From cf6beb3159b76d6cad5a4ee293ff45bc8a261305 Mon Sep 17 00:00:00 2001 From: Tobias Frost Date: Thu, 15 Dec 2022 16:40:12 +0000 Subject: [PATCH] Import libde265_1.0.3-1+deb10u1.debian.tar.xz [dgit import tarball libde265 1.0.3-1+deb10u1 libde265_1.0.3-1+deb10u1.debian.tar.xz] --- .gitlab-ci.yml | 8 + changelog | 64 ++++++ compat | 1 + control | 62 ++++++ copyright | 190 +++++++++++++++++ libde265-0.install | 1 + libde265-0.symbols | 72 +++++++ libde265-dev.docs | 1 + libde265-dev.install | 3 + libde265-examples.install | 1 + patches/CVE-2020-21599.patch | 56 +++++ patches/CVE-2021-35452.patch | 24 +++ patches/CVE-2021-36408.patch | 32 +++ patches/CVE-2021-36409.patch | 58 ++++++ patches/CVE-2021-36410.patch | 22 ++ patches/CVE-2021-36411.patch | 163 +++++++++++++++ patches/disable_tools.patch | 38 ++++ patches/ffmpeg_2.9.patch | 15 ++ patches/only_export_decoder_api.patch | 285 ++++++++++++++++++++++++++ patches/series | 9 + rules | 16 ++ source/format | 1 + watch | 4 + 23 files changed, 1126 insertions(+) create mode 100644 .gitlab-ci.yml create mode 100644 changelog create mode 100644 compat create mode 100644 control create mode 100644 copyright create mode 100644 libde265-0.install create mode 100644 libde265-0.symbols create mode 100644 libde265-dev.docs create mode 100644 libde265-dev.install create mode 100644 libde265-examples.install create mode 100644 patches/CVE-2020-21599.patch create mode 100644 patches/CVE-2021-35452.patch create mode 100644 patches/CVE-2021-36408.patch create mode 100644 patches/CVE-2021-36409.patch create mode 100644 patches/CVE-2021-36410.patch create mode 100644 patches/CVE-2021-36411.patch create mode 100644 patches/disable_tools.patch create mode 100644 patches/ffmpeg_2.9.patch create mode 100644 patches/only_export_decoder_api.patch create mode 100644 patches/series create mode 100755 rules create mode 100644 source/format create mode 100644 watch diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..eff1842 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,8 @@ +include: + - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml + +variables: + RELEASE: 'buster' + SALSA_CI_COMPONENTS: 'main contrib non-free' + SALSA_CI_DISABLE_REPROTEST: 1 + SALSA_CI_DISABLE_LINTIAN: 1 diff --git a/changelog b/changelog new file mode 100644 index 0000000..80b9867 --- /dev/null +++ b/changelog @@ -0,0 +1,64 @@ +libde265 (1.0.3-1+deb10u1) buster-security; urgency=medium + + * Non-maintainer upload by the LTS Security Team. + * Cherry-pick upstream patches for: + - CVE-2020-21599 (See #1014999) + - CVE-2021-35452, CVE-2021-36408, CVE-2021-36409, CVE-2021-36410 and + CVE-2021-36411 (Closes: 1014977) + + -- Tobias Frost Thu, 15 Dec 2022 17:40:12 +0100 + +libde265 (1.0.3-1) unstable; urgency=medium + + [ Ondřej Nový ] + * d/copyright: Use https protocol in Format field + * d/control: Set Vcs-* to salsa.debian.org + + [ Felipe Sateler ] + * Change maintainer address to debian-multimedia@lists.debian.org + + [ Joachim Bauch ] + * Imported Upstream version 1.0.3 + * Update patches for new upstream version. + * Update symbols for new upstream version. + * Update standards version and switch to debhelper 10. + + -- Joachim Bauch Thu, 19 Apr 2018 11:44:40 +0200 + +libde265 (1.0.2-2) unstable; urgency=low + + [ Joachim Bauch ] + * Added patch by Andreas Cadhalpun to fix compilation with FFmpeg 2.9 + (Closes: #803834) + * Updated symbols file for new C++11 symbols. + + [ Sebastian Ramacher ] + * Migrate to automatic dbg packages. + * debian/control: Remove some unnecessary Build-Depends. + + -- Joachim Bauch Mon, 11 Jan 2016 19:12:19 +0100 + +libde265 (1.0.2-1) unstable; urgency=low + + * Imported Upstream version 1.0.2 + * Added new files to copyright information. + * Only export decoder API and update symbols for new version. + + -- Joachim Bauch Thu, 16 Jul 2015 11:07:46 +0200 + +libde265 (0.9-1) unstable; urgency=low + + * Updated symbols to make all "std::vector" symbols optional. + * Imported Upstream version 0.9 + * Removed deprecated patch to update symbols visibility. Changes were + applied upstream. + * Upstream supports compiling against Qt5, prefer that over Qt4. + * Added new symbols from new upstream release. + + -- Joachim Bauch Tue, 16 Sep 2014 18:47:14 +0200 + +libde265 (0.8-1) unstable; urgency=low + + * Initial release. (Closes: #744190) + + -- Joachim Bauch Fri, 08 Aug 2014 17:23:37 +0200 diff --git a/compat b/compat new file mode 100644 index 0000000..f599e28 --- /dev/null +++ b/compat @@ -0,0 +1 @@ +10 diff --git a/control b/control new file mode 100644 index 0000000..44c614b --- /dev/null +++ b/control @@ -0,0 +1,62 @@ +Source: libde265 +Section: libs +Priority: optional +Maintainer: Debian Multimedia Maintainers +Uploaders: + Alessio Treglia , + Joachim Bauch +Build-Depends: + debhelper (>= 10), + libjpeg-dev, + libpng-dev, + qtbase5-dev | libqt4-dev, + libsdl-dev, + libswscale-dev, + libx11-dev, + libxext-dev, + libxv-dev, + pkg-config +Standards-Version: 4.1.3 +Homepage: https://github.com/strukturag/libde265 +Vcs-Git: https://salsa.debian.org/multimedia-team/libde265.git +Vcs-Browser: https://salsa.debian.org/multimedia-team/libde265 + +Package: libde265-0 +Architecture: any +Multi-Arch: same +Depends: + ${misc:Depends}, + ${shlibs:Depends} +Description: Open H.265 video codec implementation + libde265 is an open source implementation of the H.265 video codec. + It is written from scratch in plain C for simplicity and efficiency. + Its simple API makes it easy to integrate it into other software. + +Package: libde265-dev +Section: libdevel +Multi-Arch: same +Architecture: any +Depends: + libde265-0 (= ${binary:Version}), + ${misc:Depends} +Description: Open H.265 video codec implementation - development files + libde265 is an open source implementation of the H.265 video codec. + It is written from scratch in plain C for simplicity and efficiency. + Its simple API makes it easy to integrate it into other software. + . + The development headers for compiling programs that use libde265 + are provided by this package. + +Package: libde265-examples +Section: video +Architecture: any +Depends: + libde265-0 (= ${binary:Version}), + ${misc:Depends}, + ${shlibs:Depends} +Description: Open H.265 video codec implementation - examples + libde265 is an open source implementation of the H.265 video codec. + It is written from scratch in plain C for simplicity and efficiency. + Its simple API makes it easy to integrate it into other software. + . + Sample applications using libde265 are provided by this package. diff --git a/copyright b/copyright new file mode 100644 index 0000000..4c87163 --- /dev/null +++ b/copyright @@ -0,0 +1,190 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: libde265 +Upstream-Contact: struktur AG +Source: https://github.com/strukturag/libde265 + +Files: * +Copyright: + 2013-2014 struktur AG, Dirk Farin + 2013 openHEVC contributors +License: LGPL-3+ + +Files: dec265/dec265.cc + dec265/hdrcopy.cc + dec265/sdl.cc + dec265/sdl.hh + enc265/enc265.cc + sherlock265/VideoDecoder.cc + sherlock265/VideoDecoder.hh + sherlock265/VideoPlayer.cc + sherlock265/VideoPlayer.hh + sherlock265/VideoWidget.cc + sherlock265/VideoWidget.hh + sherlock265/sherlock265.cc + tools/bjoentegaard.cc + tools/block-rate-estim.cc + tools/gen-entropy-table.cc + tools/rd-curves.cc + tools/tests.cc + tools/yuv-distortion.cc +Copyright: + 2013-2014 struktur AG, Dirk Farin + 2013-2014 struktur AG, Joachim Bauch + 1998-2013 Free Software Foundation, Inc +License: GPL-3+ +Comment: Please note that only the sample applications are GPL-3+ while + the decoding library itself is licensed as LGPL-3+. + +Files: extra/getopt.c + extra/getopt.h + extra/getopt_long.c +Copyright: 1987-1996 The Regents of the University of California +License: BSD-4-clause + +Files: libde265/md5.cc + libde265/md5.h +Copyright: No copyright holder +License: public-domain-1 + This software was written by Alexander Peslyak in 2001. No copyright is + claimed, and the software is hereby placed in the public domain. + In case this attempt to disclaim copyright and place the software in the + public domain is deemed null and void, then the software is + Copyright (c) 2001 Alexander Peslyak and it is hereby released to the + general public under the following terms: + . + Redistribution and use in source and binary forms, with or without + modification, are permitted. + . + There's ABSOLUTELY NO WARRANTY, express or implied. + . + (This is a heavily cut-down "BSD license".) + . + This differs from Colin Plumb's older public domain implementation in that + no exactly 32-bit integer data type is required (any 32-bit or wider + unsigned integer data type will do), there's no compile-time endianness + configuration, and the function prototypes match OpenSSL's. No code from + Colin Plumb's implementation has been reused; this comment merely compares + the properties of the two independent implementations. + . + The primary goals of this implementation are portability and ease of use. + It is meant to be fast, but not as fast as possible. Some known + optimizations are not included to reduce source code size and avoid + compile-time configuration. + +Files: extra/stdint.h +Copyright: No copyright holder +License: public-domain-2 + ISO C9x 7.18 Integer types + Based on ISO/IEC SC22/WG14 9899 Committee draft (SC22 N2794) + . + THIS SOFTWARE IS NOT COPYRIGHTED + . + Contributor: Danny Smith + . + This source code is offered for use in the public domain. You may + use, modify or distribute it freely. + . + This code is distributed in the hope that it will be useful but + WITHOUT ANY WARRANTY. ALL WARRANTIES, EXPRESS OR IMPLIED ARE HEREBY + DISCLAIMED. This includes but is not limited to warranties of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + . + Date: 2000-12-02 + +Files: extra/win32cond.c + extra/win32cond.h +Copyright: + 1993-2009 Douglas C. Schmidt and his research group at + Washington University, University of California, Irvine, and + Vanderbilt University +License: other-1 + ACE(TM), TAO(TM), CIAO(TM), DAnCE>(TM), and CoSMIC(TM) (henceforth + referred to as "DOC software") are copyrighted by Douglas C. Schmidt + and his research group at Washington University, University of California, + Irvine, and Vanderbilt University, Copyright (c) 1993-2009, all rights + reserved. + . + Since DOC software is open-source, freely available software, you are free + to use, modify, copy, and distribute--perpetually and irrevocably--the DOC + software source code and object code produced from the source, as well as + copy and distribute modified versions of this software. You must, however, + include this copyright statement along with any code built using DOC + software that you release. + . + No copyright statement needs to be provided if you just ship binary + executables of your software products. + . + See "Strategies for Implementing POSIX Condition Variables on Win32" at + http://www.cs.wustl.edu/~schmidt/win32-cv-1.html + +Files: debian/* +Copyright: + 2014 Joachim Bauch + 2014 Alessio Treglia +License: LGPL-3+ + +License: GPL-3+ + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + On Debian systems the complete text of the GNU General Public License + can be found in the `/usr/share/common-licenses/GPL-3' file. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +License: LGPL-3+ + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + . + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + On Debian systems the complete text of the GNU Lesser General Public + License can be found in the `/usr/share/common-licenses/LGPL-3' file. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see . + +License: BSD-4-clause + Copyright (c) 1987, 1993, 1994 + The Regents of the University of California. All rights reserved. + . + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. All advertising materials mentioning features or use of this software + must display the following acknowledgement: + This product includes software developed by the University of + California, Berkeley and its contributors. + 4. Neither the name of the University nor the names of its contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + . + THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. diff --git a/libde265-0.install b/libde265-0.install new file mode 100644 index 0000000..3de3b10 --- /dev/null +++ b/libde265-0.install @@ -0,0 +1 @@ +usr/lib/*/*.so.* diff --git a/libde265-0.symbols b/libde265-0.symbols new file mode 100644 index 0000000..a40c8ab --- /dev/null +++ b/libde265-0.symbols @@ -0,0 +1,72 @@ +libde265.so.0 libde265-0 #MINVER# + (optional|c++|regex)"^std::_Sp_counted_base<.*@Base$" 1.0.2 + (optional|c++|regex)"^std::_Sp_counted_ptr<.*@Base$" 1.0.3 + (optional|c++|regex)"^std::__cxx11::basic_string<.*@Base$" 1.0.2 + (optional|c++|regex)"^std::__cxx11::basic_stringbuf<.*@Base$" 1.0.2 + (optional|c++|regex)"^std::vector<.*@Base$" 1.0.2 + (optional|c++|regex)"^typeinfo for std::.*@Base$" 1.0.2 + (optional|c++|regex)"^typeinfo name for std::.*@Base$" 1.0.2 + (optional|c++|regex)"^void std::vector<.*@Base$" 1.0.2 + (optional=only used internally by dec265|c++)"MSE(unsigned char const*, int, unsigned char const*, int, int, int)@Base" 1.0.2 + (optional=only used internally by dec265|c++)"PSNR(double)@Base" 1.0.2 + (optional=only used by the non-final encoder api)de265_alloc_image_plane@Base 1.0.2 + de265_change_framerate@Base 0.8 + de265_decode@Base 0.8 + de265_decode_data@Base 0.8 + de265_disable_logging@Base 0.8 + de265_flush_data@Base 0.8 + de265_free@Base 0.8 + de265_free_decoder@Base 0.8 + (optional=only used by the non-final encoder api)de265_free_image_plane@Base 1.0.2 + de265_get_bits_per_pixel@Base 1.0.2 + de265_get_chroma_format@Base 0.8 + de265_get_current_TID@Base 0.8 + de265_get_default_image_allocation_functions@Base 0.8 + de265_get_error_text@Base 0.8 + de265_get_highest_TID@Base 0.8 + de265_get_image_NAL_header@Base 0.8 + de265_get_image_PTS@Base 0.8 + de265_get_image_height@Base 0.8 + de265_get_image_plane@Base 0.8 + de265_get_image_plane_user_data@Base 0.8 + de265_get_image_user_data@Base 0.8 + de265_get_image_width@Base 0.8 + de265_get_next_picture@Base 0.8 + de265_get_number_of_NAL_units_pending@Base 0.8 + de265_get_number_of_input_bytes_pending@Base 0.8 + de265_get_parameter_bool@Base 0.8 + de265_get_version@Base 0.8 + de265_get_version_number@Base 0.8 + de265_get_version_number_maintenance@Base 1.0.2 + de265_get_version_number_major@Base 1.0.2 + de265_get_version_number_minor@Base 1.0.2 + de265_get_warning@Base 0.8 + de265_init@Base 0.8 + de265_isOK@Base 0.8 + de265_new_decoder@Base 0.8 + de265_peek_next_picture@Base 0.8 + de265_push_NAL@Base 0.8 + de265_push_data@Base 0.8 + de265_push_end_of_NAL@Base 0.8 + de265_push_end_of_frame@Base 0.9 + de265_release_next_picture@Base 0.8 + de265_reset@Base 0.8 + de265_set_framerate_ratio@Base 0.8 + de265_set_image_allocation_functions@Base 0.8 + de265_set_image_plane@Base 0.8 + de265_set_image_user_data@Base 0.9 + de265_set_limit_TID@Base 0.8 + de265_set_parameter_bool@Base 0.8 + de265_set_parameter_int@Base 0.8 + de265_set_verbosity@Base 0.8 + de265_start_worker_threads@Base 0.8 + (optional=only used internally by sherlock265)draw_CB_grid@Base 0.8 + (optional=only used internally by sherlock265)draw_Motion@Base 0.8 + (optional=only used internally by sherlock265)draw_PB_grid@Base 0.8 + (optional=only used internally by sherlock265)draw_PB_pred_modes@Base 0.8 + (optional=only used internally by sherlock265)draw_QuantPY@Base 0.8 + (optional=only used internally by sherlock265)draw_Slices@Base 0.8 + (optional=only used internally by sherlock265)draw_TB_grid@Base 0.8 + (optional=only used internally by sherlock265)draw_Tiles@Base 0.8 + (optional=only used internally by sherlock265)draw_intra_pred_modes@Base 0.8 + (optional=only used by the non-final encoder api|regex)en265_.*@Base 1.0.2 diff --git a/libde265-dev.docs b/libde265-dev.docs new file mode 100644 index 0000000..b43bf86 --- /dev/null +++ b/libde265-dev.docs @@ -0,0 +1 @@ +README.md diff --git a/libde265-dev.install b/libde265-dev.install new file mode 100644 index 0000000..60fe5cb --- /dev/null +++ b/libde265-dev.install @@ -0,0 +1,3 @@ +usr/include/* +usr/lib/*/*.so +usr/lib/*/pkgconfig/* diff --git a/libde265-examples.install b/libde265-examples.install new file mode 100644 index 0000000..1df36c6 --- /dev/null +++ b/libde265-examples.install @@ -0,0 +1 @@ +usr/bin/* diff --git a/patches/CVE-2020-21599.patch b/patches/CVE-2020-21599.patch new file mode 100644 index 0000000..79ff5b9 --- /dev/null +++ b/patches/CVE-2020-21599.patch @@ -0,0 +1,56 @@ +Description: Patch for CVE-2020-21599 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014999 (one of the many CVEs of this bug) +From a3f1c6a0dea2b0d4a531255ad06ed40cdb184d25 Mon Sep 17 00:00:00 2001 +From: Dirk Farin +Date: Tue, 23 Feb 2021 15:11:09 +0100 +Subject: [PATCH] return error when PCM bits parameter exceeds pixel depth + (#225) + +--- + libde265/de265.cc | 2 ++ + libde265/de265.h | 3 ++- + libde265/sps.cc | 10 ++++++++++ + 3 files changed, 14 insertions(+), 1 deletion(-) + +--- a/libde265/de265.cc ++++ b/libde265/de265.cc +@@ -156,6 +156,8 @@ + return "SPS header missing, cannot decode SEI"; + case DE265_WARNING_COLLOCATED_MOTION_VECTOR_OUTSIDE_IMAGE_AREA: + return "collocated motion-vector is outside image area"; ++ case DE265_WARNING_PCM_BITDEPTH_TOO_LARGE: ++ return "PCM bit-depth too large"; + + default: return "unknown error"; + } +--- a/libde265/de265.h ++++ b/libde265/de265.h +@@ -135,7 +135,8 @@ + DE265_NON_EXISTING_LT_REFERENCE_CANDIDATE_IN_SLICE_HEADER=1023, + DE265_WARNING_CANNOT_APPLY_SAO_OUT_OF_MEMORY=1024, + DE265_WARNING_SPS_MISSING_CANNOT_DECODE_SEI=1025, +- DE265_WARNING_COLLOCATED_MOTION_VECTOR_OUTSIDE_IMAGE_AREA=1026 ++ DE265_WARNING_COLLOCATED_MOTION_VECTOR_OUTSIDE_IMAGE_AREA=1026, ++ DE265_WARNING_PCM_BITDEPTH_TOO_LARGE=1027 + } de265_error; + + LIBDE265_API const char* de265_get_error_text(de265_error err); +--- a/libde265/sps.cc ++++ b/libde265/sps.cc +@@ -360,6 +360,16 @@ + READ_VLC_OFFSET(log2_min_pcm_luma_coding_block_size, uvlc, 3); + READ_VLC(log2_diff_max_min_pcm_luma_coding_block_size, uvlc); + pcm_loop_filter_disable_flag = get_bits(br,1); ++ ++ if (pcm_sample_bit_depth_luma > bit_depth_luma) { ++ errqueue->add_warning(DE265_WARNING_PCM_BITDEPTH_TOO_LARGE, false); ++ return DE265_ERROR_CODED_PARAMETER_OUT_OF_RANGE; ++ } ++ ++ if (pcm_sample_bit_depth_chroma > bit_depth_chroma) { ++ errqueue->add_warning(DE265_WARNING_PCM_BITDEPTH_TOO_LARGE, false); ++ return DE265_ERROR_CODED_PARAMETER_OUT_OF_RANGE; ++ } + } + else { + pcm_sample_bit_depth_luma = 0; diff --git a/patches/CVE-2021-35452.patch b/patches/CVE-2021-35452.patch new file mode 100644 index 0000000..da29f68 --- /dev/null +++ b/patches/CVE-2021-35452.patch @@ -0,0 +1,24 @@ +Description: Fix for CVE 2021-35452 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977 +From e83f3798dd904aa579425c53020c67e03735138d Mon Sep 17 00:00:00 2001 +From: Dirk Farin +Date: Tue, 5 Apr 2022 19:35:46 +0200 +Subject: [PATCH] fix check for valid PPS idx (#298) + +--- + libde265/slice.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libde265/slice.cc b/libde265/slice.cc +index cca4d332..aacde0ce 100644 +--- a/libde265/slice.cc ++++ b/libde265/slice.cc +@@ -373,7 +373,7 @@ de265_error slice_segment_header::read(bitreader* br, decoder_context* ctx, + } + + slice_pic_parameter_set_id = get_uvlc(br); +- if (slice_pic_parameter_set_id > DE265_MAX_PPS_SETS || ++ if (slice_pic_parameter_set_id >= DE265_MAX_PPS_SETS || + slice_pic_parameter_set_id == UVLC_ERROR) { + ctx->add_warning(DE265_WARNING_NONEXISTING_PPS_REFERENCED, false); + return DE265_OK; diff --git a/patches/CVE-2021-36408.patch b/patches/CVE-2021-36408.patch new file mode 100644 index 0000000..e04f444 --- /dev/null +++ b/patches/CVE-2021-36408.patch @@ -0,0 +1,32 @@ +Description: Fix for CVE-2021-36408 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977 +From f538254e4658ef5ea4e233c2185dcbfd165e8911 Mon Sep 17 00:00:00 2001 +From: Dirk Farin +Date: Tue, 5 Apr 2022 18:41:28 +0200 +Subject: [PATCH] fix streams where SPS image size changes without refreshing + PPS (#299) + +--- + libde265/decctx.cc | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/libde265/decctx.cc b/libde265/decctx.cc +index edebb7136..6701725fb 100644 +--- a/libde265/decctx.cc ++++ b/libde265/decctx.cc +@@ -562,6 +562,15 @@ de265_error decoder_context::read_sps_NAL(bitreader& reader) + + sps[ new_sps->seq_parameter_set_id ] = new_sps; + ++ // Remove the all PPS that referenced the old SPS because parameters may have changed and we do not want to ++ // get the SPS and PPS parameters (e.g. image size) out of sync. ++ ++ for (auto& p : pps) { ++ if (p && p->seq_parameter_set_id == new_sps->seq_parameter_set_id) { ++ p = nullptr; ++ } ++ } ++ + return DE265_OK; + } + diff --git a/patches/CVE-2021-36409.patch b/patches/CVE-2021-36409.patch new file mode 100644 index 0000000..0134475 --- /dev/null +++ b/patches/CVE-2021-36409.patch @@ -0,0 +1,58 @@ +Description: Fix for CVE-2021-36409 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977 +From 64d591a6c70737604ca3f5791736fc462cbe8a3c Mon Sep 17 00:00:00 2001 +From: Dirk Farin +Date: Tue, 5 Apr 2022 17:53:43 +0200 +Subject: [PATCH] fix assertion when reading invalid scaling_list (#300) + +--- + libde265/sps.cc | 15 +++++++++------ + 1 file changed, 9 insertions(+), 6 deletions(-) + +--- a/libde265/sps.cc ++++ b/libde265/sps.cc +@@ -881,19 +881,23 @@ + int n = ((sizeId==3) ? 2 : 6); + uint8_t scaling_list[6][32*32]; + ++ // Note: we use a different matrixId for the second matrix of size 3 (we use '3' instead of '1'). + for (int matrixId=0;matrixId matrixId) { + return DE265_ERROR_CODED_PARAMETER_OUT_OF_RANGE; +@@ -909,15 +913,14 @@ + memcpy(curr_scaling_list, default_ScalingList_4x4, 16); + } + else { +- if (canonicalMatrixId<3) ++ if (matrixId<3) + { memcpy(curr_scaling_list, default_ScalingList_8x8_intra,64); } + else + { memcpy(curr_scaling_list, default_ScalingList_8x8_inter,64); } + } + } + else { +- // TODO: CHECK: for sizeID=3 and the second matrix, should we have delta=1 or delta=3 ? +- if (sizeId==3) { assert(scaling_list_pred_matrix_id_delta==1); } ++ if (sizeId==3) { assert(scaling_list_pred_matrix_id_delta==3); } + + int mID = matrixId - scaling_list_pred_matrix_id_delta; + diff --git a/patches/CVE-2021-36410.patch b/patches/CVE-2021-36410.patch new file mode 100644 index 0000000..b93592c --- /dev/null +++ b/patches/CVE-2021-36410.patch @@ -0,0 +1,22 @@ +Description: CVE-2021-36410 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977 +From 697aa4f7c774abd6374596e6707a6f4f54265355 Mon Sep 17 00:00:00 2001 +From: Dirk Farin +Date: Tue, 5 Apr 2022 19:27:04 +0200 +Subject: [PATCH] fix MC with HDR chroma, but SDR luma (#301) + +--- + libde265/motion.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/libde265/motion.cc ++++ b/libde265/motion.cc +@@ -377,7 +377,7 @@ + refPic->get_luma_stride(), nPbW,nPbH, bit_depth_L); + } + +- if (img->high_bit_depth(0)) { ++ if (img->high_bit_depth(1)) { + mc_chroma(ctx, sps, vi->mv[l].x, vi->mv[l].y, xP,yP, + predSamplesC[0][l],nCS, (const uint16_t*)refPic->get_image_plane(1), + refPic->get_chroma_stride(), nPbW/SubWidthC,nPbH/SubHeightC, bit_depth_C); diff --git a/patches/CVE-2021-36411.patch b/patches/CVE-2021-36411.patch new file mode 100644 index 0000000..a53ce24 --- /dev/null +++ b/patches/CVE-2021-36411.patch @@ -0,0 +1,163 @@ +Description: CVE-2021-36411 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014977 +From 45904e5667c5bf59c67fcdc586dfba110832894c Mon Sep 17 00:00:00 2001 +From: Dirk Farin +Date: Tue, 5 Apr 2022 20:00:20 +0200 +Subject: [PATCH] fix reading invalid images where shdr references are NULL in + part of the image (#302) + +--- + libde265/deblock.cc | 127 +++++++++++++++++++++++--------------------- + libde265/sao.cc | 5 +- + 2 files changed, 70 insertions(+), 62 deletions(-) + +--- a/libde265/deblock.cc ++++ b/libde265/deblock.cc +@@ -295,67 +295,72 @@ + slice_segment_header* shdrP = img->get_SliceHeader(xDiOpp,yDiOpp); + slice_segment_header* shdrQ = img->get_SliceHeader(xDi ,yDi); + +- int refPicP0 = mviP.predFlag[0] ? shdrP->RefPicList[0][ mviP.refIdx[0] ] : -1; +- int refPicP1 = mviP.predFlag[1] ? shdrP->RefPicList[1][ mviP.refIdx[1] ] : -1; +- int refPicQ0 = mviQ.predFlag[0] ? shdrQ->RefPicList[0][ mviQ.refIdx[0] ] : -1; +- int refPicQ1 = mviQ.predFlag[1] ? shdrQ->RefPicList[1][ mviQ.refIdx[1] ] : -1; +- +- bool samePics = ((refPicP0==refPicQ0 && refPicP1==refPicQ1) || +- (refPicP0==refPicQ1 && refPicP1==refPicQ0)); +- +- if (!samePics) { +- bS = 1; +- } +- else { +- MotionVector mvP0 = mviP.mv[0]; if (!mviP.predFlag[0]) { mvP0.x=mvP0.y=0; } +- MotionVector mvP1 = mviP.mv[1]; if (!mviP.predFlag[1]) { mvP1.x=mvP1.y=0; } +- MotionVector mvQ0 = mviQ.mv[0]; if (!mviQ.predFlag[0]) { mvQ0.x=mvQ0.y=0; } +- MotionVector mvQ1 = mviQ.mv[1]; if (!mviQ.predFlag[1]) { mvQ1.x=mvQ1.y=0; } +- +- int numMV_P = mviP.predFlag[0] + mviP.predFlag[1]; +- int numMV_Q = mviQ.predFlag[0] + mviQ.predFlag[1]; +- +- if (numMV_P!=numMV_Q) { +- img->decctx->add_warning(DE265_WARNING_NUMMVP_NOT_EQUAL_TO_NUMMVQ, false); +- img->integrity = INTEGRITY_DECODING_ERRORS; +- } +- +- // two different reference pictures or only one reference picture +- if (refPicP0 != refPicP1) { +- +- if (refPicP0 == refPicQ0) { +- if (abs_value(mvP0.x-mvQ0.x) >= 4 || +- abs_value(mvP0.y-mvQ0.y) >= 4 || +- abs_value(mvP1.x-mvQ1.x) >= 4 || +- abs_value(mvP1.y-mvQ1.y) >= 4) { +- bS = 1; +- } +- } +- else { +- if (abs_value(mvP0.x-mvQ1.x) >= 4 || +- abs_value(mvP0.y-mvQ1.y) >= 4 || +- abs_value(mvP1.x-mvQ0.x) >= 4 || +- abs_value(mvP1.y-mvQ0.y) >= 4) { +- bS = 1; +- } +- } +- } +- else { +- assert(refPicQ0==refPicQ1); +- +- if ((abs_value(mvP0.x-mvQ0.x) >= 4 || +- abs_value(mvP0.y-mvQ0.y) >= 4 || +- abs_value(mvP1.x-mvQ1.x) >= 4 || +- abs_value(mvP1.y-mvQ1.y) >= 4) +- && +- (abs_value(mvP0.x-mvQ1.x) >= 4 || +- abs_value(mvP0.y-mvQ1.y) >= 4 || +- abs_value(mvP1.x-mvQ0.x) >= 4 || +- abs_value(mvP1.y-mvQ0.y) >= 4)) { +- bS = 1; +- } +- } +- } ++ if (shdrP && shdrQ) { ++ int refPicP0 = mviP.predFlag[0] ? shdrP->RefPicList[0][ mviP.refIdx[0] ] : -1; ++ int refPicP1 = mviP.predFlag[1] ? shdrP->RefPicList[1][ mviP.refIdx[1] ] : -1; ++ int refPicQ0 = mviQ.predFlag[0] ? shdrQ->RefPicList[0][ mviQ.refIdx[0] ] : -1; ++ int refPicQ1 = mviQ.predFlag[1] ? shdrQ->RefPicList[1][ mviQ.refIdx[1] ] : -1; ++ ++ bool samePics = ((refPicP0==refPicQ0 && refPicP1==refPicQ1) || ++ (refPicP0==refPicQ1 && refPicP1==refPicQ0)); ++ ++ if (!samePics) { ++ bS = 1; ++ } ++ else { ++ MotionVector mvP0 = mviP.mv[0]; if (!mviP.predFlag[0]) { mvP0.x=mvP0.y=0; } ++ MotionVector mvP1 = mviP.mv[1]; if (!mviP.predFlag[1]) { mvP1.x=mvP1.y=0; } ++ MotionVector mvQ0 = mviQ.mv[0]; if (!mviQ.predFlag[0]) { mvQ0.x=mvQ0.y=0; } ++ MotionVector mvQ1 = mviQ.mv[1]; if (!mviQ.predFlag[1]) { mvQ1.x=mvQ1.y=0; } ++ ++ int numMV_P = mviP.predFlag[0] + mviP.predFlag[1]; ++ int numMV_Q = mviQ.predFlag[0] + mviQ.predFlag[1]; ++ ++ if (numMV_P!=numMV_Q) { ++ img->decctx->add_warning(DE265_WARNING_NUMMVP_NOT_EQUAL_TO_NUMMVQ, false); ++ img->integrity = INTEGRITY_DECODING_ERRORS; ++ } ++ ++ // two different reference pictures or only one reference picture ++ if (refPicP0 != refPicP1) { ++ ++ if (refPicP0 == refPicQ0) { ++ if (abs_value(mvP0.x-mvQ0.x) >= 4 || ++ abs_value(mvP0.y-mvQ0.y) >= 4 || ++ abs_value(mvP1.x-mvQ1.x) >= 4 || ++ abs_value(mvP1.y-mvQ1.y) >= 4) { ++ bS = 1; ++ } ++ } ++ else { ++ if (abs_value(mvP0.x-mvQ1.x) >= 4 || ++ abs_value(mvP0.y-mvQ1.y) >= 4 || ++ abs_value(mvP1.x-mvQ0.x) >= 4 || ++ abs_value(mvP1.y-mvQ0.y) >= 4) { ++ bS = 1; ++ } ++ } ++ } ++ else { ++ assert(refPicQ0==refPicQ1); ++ ++ if ((abs_value(mvP0.x-mvQ0.x) >= 4 || ++ abs_value(mvP0.y-mvQ0.y) >= 4 || ++ abs_value(mvP1.x-mvQ1.x) >= 4 || ++ abs_value(mvP1.y-mvQ1.y) >= 4) ++ && ++ (abs_value(mvP0.x-mvQ1.x) >= 4 || ++ abs_value(mvP0.y-mvQ1.y) >= 4 || ++ abs_value(mvP1.x-mvQ0.x) >= 4 || ++ abs_value(mvP1.y-mvQ0.y) >= 4)) { ++ bS = 1; ++ } ++ } ++ } ++ } ++ else { ++ bS = 0; // if shdrP==NULL or shdrQ==NULL ++ } + + /* + printf("unimplemented deblocking code for CU at %d;%d\n",xDi,yDi); +--- a/libde265/sao.cc ++++ b/libde265/sao.cc +@@ -347,7 +347,10 @@ + for (int xCtb=0; xCtbget_SliceHeaderCtb(xCtb,yCtb); +- if (shdr==NULL) { return; } ++ if (shdr==NULL) { ++ delete[] inputCopy; ++ return; ++ } + + if (cIdx==0 && shdr->slice_sao_luma_flag) { + apply_sao(img, xCtb,yCtb, shdr, 0, 1< +--- a/Makefile.am ++++ b/Makefile.am +@@ -8,10 +8,6 @@ + SUBDIRS+=dec265 + endif + +-SUBDIRS+=enc265 +-SUBDIRS+=tools +-SUBDIRS+=acceleration-speed +- + if ENABLE_SHERLOCK265 + SUBDIRS+=sherlock265 + endif +--- a/dec265/Makefile.am ++++ b/dec265/Makefile.am +@@ -1,5 +1,5 @@ + +-bin_PROGRAMS = dec265 hdrcopy ++bin_PROGRAMS = dec265 + + AM_CPPFLAGS = -I../libde265 + +@@ -9,12 +9,6 @@ + dec265_LDADD = ../libde265/libde265.la -lstdc++ + dec265_SOURCES = dec265.cc + +-hdrcopy_DEPENDENCIES = ../libde265/libde265.la +-hdrcopy_CXXFLAGS = +-hdrcopy_LDFLAGS = +-hdrcopy_LDADD = ../libde265/libde265.la -lstdc++ +-hdrcopy_SOURCES = hdrcopy.cc +- + if HAVE_VIDEOGFX + dec265_CXXFLAGS += $(VIDEOGFX_CFLAGS) + dec265_LDFLAGS += $(VIDEOGFX_LIBS) diff --git a/patches/ffmpeg_2.9.patch b/patches/ffmpeg_2.9.patch new file mode 100644 index 0000000..aae8e54 --- /dev/null +++ b/patches/ffmpeg_2.9.patch @@ -0,0 +1,15 @@ +Description: Replace deprecated FFmpeg API +Author: Andreas Cadhalpun +Last-Update: <2015-11-02> + +--- a/sherlock265/VideoDecoder.cc ++++ b/sherlock265/VideoDecoder.cc +@@ -237,7 +237,7 @@ + } + width = img->get_width(); + height = img->get_height(); +- sws = sws_getContext(width, height, PIX_FMT_YUV420P, width, height, PIX_FMT_BGRA, SWS_FAST_BILINEAR, NULL, NULL, NULL); ++ sws = sws_getContext(width, height, AV_PIX_FMT_YUV420P, width, height, AV_PIX_FMT_BGRA, SWS_FAST_BILINEAR, NULL, NULL, NULL); + } + + int stride[3]; diff --git a/patches/only_export_decoder_api.patch b/patches/only_export_decoder_api.patch new file mode 100644 index 0000000..aedc5a2 --- /dev/null +++ b/patches/only_export_decoder_api.patch @@ -0,0 +1,285 @@ +Description: Only export symbols defined in the decoder API. + The encoder API is not final yet, so upstream exports all symbols to make + development easier. For packaging we only want to expose the public API. +Author: Joachim Bauch +--- a/libde265/encoder/Makefile.am ++++ b/libde265/encoder/Makefile.am +@@ -10,6 +10,18 @@ + encpicbuf.h encpicbuf.cc \ + sop.h sop.cc + ++libde265_encoder_la_CFLAGS = \ ++ $(CFLAG_VISIBILITY) \ ++ -DLIBDE265_EXPORTS ++libde265_encoder_la_CXXFLAGS += \ ++ $(CFLAG_VISIBILITY) \ ++ -DLIBDE265_EXPORTS ++ ++if HAVE_VISIBILITY ++ libde265_encoder_la_CFLAGS += -DHAVE_VISIBILITY ++ libde265_encoder_la_CXXFLAGS += -DHAVE_VISIBILITY ++endif ++ + SUBDIRS=algo + libde265_encoder_la_LIBADD = algo/libde265_encoder_algo.la + +--- a/libde265/encoder/algo/Makefile.am ++++ b/libde265/encoder/algo/Makefile.am +@@ -17,5 +17,13 @@ + tb-rateestim.h tb-rateestim.cc \ + pb-mv.h pb-mv.cc + ++libde265_encoder_algo_la_CXXFLAGS += \ ++ $(CFLAG_VISIBILITY) \ ++ -DLIBDE265_EXPORTS ++ ++if HAVE_VISIBILITY ++ libde265_encoder_algo_la_CXXFLAGS += -DHAVE_VISIBILITY ++endif ++ + EXTRA_DIST = \ + CMakeLists.txt +--- a/configure.ac ++++ b/configure.ac +@@ -50,9 +50,7 @@ + fi + changequote([,])dnl + +-dnl gl_VISIBILITY +-dnl : In encoder branch, we still export all library symbols : +-HAVE_VISIBILITY=0 ++gl_VISIBILITY + AM_CONDITIONAL([HAVE_VISIBILITY], [test "x$HAVE_VISIBILITY" != "x0"]) + + # Checks for header files. +--- a/libde265/image-io.cc ++++ b/libde265/image-io.cc +@@ -183,7 +183,7 @@ + } + + +-LIBDE265_API PacketSink_File::~PacketSink_File() ++PacketSink_File::~PacketSink_File() + { + if (mFH) { + fclose(mFH); +@@ -191,7 +191,7 @@ + } + + +-LIBDE265_API void PacketSink_File::set_filename(const char* filename) ++void PacketSink_File::set_filename(const char* filename) + { + assert(mFH==NULL); + +@@ -199,7 +199,7 @@ + } + + +-LIBDE265_API void PacketSink_File::send_packet(const uint8_t* data, int n) ++void PacketSink_File::send_packet(const uint8_t* data, int n) + { + uint8_t startCode[3]; + startCode[0] = 0; +--- a/libde265/image-io.h ++++ b/libde265/image-io.h +@@ -30,17 +30,17 @@ + class ImageSource + { + public: +- LIBDE265_API ImageSource(); +- virtual LIBDE265_API ~ImageSource() { } ++ ImageSource(); ++ virtual ~ImageSource() { } + + //enum ImageStatus { Available, Waiting, EndOfVideo }; + + //virtual ImageStatus get_status() = 0; +- virtual LIBDE265_API de265_image* get_image(bool block=true) = 0; +- virtual LIBDE265_API void skip_frames(int n) = 0; ++ virtual de265_image* get_image(bool block=true) = 0; ++ virtual void skip_frames(int n) = 0; + +- virtual LIBDE265_API int get_width() const = 0; +- virtual LIBDE265_API int get_height() const = 0; ++ virtual int get_width() const = 0; ++ virtual int get_height() const = 0; + }; + + +@@ -48,17 +48,17 @@ + class ImageSource_YUV : public ImageSource + { + public: +- LIBDE265_API ImageSource_YUV(); +- virtual LIBDE265_API ~ImageSource_YUV(); ++ ImageSource_YUV(); ++ virtual ~ImageSource_YUV(); + +- bool LIBDE265_API set_input_file(const char* filename, int w,int h); ++ bool set_input_file(const char* filename, int w,int h); + + //virtual ImageStatus get_status(); +- virtual LIBDE265_API de265_image* get_image(bool block=true); +- virtual LIBDE265_API void skip_frames(int n); ++ virtual de265_image* get_image(bool block=true); ++ virtual void skip_frames(int n); + +- virtual LIBDE265_API int get_width() const { return width; } +- virtual LIBDE265_API int get_height() const { return height; } ++ virtual int get_width() const { return width; } ++ virtual int get_height() const { return height; } + + private: + FILE* mFH; +@@ -74,20 +74,20 @@ + class ImageSink + { + public: +- virtual LIBDE265_API ~ImageSink() { } ++ virtual ~ImageSink() { } + +- virtual LIBDE265_API void send_image(const de265_image* img) = 0; ++ virtual void send_image(const de265_image* img) = 0; + }; + + class ImageSink_YUV : public ImageSink + { + public: +- LIBDE265_API ImageSink_YUV() : mFH(NULL) { } +- LIBDE265_API ~ImageSink_YUV(); ++ ImageSink_YUV() : mFH(NULL) { } ++ ~ImageSink_YUV(); + +- bool LIBDE265_API set_filename(const char* filename); ++ bool set_filename(const char* filename); + +- virtual LIBDE265_API void send_image(const de265_image* img); ++ virtual void send_image(const de265_image* img); + + private: + FILE* mFH; +@@ -98,21 +98,21 @@ + class PacketSink + { + public: +- virtual LIBDE265_API ~PacketSink() { } ++ virtual ~PacketSink() { } + +- virtual LIBDE265_API void send_packet(const uint8_t* data, int n) = 0; ++ virtual void send_packet(const uint8_t* data, int n) = 0; + }; + + + class PacketSink_File : public PacketSink + { + public: +- LIBDE265_API PacketSink_File(); +- virtual LIBDE265_API ~PacketSink_File(); ++ PacketSink_File(); ++ virtual ~PacketSink_File(); + +- LIBDE265_API void set_filename(const char* filename); ++ void set_filename(const char* filename); + +- virtual LIBDE265_API void send_packet(const uint8_t* data, int n); ++ virtual void send_packet(const uint8_t* data, int n); + + private: + FILE* mFH; +--- a/libde265/configparam.h ++++ b/libde265/configparam.h +@@ -95,7 +95,7 @@ + bool hasLongOption() const { return true; } //mLongOption!=NULL; } + std::string getLongOption() const { return mLongOption ? std::string(mLongOption) : get_name(); } + +- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx) { return false; } ++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx) { return false; } + + + +@@ -132,7 +132,7 @@ + virtual std::string get_default_string() const { return default_value ? "true":"false"; } + + virtual std::string getTypeDescr() const { return "(boolean)"; } +- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx) { set(true); return true; } ++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx) { set(true); return true; } + + bool set(bool v) { value_set=true; value=v; return true; } + +@@ -162,10 +162,10 @@ + virtual bool has_default() const { return default_set; } + + void set_default(std::string v) { default_value=v; default_set=true; } +- virtual LIBDE265_API std::string get_default_string() const { return default_value; } ++ virtual std::string get_default_string() const { return default_value; } + +- virtual LIBDE265_API std::string getTypeDescr() const { return "(string)"; } +- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx); ++ virtual std::string getTypeDescr() const { return "(string)"; } ++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx); + + bool set(std::string v) { value_set=true; value=v; return true; } + +@@ -201,10 +201,10 @@ + virtual bool has_default() const { return default_set; } + + void set_default(int v) { default_value=v; default_set=true; } +- virtual LIBDE265_API std::string get_default_string() const; ++ virtual std::string get_default_string() const; + +- virtual LIBDE265_API std::string getTypeDescr() const; +- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx); ++ virtual std::string getTypeDescr() const; ++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx); + + bool set(int v) { + if (is_valid(v)) { value_set=true; value=v; return true; } +@@ -239,7 +239,7 @@ + virtual std::vector get_choice_names() const = 0; + + virtual std::string getTypeDescr() const; +- virtual LIBDE265_API bool processCmdLineArguments(char** argv, int* argc, int idx); ++ virtual bool processCmdLineArguments(char** argv, int* argc, int idx); + + const char** get_choices_string_table() const; + +@@ -368,10 +368,10 @@ + config_parameters() : param_string_table(NULL) { } + ~config_parameters() { delete[] param_string_table; } + +- void LIBDE265_API add_option(option_base* o); ++ void add_option(option_base* o); + +- void LIBDE265_API print_params() const; +- bool LIBDE265_API parse_command_line_params(int* argc, char** argv, int* first_idx=NULL, ++ void print_params() const; ++ bool parse_command_line_params(int* argc, char** argv, int* first_idx=NULL, + bool ignore_unknown_options=false); + + +--- a/libde265/quality.h ++++ b/libde265/quality.h +@@ -26,11 +26,11 @@ + #include + + +-LIBDE265_API uint32_t SSD(const uint8_t* img, int imgStride, ++uint32_t SSD(const uint8_t* img, int imgStride, + const uint8_t* ref, int refStride, + int width, int height); + +-LIBDE265_API uint32_t SAD(const uint8_t* img, int imgStride, ++uint32_t SAD(const uint8_t* img, int imgStride, + const uint8_t* ref, int refStride, + int width, int height); + +@@ -41,7 +41,7 @@ + LIBDE265_API double PSNR(double mse); + + +-LIBDE265_API uint32_t compute_distortion_ssd(const de265_image* img1, const de265_image* img2, ++uint32_t compute_distortion_ssd(const de265_image* img1, const de265_image* img2, + int x0, int y0, int log2size, int cIdx); + + #endif diff --git a/patches/series b/patches/series new file mode 100644 index 0000000..e4bde82 --- /dev/null +++ b/patches/series @@ -0,0 +1,9 @@ +only_export_decoder_api.patch +disable_tools.patch +ffmpeg_2.9.patch +CVE-2020-21599.patch +CVE-2021-35452.patch +CVE-2021-36408.patch +CVE-2021-36409.patch +CVE-2021-36410.patch +CVE-2021-36411.patch diff --git a/rules b/rules new file mode 100755 index 0000000..c7ce6f7 --- /dev/null +++ b/rules @@ -0,0 +1,16 @@ +#!/usr/bin/make -f +#export DH_VERBOSE=1 + +%: + dh $@ + +override_dh_auto_install: + dh_auto_install + cd $(CURDIR)/debian/tmp/usr/bin/ && mv dec265 libde265-dec265 + if [ -e "$(CURDIR)/debian/tmp/usr/bin/sherlock265" ]; then \ + cd $(CURDIR)/debian/tmp/usr/bin/ && mv sherlock265 \ + libde265-sherlock265; \ + fi + +override_dh_strip: + dh_strip --ddeb-migration='libde265-dbg (<< 1.0.2-2~)' diff --git a/source/format b/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/watch b/watch new file mode 100644 index 0000000..1f72711 --- /dev/null +++ b/watch @@ -0,0 +1,4 @@ +version=3 +opts=filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/libde265-$1\.tar\.gz/,\ +downloadurlmangle=s/.+\/v?(\d\S*)\.tar\.gz/https:\/\/github\.com\/strukturag\/libde265\/releases\/download\/v$1\/libde265-$1\.tar\.gz/ \ + https://github.com/strukturag/libde265/tags .*/v?(\d\S*)\.tar\.gz -- 2.30.2