summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordrochner <drochner>2009-04-05 13:15:01 +0000
committerdrochner <drochner>2009-04-05 13:15:01 +0000
commit33a65f7dddca12d05c575237e2c083084124ff78 (patch)
tree36a3ad9c7cdc7e0492ad590e906c36e296e982f9
parent7e93043a89a68f4ef7d764aef941178876a79aec (diff)
downloadpkgsrc-33a65f7dddca12d05c575237e2c083084124ff78.tar.gz
add a patch from upstream CVS to fix an integer overflow in the
Quicktime demuxer, bump PKGREVISION
-rw-r--r--multimedia/xine-lib/Makefile4
-rw-r--r--multimedia/xine-lib/distinfo3
-rw-r--r--multimedia/xine-lib/patches/patch-ay26
3 files changed, 30 insertions, 3 deletions
diff --git a/multimedia/xine-lib/Makefile b/multimedia/xine-lib/Makefile
index dba955d4401..09da8c41ba0 100644
--- a/multimedia/xine-lib/Makefile
+++ b/multimedia/xine-lib/Makefile
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.68 2009/02/19 12:58:03 drochner Exp $
+# $NetBSD: Makefile,v 1.69 2009/04/05 13:15:01 drochner Exp $
PKG_DESTDIR_SUPPORT= user-destdir
.include "Makefile.common"
-#PKGREVISION= 1
+PKGREVISION= 1
COMMENT= Multimedia player library
diff --git a/multimedia/xine-lib/distinfo b/multimedia/xine-lib/distinfo
index a35455df177..1ab21194912 100644
--- a/multimedia/xine-lib/distinfo
+++ b/multimedia/xine-lib/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.62 2009/02/19 12:58:03 drochner Exp $
+$NetBSD: distinfo,v 1.63 2009/04/05 13:15:01 drochner Exp $
SHA1 (xine-lib-1.1.16.2.tar.bz2) = faa3d9207d911a535161a3cd5660aa9e6b904c28
RMD160 (xine-lib-1.1.16.2.tar.bz2) = 80da6bf2127bc349dbbc9da0f5529869110678b4
@@ -19,6 +19,7 @@ SHA1 (patch-aq) = f6efa28ab1b9a24b79c18c181a5d309db53172e4
SHA1 (patch-as) = a0a93a256589e87a66eef31494441aa1b200f834
SHA1 (patch-aw) = 78ab44197a6b9f85e4b272d522ce254de4d557dc
SHA1 (patch-ax) = 683e2139b1075fc626719327de9e7621887c7332
+SHA1 (patch-ay) = 7bf4d476b7ca26566826355b626e95223c3c5567
SHA1 (patch-be) = 966d057b118728ff509fd4e7f8005ab5b00b5633
SHA1 (patch-bg) = 10eb076d087a40ac5f7920794ff7b34f2aa0495b
SHA1 (patch-cb) = 08d9920022988d2764d941cfa8b1aa5602a0ec81
diff --git a/multimedia/xine-lib/patches/patch-ay b/multimedia/xine-lib/patches/patch-ay
new file mode 100644
index 00000000000..9630bd4f2f8
--- /dev/null
+++ b/multimedia/xine-lib/patches/patch-ay
@@ -0,0 +1,26 @@
+$NetBSD: patch-ay,v 1.7 2009/04/05 13:15:01 drochner Exp $
+
+--- src/demuxers/demux_qt.c.orig 2009-04-05 11:28:05.000000000 +0200
++++ src/demuxers/demux_qt.c
+@@ -1535,7 +1535,8 @@ static qt_error parse_trak_atom (qt_trak
+ } else if (current_atom == STTS_ATOM) {
+
+ /* there should only be one of these atoms */
+- if (trak->time_to_sample_table) {
++ if (trak->time_to_sample_table
++ || current_atom_size < 12 || current_atom_size >= UINT_MAX) {
+ last_error = QT_HEADER_TROUBLE;
+ goto free_trak;
+ }
+@@ -1545,6 +1546,11 @@ static qt_error parse_trak_atom (qt_trak
+ debug_atom_load(" qt stts atom (time-to-sample atom): %d entries\n",
+ trak->time_to_sample_count);
+
++ if (trak->time_to_sample_count > (current_atom_size - 12) / 8) {
++ last_error = QT_HEADER_TROUBLE;
++ goto free_trak;
++ }
++
+ trak->time_to_sample_table = (time_to_sample_table_t *)calloc(
+ trak->time_to_sample_count+1, sizeof(time_to_sample_table_t));
+ if (!trak->time_to_sample_table) {