summaryrefslogtreecommitdiff
path: root/multimedia/mplayer-share
diff options
context:
space:
mode:
authordrochner <drochner@pkgsrc.org>2007-01-09 14:49:33 +0000
committerdrochner <drochner@pkgsrc.org>2007-01-09 14:49:33 +0000
commitf412506948ed5e7e88007dc699d3c49bf090fab8 (patch)
treee8376a4d1a88b79c49c8d4b8b2bf34565c3a2283 /multimedia/mplayer-share
parenta9b8d97d09ae14f32c040020a71d16f73e39fd9e (diff)
downloadpkgsrc-f412506948ed5e7e88007dc699d3c49bf090fab8.tar.gz
add limit check to real parser (identical to CVE-2006-6172)
from mplayer svn bump PKGREVISIONs
Diffstat (limited to 'multimedia/mplayer-share')
-rw-r--r--multimedia/mplayer-share/distinfo5
-rw-r--r--multimedia/mplayer-share/patches/patch-ba25
-rw-r--r--multimedia/mplayer-share/patches/patch-bb13
-rw-r--r--multimedia/mplayer-share/patches/patch-bc13
4 files changed, 55 insertions, 1 deletions
diff --git a/multimedia/mplayer-share/distinfo b/multimedia/mplayer-share/distinfo
index ab0218cc110..ce9c2965f43 100644
--- a/multimedia/mplayer-share/distinfo
+++ b/multimedia/mplayer-share/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.35 2006/11/30 14:03:13 abs Exp $
+$NetBSD: distinfo,v 1.36 2007/01/09 14:49:33 drochner Exp $
SHA1 (mplayer-1.0rc9/MPlayer-1.0rc1.tar.bz2) = a450c0b0749c343a8496ba7810363c9d46dfa73c
RMD160 (mplayer-1.0rc9/MPlayer-1.0rc1.tar.bz2) = 8cea02e832aec5d9e090829d61d0f131dcc177a2
@@ -8,4 +8,7 @@ SHA1 (patch-ab) = 29bf59ecb3d283708ae1c5002d1fa71cac627cc9
SHA1 (patch-ac) = 6d0de4bd41d9842ea1bf46e9fbe60bf6a943b913
SHA1 (patch-ad) = d0b72eaa5e63d2cfd7828ea1a9973f1728c607b5
SHA1 (patch-ah) = 7aeb9f04d622fcad8c40dc9edbb0a58277fc622b
+SHA1 (patch-ba) = bdb20f4ead6f55c0847534b5b1f06ea865e438e6
+SHA1 (patch-bb) = 554ca2074716ada4f817f55be61e808e1dc5c93e
+SHA1 (patch-bc) = c073f6e5d2d71030346fda82ff3a1f474ad49c0f
SHA1 (patch-tc) = e67443cec273d7aa168fb160e2409d2ce352a8bf
diff --git a/multimedia/mplayer-share/patches/patch-ba b/multimedia/mplayer-share/patches/patch-ba
new file mode 100644
index 00000000000..d85cc740ae1
--- /dev/null
+++ b/multimedia/mplayer-share/patches/patch-ba
@@ -0,0 +1,25 @@
+$NetBSD: patch-ba,v 1.5 2007/01/09 14:49:33 drochner Exp $
+
+--- stream/realrtsp/asmrp.c.orig 2006-10-23 00:32:25.000000000 +0200
++++ stream/realrtsp/asmrp.c
+@@ -40,6 +40,7 @@
+ #include <stdlib.h>
+ #include <stdio.h>
+ #include <string.h>
++#include "asmrp.h"
+
+ /*
+ #define LOG
+@@ -645,8 +646,10 @@ static int asmrp_eval (asmrp_t *p, int *
+ #ifdef LOG
+ printf ("rule #%d is true\n", rule_num);
+ #endif
+- matches[num_matches] = rule_num;
+- num_matches++;
++ if(num_matches < MAX_RULEMATCHES - 1)
++ matches[num_matches++] = rule_num;
++ else
++ printf("Ignoring matched asm rule %d, too many matched rules.\n", rule_num);
+ }
+
+ rule_num++;
diff --git a/multimedia/mplayer-share/patches/patch-bb b/multimedia/mplayer-share/patches/patch-bb
new file mode 100644
index 00000000000..6a03902e6c6
--- /dev/null
+++ b/multimedia/mplayer-share/patches/patch-bb
@@ -0,0 +1,13 @@
+$NetBSD: patch-bb,v 1.5 2007/01/09 14:49:33 drochner Exp $
+
+--- stream/realrtsp/real.c.orig 2006-10-23 00:32:25.000000000 +0200
++++ stream/realrtsp/real.c
+@@ -271,7 +271,7 @@ static rmff_header_t *real_parse_sdp(cha
+ int j=0;
+ int n;
+ char b[64];
+- int rulematches[16];
++ int rulematches[MAX_RULEMATCHES];
+
+ #ifdef LOG
+ printf("calling asmrp_match with:\n%s\n%u\n", desc->stream[i]->asm_rule_book, bandwidth);
diff --git a/multimedia/mplayer-share/patches/patch-bc b/multimedia/mplayer-share/patches/patch-bc
new file mode 100644
index 00000000000..330dbdfa0ec
--- /dev/null
+++ b/multimedia/mplayer-share/patches/patch-bc
@@ -0,0 +1,13 @@
+$NetBSD: patch-bc,v 1.3 2007/01/09 14:49:33 drochner Exp $
+
+--- stream/realrtsp/asmrp.h.orig 2006-10-23 00:32:25.000000000 +0200
++++ stream/realrtsp/asmrp.h
+@@ -40,6 +40,8 @@
+ #ifndef HAVE_ASMRP_H
+ #define HAVE_ASMRP_H
+
++#define MAX_RULEMATCHES 16
++
+ int asmrp_match (const char *rules, int bandwidth, int *matches) ;
+
+ #endif