Version in base suite: 1.1.1+dfsg.1-16.1 Base version: libtheora_1.1.1+dfsg.1-16.1 Target version: libtheora_1.1.1+dfsg.1-16.1+deb12u1 Base file: /srv/ftp-master.debian.org/ftp/pool/main/libt/libtheora/libtheora_1.1.1+dfsg.1-16.1.dsc Target file: /srv/ftp-master.debian.org/policy/pool/main/libt/libtheora/libtheora_1.1.1+dfsg.1-16.1+deb12u1.dsc changelog | 9 ++ patches/0007-pp_sharp_mod-segfault.patch | 33 ++++++++ patches/0008-shift-negative-stride.patch | 123 +++++++++++++++++++++++++++++++ patches/series | 2 4 files changed, 167 insertions(+) diff -Nru libtheora-1.1.1+dfsg.1/debian/changelog libtheora-1.1.1+dfsg.1/debian/changelog --- libtheora-1.1.1+dfsg.1/debian/changelog 2022-10-06 17:18:29.000000000 +0000 +++ libtheora-1.1.1+dfsg.1/debian/changelog 2025-06-29 07:09:19.000000000 +0000 @@ -1,3 +1,12 @@ +libtheora (1.1.1+dfsg.1-16.1+deb12u1) bookworm; urgency=medium + + * Team upload. + + * Added patches fixing issues found using GCC sanitize. + * Acknowledge NMU 1.1.1+dfsg.1-16.1. + + -- Petter Reinholdtsen Sun, 29 Jun 2025 09:09:19 +0200 + libtheora (1.1.1+dfsg.1-16.1) unstable; urgency=medium * Non-maintainer upload by the Reproducible Builds team. diff -Nru libtheora-1.1.1+dfsg.1/debian/patches/0007-pp_sharp_mod-segfault.patch libtheora-1.1.1+dfsg.1/debian/patches/0007-pp_sharp_mod-segfault.patch --- libtheora-1.1.1+dfsg.1/debian/patches/0007-pp_sharp_mod-segfault.patch 1970-01-01 00:00:00.000000000 +0000 +++ libtheora-1.1.1+dfsg.1/debian/patches/0007-pp_sharp_mod-segfault.patch 2025-06-29 07:08:39.000000000 +0000 @@ -0,0 +1,33 @@ +commit 0ae66d565e6bead8604d312bc1a4e9dccf245c88 +Author: Tim Terriberry +Date: Tue May 8 02:51:57 2012 +0000 + + Fix pp_sharp_mod calculation. + + This was broken when the dequant_tables indexing changed in commit + r16102, but it only affected post-processing quality, so we never + noticed. + With gcc 4.8.0, this can now trigger a segfault during decoder + initialization. + + svn path=/trunk/theora/; revision=18268 + +Index: libtheora-salsa/lib/decode.c +=================================================================== +--- libtheora-salsa.orig/lib/decode.c 2025-03-16 05:39:47.754277765 +0100 ++++ libtheora-salsa/lib/decode.c 2025-03-16 05:39:51.000000000 +0100 +@@ -397,10 +397,10 @@ + int qsum; + qsum=0; + for(qti=0;qti<2;qti++)for(pli=0;pli<3;pli++){ +- qsum+=_dec->state.dequant_tables[qti][pli][qi][12]+ +- _dec->state.dequant_tables[qti][pli][qi][17]+ +- _dec->state.dequant_tables[qti][pli][qi][18]+ +- _dec->state.dequant_tables[qti][pli][qi][24]<<(pli==0); ++ qsum+=_dec->state.dequant_tables[qi][pli][qti][12]+ ++ _dec->state.dequant_tables[qi][pli][qti][17]+ ++ _dec->state.dequant_tables[qi][pli][qti][18]+ ++ _dec->state.dequant_tables[qi][pli][qti][24]<<(pli==0); + } + _dec->pp_sharp_mod[qi]=-(qsum>>11); + } diff -Nru libtheora-1.1.1+dfsg.1/debian/patches/0008-shift-negative-stride.patch libtheora-1.1.1+dfsg.1/debian/patches/0008-shift-negative-stride.patch --- libtheora-1.1.1+dfsg.1/debian/patches/0008-shift-negative-stride.patch 1970-01-01 00:00:00.000000000 +0000 +++ libtheora-1.1.1+dfsg.1/debian/patches/0008-shift-negative-stride.patch 2025-06-29 07:07:45.000000000 +0000 @@ -0,0 +1,123 @@ +Description: Replaced possible bit shifting into signed bit of stride values. + Use multiplication instead, allowing the compiler to optimize to + bitshifts if it believe it to be safe. + + Based on upstream commits a6766c94721bc55e8e56fb0d941ecfe2d27c3d17 + and ec642ecf6d94f11d5eb05ab1fb7a9728c9a89cae, adjusted for 1.1.1. +Author: Petter Reinholdtsen +Forwarded: not-needed +Last-Update: 2025-06-03 +--- +diff --git a/lib/decode.c b/lib/decode.c +index 7be6646..ad56716 100644 +--- a/lib/decode.c ++++ b/lib/decode.c +@@ -1747,13 +1747,13 @@ static void oc_dec_deblock_frag_rows(oc_dec_ctx *_dec, + flimit=(qstep*3)>>2; + oc_filter_hedge(dst+x,dst_ystride,src+x-src_ystride,src_ystride, + qstep,flimit,variance,variance+nhfrags); +- oc_filter_vedge(dst+x-(dst_ystride<<2)-4,dst_ystride, ++ oc_filter_vedge(dst+x-(dst_ystride*4)-4,dst_ystride, + qstep,flimit,variance-1); + variance++; + dc_qi++; + } +- dst+=dst_ystride<<3; +- src+=src_ystride<<3; ++ dst+=dst_ystride*8; ++ src+=src_ystride*8; + } + /*And finally, handle the last row in the frame, if it's in the range.*/ + if(!notdone){ +@@ -1769,7 +1769,7 @@ static void oc_dec_deblock_frag_rows(oc_dec_ctx *_dec, + for(x=8;xpp_dc_scale[*dc_qi++]; + flimit=(qstep*3)>>2; +- oc_filter_vedge(dst+x-(dst_ystride<<3)-4,dst_ystride, ++ oc_filter_vedge(dst+x-(dst_ystride*8)-4,dst_ystride, + qstep,flimit,variance++); + } + } +@@ -1944,7 +1944,7 @@ static void oc_dec_dering_frag_rows(oc_dec_ctx *_dec,th_img_plane *_img, + frag++; + variance++; + } +- idata+=ystride<<3; ++ idata+=ystride*8; + } + } + +@@ -2877,10 +2877,10 @@ int th_decode_ycbcr_out(th_dec_ctx *_dec,th_ycbcr_buffer _ycbcr){ + u_row[x>>1]=OC_CLAMP255(u); + v_row[x>>1]=OC_CLAMP255(v); + } +- y_row+=_ycbcr[0].stride<<1; ++ y_row+=_ycbcr[0].stride*2; + u_row+=_ycbcr[1].stride; + v_row+=_ycbcr[2].stride; +- rgb_row+=cstride<<1; ++ rgb_row+=cstride*2; + } + }break; + case TH_PF_422:{ +diff --git a/lib/state.c b/lib/state.c +index 42ed33a..fe803d6 100644 +--- a/lib/state.c ++++ b/lib/state.c +@@ -573,7 +573,7 @@ static int oc_state_ref_bufs_init(oc_theora_state *_state,int _nrefs){ + frag_buf_offs[fragi]=hpix-ref_frame_data; + hpix+=8; + } +- vpix+=stride<<3; ++ vpix+=stride*8; + } + } + /*Initialize the reference frame indices.*/ +@@ -1055,7 +1055,7 @@ void oc_state_loop_filter_frag_rows_c(const oc_theora_state *_state,int *_bv, + loop_filter_h(ref+8,ystride,_bv); + } + if(fragi+nhfrags