diff options
| author | tron <tron> | 2008-10-02 12:32:41 +0000 |
|---|---|---|
| committer | tron <tron> | 2008-10-02 12:32:41 +0000 |
| commit | c882ad5e330f9bac46286db48b1281219dbdfb55 (patch) | |
| tree | 4d35f35039d4afde20842e97ef2b3f324212d828 /multimedia/mplayer-share | |
| parent | 1387d3e9649bce90a53fcfae166085ccbb3febb6 (diff) | |
| download | pkgsrc-c882ad5e330f9bac46286db48b1281219dbdfb55.tar.gz | |
Apply patch from MPlayer subversion repository to fix CVE-2008-3827.
Bump package revisions of "mplayer", "gmplayer" and "mencoder" packages.
Diffstat (limited to 'multimedia/mplayer-share')
| -rw-r--r-- | multimedia/mplayer-share/distinfo | 3 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-am | 28 |
2 files changed, 30 insertions, 1 deletions
diff --git a/multimedia/mplayer-share/distinfo b/multimedia/mplayer-share/distinfo index 65fd9fd020a..be809912c37 100644 --- a/multimedia/mplayer-share/distinfo +++ b/multimedia/mplayer-share/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.53 2008/09/09 12:13:13 jmcneill Exp $ +$NetBSD: distinfo,v 1.54 2008/10/02 12:32:41 tron Exp $ SHA1 (mplayer-1.0rc10/MPlayer-1.0rc2.tar.bz2) = e9b496f3527c552004ec6d01d6b43f196b43ce2d RMD160 (mplayer-1.0rc10/MPlayer-1.0rc2.tar.bz2) = 3b5cba1529856a177a5191e22f8dcc00b5a83c52 @@ -15,6 +15,7 @@ SHA1 (patch-ai) = ec79d6a1b0c2790ca826a91a48040c64632ac988 SHA1 (patch-aj) = 772d083dfa5eac789abfd5e925eeeba400bbc527 SHA1 (patch-ak) = 072b4391e5fde58f6b01bd43133f1d017fc14d58 SHA1 (patch-al) = 9538b10cf5b3802381d7aabc798676b3cb9ef00d +SHA1 (patch-am) = bae1e03f7265cb6b07947f052f0774d1c17da88e SHA1 (patch-ba) = 2683c414fed3a4a6d3b4d47287f43d822339bd4e SHA1 (patch-bb) = 26d000bcbc94b9139e6dbc79237fdb3a109c6057 SHA1 (patch-bc) = fd46ce3cd6d5f7525e210cf6d475b89573ca988d diff --git a/multimedia/mplayer-share/patches/patch-am b/multimedia/mplayer-share/patches/patch-am new file mode 100644 index 00000000000..bce7631dc07 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-am @@ -0,0 +1,28 @@ +$NetBSD: patch-am,v 1.1 2008/10/02 12:32:41 tron Exp $ + +--- libmpdemux/demux_real.c.orig 2007-10-07 20:49:33.000000000 +0100 ++++ libmpdemux/demux_real.c 2008-10-02 13:04:25.000000000 +0100 +@@ -958,6 +958,7 @@ + // last fragment! + if(dp_hdr->len!=vpkg_length-vpkg_offset) + mp_msg(MSGT_DEMUX,MSGL_V,"warning! assembled.len=%d frag.len=%d total.len=%d \n",dp->len,vpkg_offset,vpkg_length-vpkg_offset); ++ if (vpkg_offset > dp->len - sizeof(dp_hdr_t) - dp_hdr->len) vpkg_offset = dp->len - sizeof(dp_hdr_t) - dp_hdr->len; + stream_read(demuxer->stream, dp_data+dp_hdr->len, vpkg_offset); + if((dp_data[dp_hdr->len]&0x20) && (sh_video->format==0x30335652)) --dp_hdr->chunks; else + dp_hdr->len+=vpkg_offset; +@@ -981,6 +982,7 @@ + // non-last fragment: + if(dp_hdr->len!=vpkg_offset) + mp_msg(MSGT_DEMUX,MSGL_V,"warning! assembled.len=%d offset=%d frag.len=%d total.len=%d \n",dp->len,vpkg_offset,len,vpkg_length); ++ if (len > dp->len - sizeof(dp_hdr_t) - dp_hdr->len) len = dp->len - sizeof(dp_hdr_t) - dp_hdr->len; + stream_read(demuxer->stream, dp_data+dp_hdr->len, len); + if((dp_data[dp_hdr->len]&0x20) && (sh_video->format==0x30335652)) --dp_hdr->chunks; else + dp_hdr->len+=len; +@@ -1003,6 +1005,7 @@ + extra[0]=1; extra[1]=0; // offset of the first chunk + if(0x00==(vpkg_header&0xc0)){ + // first fragment: ++ if (len > dp->len - sizeof(dp_hdr_t)) len = dp->len - sizeof(dp_hdr_t); + dp_hdr->len=len; + stream_read(demuxer->stream, dp_data, len); + ds->asf_packet=dp; |