Package: libvdpau / 0.4.1-7+deb7u1

Metadata

Package Version Patches format
libvdpau 0.4.1-7+deb7u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
track_dynamic_library_handles_and_free_them_on_exit.patch | (download)

src/vdpau_wrapper.c | 87 64 + 23 - 0 !
1 file changed, 64 insertions(+), 23 deletions(-)

 
 vdpau_wrapper.c: track dynamic library handles and free them on exit using __attribute__((destructor))

Signed-off-by: Kiran Pawar <kpawar@nvidia.com>
Tested-by: Aaron Plattner <aplattner@nvidia.com>
Signed-off-by: Aaron Plattner <aplattner@nvidia.com>
link with libx11.patch | (download)

src/Makefile.am | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 
 link libvdpao with libx11 since it uses symbols from it
simplify dlopen path length error handling.patch | (download)

src/vdpau_wrapper.c | 22 10 + 12 - 0 !
1 file changed, 10 insertions(+), 12 deletions(-)

 
 simplify path overflow error handling
 "path too long" is not a fatal error, there may be other search paths
 that don't overflow, so try them as well
vdpau module searchpath.patch | (download)

src/vdpau_wrapper.c | 26 20 + 6 - 0 !
1 file changed, 20 insertions(+), 6 deletions(-)

 
 search the vdpau module in multiple directories
 start searching the vdpau module in ${ORIGIN}/vdpau, then the MODULEDIR and
 finally fall back to /usr/lib/vdpau
libvdpau_flashplayer.patch | (download)

src/Makefile.am | 4 4 + 0 - 0 !
src/vdpau_wrapper.c | 170 168 + 2 - 0 !
src/vdpau_wrapper.cfg | 2 2 + 0 - 0 !
3 files changed, 174 insertions(+), 2 deletions(-)

 
 apply some fixes for adobe flash player ugliness
 1) Swap U and V planes to VdpVideoSurfacePutBitsYCbCr to fix blue-tinged
    videos.
 .
 2) Disable VdpPresentationQueueSetBackgroundColor, so that Flash doesn't
    set the background to pure black or pure white, which would cause the
    VDPAU image to bleed through to other parts of the desktop with those
    very common colors.
 .
 These workarounds are only enabled when running under Flash player, and
 may be individually controlled via /etc/vdpau_wrapper.cfg, should they
 ever need to be disabled.
 .
 Note that this code stores the VDPAU backend function pointers as global
 variables, which is technically incorrect. However, the likelihood of
0006 Use secure_getenv 3 to improve security.patch | (download)

configure.ac | 4 4 + 0 - 0 !
src/Makefile.am | 1 1 + 0 - 0 !
src/util.h | 48 48 + 0 - 0 !
src/vdpau_wrapper.c | 12 9 + 3 - 0 !
trace/vdpau_trace.cpp | 8 5 + 3 - 0 !
5 files changed, 67 insertions(+), 6 deletions(-)

 
 use secure_getenv(3) to improve security

This patch is in response to the following security vulnerabilities
(CVEs) reported to NVIDIA against libvdpau:

CVE-2015-5198
CVE-2015-5199
CVE-2015-5200

To address these CVEs, this patch:

- replaces all uses of getenv(3) with secure_getenv(3);
- uses secure_getenv(3) when available, with a fallback option;
- protects VDPAU_DRIVER against directory traversal by checking for '/'

On platforms where secure_getenv(3) is not available, the C preprocessor
will print a warning at compile time. Then, a preprocessor macro will
replace secure_getenv(3) with our getenv_wrapper(), which utilizes the check:

  getuid() == geteuid() && getgid() == getegid()

See getuid(2) and getgid(2) for further details.

Signed-off-by: Aaron Plattner <aplattner@nvidia.com>