diff options
Diffstat (limited to 'media-libs/gst-rtsp-server')
5 files changed, 203 insertions, 0 deletions
diff --git a/media-libs/gst-rtsp-server/Manifest b/media-libs/gst-rtsp-server/Manifest index e06cec7767d6..8da50ee1b9a4 100644 --- a/media-libs/gst-rtsp-server/Manifest +++ b/media-libs/gst-rtsp-server/Manifest @@ -1,3 +1,8 @@ +AUX 1.16.2-CVE-2020-6095.patch 1517 BLAKE2B f317ca6e3443b4b4255759c31a0bdac46237eb1c7e0cba2e5ae2a598599c0702f3fdc2504bce88502c2316f64792fc35417a0d77e3d2d1149bad0cf3d58760e8 SHA512 9cf2fe75fb8c14dd2fe0b46a5679a1a68df35882d6bc0f6aa90865ad1870d6ae498f5398dbc5bc44c835c10218d6a41fbca05cd862335fac46a49ef80dd7d449 +AUX 1.16.2-glib-deprecation-fix.patch 1992 BLAKE2B 74833b158bcf855b6548b01899aa1c910e2c9b8502753fc74349c212427d1c760de4762493f831eb2567b22ac53cce1631cc898a781e8c7e21f1a70d4cda56cc SHA512 e08b895c6108c845601107f56be5ce711629208fa7f9277c083752b14fdc77d48ccae7097b85e1d0e6fd68c770bf8e779c6dce518247537b1b9ca2e3f324d9b4 +AUX 1.16.2-leak-fix.patch 774 BLAKE2B 739fb1d5b0097e0426646731c01036339e9f63deb2a784032cd9758f89bd154acec6eb54661b9fa27671bd97ef195ddc4b617a3cbed9d677f9973d6db0f51cbd SHA512 192acc9f27f87f797a0ce28db213cee36f590d6db790e84038cec6a15bfd3957f0aa961965761225eabe30495bc868f43802b739ef6753209158d4ec9b298ea1 DIST gst-rtsp-server-1.14.5.tar.xz 672180 BLAKE2B 3e67f703c190e46580cf7c08a9437d51e9c1e009dd27cf359ecd5aa301ddda6cd70c0d5567e72c6e5f9443318e899a9b55e6883c71c9fc021f77286afd89bbc9 SHA512 dbfb63fb219808d2a32d710bef33d2b3b9906300d4c527c72534a4cb6db0f5ce4f4fadcedf7f6a3a5f46005f4408717d9aafa1a510c4aed18f5d07d6b3646492 +DIST gst-rtsp-server-1.16.2.tar.xz 693368 BLAKE2B 612b59bc3a08167a81790c8d5164efebb8756ce3d3c9c278a0363bd640929b14d2fb1c26454a513dbaa9e093a702e7553950b6210ef57a6e9188a059c81650d3 SHA512 e18d87ae309594ffd7917b1804e595b83d5002518608f0ee03b9e68ab9bdf771ec2f691e50408618a6d1a39495c123e8288b3179e6cdaef65a38ef404544e0eb EBUILD gst-rtsp-server-1.14.5.ebuild 2010 BLAKE2B 833ecbd6e036b942a323e8955a6173a6f204318e01ab6b106a6ec6939ad119d46754661bed2a7a1ffd1d0e23df9a95e1ada7a616b51b728e607f5809ccc04bad SHA512 a56c10fb64ec714daeb7d788041fc9442711c95ef0ea10099beadaa9978a06925f2e7a285d545b5fadec259a37998ef77147d5a2b9f4651a1e3ef33a33b84cdc +EBUILD gst-rtsp-server-1.16.2.ebuild 2107 BLAKE2B 9db192f48783a16277efc845550777dd1d9a94ef9d8f8f22e92aca4e115762520f14cbc89b30f367a107d7f0b0587174eeffb05dfd540c155a49658dbc8c2bf2 SHA512 442d7df4389cde8d455f69bbeaaa33c7dd51cb42050fc81e5f9b040d8efef332753cc732fef28b7ec1f195c273cc53e8b244d98f9fa36b082077b60833e766b5 MISC metadata.xml 262 BLAKE2B 16a4a230ef5481afde96333e9555bee1771ced412b11eb982c633709dec57b274f78082ba3fe842f7d3406a688662d34792fff304027833286b30652e9982719 SHA512 608f0a17d576a3b23a6921272eb449a6efed76b3c4b3fdf8737b2d499b56d109186c2883c06e5c843799d2fb1606f3066c43759b40f9d7cf58b6a674c38dd0e0 diff --git a/media-libs/gst-rtsp-server/files/1.16.2-CVE-2020-6095.patch b/media-libs/gst-rtsp-server/files/1.16.2-CVE-2020-6095.patch new file mode 100644 index 000000000000..87b2e54973b4 --- /dev/null +++ b/media-libs/gst-rtsp-server/files/1.16.2-CVE-2020-6095.patch @@ -0,0 +1,39 @@ +From ccc8d0c4388056acc801fd855e065eb2b0ca6578 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com> +Date: Mon, 23 Mar 2020 16:06:43 +0200 +Subject: [PATCH 3/3] rtsp-auth: Fix NULL pointer dereference when handling an + invalid basic Authorization header + +When using the basic authentication scheme, we wouldn't validate that +the authorization field of the credentials is not NULL and pass it on +to g_hash_table_lookup(). g_str_hash() however is not NULL-safe and will +dereference the NULL pointer and crash. +A specially crafted (read: invalid) RTSP header can cause this to +happen. + +As a solution, check for the authorization to be not NULL before +continuing processing it and if it is simply fail authentication. + +This fixes CVE-2020-6095 and TALOS-2020-1018. + +Discovered by Peter Wang of Cisco ASIG. +--- + gst/rtsp-server/rtsp-auth.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/gst/rtsp-server/rtsp-auth.c b/gst/rtsp-server/rtsp-auth.c +index f14286f..c15fa18 100644 +--- a/gst/rtsp-server/rtsp-auth.c ++++ b/gst/rtsp-server/rtsp-auth.c +@@ -871,7 +871,7 @@ default_authenticate (GstRTSPAuth * auth, GstRTSPContext * ctx) + + GST_DEBUG_OBJECT (auth, "check Basic auth"); + g_mutex_lock (&priv->lock); +- if ((token = ++ if ((*credential)->authorization && (token = + g_hash_table_lookup (priv->basic, + (*credential)->authorization))) { + GST_DEBUG_OBJECT (auth, "setting token %p", token); +-- +2.20.1 + diff --git a/media-libs/gst-rtsp-server/files/1.16.2-glib-deprecation-fix.patch b/media-libs/gst-rtsp-server/files/1.16.2-glib-deprecation-fix.patch new file mode 100644 index 000000000000..679c5c5207cf --- /dev/null +++ b/media-libs/gst-rtsp-server/files/1.16.2-glib-deprecation-fix.patch @@ -0,0 +1,59 @@ +From df227481504574ecc6028400d17870913a16a047 Mon Sep 17 00:00:00 2001 +From: Jordan Petridis <jordan@centricular.com> +Date: Thu, 23 Jan 2020 16:41:26 +0200 +Subject: [PATCH 2/3] rtsp-latency-bin: replace G_TYPE_INSTANCE_GET_PRIVATE as + it's been deprecated + +from glib +``` +Deprecated: 2.58: Use %G_ADD_PRIVATE and the generated + `your_type_get_instance_private()` function instead +``` +--- + gst/rtsp-server/rtsp-latency-bin.c | 9 +++------ + 1 file changed, 3 insertions(+), 6 deletions(-) + +diff --git a/gst/rtsp-server/rtsp-latency-bin.c b/gst/rtsp-server/rtsp-latency-bin.c +index cf7cdf1..c297ab6 100644 +--- a/gst/rtsp-server/rtsp-latency-bin.c ++++ b/gst/rtsp-server/rtsp-latency-bin.c +@@ -23,9 +23,6 @@ + #include <gst/gst.h> + #include "rtsp-latency-bin.h" + +-#define GST_RTSP_LATENCY_BIN_GET_PRIVATE(obj) \ +- (G_TYPE_INSTANCE_GET_PRIVATE ((obj), GST_RTSP_LATENCY_BIN_TYPE, GstRTSPLatencyBinPrivate)) +- + struct _GstRTSPLatencyBinPrivate + { + GstPad *sinkpad; +@@ -106,7 +103,7 @@ gst_rtsp_latency_bin_get_property (GObject * object, guint propid, + { + GstRTSPLatencyBin *latency_bin = GST_RTSP_LATENCY_BIN (object); + GstRTSPLatencyBinPrivate *priv = +- GST_RTSP_LATENCY_BIN_GET_PRIVATE (latency_bin); ++ gst_rtsp_latency_bin_get_instance_private (latency_bin); + + switch (propid) { + case PROP_ELEMENT: +@@ -140,7 +137,7 @@ gst_rtsp_latency_bin_add_element (GstRTSPLatencyBin * latency_bin, + GstElement * element) + { + GstRTSPLatencyBinPrivate *priv = +- GST_RTSP_LATENCY_BIN_GET_PRIVATE (latency_bin); ++ gst_rtsp_latency_bin_get_instance_private (latency_bin); + GstPad *pad; + GstPadTemplate *templ; + +@@ -250,7 +247,7 @@ static gboolean + gst_rtsp_latency_bin_recalculate_latency (GstRTSPLatencyBin * latency_bin) + { + GstRTSPLatencyBinPrivate *priv = +- GST_RTSP_LATENCY_BIN_GET_PRIVATE (latency_bin); ++ gst_rtsp_latency_bin_get_instance_private (latency_bin); + GstEvent *latency; + GstQuery *query; + GstClockTime min_latency; +-- +2.20.1 + diff --git a/media-libs/gst-rtsp-server/files/1.16.2-leak-fix.patch b/media-libs/gst-rtsp-server/files/1.16.2-leak-fix.patch new file mode 100644 index 000000000000..2707c3ebdc05 --- /dev/null +++ b/media-libs/gst-rtsp-server/files/1.16.2-leak-fix.patch @@ -0,0 +1,25 @@ +From 9dfdcb71e84e53e25388a6e0b485a70c45ea0dec Mon Sep 17 00:00:00 2001 +From: Nicola Murino <nicola.murino@gmail.com> +Date: Thu, 12 Dec 2019 17:56:18 +0100 +Subject: [PATCH 1/3] rtsp-auth: fix default token leak + +--- + gst/rtsp-server/rtsp-auth.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/gst/rtsp-server/rtsp-auth.c b/gst/rtsp-server/rtsp-auth.c +index f676b80..f14286f 100644 +--- a/gst/rtsp-server/rtsp-auth.c ++++ b/gst/rtsp-server/rtsp-auth.c +@@ -214,6 +214,8 @@ gst_rtsp_auth_finalize (GObject * obj) + g_hash_table_unref (priv->basic); + g_hash_table_unref (priv->digest); + g_hash_table_unref (priv->nonces); ++ if (priv->default_token) ++ gst_rtsp_token_unref (priv->default_token); + g_mutex_clear (&priv->lock); + g_free (priv->realm); + +-- +2.20.1 + diff --git a/media-libs/gst-rtsp-server/gst-rtsp-server-1.16.2.ebuild b/media-libs/gst-rtsp-server/gst-rtsp-server-1.16.2.ebuild new file mode 100644 index 000000000000..c4f50223188d --- /dev/null +++ b/media-libs/gst-rtsp-server/gst-rtsp-server-1.16.2.ebuild @@ -0,0 +1,75 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit gstreamer + +DESCRIPTION="A GStreamer based RTSP server" +HOMEPAGE="https://gstreamer.freedesktop.org/modules/gst-rtsp-server.html" + +LICENSE="LGPL-2+" +KEYWORDS="amd64 x86" +IUSE="examples +introspection static-libs" + +# gst-plugins-base for many used elements and API +# gst-plugins-good for rtprtxsend and rtpbin elements, maybe more +# gst-plugins-srtp for srtpenc and srtpdec elements +RDEPEND=" + >=dev-libs/glib-2.40.0:2[${MULTILIB_USEDEP}] + >=media-libs/gstreamer-${PV}:${SLOT}[introspection?,${MULTILIB_USEDEP}] + >=media-libs/gst-plugins-base-${PV}:${SLOT}[introspection?,${MULTILIB_USEDEP}] + >=media-libs/gst-plugins-good-${PV}:${SLOT}[${MULTILIB_USEDEP}] + >=media-plugins/gst-plugins-srtp-${PV}:${SLOT}[${MULTILIB_USEDEP}] + introspection? ( >=dev-libs/gobject-introspection-1.31.1:= ) +" +DEPEND="${RDEPEND} + >=dev-util/gtk-doc-am-1.12 +" + +# Due to gstreamer src_configure +QA_CONFIGURE_OPTIONS="--enable-nls" + +PATCHES=( + "${FILESDIR}"/${PV}-leak-fix.patch + "${FILESDIR}"/${PV}-glib-deprecation-fix.patch + "${FILESDIR}"/${PV}-CVE-2020-6095.patch +) + +multilib_src_configure() { + # debug: only adds -g to CFLAGS + # docbook: nothing behind that switch + # libcgroup is automagic and only used in examples + gstreamer_multilib_src_configure \ + --disable-debug \ + --disable-valgrind \ + --disable-examples \ + --disable-docbook \ + --disable-gtk-doc \ + $(multilib_native_use_enable introspection) \ + $(use_enable static-libs static) \ + --disable-tests \ + LIBCGROUP_LIBS= \ + LIBCGROUP_FLAGS= + + # work-around gtk-doc out-of-source brokedness + if multilib_is_native_abi ; then + ln -s "${S}"/docs/libs/${d}/html docs/libs/${d}/html || die + fi +} + +multilib_src_install() { + emake install DESTDIR="${D}" + # Handle broken upstream modifications to defaults of gtk-doc + emake install -C docs/libs DESTDIR="${D}" +} + +multilib_src_install_all() { + einstalldocs + find "${ED}" -name '*.la' -delete || die + + if use examples ; then + insinto /usr/share/doc/${PF}/examples + doins "${S}"/examples/*.c + fi +} |