File gstreamer-plugins-bad-ZDI-CAN-22300.patch of Package gstreamer-plugins-bad.32024

commit 890d59e97e291fe848147ebf4d5884bcec1101c9 (06_2023.11.23_ZDI-CAN-22300_890d59e97e291fe848147ebf4d5884bcec1101c9)
Author: Seungha Yang <seungha@centricular.com>
Date:   Thu Nov 23 20:24:42 2023 +0900

    av1parser: Fix array sizes in scalability structure

    Since the AV1 specification is not explicitly mentioning about
    the array size bounds, array sizes in scalability structure
    should be defined as possible maximum sizes that can have.

    Also, this commit removes GST_AV1_MAX_SPATIAL_LAYERS define from
    public header which is API break but the define is misleading
    and this patch is introducing ABI break already

    ZDI-CAN-22300

    Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/5823>

diff -Nura gst-plugins-bad-1.20.1/gst-libs/gst/codecparsers/gstav1parser.h gst-plugins-bad-1.20.1_new/gst-libs/gst/codecparsers/gstav1parser.h
--- gst-plugins-bad-1.20.1/gst-libs/gst/codecparsers/gstav1parser.h	2022-03-14 19:33:40.000000000 +0800
+++ gst-plugins-bad-1.20.1_new/gst-libs/gst/codecparsers/gstav1parser.h	2024-01-05 15:09:34.925609732 +0800
@@ -71,9 +71,8 @@
 #define GST_AV1_MAX_TILE_COUNT                 512
 #define GST_AV1_MAX_OPERATING_POINTS    \
   (GST_AV1_MAX_NUM_TEMPORAL_LAYERS * GST_AV1_MAX_NUM_SPATIAL_LAYERS)
-#define GST_AV1_MAX_SPATIAL_LAYERS             2  /* correct? */
-#define GST_AV1_MAX_TEMPORAL_GROUP_SIZE        8  /* correct? */
-#define GST_AV1_MAX_TEMPORAL_GROUP_REFERENCES  8  /* correct? */
+#define GST_AV1_MAX_TEMPORAL_GROUP_SIZE        255
+#define GST_AV1_MAX_TEMPORAL_GROUP_REFERENCES  7
 #define GST_AV1_MAX_NUM_Y_POINTS               16
 #define GST_AV1_MAX_NUM_CB_POINTS              16
 #define GST_AV1_MAX_NUM_CR_POINTS              16
@@ -968,9 +967,9 @@
   gboolean spatial_layer_dimensions_present_flag;
   gboolean spatial_layer_description_present_flag;
   gboolean temporal_group_description_present_flag;
-  guint16 spatial_layer_max_width[GST_AV1_MAX_SPATIAL_LAYERS];
-  guint16 spatial_layer_max_height[GST_AV1_MAX_SPATIAL_LAYERS];
-  guint8 spatial_layer_ref_id[GST_AV1_MAX_SPATIAL_LAYERS];
+  guint16 spatial_layer_max_width[GST_AV1_MAX_NUM_SPATIAL_LAYERS];
+  guint16 spatial_layer_max_height[GST_AV1_MAX_NUM_SPATIAL_LAYERS];
+  guint8 spatial_layer_ref_id[GST_AV1_MAX_NUM_SPATIAL_LAYERS];
   guint8 temporal_group_size;
 
   guint8 temporal_group_temporal_id[GST_AV1_MAX_TEMPORAL_GROUP_SIZE];
diff -Nura gst-plugins-bad-1.20.1/gst/videoparsers/gstav1parse.c gst-plugins-bad-1.20.1_new/gst/videoparsers/gstav1parse.c
--- gst-plugins-bad-1.20.1/gst/videoparsers/gstav1parse.c	2022-03-14 19:33:40.000000000 +0800
+++ gst-plugins-bad-1.20.1_new/gst/videoparsers/gstav1parse.c	2024-01-05 15:10:54.793563363 +0800
@@ -1228,7 +1228,7 @@
   }
 
   val = (self->parser->state.operating_point_idc >> 8) & 0x0f;
-  for (i = 0; i < (1 << GST_AV1_MAX_SPATIAL_LAYERS); i++) {
+  for (i = 0; i < GST_AV1_MAX_NUM_SPATIAL_LAYERS; i++) {
     if (val & (1 << i))
       self->highest_spatial_id = i;
   }