diff options
| author | rtr <rtr> | 2009-02-01 03:50:57 +0000 |
|---|---|---|
| committer | rtr <rtr> | 2009-02-01 03:50:57 +0000 |
| commit | a622a330128338e6f62ed9a3ae6e0afcf97c0d19 (patch) | |
| tree | 59afe12ac2f4709c616d993decbcd7f33d661c21 | |
| parent | fbe12d2f58d578aa877a8d92b32e40bc2bf60870 (diff) | |
| download | pkgsrc-a622a330128338e6f62ed9a3ae6e0afcf97c0d19.tar.gz | |
pullup ticket #2672 - requested by tron
ffmpeg: fix buffer overflow
revisions pulled up:
pkgsrc/multimedia/ffmpeg/Makefile 1.47
pkgsrc/multimedia/ffmpeg/distinfo 1.22
pkgsrc/multimedia/ffmpeg/patches/patch-4xm 1.1
Module Name: pkgsrc
Committed By: tron
Date: Thu Jan 29 15:02:13 UTC 2009
Modified Files:
pkgsrc/multimedia/ffmpeg: Makefile distinfo
Added Files:
pkgsrc/multimedia/ffmpeg/patches: patch-4xm
Log Message:
Add fix for buffer overflow in 4xm movie format decoder based on a
patch from "ffmpeg" SVN.
| -rw-r--r-- | multimedia/ffmpeg/Makefile | 4 | ||||
| -rw-r--r-- | multimedia/ffmpeg/distinfo | 3 | ||||
| -rw-r--r-- | multimedia/ffmpeg/patches/patch-4xm | 22 |
3 files changed, 26 insertions, 3 deletions
diff --git a/multimedia/ffmpeg/Makefile b/multimedia/ffmpeg/Makefile index 043636ae64c..0a72849fb02 100644 --- a/multimedia/ffmpeg/Makefile +++ b/multimedia/ffmpeg/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.46 2008/12/18 16:31:53 bjs Exp $ +# $NetBSD: Makefile,v 1.46.2.1 2009/02/01 03:50:57 rtr Exp $ DISTNAME= ffmpeg-${DISTVERSION} PKGNAME= ffmpeg-${DISTVERSION:S/-//g} -PKGREVISION= 6 +PKGREVISION= 7 CATEGORIES= multimedia MASTER_SITES= ${MASTER_SITE_FREEBSD} EXTRACT_SUFX= .tar.bz2 diff --git a/multimedia/ffmpeg/distinfo b/multimedia/ffmpeg/distinfo index cb90a9d0f2e..995af9c247a 100644 --- a/multimedia/ffmpeg/distinfo +++ b/multimedia/ffmpeg/distinfo @@ -1,8 +1,9 @@ -$NetBSD: distinfo,v 1.21 2008/12/18 16:31:53 bjs Exp $ +$NetBSD: distinfo,v 1.21.2.1 2009/02/01 03:50:57 rtr Exp $ SHA1 (ffmpeg-2008-07-27.tar.bz2) = 103acde7a0f02aa1c32d5dab5bf187c94441c479 RMD160 (ffmpeg-2008-07-27.tar.bz2) = e69128fc034a3f8b0fd561f1e6ecc04dd118a977 Size (ffmpeg-2008-07-27.tar.bz2) = 2581976 bytes +SHA1 (patch-4xm) = 179f817eae8bb2ac122a2f451e13ddb22e4c23c5 SHA1 (patch-bktr) = dddf7149810d227f531e5a198445fc0d1893bece SHA1 (patch-configure) = 747593b082f428ac1f79c6d9cad8773326351a83 SHA1 (patch-imgconvert.c) = 3c0a9f98ddb767db6f46a02fc64451c0a79b1cbc diff --git a/multimedia/ffmpeg/patches/patch-4xm b/multimedia/ffmpeg/patches/patch-4xm new file mode 100644 index 00000000000..4175a6b216d --- /dev/null +++ b/multimedia/ffmpeg/patches/patch-4xm @@ -0,0 +1,22 @@ +$NetBSD: patch-4xm,v 1.1.2.2 2009/02/01 03:50:57 rtr Exp $ + +Patch for buffer overflow based on this change: +http://svn.ffmpeg.org/ffmpeg/trunk/libavformat/4xm.c?r1=16838&r2=16846 + +--- libavformat/4xm.c.orig 2009-01-29 14:33:19.000000000 +0000 ++++ libavformat/4xm.c 2009-01-29 14:37:44.000000000 +0000 +@@ -163,10 +163,12 @@ + return AVERROR_INVALIDDATA; + } + current_track = AV_RL32(&header[i + 8]); ++ if((unsigned)current_track >= UINT_MAX / sizeof(AudioTrack) - 1){ ++ av_log(s, AV_LOG_ERROR, "current_track too large\n"); ++ return -1; ++ } + if (current_track + 1 > fourxm->track_count) { + fourxm->track_count = current_track + 1; +- if((unsigned)fourxm->track_count >= UINT_MAX / sizeof(AudioTrack)) +- return -1; + fourxm->tracks = av_realloc(fourxm->tracks, + fourxm->track_count * sizeof(AudioTrack)); + if (!fourxm->tracks) { |