gnu: libvpx: Apply bug fixes.

Fixes build on armhf.

* gnu/packages/patches/libvpx-fix-armhf-link.patch,
  gnu/packages/patches/libvpx-fix-ssse3-quantize.patch,
  gnu/packages/patches/libvpx-vp9-out-of-bounds-access.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/video.scm (libvpx): Add patches.  On armhf, add additional
  configure flags to avoid requiring support for NEON.

3 files changed, 90 insertions, 0 deletions

diff --git a/gnu/packages/patches/libvpx-fix-armhf-link.patch b/gnu/packages/patches/libvpx-fix-armhf-link.patch
new file mode 100644
index 0000000000..e0b998d487
--- /dev/null
+++ b/gnu/packages/patches/libvpx-fix-armhf-link.patch
@@ -0,0 +1,23 @@
+This patch was copied from Debian.  It is needed on armhf.
+
+--- a/build/make/configure.sh	2013-12-17 18:18:46.904410454 +0100
++++ b/build/make/configure.sh	2013-12-17 18:19:58.720758736 +0100
+@@ -799,7 +799,6 @@
+ 
+         case ${tgt_cc} in
+         gcc)
+-            CROSS=${CROSS:-arm-none-linux-gnueabi-}
+             link_with_cc=gcc
+             setup_gnu_toolchain
+             arch_int=${tgt_isa##armv}
+@@ -822,10 +821,6 @@
+                     check_add_cflags -mfpu=neon #-ftree-vectorize
+                     check_add_asflags -mfpu=neon
+                 fi
+-
+-                if [ -z "${tune_cpu}" ]; then
+-                    tune_cpu=cortex-a8
+-                fi
+             else
+                 check_add_cflags -march=${tgt_isa}
+                 check_add_asflags -march=${tgt_isa}
diff --git a/gnu/packages/patches/libvpx-fix-ssse3-quantize.patch b/gnu/packages/patches/libvpx-fix-ssse3-quantize.patch
new file mode 100644
index 0000000000..74138e8d49
--- /dev/null
+++ b/gnu/packages/patches/libvpx-fix-ssse3-quantize.patch
@@ -0,0 +1,32 @@
+commit 0d43bd77e5f429467fbd280a7b8f7fbc0bfe1809
+Author: Yunqing Wang <yunqingwang@google.com>
+Date:   Fri Feb 7 14:27:07 2014 -0800
+
+    Bug fix in ssse3 quantize function
+    
+    A bug was reported in Issue 702: "SIGILL (Illegal instruction) when
+    transcoding with vp9 - using FFmpeg". It was reproduced and fixed.
+    
+    Change-Id: Ie32c149a89af02856084aeaf289e848a905c7700
+
+diff --git a/vp9/encoder/x86/vp9_quantize_ssse3.asm b/vp9/encoder/x86/vp9_quantize_ssse3.asm
+index db30660..48ccef8 100644
+--- a/vp9/encoder/x86/vp9_quantize_ssse3.asm
++++ b/vp9/encoder/x86/vp9_quantize_ssse3.asm
+@@ -188,7 +188,8 @@ cglobal quantize_%1, 0, %2, 15, coeff, ncoeff, skip, zbin, round, quant, \
+   pmaxsw                          m8, m7
+   pshuflw                         m7, m8, 0x1
+   pmaxsw                          m8, m7
+-  pextrw                        [r2], m8, 0
++  pextrw                          r6, m8, 0
++  mov                             [r2], r6
+   RET
+ 
+   ; skip-block, i.e. just write all zeroes
+@@ -214,5 +215,5 @@ cglobal quantize_%1, 0, %2, 15, coeff, ncoeff, skip, zbin, round, quant, \
+ %endmacro
+ 
+ INIT_XMM ssse3
+-QUANTIZE_FN b, 6
++QUANTIZE_FN b, 7
+ QUANTIZE_FN b_32x32, 7
diff --git a/gnu/packages/patches/libvpx-vp9-out-of-bounds-access.patch b/gnu/packages/patches/libvpx-vp9-out-of-bounds-access.patch
new file mode 100644
index 0000000000..6aec8aa2f0
--- /dev/null
+++ b/gnu/packages/patches/libvpx-vp9-out-of-bounds-access.patch
@@ -0,0 +1,35 @@
+Copied from Debian.
+
+# HG changeset patch
+# User Ralph Giles <giles@mozilla.com>
+# Date 1412209683 25200
+# Node ID 6023f0b4f8ba49dd117106cc98cd8007c2142bf6
+# Parent  8c431dcec0ffde13988d47eacf341113ea883245
+Bug 1063327 - Reject vp9 frames with invalid tiles. r=kinetik, a=abillings
+
+diff --git a/vp9/decoder/vp9_decodframe.c b/vp9/decoder/vp9_decodframe.c
+--- a/vp9/decoder/vp9_decodframe.c
++++ b/vp9/decoder/vp9_decodframe.c
+@@ -863,16 +863,21 @@ static size_t get_tile(const uint8_t *co
+ 
+   if (!is_last) {
+     if (!read_is_valid(*data, 4, data_end))
+       vpx_internal_error(error_info, VPX_CODEC_CORRUPT_FRAME,
+           "Truncated packet or corrupt tile length");
+ 
+     size = read_be32(*data);
+     *data += 4;
++
++    if (size > data_end - *data) {
++      vpx_internal_error(error_info, VPX_CODEC_CORRUPT_FRAME,
++          "Truncated packet or corrupt tile size");
++    }
+   } else {
+     size = data_end - *data;
+   }
+   return size;
+ }
+ 
+ typedef struct TileBuffer {
+   const uint8_t *data;
+