From patchwork Fri May 15 21:13:27 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Fabrice Fontaine <fontaine.fabrice@gmail.com>
X-Patchwork-Id: 1291638
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net
 (client-ip=140.211.166.138; helo=whitealder.osuosl.org;
 envelope-from=buildroot-bounces@busybox.net; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
 dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20161025 header.b=JGH9jnTI;
	dkim-atps=neutral
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 49P1Ps0gbNz9sTH
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Sat, 16 May 2020 07:14:41 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id 6B37488E7F;
	Fri, 15 May 2020 21:14:39 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id ShydsL57JuUx; Fri, 15 May 2020 21:14:34 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by whitealder.osuosl.org (Postfix) with ESMTP id 398408785D;
	Fri, 15 May 2020 21:14:34 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
 by ash.osuosl.org (Postfix) with ESMTP id E08821BF37B
 for <buildroot@lists.busybox.net>; Fri, 15 May 2020 21:14:33 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by whitealder.osuosl.org (Postfix) with ESMTP id DCDAA8785D
 for <buildroot@lists.busybox.net>; Fri, 15 May 2020 21:14:33 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
 by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id XxJjPzbCrkzx for <buildroot@lists.busybox.net>;
 Fri, 15 May 2020 21:14:28 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-wr1-f47.google.com (mail-wr1-f47.google.com
 [209.85.221.47])
 by whitealder.osuosl.org (Postfix) with ESMTPS id 5DC3887527
 for <buildroot@buildroot.org>; Fri, 15 May 2020 21:14:28 +0000 (UTC)
Received: by mail-wr1-f47.google.com with SMTP id i15so5006908wrx.10
 for <buildroot@buildroot.org>; Fri, 15 May 2020 14:14:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=Z6QJozXE9i6aXnSeBStsgsM+FfQ+NZSl2ZUbu8JIHhE=;
 b=JGH9jnTItUhIB5bD9tvSZtSoRCcQLx/vw2986Z0VfPK7mtSr2Q2GEN8kF0KRu/zP/J
 vHM8UXiGvK+Tp2mIjFDlensToBAaghpHx/+aya61U2H3D0TRwXGlt+IkIrvu5/9A+6TN
 C5832NDvaLE/KXpQuKfiarS2P4c2bG9H4eqSIiztHgYv9VyF6ghcnV7NmVGNNbFm9Jrb
 bvTAeUn0hyOPR1+3iSsFTSkVzvS6BurTt3fCANedHJZkP6Pzt338kOTUaojIywHMIkQo
 Oe6ouzWXe0YKQXNa7Mqwfzic3XtFJyMh2uZRVbzFXcdY4l7ZBUtAz4N6vUmzGwtCAXfT
 193Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=Z6QJozXE9i6aXnSeBStsgsM+FfQ+NZSl2ZUbu8JIHhE=;
 b=Zs12oGn4IZ63j1tn7sV5zpq+bwhSAFUajDum26oovqbKX12PgGvBW9funP7rDYxSbv
 HpTrMsN97RidGnn9sDWKtV4Ipz1TbqH3ChDT4chewkmh20XsoRJy4HEOew7H5wOBwgkw
 KcxiZdaS7Y79GBgRQUyz9lf4SQ4Nz2M3oIkieYlW4jRasBsotVascnXTnrd2w9Xbg4Mh
 AjNMIo/jUQfTBc+HRYYAVdYqCZeIrSTd+4453RCQstKJuE/twpZ0gSBbO9x6hoXO6POj
 ue4anjEvw9mwrV6dEeXtNAMpm7zQc3b55ls+PwIjiiqNc/7slYYuMyCzRhUMq1VEbK2O
 o56g==
X-Gm-Message-State: AOAM530mZPdcq8r+nTWvoSEayT5N/uBRYifvRM+5M5Vq6SwD5qgDZ8IG
 uQJQgSO4AJt82CFNcaGu4coepO6q
X-Google-Smtp-Source: 
 ABdhPJy+O+XNFAbpFvBa88nqiDy5CKL32y5Rh5AGP0xBJ8pcMJNeTpJcYoVaodK7bSRmlSY/M/6dbw==
X-Received: by 2002:a5d:400f:: with SMTP id n15mr6586742wrp.419.1589577266348;
 Fri, 15 May 2020 14:14:26 -0700 (PDT)
Received: from kali.home (lfbn-ren-1-2144-158.w92-167.abo.wanadoo.fr.
 [92.167.223.158])
 by smtp.gmail.com with ESMTPSA id k131sm5579915wma.2.2020.05.15.14.14.25
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 15 May 2020 14:14:25 -0700 (PDT)
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
To: buildroot@buildroot.org
Date: Fri, 15 May 2020 23:13:27 +0200
Message-Id: <20200515211327.15078-1-fontaine.fabrice@gmail.com>
X-Mailer: git-send-email 2.26.2
MIME-Version: 1.0
Subject: [Buildroot] [PATCH 1/1] package/mp4v2: security bump to version
 4.1.3
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

- Switch site to an active fork
- Send patch upstream
- Update indentation in hash file (two spaces)
- Fix the following CVEs:
  - CVE-2018-14054: A double free exists in the MP4StringProperty class
    in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again
    in the destructor once an exception is triggered.
    Fixed by
    https://github.com/TechSmith/mp4v2/commit/f09cceeee5bd7f783fd31f10e8b3c440ccf4c743
  - CVE-2018-14325: In MP4v2 2.0.0, there is an integer underflow (with
    resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
    Fixed by
    https://github.com/TechSmith/mp4v2/commit/e475013c6ef78093055a02b0d035eda0f9f01451
  - CVE-2018-14326: In MP4v2 2.0.0, there is an integer overflow (with
    resultant memory corruption) when resizing MP4Array for the ftyp
    atom in mp4array.h.
    Fixed by
    https://github.com/TechSmith/mp4v2/commit/70d823ccd8e2d7d0ed9e62fb7e8983d21e6acbeb
  - CVE-2018-14379: MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0
    incorrectly uses the MP4ItemAtom data type in a certain case where
    MP4DataAtom is required, which allows remote attackers to cause a
    denial of service (memory corruption) or possibly have unspecified
    other impact via a crafted MP4 file, because access to the data
    structure has different expectations about layout as a result of
    this type confusion.
    Fixed by
    https://github.com/TechSmith/mp4v2/commit/73f38b4296aeb38617fa3923018bb78671c3b833
  - CVE-2018-14403: MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0
    mishandles substrings of atom names, leading to use of an
    inappropriate data type for associated atoms. The resulting type
    confusion can cause out-of-bounds memory access.
    Fixed by
    https://github.com/TechSmith/mp4v2/commit/51cb6b36f6c8edf9f195d5858eac9ba18b334a16

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
 package/mp4v2/0001-Fix-GCC7-build.patch | 1 +
 package/mp4v2/Config.in                 | 2 +-
 package/mp4v2/mp4v2.hash                | 3 +--
 package/mp4v2/mp4v2.mk                  | 6 +++---
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/package/mp4v2/0001-Fix-GCC7-build.patch b/package/mp4v2/0001-Fix-GCC7-build.patch
index 90222c10ae..4e39be4a79 100644
--- a/package/mp4v2/0001-Fix-GCC7-build.patch
+++ b/package/mp4v2/0001-Fix-GCC7-build.patch
@@ -10,6 +10,7 @@ no encoding parameters ppEncodingParams will be returned as a pointer to
 an empty string rather than as a null pointer
 
 Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+[Upstream status: https://github.com/TechSmith/mp4v2/pull/36]
 ---
  src/rtphint.cpp | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/package/mp4v2/Config.in b/package/mp4v2/Config.in
index 490ebac9fd..172d1baabe 100644
--- a/package/mp4v2/Config.in
+++ b/package/mp4v2/Config.in
@@ -5,7 +5,7 @@ config BR2_PACKAGE_MP4V2
 	  The MP4v2 library provides functions to read, create, and
 	  modify mp4 files.
 
-	  https://code.google.com/archive/p/mp4v2/
+	  https://github.com/TechSmith/mp4v2/
 
 if BR2_PACKAGE_MP4V2
 
diff --git a/package/mp4v2/mp4v2.hash b/package/mp4v2/mp4v2.hash
index d75c1994d9..85fce49384 100644
--- a/package/mp4v2/mp4v2.hash
+++ b/package/mp4v2/mp4v2.hash
@@ -1,4 +1,3 @@
-# From https://code.google.com/p/mp4v2/downloads/detail?name=mp4v2-2.0.0.tar.bz2
-sha1 193260cfb7201e6ec250137bcca1468d4d20e2f0 mp4v2-2.0.0.tar.bz2
 # Locally computed
+sha256  e3ad6c2dc451b0875dbe34bfe7f51f4fe278b391434c886083e6d3ecd5fa08c2  mp4v2-4.1.3.tar.gz
 sha256  15e38684c940176e2fc76331a2299d2ab5115ac997078f768ef31b896af69fc5  COPYING
diff --git a/package/mp4v2/mp4v2.mk b/package/mp4v2/mp4v2.mk
index b6b7d9ae5e..478d10d472 100644
--- a/package/mp4v2/mp4v2.mk
+++ b/package/mp4v2/mp4v2.mk
@@ -4,9 +4,9 @@
 #
 ################################################################################
 
-MP4V2_VERSION = 2.0.0
-MP4V2_SOURCE = mp4v2-$(MP4V2_VERSION).tar.bz2
-MP4V2_SITE = https://mp4v2.googlecode.com/files
+MP4V2_VERSION = 4.1.3
+MP4V2_SITE = \
+	$(call github,TechSmith,mp4v2,Release-ThirdParty-MP4v2-$(MP4V2_VERSION))
 MP4V2_INSTALL_STAGING = YES
 MP4V2_LICENSE = MPL-1.1
 MP4V2_LICENSE_FILES = COPYING