summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordrochner <drochner@pkgsrc.org>2008-04-18 14:01:22 +0000
committerdrochner <drochner@pkgsrc.org>2008-04-18 14:01:22 +0000
commit458733e9f0fb9b879af37b7ed1a0bbdccaff8ba0 (patch)
tree38b1baf8719059d9fa461225d533a19b32a607fe
parent36c95a3c1d26bd79d1e9f0d991689b28d3ee7f44 (diff)
downloadpkgsrc-458733e9f0fb9b879af37b7ed1a0bbdccaff8ba0.tar.gz
xine security patch of the day: fix possible buffer overflow in
nsf parser (SA29850), patch from upstream CVS, bump PKGREVISION
-rw-r--r--multimedia/xine-lib/Makefile4
-rw-r--r--multimedia/xine-lib/distinfo3
-rw-r--r--multimedia/xine-lib/patches/patch-ay17
3 files changed, 22 insertions, 2 deletions
diff --git a/multimedia/xine-lib/Makefile b/multimedia/xine-lib/Makefile
index d301532bf4d..a9adfd5cb89 100644
--- a/multimedia/xine-lib/Makefile
+++ b/multimedia/xine-lib/Makefile
@@ -1,7 +1,9 @@
-# $NetBSD: Makefile,v 1.57 2008/04/10 11:48:58 drochner Exp $
+# $NetBSD: Makefile,v 1.58 2008/04/18 14:01:22 drochner Exp $
.include "Makefile.common"
+PKGREVISION= 1
+
COMMENT= Multimedia player library
BUILDLINK_API_DEPENDS.vcdimager+= vcdimager>=0.7.20nb1
diff --git a/multimedia/xine-lib/distinfo b/multimedia/xine-lib/distinfo
index a7967e4aae7..fb9e6558d36 100644
--- a/multimedia/xine-lib/distinfo
+++ b/multimedia/xine-lib/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.54 2008/04/15 19:25:28 drochner Exp $
+$NetBSD: distinfo,v 1.55 2008/04/18 14:01:22 drochner Exp $
SHA1 (xine-lib-1.1.12.tar.bz2) = a27872a4292e2ce6c35018a1cbbf7a88eecda8cd
RMD160 (xine-lib-1.1.12.tar.bz2) = 305c1b3787a4191083b9793281ce3f3043d65fcb
@@ -20,6 +20,7 @@ SHA1 (patch-as) = a0a93a256589e87a66eef31494441aa1b200f834
SHA1 (patch-av) = acbb2ffbaf72b4744538d996be95321e8eb23fd9
SHA1 (patch-aw) = 78ab44197a6b9f85e4b272d522ce254de4d557dc
SHA1 (patch-ax) = 71f2619aa750a51a641922d482b29ea998e8ab48
+SHA1 (patch-ay) = a4079a11f4a399010408e146684b878cd5eb584a
SHA1 (patch-be) = e1a0856361c26d924ce12794e9f7eb0174857100
SHA1 (patch-bg) = 10eb076d087a40ac5f7920794ff7b34f2aa0495b
SHA1 (patch-cb) = 08d9920022988d2764d941cfa8b1aa5602a0ec81
diff --git a/multimedia/xine-lib/patches/patch-ay b/multimedia/xine-lib/patches/patch-ay
new file mode 100644
index 00000000000..2f97e27e218
--- /dev/null
+++ b/multimedia/xine-lib/patches/patch-ay
@@ -0,0 +1,17 @@
+$NetBSD: patch-ay,v 1.5 2008/04/18 14:01:22 drochner Exp $
+
+--- src/demuxers/demux_nsf.c.orig 2008-04-18 15:12:10.000000000 +0200
++++ src/demuxers/demux_nsf.c
+@@ -106,9 +106,9 @@ static int open_nsf_file(demux_nsf_t *th
+
+ this->total_songs = header[6];
+ this->current_song = header[7];
+- this->title = strdup(&header[0x0E]);
+- this->artist = strdup(&header[0x2E]);
+- this->copyright = strdup(&header[0x4E]);
++ this->title = strndup((char*)&header[0x0E], 0x20);
++ this->artist = strndup((char*)&header[0x2E], 0x20);
++ this->copyright = strndup((char*)&header[0x4E], 0x20);
+
+ this->filesize = this->input->get_length(this->input);
+