diff options
author | drochner <drochner> | 2009-04-05 13:15:01 +0000 |
---|---|---|
committer | drochner <drochner> | 2009-04-05 13:15:01 +0000 |
commit | 33a65f7dddca12d05c575237e2c083084124ff78 (patch) | |
tree | 36a3ad9c7cdc7e0492ad590e906c36e296e982f9 | |
parent | 7e93043a89a68f4ef7d764aef941178876a79aec (diff) | |
download | pkgsrc-33a65f7dddca12d05c575237e2c083084124ff78.tar.gz |
add a patch from upstream CVS to fix an integer overflow in the
Quicktime demuxer, bump PKGREVISION
-rw-r--r-- | multimedia/xine-lib/Makefile | 4 | ||||
-rw-r--r-- | multimedia/xine-lib/distinfo | 3 | ||||
-rw-r--r-- | multimedia/xine-lib/patches/patch-ay | 26 |
3 files changed, 30 insertions, 3 deletions
diff --git a/multimedia/xine-lib/Makefile b/multimedia/xine-lib/Makefile index dba955d4401..09da8c41ba0 100644 --- a/multimedia/xine-lib/Makefile +++ b/multimedia/xine-lib/Makefile @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.68 2009/02/19 12:58:03 drochner Exp $ +# $NetBSD: Makefile,v 1.69 2009/04/05 13:15:01 drochner Exp $ PKG_DESTDIR_SUPPORT= user-destdir .include "Makefile.common" -#PKGREVISION= 1 +PKGREVISION= 1 COMMENT= Multimedia player library diff --git a/multimedia/xine-lib/distinfo b/multimedia/xine-lib/distinfo index a35455df177..1ab21194912 100644 --- a/multimedia/xine-lib/distinfo +++ b/multimedia/xine-lib/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.62 2009/02/19 12:58:03 drochner Exp $ +$NetBSD: distinfo,v 1.63 2009/04/05 13:15:01 drochner Exp $ SHA1 (xine-lib-1.1.16.2.tar.bz2) = faa3d9207d911a535161a3cd5660aa9e6b904c28 RMD160 (xine-lib-1.1.16.2.tar.bz2) = 80da6bf2127bc349dbbc9da0f5529869110678b4 @@ -19,6 +19,7 @@ SHA1 (patch-aq) = f6efa28ab1b9a24b79c18c181a5d309db53172e4 SHA1 (patch-as) = a0a93a256589e87a66eef31494441aa1b200f834 SHA1 (patch-aw) = 78ab44197a6b9f85e4b272d522ce254de4d557dc SHA1 (patch-ax) = 683e2139b1075fc626719327de9e7621887c7332 +SHA1 (patch-ay) = 7bf4d476b7ca26566826355b626e95223c3c5567 SHA1 (patch-be) = 966d057b118728ff509fd4e7f8005ab5b00b5633 SHA1 (patch-bg) = 10eb076d087a40ac5f7920794ff7b34f2aa0495b SHA1 (patch-cb) = 08d9920022988d2764d941cfa8b1aa5602a0ec81 diff --git a/multimedia/xine-lib/patches/patch-ay b/multimedia/xine-lib/patches/patch-ay new file mode 100644 index 00000000000..9630bd4f2f8 --- /dev/null +++ b/multimedia/xine-lib/patches/patch-ay @@ -0,0 +1,26 @@ +$NetBSD: patch-ay,v 1.7 2009/04/05 13:15:01 drochner Exp $ + +--- src/demuxers/demux_qt.c.orig 2009-04-05 11:28:05.000000000 +0200 ++++ src/demuxers/demux_qt.c +@@ -1535,7 +1535,8 @@ static qt_error parse_trak_atom (qt_trak + } else if (current_atom == STTS_ATOM) { + + /* there should only be one of these atoms */ +- if (trak->time_to_sample_table) { ++ if (trak->time_to_sample_table ++ || current_atom_size < 12 || current_atom_size >= UINT_MAX) { + last_error = QT_HEADER_TROUBLE; + goto free_trak; + } +@@ -1545,6 +1546,11 @@ static qt_error parse_trak_atom (qt_trak + debug_atom_load(" qt stts atom (time-to-sample atom): %d entries\n", + trak->time_to_sample_count); + ++ if (trak->time_to_sample_count > (current_atom_size - 12) / 8) { ++ last_error = QT_HEADER_TROUBLE; ++ goto free_trak; ++ } ++ + trak->time_to_sample_table = (time_to_sample_table_t *)calloc( + trak->time_to_sample_count+1, sizeof(time_to_sample_table_t)); + if (!trak->time_to_sample_table) { |