ if(memcmp(lhs.sps_max_latency_increase_plus1, rhs.sps_max_latency_increase_plus1, sizeof(rhs.sps_max_latency_increase_plus1))) return false; ++ ++ if(lhs.log2_min_luma_coding_block_size != rhs.log2_min_luma_coding_block_size) return false; ++ if(lhs.log2_diff_max_min_luma_coding_block_size != rhs.log2_diff_max_min_luma_coding_block_size) return false; ++ if(lhs.log2_min_transform_block_size != rhs.log2_min_transform_block_size) return false; ++ if(lhs.log2_diff_max_min_transform_block_size != rhs.log2_diff_max_min_transform_block_size) return false; ++ if(lhs.max_transform_hierarchy_depth_inter != rhs.max_transform_hierarchy_depth_inter) return false; ++ if(lhs.max_transform_hierarchy_depth_intra != rhs.max_transform_hierarchy_depth_intra) return false; ++ ++ if(lhs.scaling_list_enable_flag != rhs.scaling_list_enable_flag) return false; ++ if(lhs.scaling_list_enable_flag) { ++ if(lhs.sps_scaling_list_data_present_flag != rhs.sps_scaling_list_data_present_flag) return false; ++ if(lhs.sps_scaling_list_data_present_flag) { ++ // compare only needed if present, otherwise it is the default scaling list. ++ if(memcmp(&lhs.scaling_list, &rhs.scaling_list, sizeof(rhs.scaling_list))) return false; ++ } ++ } ++ ++ if(lhs.amp_enabled_flag != rhs.amp_enabled_flag) return false; ++ if(lhs.sample_adaptive_offset_enabled_flag != rhs.sample_adaptive_offset_enabled_flag) return false; ++ if(lhs.pcm_enabled_flag != rhs.pcm_enabled_flag) return false; ++ ++ if(lhs.pcm_enabled_flag) { ++ if(lhs.pcm_sample_bit_depth_luma != rhs.pcm_sample_bit_depth_luma) return false; ++ if(lhs.pcm_sample_bit_depth_chroma != rhs.pcm_sample_bit_depth_chroma) return false; ++ if(lhs.log2_min_pcm_luma_coding_block_size != rhs.log2_min_pcm_luma_coding_block_size) return false; ++ if(lhs.log2_diff_max_min_pcm_luma_coding_block_size != rhs.log2_diff_max_min_pcm_luma_coding_block_size) return false; ++ if(lhs.pcm_loop_filter_disable_flag != rhs.pcm_loop_filter_disable_flag) return false; ++ } ++ ++ // (longterm) reference pics likely to change with a new sps, so ignored here. ++ ++ if(lhs.sps_temporal_mvp_enabled_flag != rhs.sps_temporal_mvp_enabled_flag) return false; ++ if(lhs.strong_intra_smoothing_enable_flag != rhs.strong_intra_smoothing_enable_flag) return false; ++ ++ if(lhs.vui_parameters_present_flag != rhs.vui_parameters_present_flag) return false; ++ if(lhs.vui_parameters_present_flag) { ++ if(!isEqual(lhs.vui, rhs.vui, lhs )) return false; ++ } ++ ++ if(lhs.sps_extension_present_flag != rhs.sps_extension_present_flag ) return false; ++ if(lhs.sps_extension_present_flag) { ++ if(lhs.sps_range_extension_flag != rhs.sps_range_extension_flag ) return false; ++ if(lhs.sps_multilayer_extension_flag != rhs.sps_multilayer_extension_flag ) return false; ++ if(lhs.sps_extension_6bits != rhs.sps_extension_6bits ) return false; ++ if(lhs.range_extension != rhs.range_extension) return false; ++ } ++ ++ return true; ++} ++ + de265_error decoder_context::read_sps_NAL(bitreader& reader) + { + logdebug(LogHeaders,"----> read SPS\n"); +@@ -560,6 +817,22 @@ de265_error decoder_context::read_sps_NAL(bitreader& reader) + new_sps->dump(param_sps_headers_fd); + } + ++ if ( sps[ new_sps->seq_parameter_set_id ] ) { ++ auto old_sps = sps[ new_sps->seq_parameter_set_id ].get(); ++ if ( *old_sps == *new_sps ) { ++ // printf(" **** keeping sps *****\n"); ++ // the new sps is identical to the old one, so no replacing needed. ++ // however, reference pics and long-term reference pics might need updating. ++ old_sps->ref_pic_sets = new_sps->ref_pic_sets; ++ old_sps->long_term_ref_pics_present_flag = new_sps->long_term_ref_pics_present_flag; ++ memcpy(old_sps->lt_ref_pic_poc_lsb_sps, new_sps->lt_ref_pic_poc_lsb_sps, sizeof(old_sps->lt_ref_pic_poc_lsb_sps)); ++ memcpy(old_sps->used_by_curr_pic_lt_sps_flag, new_sps->used_by_curr_pic_lt_sps_flag, sizeof(old_sps->used_by_curr_pic_lt_sps_flag)); ++ return DE265_OK; ++ } ++ //printf(" **** replacing sps *****\n"); ++ ++ } ++ + sps[ new_sps->seq_parameter_set_id ] = new_sps; + + // Remove the all PPS that referenced the old SPS because parameters may have changed and we do not want to +diff --git a/libde265/sps.cc b/libde265/sps.cc +index f1c28255..31ce9470 100644 +--- a/libde265/sps.cc ++++ b/libde265/sps.cc +@@ -287,6 +287,11 @@ de265_error seq_parameter_set::read(error_queue* errqueue, bitreader* br) + int firstLayer = (sps_sub_layer_ordering_info_present_flag ? + 0 : sps_max_sub_layers-1 ); + ++ // zero out so that comparing is easier. ++ memset(sps_max_dec_pic_buffering, 0 , sizeof(sps_max_dec_pic_buffering)); ++ memset(sps_max_num_reorder_pics, 0 , sizeof(sps_max_num_reorder_pics)); ++ memset(sps_max_latency_increase_plus1, 0 , sizeof(sps_max_latency_increase_plus1)); ++ + for (int i=firstLayer ; i <= sps_max_sub_layers-1; i++ ) { + + // sps_max_dec_pic_buffering[i] +@@ -347,6 +352,7 @@ de265_error seq_parameter_set::read(error_queue* errqueue, bitreader* br) + if (sps_scaling_list_data_present_flag) { + + de265_error err; ++ memset(&scaling_list, 0 , sizeof(scaling_list)); // zero out, so that memcmp will do it to check for equality. + if ((err=read_scaling_list(br,this, &scaling_list, false)) != DE265_OK) { + return err; + } diff --git a/patches/reject_reference_pics_from_different_sps.patch b/patches/reject_reference_pics_from_different_sps.patch new file mode 100644 index 0000000..f0beac6 --- /dev/null +++ b/patches/reject_reference_pics_from_different_sps.patch @@ -0,0 +1,54 @@ +Description: Try to mitigate asan failures by rejecting reference pictures not created with the same sps. + The reference images might have different parameters (size, pixel depth, etc) and so different memory allocations, + leading to out of bound memory reads and writes. +Origin: https://github.com/strukturag/libde265/pull/365 +Comment: Analysis of issue https://github.com/strukturag/libde265/issues/345#issuecomment-1346406079 +From 97dd15303085eae2695a511717bf3239e209df96 Mon Sep 17 00:00:00 2001 +From: Tobias Frost +Date: Mon, 12 Dec 2022 14:03:12 +0100 +Subject: [PATCH] Try to mitigate asan failures. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +See #345 for my analysis and details… + +(This PR is just for discussion.) + +(The CVE references are obtained from the Debian security tracker, +which links the issues.) + +This makes the following POCs stop failing: + +- poc3 (#337) +- poc7-1 (#341) CVE-2022-43239 (note: does NOT fix poc7-2) +- poc8-2, poc8-3, poc8-4 (#342) CVE-2022-43244 (note: does NOT fix poc8-1) +- poc11-1, poc11-2 (#345) CVE-2022-43249 +- poc12 (#346) +- poc13 (#347) CVE-2022-43252 +- poc16 (#350) +--- + libde265/motion.cc | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +Index: libde265/libde265/motion.cc +=================================================================== +--- libde265.orig/libde265/motion.cc ++++ libde265/libde265/motion.cc +@@ -361,6 +361,16 @@ void generate_inter_prediction_samples(b + + logtrace(LogMotion, "refIdx: %d -> dpb[%d]\n", vi->refIdx[l], shdr->RefPicList[l][vi->refIdx[l]]); + ++ if (refPic) { ++ auto nonconst_refPic = const_cast(refPic); /* shared_ptr.get() chokes on const.*/ ++ auto refsps = nonconst_refPic->get_shared_sps().get(); ++ auto imgsps = img->get_shared_sps().get(); ++ if(refsps != imgsps) { ++ // rejecting reference image created with different sps. ++ refPic = nullptr; ++ } ++ } ++ + if (!refPic || refPic->PicState == UnusedForReference) { + img->integrity = INTEGRITY_DECODING_ERRORS; + ctx->add_warning(DE265_WARNING_NONEXISTING_REFERENCE_PICTURE_ACCESSED, false); diff --git a/patches/series b/patches/series new file mode 100644 index 0000000..7fc88c4 --- /dev/null +++ b/patches/series @@ -0,0 +1,14 @@ +only_export_decoder_api.patch +disable_tools.patch +reject_reference_pics_from_different_sps.patch +use_sps_from_the_image.patch +recycle_sps_if_possible.patch +CVE-2023-27102.patch +CVE-2023-27103.patch +CVE-2023-43887.patch +CVE-2023-47471.patch + +CVE-2023-49465.patch +CVE-2023-49467.patch +CVE-2023-49468.patch + diff --git a/patches/use_sps_from_the_image.patch b/patches/use_sps_from_the_image.patch new file mode 100644 index 0000000..63bd704 --- /dev/null +++ b/patches/use_sps_from_the_image.patch @@ -0,0 +1,62 @@ +Description: Use sps of the image, not the sps of the pic parameter set (pps) + When decoding a slice, all decoding functions are using the sps of the target + image to determine the image properties, which are in the seqquence parameter + set) -- execpt generate_inter_prediction_samples(), which uses the sps from the + pps, which might have different properties and trick the decode to out-of-bound + memory accesses, leading to crashes. +Origin: https://github.com/strukturag/libde265/pull/366 +From 36391cda3d4e4fb3269a2ce310e6e0f634729f0b Mon Sep 17 00:00:00 2001 +From: Tobias Frost +Date: Mon, 12 Dec 2022 14:33:40 +0100 +Subject: [PATCH] Use the sps from the image + +(as e.g mc_chroma is using the sps to determine +picture properties, like pic_width_in_luma_samples +and pic_height_in_luma_samples, I *think* this is +more correct. + +This PR is for discussion. (See #345.) +It makes the failures go away, but that does not mean it's correct :) + +The following poc will be stop failing if (only) this +patch is applied: + + - poc2 #336 - CVE-2022-43238 + - poc4 #338 - CVE-2022-43241 + - poc6-1, poc6-2 #340 - CVE-2022-43242 + - poc7-1, poc7-2 #341 - CVE-2022-43239 + - poc8-1 #342 - CVE-2022-43244 + - poc9-3 #343 - CVE-2022-43236 + - poc10-2, poc10-3 #344 - CVE-2022-43237 + - poc16 #350 + - poc19 #353 + +The following are still failing if only this patch is +applied, but they stop failing if #365 is applied as well, but will +still fail with ONLY #365 applied (IOW, both are needed) + + - poc1 #335 - CVE-2022-43240 + - poc3 #337 - CVE-2022-43235 + - poc5 #339 - CVE-2022-43423 + - poc9-1,poc9-2, poc9-4 #343 - CVE-2022-43236 + - poc14 #348 - CVE-2022-43253 + - poc15 #349 - CVE-2022-43248 + - poc17-1, poc17-2 #351 + - poc18 #352 - CVE-2022-43245 +--- + libde265/motion.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: libde265/libde265/motion.cc +=================================================================== +--- libde265.orig/libde265/motion.cc ++++ libde265/libde265/motion.cc +@@ -290,7 +290,7 @@ void generate_inter_prediction_samples(b + int stride[3]; + + const pic_parameter_set* pps = shdr->pps.get(); +- const seq_parameter_set* sps = pps->sps.get(); ++ const seq_parameter_set* sps = img->get_shared_sps().get(); + + if (sps->BitDepth_Y != img->get_bit_depth(0) || + sps->BitDepth_C != img->get_bit_depth(1)) { diff --git a/rules b/rules new file mode 100755 index 0000000..2ff8eb2 --- /dev/null +++ b/rules @@ -0,0 +1,18 @@ +#!/usr/bin/make -f +#export DH_VERBOSE=1 + +export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +%: + dh $@ + +override_dh_auto_install: + dh_auto_install + cd $(CURDIR)/debian/tmp/usr/bin/ && mv dec265 libde265-dec265 + if [ -e "$(CURDIR)/debian/tmp/usr/bin/sherlock265" ]; then \ + cd $(CURDIR)/debian/tmp/usr/bin/ && mv sherlock265 \ + libde265-sherlock265; \ + fi + +override_dh_strip: + dh_strip --ddeb-migration='libde265-dbg (<< 1.0.2-2~)' diff --git a/source/format b/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/upstream/metadata b/upstream/metadata new file mode 100644 index 0000000..6552684 --- /dev/null +++ b/upstream/metadata @@ -0,0 +1,4 @@ +Bug-Database: https://github.com/strukturag/libde265/issues +Repository: https://github.com/strukturag/libde265.git +Repository-Browse: https://github.com/strukturag/libde265 +Bug-Submit: https://github.com/strukturag/libde265/issues/new diff --git a/watch b/watch new file mode 100644 index 0000000..1f72711 --- /dev/null +++ b/watch @@ -0,0 +1,4 @@ +version=3 +opts=filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/libde265-$1\.tar\.gz/,\ +downloadurlmangle=s/.+\/v?(\d\S*)\.tar\.gz/https:\/\/github\.com\/strukturag\/libde265\/releases\/download\/v$1\/libde265-$1\.tar\.gz/ \ + https://github.com/strukturag/libde265/tags .*/v?(\d\S*)\.tar\.gz