diff options
Diffstat (limited to 'external/poky/meta/recipes-multimedia/libvorbis')
4 files changed, 145 insertions, 0 deletions
diff --git a/external/poky/meta/recipes-multimedia/libvorbis/libvorbis/0001-configure-Check-for-clang.patch b/external/poky/meta/recipes-multimedia/libvorbis/libvorbis/0001-configure-Check-for-clang.patch new file mode 100644 index 00000000..b06029b9 --- /dev/null +++ b/external/poky/meta/recipes-multimedia/libvorbis/libvorbis/0001-configure-Check-for-clang.patch @@ -0,0 +1,56 @@ +From d619ccf6c11ab574466914c57994a82fb99401af Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 22 Mar 2017 16:06:55 +0000 +Subject: [PATCH] configure: Check for clang + +Disable gcc specific options if using clang + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- +Upstream-Status: Pending + + configure.ac | 19 +++++++++++++++++-- + 1 file changed, 17 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 28b0a14..2d4e984 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -98,6 +98,16 @@ AC_ARG_ENABLE(examples, + + AM_CONDITIONAL(BUILD_EXAMPLES, [test "x$enable_examples" = xyes]) + ++AC_MSG_CHECKING([whether C compiler is clang]) ++$CC -x c /dev/null -dM -E > conftest.txt 2>&1 ++if grep "__clang__" conftest.txt >/dev/null 2>&1; then ++ AC_SUBST([CC_CLANG], [1]) ++ AC_MSG_RESULT([yes]) ++ else ++ AC_SUBST([CC_CLANG], [0]) ++ AC_MSG_RESULT([no]) ++fi ++ + dnl -------------------------------------------------- + dnl Set build flags based on environment + dnl -------------------------------------------------- +@@ -132,10 +142,15 @@ else + AC_MSG_RESULT([$GCC_VERSION]) + case $host in + *86-*-linux*) ++ if test "$CC_CLANG" = "1"; then ++ ieeefp="" ++ else ++ ieefp="-mno-ieee-fp" ++ fi + DEBUG="-g -Wall -Wextra -D_REENTRANT -D__NO_MATH_INLINES -fsigned-char" +- CFLAGS="-O3 -Wall -Wextra -ffast-math -mno-ieee-fp -D_REENTRANT -fsigned-char" ++ CFLAGS="-O3 -Wall -Wextra -ffast-math -D_REENTRANT -fsigned-char ${ieefp}" + # PROFILE="-Wall -Wextra -pg -g -O3 -ffast-math -D_REENTRANT -fsigned-char -fno-inline -static" +- PROFILE="-Wall -Wextra -pg -g -O3 -ffast-math -mno-ieee-fp -D_REENTRANT -fsigned-char -fno-inline" ++ PROFILE="-Wall -Wextra -pg -g -O3 -ffast-math ${ieefp} -D_REENTRANT -fsigned-char -fno-inline" + + # glibc < 2.1.3 has a serious FP bug in the math inline header + # that will cripple Vorbis. Look to see if the magic FP stack +-- +2.17.0 + diff --git a/external/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch b/external/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch new file mode 100644 index 00000000..b7603c3b --- /dev/null +++ b/external/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch @@ -0,0 +1,34 @@ +From 018ca26dece618457dd13585cad52941193c4a25 Mon Sep 17 00:00:00 2001 +From: Thomas Daede <daede003@umn.edu> +Date: Wed, 9 May 2018 14:56:59 -0700 +Subject: [PATCH] CVE-2017-14160: fix bounds check on very low sample rates. + +--- +CVE: CVE-2017-14160 CVE-2018-10393 + +Upstream-Status: Backport [gitlab.com/Xiph.Org/Vorbis/Commits/018ca26d...] + +Signed-off-by: Joe Slater <joe.slater@windriver.com> +--- +--- + lib/psy.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/lib/psy.c b/lib/psy.c +index 422c6f1..1310123 100644 +--- a/lib/psy.c ++++ b/lib/psy.c +@@ -602,8 +602,9 @@ static void bark_noise_hybridmp(int n,const long *b, + for (i = 0, x = 0.f;; i++, x += 1.f) { + + lo = b[i] >> 16; +- if( lo>=0 ) break; + hi = b[i] & 0xffff; ++ if( lo>=0 ) break; ++ if( hi>=n ) break; + + tN = N[hi] + N[-lo]; + tX = X[hi] - X[-lo]; +-- +1.7.9.5 + diff --git a/external/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-10392.patch b/external/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-10392.patch new file mode 100644 index 00000000..b7936b4b --- /dev/null +++ b/external/poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-10392.patch @@ -0,0 +1,34 @@ +From 112d3bd0aaacad51305e1464d4b381dabad0e88b Mon Sep 17 00:00:00 2001 +From: Thomas Daede <daede003@umn.edu> +Date: Thu, 17 May 2018 16:19:19 -0700 +Subject: [PATCH] Sanity check number of channels in setup. + +Fixes #2335. + +--- +CVE: CVE-2018-10392 + +Upstream-Status: Backport [gitlab.com/Xiph.Org/Vorbis/Commits/112d3bd...] + +Signed-off-by: Joe Slater <joe.slater@windriver.com> +--- + + lib/vorbisenc.c | 1 + + 1 file changed, 1 insertion(+) + + +diff --git a/lib/vorbisenc.c b/lib/vorbisenc.c +index 4fc7b62..64a51b5 100644 +--- a/lib/vorbisenc.c ++++ b/lib/vorbisenc.c +@@ -684,6 +684,7 @@ int vorbis_encode_setup_init(vorbis_info *vi){ + highlevel_encode_setup *hi=&ci->hi; + + if(ci==NULL)return(OV_EINVAL); ++ if(vi->channels<1||vi->channels>255)return(OV_EINVAL); + if(!hi->impulse_block_p)i0=1; + + /* too low/high an ATH floater is nonsensical, but doesn't break anything */ +-- +1.7.9.5 + diff --git a/external/poky/meta/recipes-multimedia/libvorbis/libvorbis_1.3.6.bb b/external/poky/meta/recipes-multimedia/libvorbis/libvorbis_1.3.6.bb new file mode 100644 index 00000000..cbda6dc2 --- /dev/null +++ b/external/poky/meta/recipes-multimedia/libvorbis/libvorbis_1.3.6.bb @@ -0,0 +1,21 @@ +SUMMARY = "Ogg Vorbis Audio Codec" +DESCRIPTION = "Ogg Vorbis is a high-quality lossy audio codec \ +that is free of intellectual property restrictions. libvorbis \ +is the main vorbis codec library." +HOMEPAGE = "http://www.vorbis.com/" +BUGTRACKER = "https://trac.xiph.org" +SECTION = "libs" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=70c7063491d2d9f76a098d62ed5134f1 \ + file://include/vorbis/vorbisenc.h;beginline=1;endline=11;md5=d1c1d138863d6315131193d4046d81cb" +DEPENDS = "libogg" + +SRC_URI = "http://downloads.xiph.org/releases/vorbis/${BP}.tar.xz \ + file://0001-configure-Check-for-clang.patch \ + file://CVE-2018-10392.patch \ + file://CVE-2017-14160.patch \ + " +SRC_URI[md5sum] = "b7d1692f275c73e7833ed1cc2697cd65" +SRC_URI[sha256sum] = "af00bb5a784e7c9e69f56823de4637c350643deedaf333d0fa86ecdba6fcb415" + +inherit autotools pkgconfig |