two security patches: Real RTSP heap overflow, MMST heap overflow

(both patches published on the mplayer website) bump PKGREVISION of affected pkgs
author: drochner <drochner@pkgsrc.org> 2005-04-16 17:43:09 +0000
committer: drochner <drochner@pkgsrc.org> 2005-04-16 17:43:09 +0000
commit: 2f23636dfa03f77d4c87c1ebce67997182006009 (patch)
tree: 086a254d2d03044b448125267b77f47c7e5700cf /multimedia/mplayer-share
parent: 437e7c03a572fe10a960d36ff338418412805e6f (diff)
download: pkgsrc-2f23636dfa03f77d4c87c1ebce67997182006009.tar.gz
3 files changed, 41 insertions, 1 deletions
diff --git a/multimedia/mplayer-share/distinfo b/multimedia/mplayer-share/distinfo
index 98304a7ac71..133c7ef0a37 100644
--- a/multimedia/mplayer-share/distinfo
+++ b/multimedia/mplayer-share/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.17 2005/02/24 11:24:04 agc Exp $
+$NetBSD: distinfo,v 1.18 2005/04/16 17:43:09 drochner Exp $
 
 SHA1 (mplayer-1.0rc6/MPlayer-1.0pre6a.tar.bz2) = 15acd1edf1e6ebb1dada81cdfcbfd3bc62d6bc0c
 RMD160 (mplayer-1.0rc6/MPlayer-1.0pre6a.tar.bz2) = a0e866906bd9f87b93ad35e47aaa24f69ef7224e
@@ -17,3 +17,5 @@ SHA1 (patch-ab) = 68e81c67cd3902499f912d3ca8c6d6bc208a2433
 SHA1 (patch-ac) = 696183adc3777cb4d9bc4b6d96d5cb7c88ec489d
 SHA1 (patch-ad) = 95c8741263b822e20eea3da00ca64923ed91c53b
 SHA1 (patch-ae) = e3b1a98d86f377b84a4f92673f878d287ae5aa6d
+SHA1 (patch-ba) = be78ddba2d58230cf12f186b746d46b01c2836bc
+SHA1 (patch-bb) = 90e635cf521d8ba0f3f4e9dafc1e298abf8e315f
diff --git a/multimedia/mplayer-share/patches/patch-ba b/multimedia/mplayer-share/patches/patch-ba
new file mode 100644
index 00000000000..04a9f0cce6f
--- /dev/null
+++ b/multimedia/mplayer-share/patches/patch-ba
@@ -0,0 +1,21 @@
+$NetBSD: patch-ba,v 1.3 2005/04/16 17:43:09 drochner Exp $
+
+--- libmpdemux/realrtsp/rtsp.c.orig	2005-04-16 21:08:44.000000000 +0200
++++ libmpdemux/realrtsp/rtsp.c
+@@ -397,6 +397,7 @@ static int rtsp_get_answers(rtsp_t *s) {
+   unsigned int answer_seq;
+   char **answer_ptr=s->answers;
+   int code;
++  int ans_count = 0;
+   
+   answer=rtsp_get(s);
+   if (!answer)
+@@ -448,7 +449,7 @@ static int rtsp_get_answers(rtsp_t *s) {
+     }
+     *answer_ptr=answer;
+     answer_ptr++;
+-  } while (strlen(answer)!=0);
++  } while ((strlen(answer)!=0) && (++ans_count < MAX_FIELDS));
+   
+   s->cseq++;
+   
diff --git a/multimedia/mplayer-share/patches/patch-bb b/multimedia/mplayer-share/patches/patch-bb
new file mode 100644
index 00000000000..ab078d1180c
--- /dev/null
+++ b/multimedia/mplayer-share/patches/patch-bb
@@ -0,0 +1,17 @@
+$NetBSD: patch-bb,v 1.3 2005/04/16 17:43:09 drochner Exp $
+
+--- libmpdemux/asf_mmst_streaming.c.orig	2005-04-16 21:10:36.000000000 +0200
++++ libmpdemux/asf_mmst_streaming.c
+@@ -334,8 +334,12 @@ static int interp_header (uint8_t *heade
+ 
+       printf ("stream object, stream id: %d\n", stream_id);
+ 
++      if (num_stream_ids < 20) {
+       stream_ids[num_stream_ids] = stream_id;
+       num_stream_ids++;
++      } else {
++	printf ("too many id, stream skipped");
++      }
+       
+     } else {
+       printf ("unknown object\n");
author	drochner <drochner@pkgsrc.org>	2005-04-16 17:43:09 +0000
committer	drochner <drochner@pkgsrc.org>	2005-04-16 17:43:09 +0000
commit	2f23636dfa03f77d4c87c1ebce67997182006009 (patch)
tree	086a254d2d03044b448125267b77f47c7e5700cf /multimedia/mplayer-share
parent	437e7c03a572fe10a960d36ff338418412805e6f (diff)
download	pkgsrc-2f23636dfa03f77d4c87c1ebce67997182006009.tar.gz