Add a patch for CVE-2008-1558 to mplayer. This fixes a buffer overflow in

the RealRTSP SDP code which can be exploited to execute arbitrary code remotely.
author: tonnerre <tonnerre@pkgsrc.org> 2008-05-11 03:46:24 +0000
committer: tonnerre <tonnerre@pkgsrc.org> 2008-05-11 03:46:24 +0000
commit: 634506bef23903dd1decb383d17f9c38854922e7 (patch)
tree: 319951d0a442a84760ff9a5c05e855493492c29c /multimedia/mplayer-share/patches
parent: c38d6a330e33f04a6b2410285a610e3a8ccb8a57 (diff)
download: pkgsrc-634506bef23903dd1decb383d17f9c38854922e7.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/multimedia/mplayer-share/patches/patch-al b/multimedia/mplayer-share/patches/patch-al
new file mode 100644
index 00000000000..fa13b92065b
--- /dev/null
+++ b/multimedia/mplayer-share/patches/patch-al
@@ -0,0 +1,14 @@
+$NetBSD: patch-al,v 1.3 2008/05/11 03:46:24 tonnerre Exp $
+
+--- stream/realrtsp/sdpplin.c.orig	2007-10-07 21:49:25.000000000 +0200
++++ stream/realrtsp/sdpplin.c
+@@ -330,7 +330,8 @@ sdpplin_t *sdpplin_parse(char *data) {
+     
+     if(filter(data,"a=StreamCount:integer;",&buf)) {
+       desc->stream_count=(unsigned int)atoi(buf);
+-      desc->stream=malloc(sizeof(sdpplin_stream_t*)*desc->stream_count);
++      desc->stream=calloc(desc->stream_count, sizeof(sdpplin_stream_t*));
++      if (!desc->stream) desc->stream_count = 0;
+       handled=1;
+       data=nl(data);
+     }
author	tonnerre <tonnerre@pkgsrc.org>	2008-05-11 03:46:24 +0000
committer	tonnerre <tonnerre@pkgsrc.org>	2008-05-11 03:46:24 +0000
commit	634506bef23903dd1decb383d17f9c38854922e7 (patch)
tree	319951d0a442a84760ff9a5c05e855493492c29c /multimedia/mplayer-share/patches
parent	c38d6a330e33f04a6b2410285a610e3a8ccb8a57 (diff)
download	pkgsrc-634506bef23903dd1decb383d17f9c38854922e7.tar.gz