Hello community, here is the log from the commit of package libvdpau for openSUSE:Factory checked in at 2015-09-11 09:02:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libvdpau (Old) and /work/SRC/openSUSE:Factory/.libvdpau.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libvdpau" Changes: -------- --- /work/SRC/openSUSE:Factory/libvdpau/libvdpau.changes 2015-03-19 20:50:37.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libvdpau.new/libvdpau.changes 2015-09-11 09:02:55.000000000 +0200 @@ -1,0 +2,37 @@ +Mon Sep 7 10:24:35 UTC 2015 - [email protected] + +- replaced u_src-mesa_dri2.c-define-_GNU_SOURCE.patch with upstream + U_Add_missing_include_of_config_h_to_define_GNU_SOURCE.patch + +------------------------------------------------------------------- +Wed Sep 2 13:03:40 UTC 2015 - [email protected] + +- added missing BuildRequires for pkgconfig(dri2proto) +- u_src-mesa_dri2.c-define-_GNU_SOURCE.patch + * Without having defined _GNU_SOURCE __USE_GNU isn't defined + either. Though secure_getenv() in stdlib.h isn't declared. + +------------------------------------------------------------------- +Tue Sep 1 14:02:11 UTC 2015 - [email protected] + +- Update libvdpau to version 1.1.1 (bnc#943967,#943968,#943969) + libvdpau versions 1.1 and earlier, when used in setuid or setgid + applications, contain vulnerabilities related to environment + variable handling that could allow an attacker to execute + arbitrary code or overwrite arbitrary files. See CVE-2015-5198, + CVE-2015-5199, and CVE-2015-5200 for more details. + + This release uses the secure_getenv() function, when available, + to fix these problems. The updated libvdpau will instead use a + fallback implementation of secure_getenv() when the platform + doesn't provide one. + + If you use the NVIDIA .run installer packages, please see + https://devtalk.nvidia.com/default/topic/873035 for additional + information. + + This release also adds tracing of HEVC picture structures to + libvdpau_trace. +- supersedes patch: libvdpau-nopdftex.patch + +------------------------------------------------------------------- Old: ---- libvdpau-1.1.tar.bz2 libvdpau-nopdftex.patch New: ---- U_Add_missing_include_of_config_h_to_define_GNU_SOURCE.patch libvdpau-1.1.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libvdpau.spec ++++++ --- /var/tmp/diff_new_pack.OEfV6o/_old 2015-09-11 09:02:56.000000000 +0200 +++ /var/tmp/diff_new_pack.OEfV6o/_new 2015-09-11 09:02:56.000000000 +0200 @@ -17,7 +17,7 @@ Name: libvdpau -Version: 1.1 +Version: 1.1.1 Release: 0 Summary: VDPAU wrapper and trace libraries License: MIT @@ -28,8 +28,7 @@ Source2: README Source99: baselibs.conf Source100: %{name}-rpmlintrc -# PATCH-FIX-OPENSUSE libvdpau-nopdftex.patch -- don't requires pdftex for building -Patch1: libvdpau-nopdftex.patch +Patch0: U_Add_missing_include_of_config_h_to_define_GNU_SOURCE.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: doxygen @@ -38,6 +37,7 @@ BuildRequires: graphviz BuildRequires: libtool BuildRequires: pkgconfig +BuildRequires: pkgconfig(dri2proto) BuildRequires: pkgconfig(x11) BuildRequires: pkgconfig(xext) BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -85,7 +85,7 @@ %prep %setup -q -b1 -%patch1 -p1 +%patch0 -p1 %build autoreconf -fi ++++++ U_Add_missing_include_of_config_h_to_define_GNU_SOURCE.patch ++++++ >From b9905906439d84ee8e99c648ca2383c32c057c68 Mon Sep 17 00:00:00 2001 From: Rico Tzschichholz <[email protected]> Date: Tue, 1 Sep 2015 10:45:11 +0200 Subject: [PATCH] mesa_dri2: Add missing include of config.h to define _GNU_SOURCE Fix build with -Wimplicit-function-declaration while secure_getenv() is guarded by __USE_GNU. --- src/mesa_dri2.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/mesa_dri2.c b/src/mesa_dri2.c index 51e8794..420ccee 100644 --- a/src/mesa_dri2.c +++ b/src/mesa_dri2.c @@ -33,6 +33,9 @@ * and José Hiram Soltren ([email protected]) */ +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif #define NEED_REPLIES #include <X11/Xlibint.h> -- 2.5.0 ++++++ libvdpau-1.1.tar.bz2 -> libvdpau-1.1.1.tar.bz2 ++++++ ++++ 6490 lines of diff (skipped) ++++ retrying with extended exclude list diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/ChangeLog new/libvdpau-1.1.1/ChangeLog --- old/libvdpau-1.1/ChangeLog 2015-03-16 22:31:43.000000000 +0100 +++ new/libvdpau-1.1.1/ChangeLog 2015-08-31 23:00:32.000000000 +0200 @@ -1,3 +1,113 @@ +commit af517f56d64118520aa0c8456318dd9ec3307e94 +Author: Aaron Plattner <[email protected]> +Date: Mon Aug 31 13:59:50 2015 -0700 + + Bump version to 1.1.1 + + Signed-off-by: Aaron Plattner <[email protected]> + +commit d1f9c16b1a8187110e501c9116d21ffee25c0ba4 +Author: José Hiram Soltren <[email protected]> +Date: Mon Aug 17 16:01:44 2015 -0500 + + Use secure_getenv(3) to improve security + + This patch is in response to the following security vulnerabilities + (CVEs) reported to NVIDIA against libvdpau: + + CVE-2015-5198 + CVE-2015-5199 + CVE-2015-5200 + + To address these CVEs, this patch: + + - replaces all uses of getenv(3) with secure_getenv(3); + - uses secure_getenv(3) when available, with a fallback option; + - protects VDPAU_DRIVER against directory traversal by checking for '/' + + On platforms where secure_getenv(3) is not available, the C preprocessor + will print a warning at compile time. Then, a preprocessor macro will + replace secure_getenv(3) with our getenv_wrapper(), which utilizes the check: + + getuid() == geteuid() && getgid() == getegid() + + See getuid(2) and getgid(2) for further details. + + Signed-off-by: Aaron Plattner <[email protected]> + Reviewed-by: Florian Weimer <[email protected]> + +commit 47fd4e8ec55e37f9d9e7583090f35929bfe63937 +Author: Bibhuti Prusty <[email protected]> +Date: Mon May 11 17:26:17 2015 +0000 + + Add tracing for HEVC picture info + + Signed-off-by: Bibhuti Bhushan Prusty <[email protected]> + Reviewed-by: José Hiram Soltren <[email protected]> + Signed-off-by: Aaron Plattner <[email protected]> + +commit 77e9c3456ab0cd2190381754ca6f82e3710b67a9 +Author: José Hiram Soltren <[email protected]> +Date: Thu Apr 23 15:43:21 2015 -0500 + + Fix Doxygen typo: s/no queued/not queued/ + + Signed-off-by: Aaron Plattner <[email protected]> + Reviewed-by: Robert Morell <[email protected]> + +commit 3b3bf77ad67957be69b76c1c94dce981d75c4e9a +Author: Emil Velikov <[email protected]> +Date: Wed Mar 18 23:50:31 2015 +0000 + + autogen.sh: update/copy over from mesa + + This commit addresses three concerns: + - Places quotes around variables. Otherwise things will fail badly if + either one of then contains space. + - Adds --force to autoreconf, which will ensure that the build is + regenerated, if one updates autotools. + - Honours the NOCONFIGURE variable, which is set by gnome-continuous + (iirc). + + Signed-off-by: Emil Velikov <[email protected]> + Signed-off-by: Aaron Plattner <[email protected]> + +commit e4681ab2b71638a48fc857669903f7ac7ec8b3cb +Author: Emil Velikov <[email protected]> +Date: Wed Mar 18 23:50:30 2015 +0000 + + configure.ac: remove AM_MAINTAINER_MODE + + Using this macro can lead to various security issues, as pointed out in + the automake manual. Follow the example set by most X components and + remove it from the build. + + Signed-off-by: Emil Velikov <[email protected]> + Reviewed-by: Aaron Plattner <[email protected]> + Signed-off-by: Aaron Plattner <[email protected]> + +commit 19b9af8db20a1d3db882647e95682f46ecdf266e +Author: Emil Velikov <[email protected]> +Date: Wed Mar 18 23:50:29 2015 +0000 + + .gitignore: add compile + + Yet another artefact from the autotools buildsystem. + + Signed-off-by: Emil Velikov <[email protected]> + Reviewed-by: Aaron Plattner <[email protected]> + Signed-off-by: Aaron Plattner <[email protected]> + +commit 01e45a95380aafc9ea2d3662114dbde7146a8fc8 +Author: Aaron Plattner <[email protected]> +Date: Sat Feb 7 11:45:19 2015 -0800 + + Remove pdflatex dependency + + PDF documentation isn't enabled, so pdflatex isn't used. + + Signed-off-by: Aaron Plattner <[email protected]> + commit 0962da95cdf1d87a883d1d0db7d2697d6d103348 Author: Aaron Plattner <[email protected]> Date: Mon Mar 16 14:31:31 2015 -0700 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/TODO new/libvdpau-1.1.1/TODO --- old/libvdpau-1.1/TODO 2014-12-10 17:59:42.000000000 +0100 +++ new/libvdpau-1.1.1/TODO 1970-01-01 01:00:00.000000000 +0100 @@ -1,4 +0,0 @@ -libvdpau-0.9 blockers: -New profiles (Re: [VDPAU] [PATCH] Add support for Hi444PP in VDPAU API) -slice offset support -Hi444PP diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/autogen.sh new/libvdpau-1.1.1/autogen.sh --- old/libvdpau-1.1/autogen.sh 2012-12-14 17:50:42.000000000 +0100 +++ new/libvdpau-1.1.1/autogen.sh 2015-05-11 21:53:46.000000000 +0200 @@ -1,12 +1,14 @@ #! /bin/sh -srcdir=`dirname $0` +srcdir=`dirname "$0"` test -z "$srcdir" && srcdir=. ORIGDIR=`pwd` -cd $srcdir +cd "$srcdir" -autoreconf -v --install || exit 1 -cd $ORIGDIR || exit $? +autoreconf --force --verbose --install || exit 1 +cd "$ORIGDIR" || exit $? -$srcdir/configure --enable-maintainer-mode "$@" +if test -z "$NOCONFIGURE"; then + "$srcdir"/configure "$@" +fi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/compile new/libvdpau-1.1.1/compile --- old/libvdpau-1.1/compile 2014-12-19 18:33:35.000000000 +0100 +++ new/libvdpau-1.1.1/compile 2015-08-31 23:00:08.000000000 +0200 @@ -3,7 +3,7 @@ scriptversion=2012-10-14.11; # UTC -# Copyright (C) 1999-2013 Free Software Foundation, Inc. +# Copyright (C) 1999-2014 Free Software Foundation, Inc. # Written by Tom Tromey <[email protected]>. # # This program is free software; you can redistribute it and/or modify diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/config.h.in new/libvdpau-1.1.1/config.h.in --- old/libvdpau-1.1/config.h.in 2015-03-16 22:31:43.000000000 +0100 +++ new/libvdpau-1.1.1/config.h.in 2015-08-31 23:00:07.000000000 +0200 @@ -12,6 +12,9 @@ /* Define to 1 if you have the <memory.h> header file. */ #undef HAVE_MEMORY_H +/* Define to 1 if you have the `secure_getenv' function. */ +#undef HAVE_SECURE_GETENV + /* Define to 1 if you have the <stdint.h> header file. */ #undef HAVE_STDINT_H @@ -33,6 +36,9 @@ /* Define to 1 if you have the <unistd.h> header file. */ #undef HAVE_UNISTD_H +/* Define to 1 if you have the `__secure_getenv' function. */ +#undef HAVE___SECURE_GETENV + /* Define to the sub-directory where libtool stores uninstalled libraries. */ #undef LT_OBJDIR @@ -60,5 +66,37 @@ /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS +/* Enable extensions on AIX 3, Interix. */ +#ifndef _ALL_SOURCE +# undef _ALL_SOURCE +#endif +/* Enable GNU extensions on systems that have them. */ +#ifndef _GNU_SOURCE +# undef _GNU_SOURCE +#endif +/* Enable threading extensions on Solaris. */ +#ifndef _POSIX_PTHREAD_SEMANTICS +# undef _POSIX_PTHREAD_SEMANTICS +#endif +/* Enable extensions on HP NonStop. */ +#ifndef _TANDEM_SOURCE +# undef _TANDEM_SOURCE +#endif +/* Enable general extensions on Solaris. */ +#ifndef __EXTENSIONS__ +# undef __EXTENSIONS__ +#endif + + /* Version number of package */ #undef VERSION + +/* Define to 1 if on MINIX. */ +#undef _MINIX + +/* Define to 2 if the system does not provide POSIX.1 features except with + this defined. */ +#undef _POSIX_1_SOURCE + +/* Define to 1 if you need to in order for `stat' and other things to work. */ +#undef _POSIX_SOURCE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/configure.ac new/libvdpau-1.1.1/configure.ac --- old/libvdpau-1.1/configure.ac 2015-03-16 22:31:19.000000000 +0100 +++ new/libvdpau-1.1.1/configure.ac 2015-08-31 22:59:37.000000000 +0200 @@ -1,11 +1,14 @@ AC_PREREQ(2.60) -AC_INIT(libvdpau, 1.1, [[email protected]], libvdpau) +AC_INIT(libvdpau, 1.1.1, [[email protected]], libvdpau) AM_INIT_AUTOMAKE([dist-bzip2 foreign]) -AM_MAINTAINER_MODE AC_CONFIG_HEADERS(config.h) +# Check for secure_getenv +AC_USE_SYSTEM_EXTENSIONS +AC_CHECK_FUNCS([__secure_getenv secure_getenv]) + # Disable static libraries by default. Use --enable-static if you really want # them. AC_DISABLE_STATIC @@ -56,11 +59,9 @@ if test "x$DOCS" != xno; then AC_CHECK_TOOL([DOXYGEN], [doxygen], [no]) AC_CHECK_TOOL([DOT], [dot], [no]) - AC_CHECK_TOOL([PDFTEX], [pdftex], [no]) else DOXYGEN=no DOT=no - PDFTEX=no fi if test "x$DOCS" = xyes; then if test "x$DOXYGEN" = xno; then @@ -69,11 +70,8 @@ if test "x$DOT" = xno; then AC_ERROR([Documentation enabled but dot was not found in your path. Please install graphviz]) fi - if test "x$PDFTEX" = xno; then - AC_ERROR([Documentation enabled but pdftex was not found in your path]) - fi fi -AM_CONDITIONAL([ENABLE_DOCS], [test "x$DOXYGEN" != xno -a "x$DOT" != xno -a "x$PDFTEX" != xno]) +AM_CONDITIONAL([ENABLE_DOCS], [test "x$DOXYGEN" != xno -a "x$DOT" != xno]) AC_SUBST(DOXYGEN) # Options diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/include/vdpau/vdpau.h new/libvdpau-1.1.1/include/vdpau/vdpau.h --- old/libvdpau-1.1/include/vdpau/vdpau.h 2015-03-16 20:15:04.000000000 +0100 +++ new/libvdpau-1.1.1/include/vdpau/vdpau.h 2015-05-11 21:55:31.000000000 +0200 @@ -4344,7 +4344,7 @@ * \brief The status of a surface within a presentation queue. */ typedef enum { - /** The surface is no queued or currently visible. */ + /** The surface is not queued or currently visible. */ VDP_PRESENTATION_QUEUE_STATUS_IDLE, /** The surface is in the queue, and not currently visible. */ VDP_PRESENTATION_QUEUE_STATUS_QUEUED, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/missing new/libvdpau-1.1.1/missing --- old/libvdpau-1.1/missing 2014-12-19 18:33:35.000000000 +0100 +++ new/libvdpau-1.1.1/missing 2015-08-31 23:00:08.000000000 +0200 @@ -3,7 +3,7 @@ scriptversion=2013-10-28.13; # UTC -# Copyright (C) 1996-2013 Free Software Foundation, Inc. +# Copyright (C) 1996-2014 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard <[email protected]>, 1996. # This program is free software; you can redistribute it and/or modify diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/src/Makefile.am new/libvdpau-1.1.1/src/Makefile.am --- old/libvdpau-1.1/src/Makefile.am 2014-11-05 01:17:39.000000000 +0100 +++ new/libvdpau-1.1.1/src/Makefile.am 2015-08-31 22:53:02.000000000 +0200 @@ -9,6 +9,7 @@ libvdpau_la_SOURCES = \ vdpau_wrapper.c \ + util.h \ $(DRI2_SOURCES) if DRI2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/src/mesa_dri2.c new/libvdpau-1.1.1/src/mesa_dri2.c --- old/libvdpau-1.1/src/mesa_dri2.c 2013-07-26 07:09:55.000000000 +0200 +++ new/libvdpau-1.1.1/src/mesa_dri2.c 2015-08-31 22:53:02.000000000 +0200 @@ -1,6 +1,6 @@ /* * Copyright © 2008 Red Hat, Inc. - * Copyright © 2010 NVIDIA Corporation + * Copyright © 2010-2015 NVIDIA Corporation * * Permission is hereby granted, free of charge, to any person obtaining a * copy of this software and associated documentation files (the "Soft- @@ -30,6 +30,7 @@ * Authors: * Kristian Høgsberg ([email protected]) * Modified for VDPAU by Aaron Plattner ([email protected]) + * and José Hiram Soltren ([email protected]) */ @@ -39,6 +40,7 @@ #include <X11/extensions/extutil.h> #include <X11/extensions/dri2proto.h> #include "mesa_dri2.h" +#include "util.h" static char dri2ExtensionName[] = DRI2_NAME; static XExtensionInfo *dri2Info; @@ -130,7 +132,7 @@ req->driverType = DRI2DriverVDPAU; #ifdef DRI2DriverPrimeShift { - char *prime = getenv("DRI_PRIME"); + char *prime = secure_getenv("DRI_PRIME"); if (prime) { unsigned int primeid; errno = 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/src/util.h new/libvdpau-1.1.1/src/util.h --- old/libvdpau-1.1/src/util.h 1970-01-01 01:00:00.000000000 +0100 +++ new/libvdpau-1.1.1/src/util.h 2015-08-31 22:55:58.000000000 +0200 @@ -0,0 +1,48 @@ +/* + * Copyright (c) 2015 NVIDIA Corporation + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice (including the next + * paragraph) shall be included in all copies or substantial portions of the + * Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <unistd.h> +#include <stdlib.h> + +static char * getenv_wrapper(const char *name) +{ + if (getuid() == geteuid() && getgid() == getegid()) { + return getenv(name); + } + else { + return NULL; + } +} + +#ifndef HAVE_SECURE_GETENV +# ifdef HAVE___SECURE_GETENV +# define secure_getenv __secure_getenv +# else +# warning Neither secure_getenv nor __secure_getenv is available. +# define secure_getenv getenv_wrapper +# endif +#endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/src/vdpau_wrapper.c new/libvdpau-1.1.1/src/vdpau_wrapper.c --- old/libvdpau-1.1/src/vdpau_wrapper.c 2014-11-05 01:17:39.000000000 +0100 +++ new/libvdpau-1.1.1/src/vdpau_wrapper.c 2015-08-31 22:58:46.000000000 +0200 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008-2009 NVIDIA, Corporation + * Copyright (c) 2008-2015 NVIDIA Corporation * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -37,6 +37,7 @@ #include "mesa_dri2.h" #include <X11/Xlib.h> #endif +#include "util.h" typedef void SetDllHandle( void * driver_dll_handle @@ -117,7 +118,12 @@ char const * vdpau_trace; char const * func_name; - vdpau_driver = getenv("VDPAU_DRIVER"); + vdpau_driver = secure_getenv("VDPAU_DRIVER"); + if (vdpau_driver) { + if (strchr(vdpau_driver, '/')) { + vdpau_driver = NULL; + } + } if (!vdpau_driver) { vdpau_driver = vdpau_driver_dri2 = _vdp_get_driver_name_from_dri2(display, screen); @@ -126,15 +132,13 @@ vdpau_driver = "nvidia"; } - if (geteuid() == getuid()) { - /* don't allow setuid apps to use VDPAU_DRIVER_PATH */ - vdpau_driver_path = getenv("VDPAU_DRIVER_PATH"); - if (vdpau_driver_path && - snprintf(vdpau_driver_lib, sizeof(vdpau_driver_lib), - DRIVER_LIB_FORMAT, vdpau_driver_path, vdpau_driver) < - sizeof(vdpau_driver_lib)) { - _vdp_driver_dll = dlopen(vdpau_driver_lib, RTLD_NOW | RTLD_GLOBAL); - } + /* Don't allow setuid apps to use VDPAU_DRIVER_PATH */ + vdpau_driver_path = secure_getenv("VDPAU_DRIVER_PATH"); + if (vdpau_driver_path && + snprintf(vdpau_driver_lib, sizeof(vdpau_driver_lib), + DRIVER_LIB_FORMAT, vdpau_driver_path, vdpau_driver) < + sizeof(vdpau_driver_lib)) { + _vdp_driver_dll = dlopen(vdpau_driver_lib, RTLD_NOW | RTLD_GLOBAL); } /* Fallback to VDPAU_MODULEDIR when VDPAU_DRIVER_PATH is not set, @@ -177,7 +181,7 @@ _vdp_backend_dll = _vdp_driver_dll; - vdpau_trace = getenv("VDPAU_TRACE"); + vdpau_trace = secure_getenv("VDPAU_TRACE"); if (vdpau_trace && atoi(vdpau_trace)) { SetDllHandle * set_dll_handle; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/test-driver new/libvdpau-1.1.1/test-driver --- old/libvdpau-1.1/test-driver 2014-12-19 18:33:35.000000000 +0100 +++ new/libvdpau-1.1.1/test-driver 2015-08-31 23:00:08.000000000 +0200 @@ -3,7 +3,7 @@ scriptversion=2013-07-13.22; # UTC -# Copyright (C) 2011-2013 Free Software Foundation, Inc. +# Copyright (C) 2011-2014 Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -106,11 +106,14 @@ # Test script is run here. "$@" >$log_file 2>&1 estatus=$? + if test $enable_hard_errors = no && test $estatus -eq 99; then - estatus=1 + tweaked_estatus=1 +else + tweaked_estatus=$estatus fi -case $estatus:$expect_failure in +case $tweaked_estatus:$expect_failure in 0:yes) col=$red res=XPASS recheck=yes gcopy=yes;; 0:*) col=$grn res=PASS recheck=no gcopy=no;; 77:*) col=$blu res=SKIP recheck=no gcopy=yes;; @@ -119,6 +122,12 @@ *:*) col=$red res=FAIL recheck=yes gcopy=yes;; esac +# Report the test outcome and exit status in the logs, so that one can +# know whether the test passed or failed simply by looking at the '.log' +# file, without the need of also peaking into the corresponding '.trs' +# file (automake bug#11814). +echo "$res $test_name (exit status: $estatus)" >>$log_file + # Report outcome to console. echo "${col}${res}${std}: $test_name" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libvdpau-1.1/trace/vdpau_trace.cpp new/libvdpau-1.1.1/trace/vdpau_trace.cpp --- old/libvdpau-1.1/trace/vdpau_trace.cpp 2014-09-24 19:25:11.000000000 +0200 +++ new/libvdpau-1.1.1/trace/vdpau_trace.cpp 2015-08-31 22:58:21.000000000 +0200 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008-2009 NVIDIA, Corporation + * Copyright (c) 2008-2015 NVIDIA Corporation * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -31,6 +31,8 @@ #include <string.h> #include <vdpau/vdpau_x11.h> +#include "../src/util.h" + #define _VDP_TRACE_ARSIZE(_x_) ((sizeof (_x_)) / (sizeof ((_x_)[0]))) #if DEBUG @@ -483,6 +485,243 @@ fputs("}}", _vdp_cap_data.fp); } break; + case VDP_DECODER_PROFILE_HEVC_MAIN: + case VDP_DECODER_PROFILE_HEVC_MAIN_10: + case VDP_DECODER_PROFILE_HEVC_MAIN_STILL: + case VDP_DECODER_PROFILE_HEVC_MAIN_12: + case VDP_DECODER_PROFILE_HEVC_MAIN_444: + { + VdpPictureInfoHEVC const * picture_info_hevc = + (VdpPictureInfoHEVC const *)picture_info; + + fprintf( + _vdp_cap_data.fp, + "{%u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, {", + (uint32_t)picture_info_hevc->chroma_format_idc, + (uint32_t)picture_info_hevc->separate_colour_plane_flag, + (uint32_t)picture_info_hevc->pic_width_in_luma_samples, + (uint32_t)picture_info_hevc->pic_height_in_luma_samples, + (uint32_t)picture_info_hevc->bit_depth_luma_minus8, + (uint32_t)picture_info_hevc->bit_depth_chroma_minus8, + (uint32_t)picture_info_hevc->log2_max_pic_order_cnt_lsb_minus4, + (uint32_t)picture_info_hevc->sps_max_dec_pic_buffering_minus1, + (uint32_t)picture_info_hevc->log2_min_luma_coding_block_size_minus3, + (uint32_t)picture_info_hevc->log2_diff_max_min_luma_coding_block_size, + (uint32_t)picture_info_hevc->log2_min_transform_block_size_minus2, + (uint32_t)picture_info_hevc->log2_diff_max_min_transform_block_size, + (uint32_t)picture_info_hevc->max_transform_hierarchy_depth_inter, + (uint32_t)picture_info_hevc->max_transform_hierarchy_depth_intra, + (uint32_t)picture_info_hevc->scaling_list_enabled_flag + ); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->ScalingList4x4); ++i) { + fputs((i == 0) ? "{" : "}, {", _vdp_cap_data.fp); + for (uint32_t j = 0; j < _VDP_TRACE_ARSIZE(picture_info_hevc->ScalingList4x4[0]); ++j) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (j == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->ScalingList4x4[i][j] + ); + } + } + fputs("}}, {", _vdp_cap_data.fp); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->ScalingList8x8); ++i) { + fputs((i == 0) ? "{" : "}, {", _vdp_cap_data.fp); + for (uint32_t j = 0; j < _VDP_TRACE_ARSIZE(picture_info_hevc->ScalingList8x8[0]); ++j) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (j == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->ScalingList8x8[i][j] + ); + } + } + fputs("}}, {", _vdp_cap_data.fp); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->ScalingList16x16); ++i) { + fputs((i == 0) ? "{" : "}, {", _vdp_cap_data.fp); + for (uint32_t j = 0; j < _VDP_TRACE_ARSIZE(picture_info_hevc->ScalingList16x16[0]); ++j) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (j == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->ScalingList16x16[i][j] + ); + } + } + fputs("}}, {", _vdp_cap_data.fp); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->ScalingList32x32); ++i) { + fputs((i == 0) ? "{" : "}, {", _vdp_cap_data.fp); + for (uint32_t j = 0; j < _VDP_TRACE_ARSIZE(picture_info_hevc->ScalingList32x32[0]); ++j) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (j == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->ScalingList32x32[i][j] + ); + } + } + fputs("}}, {", _vdp_cap_data.fp); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->ScalingListDCCoeff16x16); ++i) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (i == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->ScalingListDCCoeff16x16[i] + ); + } + fputs("}, {", _vdp_cap_data.fp); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->ScalingListDCCoeff32x32); ++i) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (i == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->ScalingListDCCoeff32x32[i] + ); + } + fputs("}, ", _vdp_cap_data.fp); + fprintf( + _vdp_cap_data.fp, + "%u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %d, %u, %u, %u, %u, %d, %d, %u, %u, %u, %u, %u, %u, %u, %u, %u, {", + (uint32_t)picture_info_hevc->amp_enabled_flag, + (uint32_t)picture_info_hevc->sample_adaptive_offset_enabled_flag, + (uint32_t)picture_info_hevc->pcm_enabled_flag, + (uint32_t)picture_info_hevc->pcm_sample_bit_depth_luma_minus1, + (uint32_t)picture_info_hevc->pcm_sample_bit_depth_chroma_minus1, + (uint32_t)picture_info_hevc->log2_min_pcm_luma_coding_block_size_minus3, + (uint32_t)picture_info_hevc->log2_diff_max_min_pcm_luma_coding_block_size, + (uint32_t)picture_info_hevc->pcm_loop_filter_disabled_flag, + (uint32_t)picture_info_hevc->num_short_term_ref_pic_sets, + (uint32_t)picture_info_hevc->long_term_ref_pics_present_flag, + (uint32_t)picture_info_hevc->num_long_term_ref_pics_sps, + (uint32_t)picture_info_hevc->sps_temporal_mvp_enabled_flag, + (uint32_t)picture_info_hevc->strong_intra_smoothing_enabled_flag, + (uint32_t)picture_info_hevc->dependent_slice_segments_enabled_flag, + (uint32_t)picture_info_hevc->output_flag_present_flag, + (uint32_t)picture_info_hevc->num_extra_slice_header_bits, + (uint32_t)picture_info_hevc->sign_data_hiding_enabled_flag, + (uint32_t)picture_info_hevc->cabac_init_present_flag, + (uint32_t)picture_info_hevc->num_ref_idx_l0_default_active_minus1, + (uint32_t)picture_info_hevc->num_ref_idx_l1_default_active_minus1, + (int32_t)picture_info_hevc->init_qp_minus26, + (uint32_t)picture_info_hevc->constrained_intra_pred_flag, + (uint32_t)picture_info_hevc->transform_skip_enabled_flag, + (uint32_t)picture_info_hevc->cu_qp_delta_enabled_flag, + (uint32_t)picture_info_hevc->diff_cu_qp_delta_depth, + (int32_t)picture_info_hevc->pps_cb_qp_offset, + (int32_t)picture_info_hevc->pps_cr_qp_offset, + (uint32_t)picture_info_hevc->pps_slice_chroma_qp_offsets_present_flag, + (uint32_t)picture_info_hevc->weighted_pred_flag, + (uint32_t)picture_info_hevc->weighted_bipred_flag, + (uint32_t)picture_info_hevc->transquant_bypass_enabled_flag, + (uint32_t)picture_info_hevc->tiles_enabled_flag, + (uint32_t)picture_info_hevc->entropy_coding_sync_enabled_flag, + (uint32_t)picture_info_hevc->num_tile_columns_minus1, + (uint32_t)picture_info_hevc->num_tile_rows_minus1, + (uint32_t)picture_info_hevc->uniform_spacing_flag + ); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->column_width_minus1); ++i) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (i == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->column_width_minus1[i] + ); + } + fputs("}, {", _vdp_cap_data.fp); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->row_height_minus1); ++i) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (i == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->row_height_minus1[i] + ); + } + fputs("}, ", _vdp_cap_data.fp); + fprintf( + _vdp_cap_data.fp, + "%u, %u, %u, %u, %u, %d, %d, %u, %u, %u, %u, %u, %u, %u, %u, %u, %u, %d, {", + (uint32_t)picture_info_hevc->loop_filter_across_tiles_enabled_flag, + (uint32_t)picture_info_hevc->pps_loop_filter_across_slices_enabled_flag, + (uint32_t)picture_info_hevc->deblocking_filter_control_present_flag, + (uint32_t)picture_info_hevc->deblocking_filter_override_enabled_flag, + (uint32_t)picture_info_hevc->pps_deblocking_filter_disabled_flag, + (int32_t)picture_info_hevc->pps_beta_offset_div2, + (int32_t)picture_info_hevc->pps_tc_offset_div2, + (uint32_t)picture_info_hevc->lists_modification_present_flag, + (uint32_t)picture_info_hevc->log2_parallel_merge_level_minus2, + (uint32_t)picture_info_hevc->slice_segment_header_extension_present_flag, + (uint32_t)picture_info_hevc->IDRPicFlag, + (uint32_t)picture_info_hevc->RAPPicFlag, + (uint32_t)picture_info_hevc->CurrRpsIdx, + (uint32_t)picture_info_hevc->NumPocTotalCurr, + (uint32_t)picture_info_hevc->NumDeltaPocsOfRefRpsIdx, + (uint32_t)picture_info_hevc->NumShortTermPictureSliceHeaderBits, + (uint32_t)picture_info_hevc->NumLongTermPictureSliceHeaderBits, + (int32_t)picture_info_hevc->CurrPicOrderCntVal + ); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->RefPics); ++i) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (i == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->RefPics[i] + ); + } + fputs("}, {", _vdp_cap_data.fp); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->PicOrderCntVal); ++i) { + fprintf( + _vdp_cap_data.fp, + "%s%d", + (i == 0) ? "" : ", ", + (int32_t)picture_info_hevc->PicOrderCntVal[i] + ); + } + fputs("}, {", _vdp_cap_data.fp); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->IsLongTerm); ++i) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (i == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->IsLongTerm[i] + ); + } + fputs("}, ", _vdp_cap_data.fp); + fprintf( + _vdp_cap_data.fp, + "%u, %u, %u, {", + (uint32_t)picture_info_hevc->NumPocStCurrBefore, + (uint32_t)picture_info_hevc->NumPocStCurrAfter, + (uint32_t)picture_info_hevc->NumPocLtCurr + ); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->RefPicSetStCurrBefore); ++i) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (i == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->RefPicSetStCurrBefore[i] + ); + } + fputs("}, {", _vdp_cap_data.fp); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->RefPicSetStCurrAfter); ++i) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (i == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->RefPicSetStCurrAfter[i] + ); + } + fputs("}, {", _vdp_cap_data.fp); + for (uint32_t i = 0; i < _VDP_TRACE_ARSIZE(picture_info_hevc->RefPicSetLtCurr); ++i) { + fprintf( + _vdp_cap_data.fp, + "%s%u", + (i == 0) ? "" : ", ", + (uint32_t)picture_info_hevc->RefPicSetLtCurr[i] + ); + } + fputs("}}", _vdp_cap_data.fp); + } + break; default: fputs("{...}", _vdp_cap_data.fp); break; @@ -4558,13 +4797,13 @@ } else { _vdp_cap_data.level = 0; - char const * vdpau_trace = getenv("VDPAU_TRACE"); + char const * vdpau_trace = secure_getenv("VDPAU_TRACE"); if (vdpau_trace) { _vdp_cap_data.level = atoi(vdpau_trace); } _vdp_cap_data.fp = 0; - char const * vdpau_trace_file = getenv("VDPAU_TRACE_FILE"); + char const * vdpau_trace_file = secure_getenv("VDPAU_TRACE_FILE"); if (vdpau_trace_file && strlen(vdpau_trace_file)) { if (vdpau_trace_file[0] == '&') { int fd = atoi(&vdpau_trace_file[1]);
