Closed Bug 1561359 Opened 5 years ago Closed 5 years ago

Please update to openh264 2.0.0

Categories

(Core :: Audio/Video: GMP, task, P3)

Product:
Core
Component:
Audio/Video: GMP
Version:
68 Branch
Type:
task

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1619988

People

(Reporter: L.Bonnaud, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:67.0) Gecko/20100101 Firefox/67.0

Steps to reproduce:

I noticed that openh264 1.8.1 currently used by firefox 67, 68 and 69 is not built with hardening compilation options.

Version 2.0.0 is out:

https://github.com/cisco/openh264/blob/master/RELEASES

and at least enables stack protection.

Actual results:

$ hardening-check .mozilla/firefox/default.t8l/gmp-gmpopenh264/1.8.1/libgmpopenh264.so.mozilla/firefox/default.t8l/gmp-gmpopenh264/1.8.1/libgmpopenh264.so:
Position Independent Executable: no, regular shared library (ignored)
Stack protected: no, not found!
Fortify Source functions: no, only unprotected functions found!
Read-only relocations: no, not found!
Immediate binding: no, not found!

Expected results:

Example of hardened shared library:

$ hardening-check /lib/x86_64-linux-gnu/libcap.so.2
/lib/x86_64-linux-gnu/libcap.so.2:
Position Independent Executable: no, regular shared library (ignored)
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: yes

From this comment it doesn't sound like we are interested in the new features added in OpenH264 2.0.0: https://bugzilla.mozilla.org/show_bug.cgi?id=1513000#c47, but the stack protection would be good to have, maybe even as a cherry pick on top of our current 1.8.1 build. Thanks for bringing that to our attention!

Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P3
Type: defect → task

fedora 32 uses


$ rpm -ql openh264 
... 
/usr/lib64/libopenh264.so.2.0.0 
/usr/lib64/libopenh264.so.5

$ rpm -ql gstreamer1-plugin-openh264 
...
/usr/lib64/gstreamer-1.0/libgstopenh264.so```

yet firefox installs 1.8.1
```ll /home/ed/.mozilla/firefox/*/gmp-gmpopenh264/*
.../gmp-gmpopenh264/1.8.1.1:
.rwx------ ed ed 116 B  Tue Nov  5 22:21:09 2019  gmpopenh264.info 
.rwx------ ed ed 1.3 MB Tue Nov  5 22:21:09 2019  libgmpopenh264.so

and I get "plugin crashed" errors and this core:

                                                    
                                                    Stack trace of thread 5562:
                                                    #0  0x00007fde5a62914b _ZN7mozilla3gmp8GMPChild15ProcessingErrorENS_3ipc14HasResultCodes6ResultEPKc.cold (libxul.so +>
                                                    #1  0x00007fde5ac3b8b1 _ZN7mozilla3ipc9IPCResult4FailENS_7NotNullIPNS0_9IProtocolEEEPKcS7_ (libxul.so + 0xe978b1)
                                                    #2  0x00007fde5c6079e3 _ZN7mozilla3gmp8GMPChild17AnswerStartPluginERK9nsTStringIDsE (libxul.so + 0x28639e3)
                                                    #3  0x00007fde5ad34258 _ZN7mozilla3gmp9PGMPChild14OnCallReceivedERKN3IPC7MessageERPS3_ (libxul.so + 0xf90258)
                                                    #4  0x00007fde5ac406dc _ZN7mozilla3ipc14MessageChannel24DispatchInterruptMessageEPNS0_19ActorLifecycleProxyEON3IPC7Me>
                                                    #5  0x00007fde5ac45fb5 _ZN7mozilla3ipc14MessageChannel15DispatchMessageEON3IPC7MessageE (libxul.so + 0xea1fb5)
                                                    #6  0x00007fde5ac47ca6 _ZN7mozilla3ipc14MessageChannel11MessageTask3RunEv (libxul.so + 0xea3ca6)
                                                    #7  0x00007fde5ac04c55 _ZN11MessageLoop21DeferOrRunPendingTaskEONS_11PendingTaskE (libxul.so + 0xe60c55)
                                                    #8  0x00007fde5ac093ad _ZN11MessageLoop6DoWorkEv (libxul.so + 0xe653ad)
                                                    #9  0x00007fde5abfe762 _ZN4base18MessagePumpDefault3RunEPNS_11MessagePump8DelegateE (libxul.so + 0xe5a762)
                                                    #10 0x00007fde5abff6c9 _ZN11MessageLoop3RunEv (libxul.so + 0xe5b6c9)
                                                    #11 0x00007fde5dd9885a _Z20XRE_InitChildProcessiPPcPK12XREChildData (libxul.so + 0x3ff485a)
                                                    #12 0x0000563ebc45f75b _Z20content_process_mainPN7mozilla9BootstrapEiPPc (plugin-container + 0xf75b)
                                                    #13 0x0000563ebc45f323 main (plugin-container + 0xf323)
                                                    #14 0x00007fde59850133 __libc_start_main (libc.so.6 + 0x27133)
                                                    #15 0x0000563ebc45f64e _start (plugin-container + 0xf64e)```

- Is it related to the version  mismatch?
- Is it possibhle to upgrade manually to 2.0.0 by downloading a corresponding `libgmpopenh264.so` ?
- Or should I open a fedora bug instead?

Is 2.x.x going to make it for next ESR?

At this point, we're not planning to update to 2.0.0, but I suspect we'll go with 2.1.0 when one is available.

Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WONTFIX

(In reply to Dan Minor [:dminor] from comment #4)

At this point, we're not planning to update to 2.0.0, but I suspect we'll go with 2.1.0 when one is available.

Well, now you guys don't have any excuse: https://github.com/cisco/openh264/commit/032f97db96827f9c4c183de5bc3794fce7b76bf6
;-)

See Also: → openh264-2_4_1
Resolution: WONTFIX → DUPLICATE
See Also: openh264-2_4_1
You need to log in before you can comment on or make changes to this bug.