CVS commit: pkgsrc/multimedia/libvpx

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/multimedia/libvpx
From: "David H. Gutteridge" <gutteridge%netbsd.org@localhost>
Date: Tue, 17 Feb 2026 01:53:47 +0000

Module Name:    pkgsrc
Committed By:   gutteridge
Date:           Tue Feb 17 01:53:46 UTC 2026

Modified Files:
        pkgsrc/multimedia/libvpx: Makefile distinfo
Added Files:
        pkgsrc/multimedia/libvpx/patches: patch-vp9_vp9__cx__iface.c

Log Message:
libvpx: apply upstream commit related to CVE-2026-2447


To generate a diff of this commit:
cvs rdiff -u -r1.109 -r1.110 pkgsrc/multimedia/libvpx/Makefile
cvs rdiff -u -r1.55 -r1.56 pkgsrc/multimedia/libvpx/distinfo
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/multimedia/libvpx/patches/patch-vp9_vp9__cx__iface.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/multimedia/libvpx/Makefile
diff -u pkgsrc/multimedia/libvpx/Makefile:1.109 pkgsrc/multimedia/libvpx/Makefile:1.110
--- pkgsrc/multimedia/libvpx/Makefile:1.109     Mon Feb 16 11:30:11 2026
+++ pkgsrc/multimedia/libvpx/Makefile   Tue Feb 17 01:53:46 2026
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.109 2026/02/16 11:30:11 adam Exp $
+# $NetBSD: Makefile,v 1.110 2026/02/17 01:53:46 gutteridge Exp $
 
 DISTNAME=      libvpx-1.16.0
+PKGREVISION=   1
 CATEGORIES=    multimedia
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=webmproject/}
 GITHUB_TAG=    v${PKGVERSION_NOREV}

Index: pkgsrc/multimedia/libvpx/distinfo
diff -u pkgsrc/multimedia/libvpx/distinfo:1.55 pkgsrc/multimedia/libvpx/distinfo:1.56
--- pkgsrc/multimedia/libvpx/distinfo:1.55      Mon Feb 16 11:30:11 2026
+++ pkgsrc/multimedia/libvpx/distinfo   Tue Feb 17 01:53:46 2026
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.55 2026/02/16 11:30:11 adam Exp $
+$NetBSD: distinfo,v 1.56 2026/02/17 01:53:46 gutteridge Exp $
 
 BLAKE2s (libvpx-1.16.0.tar.gz) = 17341f5c9ce829528b4df6b3287470492041fbea5de712c19459102dfe35cb41
 SHA512 (libvpx-1.16.0.tar.gz) = 07f5e352411d6c0be331706d1835ac89bafbeddcbbac5542b473323766e9e974f4f68b33590f2aa50a7d8d69468a642b508cbb0a7c49a82c9933b07820f9c9d9
@@ -8,3 +8,4 @@ SHA1 (patch-build_make_configure.sh) = e
 SHA1 (patch-configure) = aeb5bfd9d58b06b4f2fdbdb8c73b03339de313e7
 SHA1 (patch-examples.mk) = 17410f43ff9952d616be3211ca697f37c107610a
 SHA1 (patch-libs.mk) = 4fe233a421ee6f998b2cd0328b66b1d759706a5f
+SHA1 (patch-vp9_vp9__cx__iface.c) = 9a3e4e2c68f2a6aede22c502b07450a7f5d43e48

Added files:

Index: pkgsrc/multimedia/libvpx/patches/patch-vp9_vp9__cx__iface.c
diff -u /dev/null pkgsrc/multimedia/libvpx/patches/patch-vp9_vp9__cx__iface.c:1.1
--- /dev/null   Tue Feb 17 01:53:47 2026
+++ pkgsrc/multimedia/libvpx/patches/patch-vp9_vp9__cx__iface.c Tue Feb 17 01:53:46 2026
@@ -0,0 +1,64 @@
+$NetBSD: patch-vp9_vp9__cx__iface.c,v 1.1 2026/02/17 01:53:46 gutteridge Exp $
+
+Apply upstream commit related to CVE-2026-2447.
+https://github.com/webmproject/libvpx/commit/d5f35ac8d93cba7f7a3f7ddb8f9dc8bd28f785e1
+
+--- vp9/vp9_cx_iface.c.orig    2026-01-08 16:01:40.000000000 +0000
++++ vp9/vp9_cx_iface.c
+@@ -8,7 +8,9 @@
+  *  be found in the AUTHORS file in the root of the source tree.
+  */
+ 
++#include <assert.h>
+ #include <limits.h>
++#include <stddef.h>
+ #include <stdint.h>
+ #include <stdlib.h>
+ #include <string.h>
+@@ -122,6 +124,7 @@ struct vpx_codec_alg_priv {
+   VP9_COMP *cpi;
+   unsigned char *cx_data;
+   size_t cx_data_sz;
++  // pending_cx_data either is a null pointer or points into the cx_data buffer.
+   unsigned char *pending_cx_data;
+   size_t pending_cx_data_sz;
+   int pending_frame_count;
+@@ -1252,8 +1255,12 @@ static int write_superframe_index(vpx_codec_alg_priv_t
+ 
+   // Write the index
+   index_sz = 2 + (mag + 1) * ctx->pending_frame_count;
+-  if (ctx->pending_cx_data_sz + index_sz < ctx->cx_data_sz) {
+-    uint8_t *x = ctx->pending_cx_data + ctx->pending_cx_data_sz;
++  unsigned char *cx_data_end = ctx->cx_data + ctx->cx_data_sz;
++  unsigned char *pending_cx_data_end =
++      ctx->pending_cx_data + ctx->pending_cx_data_sz;
++  ptrdiff_t space_remaining = cx_data_end - pending_cx_data_end;
++  if (index_sz <= space_remaining) {
++    uint8_t *x = pending_cx_data_end;
+     int i, j;
+ #ifdef TEST_SUPPLEMENTAL_SUPERFRAME_DATA
+     uint8_t marker_test = 0xc0;
+@@ -1284,6 +1291,8 @@ static int write_superframe_index(vpx_codec_alg_priv_t
+ #ifdef TEST_SUPPLEMENTAL_SUPERFRAME_DATA
+     index_sz += index_sz_test;
+ #endif
++  } else {
++    index_sz = 0;
+   }
+   return index_sz;
+ }
+@@ -1612,9 +1621,12 @@ static vpx_codec_err_t encoder_encode(vpx_codec_alg_pr
+               ctx->pending_frame_sizes[ctx->pending_frame_count++] = size;
+             ctx->pending_frame_magnitude |= size;
+             ctx->pending_cx_data_sz += size;
+-            // write the superframe only for the case when
+-            if (!ctx->output_cx_pkt_cb.output_cx_pkt)
++            // write the superframe only for the case when the callback function
++            // for getting per-layer packets is not registered.
++            if (!ctx->output_cx_pkt_cb.output_cx_pkt) {
+               size += write_superframe_index(ctx);
++              assert(size <= cx_data_sz);
++            }
+             pkt.data.frame.buf = ctx->pending_cx_data;
+             pkt.data.frame.sz = ctx->pending_cx_data_sz;
+             ctx->pending_cx_data = NULL;

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index