diff options
| author | drochner <drochner@pkgsrc.org> | 2004-07-02 17:07:21 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2004-07-02 17:07:21 +0000 |
| commit | b561128ec825e157c5fab07cbb40290f67cf39c7 (patch) | |
| tree | ee5395673cbf90d30d9103b00cc90528c9a98c23 /multimedia | |
| parent | be918cc63f1e85d656947a6e16128ec844df0d2a (diff) | |
| download | pkgsrc-b561128ec825e157c5fab07cbb40290f67cf39c7.tar.gz | |
apply the patch from the mplayer site to fix buffer overflow
vulnerabilities in the GUI
Diffstat (limited to 'multimedia')
| -rw-r--r-- | multimedia/gmplayer/distinfo | 16 | ||||
| -rw-r--r-- | multimedia/mplayer-share/distinfo | 16 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-aa | 62 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-ba | 19 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-bb | 181 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-bc | 32 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-bd | 107 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-be | 17 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-bf | 62 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-bg | 71 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-bh | 14 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-bi | 52 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-bj | 13 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-bk | 13 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-bl | 26 |
15 files changed, 693 insertions, 8 deletions
diff --git a/multimedia/gmplayer/distinfo b/multimedia/gmplayer/distinfo index 9e7140a8597..e4a39e065b4 100644 --- a/multimedia/gmplayer/distinfo +++ b/multimedia/gmplayer/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.8 2004/06/21 07:01:38 tron Exp $ +$NetBSD: distinfo,v 1.9 2004/07/02 17:07:21 drochner Exp $ SHA1 (mplayer-1.0rc4/MPlayer-1.0pre4.tar.bz2) = 1e9f181589d6bf36e4c59ad013f8b5976447e702 Size (mplayer-1.0rc4/MPlayer-1.0pre4.tar.bz2) = 4913390 bytes @@ -42,5 +42,17 @@ SHA1 (mplayer-1.0rc4/xanim-1.6.tar.bz2) = ea147768cba50e62646216217028a9dac8b8e6 Size (mplayer-1.0rc4/xanim-1.6.tar.bz2) = 94567 bytes SHA1 (mplayer-1.0rc4/xine-lcd-1.2.tar.bz2) = b882ec3e0aceeffb22c425cfd7322bf0f7aaf269 Size (mplayer-1.0rc4/xine-lcd-1.2.tar.bz2) = 172340 bytes -SHA1 (patch-aa) = 93b13909bd489599b3f9a6c4ec1fc3e53411fc17 +SHA1 (patch-aa) = 12c75630628dec1893ea06e0a623cd25c143cf1d SHA1 (patch-ad) = e01b08da4c46c57a50b5306353391b8f9ba7bf6e +SHA1 (patch-ba) = 944cf2d3c99fe0af53bc71c47d5a48aff2bb4671 +SHA1 (patch-bb) = 395045e7e10c2154dce06eebcc04283f6aeac552 +SHA1 (patch-bc) = 900672b8f7c9aa3a66a56c3439607e8eeefedcba +SHA1 (patch-bd) = 0687b9907e7fab7ffbb90a855088031e84123f76 +SHA1 (patch-be) = 159bef14dd6419445c5c530e8d402eb83543f774 +SHA1 (patch-bf) = 5ce3344b3384aa8caa9848e361902ebb0de148da +SHA1 (patch-bg) = 297539d5d53721fdef12ee8ace7be8e50ee7ab50 +SHA1 (patch-bh) = fb757d74e9896fb29c55b87d586e801c7667b8a8 +SHA1 (patch-bi) = ce208ec7d6245a4e5609d61a5d877be0efb67102 +SHA1 (patch-bj) = 5f40f145303434c0869aea061f3e15d555a3b711 +SHA1 (patch-bk) = 31ddf8e0cee55bfac0b34859ef09f660a0404903 +SHA1 (patch-bl) = e778c11a4655127263d1d3ecc573e62167f98557 diff --git a/multimedia/mplayer-share/distinfo b/multimedia/mplayer-share/distinfo index ac8ee5ba552..9d0edfcc0ca 100644 --- a/multimedia/mplayer-share/distinfo +++ b/multimedia/mplayer-share/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.8 2004/06/21 06:28:56 tron Exp $ +$NetBSD: distinfo,v 1.9 2004/07/02 17:07:21 drochner Exp $ SHA1 (mplayer-1.0rc4/MPlayer-1.0pre4.tar.bz2) = 1e9f181589d6bf36e4c59ad013f8b5976447e702 Size (mplayer-1.0rc4/MPlayer-1.0pre4.tar.bz2) = 4913390 bytes @@ -8,5 +8,17 @@ SHA1 (mplayer-1.0rc4/font-arial-iso-8859-2.tar.bz2) = 7b99bbe0e9ba89a57eccbea8f9 Size (mplayer-1.0rc4/font-arial-iso-8859-2.tar.bz2) = 222208 bytes SHA1 (mplayer-1.0rc4/font-arial-cp1250.tar.bz2) = ccf11dce5d0fb72fd3af97f788b7471cd0cd0b68 Size (mplayer-1.0rc4/font-arial-cp1250.tar.bz2) = 249705 bytes -SHA1 (patch-aa) = 93b13909bd489599b3f9a6c4ec1fc3e53411fc17 +SHA1 (patch-aa) = 12c75630628dec1893ea06e0a623cd25c143cf1d SHA1 (patch-ad) = e01b08da4c46c57a50b5306353391b8f9ba7bf6e +SHA1 (patch-ba) = 944cf2d3c99fe0af53bc71c47d5a48aff2bb4671 +SHA1 (patch-bb) = 395045e7e10c2154dce06eebcc04283f6aeac552 +SHA1 (patch-bc) = 900672b8f7c9aa3a66a56c3439607e8eeefedcba +SHA1 (patch-bd) = 0687b9907e7fab7ffbb90a855088031e84123f76 +SHA1 (patch-be) = 159bef14dd6419445c5c530e8d402eb83543f774 +SHA1 (patch-bf) = 5ce3344b3384aa8caa9848e361902ebb0de148da +SHA1 (patch-bg) = 297539d5d53721fdef12ee8ace7be8e50ee7ab50 +SHA1 (patch-bh) = fb757d74e9896fb29c55b87d586e801c7667b8a8 +SHA1 (patch-bi) = ce208ec7d6245a4e5609d61a5d877be0efb67102 +SHA1 (patch-bj) = 5f40f145303434c0869aea061f3e15d555a3b711 +SHA1 (patch-bk) = 31ddf8e0cee55bfac0b34859ef09f660a0404903 +SHA1 (patch-bl) = e778c11a4655127263d1d3ecc573e62167f98557 diff --git a/multimedia/mplayer-share/patches/patch-aa b/multimedia/mplayer-share/patches/patch-aa index 3832af501d2..4ded14b0c86 100644 --- a/multimedia/mplayer-share/patches/patch-aa +++ b/multimedia/mplayer-share/patches/patch-aa @@ -1,6 +1,6 @@ -$NetBSD: patch-aa,v 1.5 2004/05/14 09:27:32 grant Exp $ +$NetBSD: patch-aa,v 1.6 2004/07/02 17:07:21 drochner Exp $ ---- configure.orig Mon Apr 26 11:44:06 2004 +--- configure.orig 2004-07-02 18:36:10.000000000 +0200 +++ configure @@ -375,8 +375,8 @@ for ac_option do _inc_extra=-I`echo $ac_option | cut -d '=' -f 2 | sed 's,:, -I,g'` @@ -40,7 +40,7 @@ $NetBSD: patch-aa,v 1.5 2004/05/14 09:27:32 grant Exp $ _def_arch='#define ARCH_X86_64 1' _target_arch='TARGET_ARCH_X86_64 = yes' iproc='x86_64' -@@ -1587,7 +1587,8 @@ +@@ -1587,7 +1587,8 @@ for ac_option do _inc_x11=-I`echo $ac_option | cut -d '=' -f 2 | sed 's,:, -I,g'` ;; --with-x11libdir=*) @@ -50,7 +50,42 @@ $NetBSD: patch-aa,v 1.5 2004/05/14 09:27:32 grant Exp $ ;; --with-dxr2incdir=*) _inc_dxr2=-I`echo $ac_option | cut -d '=' -f 2 | sed 's,:, -I,g'` -@@ -4653,11 +4653,11 @@ if test "$_matroska_external" != no ; th +@@ -2649,6 +2650,34 @@ else + fi + echores "$_strsep" + ++echocheck "strlcpy()" ++cat > $TMPC << EOF ++#include <string.h> ++int main (void) { char *s = "Hello, world!", t[20]; (void) strlcpy(t, s, sizeof( t )); return 0; } ++EOF ++_strlcpy=no ++cc_check && _strlcpy=yes ++if test "$_strlcpy" = yes ; then ++ _def_strlcpy='#define HAVE_STRLCPY 1' ++else ++ _def_strlcpy='#undef HAVE_STRLCPY' ++fi ++echores "$_strlcpy" ++ ++echocheck "strlcat()" ++cat > $TMPC << EOF ++#include <string.h> ++int main (void) { char *s = "Hello, world!", t[20]; (void) strlcat(t, s, sizeof( t )); return 0; } ++EOF ++_strlcat=no ++cc_check && _strlcat=yes ++if test "$_strlcat" = yes ; then ++ _def_strlcat='#define HAVE_STRLCAT 1' ++else ++ _def_strlcat='#undef HAVE_STRLCAT' ++fi ++echores "$_strlcat" ++ + echocheck "fseeko()" + cat > $TMPC << EOF + #include <stdio.h> +@@ -4653,11 +4682,11 @@ if test "$_matroska_external" != no ; th int main(void) { return 0; } EOF @@ -64,3 +99,22 @@ $NetBSD: patch-aa,v 1.5 2004/05/14 09:27:32 grant Exp $ if test "$_matroska_external" = no ; then _inc_extra=$_saved_inc_extra fi +@@ -6272,6 +6301,18 @@ $_def_scandir + /* Define this if your system has strsep */ + $_def_strsep + ++/* Define this if your system has strlcpy */ ++$_def_strlcpy ++#ifndef HAVE_STRLCPY ++unsigned int strlcpy (char *dest, char *src, unsigned int size); ++#endif ++ ++/* Define this if your system has strlcat */ ++$_def_strlcat ++#ifndef HAVE_STRLCAT ++unsigned int strlcat (char *dest, char *src, unsigned int size); ++#endif ++ + /* Define this if your system has fseeko */ + $_def_fseeko + #ifndef HAVE_FSEEKO diff --git a/multimedia/mplayer-share/patches/patch-ba b/multimedia/mplayer-share/patches/patch-ba new file mode 100644 index 00000000000..f134f68b097 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-ba @@ -0,0 +1,19 @@ +$NetBSD: patch-ba,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- Gui/interface.c.orig 2004-03-25 22:49:47.000000000 +0100 ++++ Gui/interface.c +@@ -54,8 +54,12 @@ char * gstrcat( char ** dest,char * src + if ( *dest ) + { + tmp=malloc( strlen( *dest ) + strlen( src ) + 1 ); +- strcpy( tmp,*dest ); strcat( tmp,src ); free( *dest ); +- } ++ ++ if ( tmp ) /* TODO: advanced error handling */ ++ { ++ strcpy( tmp,*dest ); strcat( tmp,src ); free( *dest ); ++ } ++ } + else + { tmp=malloc( strlen( src ) + 1 ); strcpy( tmp,src ); } + *dest=tmp; diff --git a/multimedia/mplayer-share/patches/patch-bb b/multimedia/mplayer-share/patches/patch-bb new file mode 100644 index 00000000000..bbe0b4bb9ff --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-bb @@ -0,0 +1,181 @@ +$NetBSD: patch-bb,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- Gui/mplayer/common.c.orig 2003-03-20 13:42:09.000000000 +0100 ++++ Gui/mplayer/common.c +@@ -32,35 +32,39 @@ + + extern unsigned int GetTimerMS( void ); + +-inline void TranslateFilename( int c,char * tmp ) ++inline void TranslateFilename( int c,char * tmp,size_t tmplen ) + { + int i; ++ char * p; ++ + switch ( guiIntfStruct.StreamType ) + { + case STREAMTYPE_STREAM: +- strcpy( tmp,guiIntfStruct.Filename ); ++ strlcpy(tmp, guiIntfStruct.Filename, tmplen); + break; + case STREAMTYPE_FILE: + if ( ( guiIntfStruct.Filename )&&( guiIntfStruct.Filename[0] ) ) + { +- if ( strrchr( guiIntfStruct.Filename,'/' ) ) strcpy( tmp,strrchr( guiIntfStruct.Filename,'/' ) + 1 ); +- else strcpy( tmp,guiIntfStruct.Filename ); ++ if ( p = strrchr(guiIntfStruct.Filename, '/') ) ++ strlcpy(tmp, p + 1, tmplen); ++ else ++ strlcpy(tmp, guiIntfStruct.Filename, tmplen); + if ( tmp[strlen( tmp ) - 4] == '.' ) tmp[strlen( tmp ) - 4]=0; + if ( tmp[strlen( tmp ) - 5] == '.' ) tmp[strlen( tmp ) - 5]=0; +- } else strcpy( tmp,MSGTR_NoFileLoaded ); ++ } else strlcpy( tmp,MSGTR_NoFileLoaded,tmplen ); + break; + #ifdef USE_DVDREAD + case STREAMTYPE_DVD: +- if ( guiIntfStruct.DVD.current_chapter ) sprintf( tmp,MSGTR_Chapter,guiIntfStruct.DVD.current_chapter ); +- else strcat( tmp,MSGTR_NoChapter ); ++ if ( guiIntfStruct.DVD.current_chapter ) snprintf(tmp,tmplen,MSGTR_Chapter,guiIntfStruct.DVD.current_chapter ); ++ else strlcat( tmp,MSGTR_NoChapter,tmplen ); + break; + #endif + #ifdef HAVE_VCD + case STREAMTYPE_VCD: +- sprintf( tmp,MSGTR_VCDTrack,guiIntfStruct.Track ); ++ snprintf( tmp,tmplen,MSGTR_VCDTrack,guiIntfStruct.Track ); + break; + #endif +- default: strcpy( tmp,MSGTR_NoMediaOpened ); ++ default: strlcpy( tmp,MSGTR_NoMediaOpened,tmplen ); + } + if ( c ) + { +@@ -74,75 +78,94 @@ inline void TranslateFilename( int c,cha + } + } + ++/* Unsafe! Pass only null-terminated strings as (char *)str. */ + char * Translate( char * str ) + { + static char trbuf[512]; + char tmp[512]; + int i,c; + int t; ++ int strsize = 0; + memset( trbuf,0,512 ); + memset( tmp,0,128 ); +- for ( c=0,i=0;i < (int)strlen( str );i++ ) ++ strsize = strlen(str); ++ for ( c=0,i=0;i < strsize;i++ ) + { + if ( str[i] != '$' ) { trbuf[c++]=str[i]; trbuf[c]=0; } + else + { + switch ( str[++i] ) + { +- case 't': sprintf( tmp,"%02d",guiIntfStruct.Track ); strcat( trbuf,tmp ); break; +- case 'o': TranslateFilename( 0,tmp ); strcat( trbuf,tmp ); break; +- case 'f': TranslateFilename( 1,tmp ); strcat( trbuf,tmp ); break; +- case 'F': TranslateFilename( 2,tmp ); strcat( trbuf,tmp ); break; ++ case 't': snprintf( tmp,sizeof( tmp ),"%02d",guiIntfStruct.Track ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 'o': TranslateFilename( 0,tmp,sizeof( tmp ) ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 'f': TranslateFilename( 1,tmp,sizeof( tmp ) ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 'F': TranslateFilename( 2,tmp,sizeof( tmp ) ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; + case '6': t=guiIntfStruct.LengthInSec; goto calclengthhhmmss; + case '1': t=guiIntfStruct.TimeSec; + calclengthhhmmss: +- sprintf( tmp,"%02d:%02d:%02d",t/3600,t/60%60,t%60 ); strcat( trbuf,tmp ); ++ snprintf( tmp,sizeof( tmp ),"%02d:%02d:%02d",t/3600,t/60%60,t%60 ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); + break; + case '7': t=guiIntfStruct.LengthInSec; goto calclengthmmmmss; + case '2': t=guiIntfStruct.TimeSec; + calclengthmmmmss: +- sprintf( tmp,"%04d:%02d",t/60,t%60 ); strcat( trbuf,tmp ); ++ snprintf( tmp,sizeof( tmp ),"%04d:%02d",t/60,t%60 ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); + break; +- case '3': sprintf( tmp,"%02d",guiIntfStruct.TimeSec / 3600 ); strcat( trbuf,tmp ); break; +- case '4': sprintf( tmp,"%02d",( ( guiIntfStruct.TimeSec / 60 ) % 60 ) ); strcat( trbuf,tmp ); break; +- case '5': sprintf( tmp,"%02d",guiIntfStruct.TimeSec % 60 ); strcat( trbuf,tmp ); break; +- case '8': sprintf( tmp,"%01d:%02d:%02d",guiIntfStruct.TimeSec / 3600,( guiIntfStruct.TimeSec / 60 ) % 60,guiIntfStruct.TimeSec % 60 ); strcat( trbuf,tmp ); break; +- case 'v': sprintf( tmp,"%3.2f%%",guiIntfStruct.Volume ); strcat( trbuf,tmp ); break; +- case 'V': sprintf( tmp,"%3.1f",guiIntfStruct.Volume ); strcat( trbuf,tmp ); break; +- case 'b': sprintf( tmp,"%3.2f%%",guiIntfStruct.Balance ); strcat( trbuf,tmp ); break; +- case 'B': sprintf( tmp,"%3.1f",guiIntfStruct.Balance ); strcat( trbuf,tmp ); break; +- case 'd': sprintf( tmp,"%d",guiIntfStruct.FrameDrop ); strcat( trbuf,tmp ); break; +- case 'x': sprintf( tmp,"%d",guiIntfStruct.MovieWidth ); strcat( trbuf,tmp ); break; +- case 'y': sprintf( tmp,"%d",guiIntfStruct.MovieHeight ); strcat( trbuf,tmp ); break; +- case 'C': sprintf( tmp,"%s", guiIntfStruct.sh_video? ((sh_video_t *)guiIntfStruct.sh_video)->codec->name : ""); +- strcat( trbuf,tmp ); break; +- case 's': if ( guiIntfStruct.Playing == 0 ) strcat( trbuf,"s" ); break; +- case 'l': if ( guiIntfStruct.Playing == 1 ) strcat( trbuf,"p" ); break; +- case 'e': if ( guiIntfStruct.Playing == 2 ) strcat( trbuf,"e" ); break; ++ case '3': snprintf( tmp,sizeof( tmp ),"%02d",guiIntfStruct.TimeSec / 3600 ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case '4': snprintf( tmp,sizeof( tmp ),"%02d",( ( guiIntfStruct.TimeSec / 60 ) % 60 ) ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case '5': snprintf( tmp,sizeof( tmp ),"%02d",guiIntfStruct.TimeSec % 60 ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case '8': snprintf( tmp,sizeof( tmp ),"%01d:%02d:%02d",guiIntfStruct.TimeSec / 3600,( guiIntfStruct.TimeSec / 60 ) % 60,guiIntfStruct.TimeSec % 60 ); strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 'v': snprintf( tmp,sizeof( tmp ),"%3.2f%%",guiIntfStruct.Volume ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 'V': snprintf( tmp,sizeof( tmp ),"%3.1f",guiIntfStruct.Volume ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 'b': snprintf( tmp,sizeof( tmp ),"%3.2f%%",guiIntfStruct.Balance ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 'B': snprintf( tmp,sizeof( tmp ),"%3.1f",guiIntfStruct.Balance ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 'd': snprintf( tmp,sizeof( tmp ),"%d",guiIntfStruct.FrameDrop ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 'x': snprintf( tmp,sizeof( tmp ),"%d",guiIntfStruct.MovieWidth ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 'y': snprintf( tmp,sizeof( tmp ),"%d",guiIntfStruct.MovieHeight ); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 'C': snprintf( tmp,sizeof( tmp ),"%s", guiIntfStruct.sh_video? ((sh_video_t *)guiIntfStruct.sh_video)->codec->name : ""); ++ strlcat( trbuf,tmp,sizeof( trbuf ) ); break; ++ case 's': if ( guiIntfStruct.Playing == 0 ) strlcat( trbuf,"s",sizeof( trbuf ) ); break; ++ case 'l': if ( guiIntfStruct.Playing == 1 ) strlcat( trbuf,"p",sizeof( trbuf ) ); break; ++ case 'e': if ( guiIntfStruct.Playing == 2 ) strlcat( trbuf,"e",sizeof( trbuf ) ); break; + case 'a': +- if ( muted ) { strcat( trbuf,"n" ); break; } ++ if ( muted ) { strlcat( trbuf,"n",sizeof( trbuf ) ); break; } + switch ( guiIntfStruct.AudioType ) + { +- case 0: strcat( trbuf,"n" ); break; +- case 1: strcat( trbuf,"m" ); break; +- case 2: strcat( trbuf,"t" ); break; ++ case 0: strlcat( trbuf,"n",sizeof( trbuf ) ); break; ++ case 1: strlcat( trbuf,"m",sizeof( trbuf ) ); break; ++ case 2: strlcat( trbuf,"t",sizeof( trbuf ) ); break; + } + break; + case 'T': + switch ( guiIntfStruct.StreamType ) + { +- case STREAMTYPE_FILE: strcat( trbuf,"f" ); break; ++ case STREAMTYPE_FILE: strlcat( trbuf,"f",sizeof( trbuf ) ); break; + #ifdef HAVE_VCD +- case STREAMTYPE_VCD: strcat( trbuf,"v" ); break; ++ case STREAMTYPE_VCD: strlcat( trbuf,"v",sizeof( trbuf ) ); break; + #endif +- case STREAMTYPE_STREAM: strcat( trbuf,"u" ); break; ++ case STREAMTYPE_STREAM: strlcat( trbuf,"u",sizeof( trbuf ) ); break; + #ifdef USE_DVDREAD +- case STREAMTYPE_DVD: strcat( trbuf,"d" ); break; ++ case STREAMTYPE_DVD: strlcat( trbuf,"d",sizeof( trbuf ) ); break; + #endif +- default: strcat( trbuf," " ); break; ++ default: strlcat( trbuf," ",sizeof( trbuf ) ); break; + } + break; +- case '$': strcat( trbuf,"$" ); break; ++ case '$': strlcat( trbuf,"$",sizeof( trbuf ) ); break; + default: continue; + } + c=strlen( trbuf ); diff --git a/multimedia/mplayer-share/patches/patch-bc b/multimedia/mplayer-share/patches/patch-bc new file mode 100644 index 00000000000..84d1b74abf0 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-bc @@ -0,0 +1,32 @@ +$NetBSD: patch-bc,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- Gui/skin/font.c.orig 2003-03-20 13:42:15.000000000 +0100 ++++ Gui/skin/font.c +@@ -27,7 +27,7 @@ int fntAddNewFont( char * name ) + + if ( ( Fonts[id]=calloc( 1,sizeof( bmpFont ) ) ) == NULL ) return -1; + +- strcpy( Fonts[id]->name,name ); ++ strlcpy( Fonts[id]->name,name,128 ); // FIXME: as defined in font.h + for ( i=0;i<256;i++ ) + Fonts[id]->Fnt[i].x=Fonts[id]->Fnt[i].y=Fonts[id]->Fnt[i].sx=Fonts[id]->Fnt[i].sy=-1; + +@@ -60,7 +60,8 @@ int fntRead( char * path,char * fname ) + + if ( id < 0 ) return id; + +- strcpy( tmp,path ); strcat( tmp,fname ); strcat( tmp,".fnt" ); ++ strlcpy( tmp,path,sizeof( tmp ) ); ++ strlcat( tmp,fname,sizeof( tmp ) ); strlcat( tmp,".fnt",sizeof( tmp ) ); + if ( ( f=fopen( tmp,"rt" ) ) == NULL ) + { free( Fonts[id] ); return -3; } + +@@ -93,7 +94,7 @@ int fntRead( char * path,char * fname ) + { + if ( !strcmp( command,"image" ) ) + { +- strcpy( tmp,path ); strcat( tmp,param ); ++ strlcpy( tmp,path,sizeof( tmp ) ); strlcat( tmp,param,sizeof( tmp ) ); + mp_dbg( MSGT_GPLAYER,MSGL_DBG2,"[font] font imagefile: %s\n",tmp ); + if ( skinBPRead( tmp,&Fonts[id]->Bitmap ) ) return -4; + } diff --git a/multimedia/mplayer-share/patches/patch-bd b/multimedia/mplayer-share/patches/patch-bd new file mode 100644 index 00000000000..e91cdad984e --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-bd @@ -0,0 +1,107 @@ +$NetBSD: patch-bd,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- Gui/skin/skin.c.orig 2003-06-03 19:36:25.000000000 +0200 ++++ Gui/skin/skin.c +@@ -116,7 +116,7 @@ int cmd_window( char * in ) + { + CHECKDEFLIST( "window" ); + +- strcpy( window_name,strlower( in ) ); ++ strlcpy( window_name,strlower( in ),sizeof( window_name ) ); + if ( !strncmp( in,"main",4 ) ) { currSection=&skinAppMPlayer->main; currSubItem=&skinAppMPlayer->NumberOfItems; currSubItems=skinAppMPlayer->Items; } + else if ( !strncmp( in,"sub",3 ) ) currSection=&skinAppMPlayer->sub; + else if ( !strncmp( in,"playbar",7 ) ) { currSection=&skinAppMPlayer->bar; currSubItem=&skinAppMPlayer->NumberOfBarItems; currSubItems=skinAppMPlayer->barItems; } +@@ -147,7 +147,7 @@ int cmd_base( char * in ) + defList->main.x=x; + defList->main.y=y; + defList->main.type=itBase; +- strcpy( tmp,path ); strcat( tmp,fname ); ++ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); + if ( skinBPRead( tmp,&defList->main.Bitmap ) ) return 1; + defList->main.width=defList->main.Bitmap.Width; + defList->main.height=defList->main.Bitmap.Height; +@@ -162,7 +162,7 @@ int cmd_base( char * in ) + if ( !strcmp( window_name,"sub" ) ) + { + defList->sub.type=itBase; +- strcpy( tmp,path ); strcat( tmp,fname ); ++ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); + if ( skinBPRead( tmp,&defList->sub.Bitmap ) ) return 1; + defList->sub.x=x; + defList->sub.y=y; +@@ -179,7 +179,7 @@ int cmd_base( char * in ) + { + defList->menuIsPresent=1; + defList->menuBase.type=itBase; +- strcpy( tmp,path ); strcat( tmp,fname ); ++ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); + if ( skinBPRead( tmp,&defList->menuBase.Bitmap ) ) return 1; + defList->menuBase.width=defList->menuBase.Bitmap.Width; + defList->menuBase.height=defList->menuBase.Bitmap.Height; +@@ -197,7 +197,7 @@ int cmd_base( char * in ) + defList->bar.x=x; + defList->bar.y=y; + defList->bar.type=itBase; +- strcpy( tmp,path ); strcat( tmp,fname ); ++ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); + if ( skinBPRead( tmp,&defList->bar.Bitmap ) ) return 1; + defList->bar.width=defList->bar.Bitmap.Width; + defList->bar.height=defList->bar.Bitmap.Height; +@@ -268,7 +268,7 @@ int cmd_button( char * in ) + currSubItems[ *currSubItem ].Bitmap.Image=NULL; + if ( strcmp( fname,"NULL" ) ) + { +- strcpy( tmp,path ); strcat( tmp,fname ); ++ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); + if ( skinBPRead( tmp,&currSubItems[ *currSubItem ].Bitmap ) ) return 1; + } + +@@ -289,7 +289,7 @@ int cmd_selected( char * in ) + + cutItem( in,fname,',',0 ); + defList->menuSelected.type=itBase; +- strcpy( tmp,path ); strcat( tmp,fname ); ++ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); + mp_dbg( MSGT_GPLAYER,MSGL_DBG2,"\n[skin] selected: %s\n",fname ); + if ( skinBPRead( tmp,&defList->menuSelected.Bitmap ) ) return 1; + defList->menuSelected.width=defList->menuSelected.Bitmap.Width; +@@ -381,14 +381,14 @@ int cmd_hpotmeter( char * in ) + item->Bitmap.Image=NULL; + if ( strcmp( phfname,"NULL" ) ) + { +- strcpy( tmp,path ); strcat( tmp,phfname ); ++ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, phfname, sizeof( tmp )); + if ( skinBPRead( tmp,&item->Bitmap ) ) return 1; + } + + item->Mask.Image=NULL; + if ( strcmp( pfname,"NULL" ) ) + { +- strcpy( tmp,path ); strcat( tmp,pfname ); ++ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, pfname, sizeof( tmp )); + if ( skinBPRead( tmp,&item->Mask ) ) return 1; + } + return 0; +@@ -445,7 +445,7 @@ int cmd_potmeter( char * in ) + item->Bitmap.Image=NULL; + if ( strcmp( phfname,"NULL" ) ) + { +- strcpy( tmp,path ); strcat( tmp,phfname ); ++ strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, phfname, sizeof( tmp )); + if ( skinBPRead( tmp,&item->Bitmap ) ) return 1; + } + return 0; +@@ -655,7 +655,12 @@ char * trim( char * in ) + FILE * skinFile; + + void setname( char * item1, char * item2 ) +-{ strcpy( fn,item1 ); strcat( fn,"/" ); strcat( fn,item2 ); strcpy( path,fn ); strcat( path,"/" ); strcat( fn,"/skin" ); } ++{ ++ strlcpy(fn, item1, sizeof( fn )); ++ strlcat(fn, "/", sizeof( fn )); strlcat(fn, item2, sizeof( fn )); ++ strlcpy(path, fn, sizeof( path )); strlcat(path, "/", sizeof( path )); ++ strlcat(fn, "/skin", sizeof( fn )); ++} + + int skinRead( char * dname ) + { diff --git a/multimedia/mplayer-share/patches/patch-be b/multimedia/mplayer-share/patches/patch-be new file mode 100644 index 00000000000..f6ae78d6e59 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-be @@ -0,0 +1,17 @@ +$NetBSD: patch-be,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- libmenu/menu_console.c.orig 2003-09-13 20:02:20.000000000 +0200 ++++ libmenu/menu_console.c +@@ -150,8 +150,10 @@ static void add_string(struct menu_priv_ + return; + } + priv->lines[ll] = realloc(priv->lines[ll],strlen(priv->lines[ll]) + strlen(l) + 1); +- strcat(priv->lines[ll],l); +- ++ if ( priv->lines[ll] != NULL ) ++ { ++ strcat(priv->lines[ll],l); ++ } + } + + static void draw(menu_t* menu, mp_image_t* mpi) { diff --git a/multimedia/mplayer-share/patches/patch-bf b/multimedia/mplayer-share/patches/patch-bf new file mode 100644 index 00000000000..03cfab5daf6 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-bf @@ -0,0 +1,62 @@ +$NetBSD: patch-bf,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- libmpdemux/cue_read.c.orig 2003-10-04 19:29:00.000000000 +0200 ++++ libmpdemux/cue_read.c +@@ -135,6 +135,10 @@ int cue_getTrackinfo(char *Line, tTrack + + + ++/* FIXME: the string operations ( strcpy,strcat ) below depend ++ * on the arrays to have the same size, thus we need to make ++ * sure the sizes are in sync. ++ */ + int cue_find_bin (char *firstline) { + int i,j; + char s[256]; +@@ -178,7 +182,7 @@ int cue_find_bin (char *firstline) { + bin_filename); + + /* now try to find it with the path of the cue file */ +- sprintf(s,"%s/%s",bincue_path, bin_filename); ++ snprintf(s,sizeof( s ),"%s/%s",bincue_path,bin_filename); + fd_bin = open (s, O_RDONLY); + if (fd_bin == -1) + { +@@ -195,7 +199,7 @@ int cue_find_bin (char *firstline) { + "[bincue] bin filename tested: %s\n", s); + + /* ok try it with path */ +- sprintf(t,"%s/%s",bincue_path, s); ++ snprintf(t, sizeof( t ), "%s/%s", bincue_path, s); + fd_bin = open (t, O_RDONLY); + if (fd_bin == -1) + { +@@ -211,7 +215,7 @@ int cue_find_bin (char *firstline) { + mp_msg(MSGT_OPEN,MSGL_STATUS, + "[bincue] bin filename tested: %s \n", s); + /* ok try it with path */ +- sprintf(t,"%s/%s",bincue_path, s); ++ snprintf(t, sizeof( t ), "%s/%s", bincue_path, s); + fd_bin = open (t, O_RDONLY); + if (fd_bin == -1) + { +@@ -299,15 +303,16 @@ int cue_read_cue (char *in_cue_filename) + strcpy(t, "/"); + } + printf ("dirname: %s\n", t); +- strcpy(bincue_path,t); ++ strlcpy(bincue_path,t,sizeof( bincue_path )); + + + /* no path at all? */ + if (strcmp(bincue_path, ".") == 0) { + printf ("bincue_path: %s\n", bincue_path); +- strcpy(cue_filename,in_cue_filename); ++ strlcpy(cue_filename,in_cue_filename,sizeof( cue_filename )); + } else { +- strcpy(cue_filename,in_cue_filename + strlen(bincue_path) + 1); ++ strlcpy(cue_filename,in_cue_filename + strlen(bincue_path) + 1, ++ sizeof( cue_filename )); + } + + diff --git a/multimedia/mplayer-share/patches/patch-bg b/multimedia/mplayer-share/patches/patch-bg new file mode 100644 index 00000000000..29d5dd317f4 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-bg @@ -0,0 +1,71 @@ +$NetBSD: patch-bg,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- libvo/vo_dxr3.c.orig 2003-11-30 17:36:10.000000000 +0100 ++++ libvo/vo_dxr3.c +@@ -175,12 +175,14 @@ int dxr3_overlay = 0; + int dxr3_device_num = 0; + int dxr3_norm = 0; + ++#define MAX_STR_SIZE 80 /* length for the static strings */ ++ + /* File descriptors */ + static int fd_control = -1; + static int fd_video = -1; + static int fd_spu = -1; +-static char fdv_name[80]; +-static char fds_name[80]; ++static char fdv_name[MAX_STR_SIZE]; ++static char fds_name[MAX_STR_SIZE]; + + #ifdef SPU_SUPPORT + /* on screen display/subpics */ +@@ -865,7 +867,7 @@ static void check_events(void) + + static uint32_t preinit(const char *arg) + { +- char devname[80]; ++ char devname[MAX_STR_SIZE]; + int fdflags = O_WRONLY; + + /* Parse commandline */ +@@ -1136,13 +1138,13 @@ static int overlay_read_state(overlay_t + int j; + + if(!p) { +- strcpy(fname,getenv("HOME")); +- strcat(fname,"/.overlay"); ++ strlcpy(fname, getenv("HOME"), sizeof( fname )); ++ strlcat(fname,"/.overlay", sizeof( fname )); + } else +- strcpy(fname,p); ++ strlcpy(fname, p, sizeof( fname )); + + sprintf(tmp,"/res_%dx%dx%d",o->xres,o->yres,o->depth); +- strcat(fname,tmp); ++ strlcat(fname, tmp, sizeof( fname )); + + if(!(fp=fopen(fname,"r"))) + return -1; +@@ -1199,10 +1201,10 @@ static int overlay_write_state(overlay_t + int i,j; + + if(!p) { +- strcpy(fname,getenv("HOME")); +- strcat(fname,"/.overlay"); ++ strlcpy(fname, getenv("HOME"), sizeof( fname )); ++ strlcat(fname,"/.overlay", sizeof( fname )); + } else +- strcpy(fname,p); ++ strlcpy(fname, p, sizeof( fname )); + + if(access(fname, W_OK|X_OK|R_OK)) { + if(mkdir(fname,0766)) +@@ -1210,7 +1212,7 @@ static int overlay_write_state(overlay_t + } + + sprintf(tmp,"/res_%dx%dx%d",o->xres,o->yres,o->depth); +- strcat(fname,tmp); ++ strlcat(fname, tmp, sizeof( fname )); + + if(!(fp=fopen(fname,"w"))) + return -1; diff --git a/multimedia/mplayer-share/patches/patch-bh b/multimedia/mplayer-share/patches/patch-bh new file mode 100644 index 00000000000..1516c5ca1a7 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-bh @@ -0,0 +1,14 @@ +$NetBSD: patch-bh,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- osdep/Makefile.orig 2004-03-26 16:21:44.000000000 +0100 ++++ osdep/Makefile +@@ -3,7 +3,8 @@ include ../config.mak + + LIBNAME = libosdep.a + +-SRCS= shmem.c strsep.c vsscanf.c scandir.c gettimeofday.c fseeko.c # timer.c ++SRCS= shmem.c strsep.c strl.c vsscanf.c scandir.c gettimeofday.c fseeko.c \ ++ # timer.c + + ifeq ($(TARGET_ARCH_X86),yes) + ifeq ($(TARGET_OS),Linux) diff --git a/multimedia/mplayer-share/patches/patch-bi b/multimedia/mplayer-share/patches/patch-bi new file mode 100644 index 00000000000..cd525fd152b --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-bi @@ -0,0 +1,52 @@ +$NetBSD: patch-bi,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- osdep/strl.c.orig 2004-07-02 18:19:09.000000000 +0200 ++++ osdep/strl.c +@@ -0,0 +1,47 @@ ++/* strl(cat|cpy) implementation for systems that do not have it in libc */ ++/* strl.c - strlcpy/strlcat implementation ++ * Time-stamp: <2004-03-14 njk> ++ * (C) 2003-2004 Nicholas J. Kain <njk@aerifal.cx> ++ */ ++ ++#include "../config.h" ++ ++#ifndef HAVE_STRLCPY ++unsigned int strlcpy (char *dest, char *src, unsigned int size) ++{ ++ register unsigned int i; ++ ++ for (i=0; size > 0 && src[i] != '\0'; ++i, size--) ++ dest[i] = src[i]; ++ ++ dest[i] = '\0'; ++ ++ return i; ++} ++#endif ++ ++#ifndef HAVE_STRLCAT ++unsigned int strlcat (char *dest, char *src, unsigned int size) ++{ ++#if 0 ++ register unsigned int i, j; ++ ++ for(i=0; size > 0 && dest[i] != '\0'; size--, i++); ++ for(j=0; size > 0 && src[j] != '\0'; size--, i++, j++) ++ dest[i] = src[j]; ++ ++ dest[i] = '\0'; ++ return i; ++#else ++ register char *d = dest, *s = src; ++ ++ for (; size > 0 && *d != '\0'; size--, d++); ++ for (; size > 0 && *s != '\0'; size--, d++, s++) ++ *d = *s; ++ ++ *d = '\0'; ++ return (d - dest) + (s - src); ++#endif ++} ++#endif ++ diff --git a/multimedia/mplayer-share/patches/patch-bj b/multimedia/mplayer-share/patches/patch-bj new file mode 100644 index 00000000000..cad3b77d899 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-bj @@ -0,0 +1,13 @@ +$NetBSD: patch-bj,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- playtree.c.orig 2003-07-08 12:45:05.000000000 +0200 ++++ playtree.c +@@ -936,7 +936,7 @@ void pt_add_file(play_tree_t** ppt, char + + void pt_add_gui_file(play_tree_t** ppt, char* path, char* file) + { +- char* wholename = malloc(strlen(path)+strlen(file)+3); ++ char* wholename = malloc(strlen(path)+strlen(file)+2); + + if (wholename) + { diff --git a/multimedia/mplayer-share/patches/patch-bk b/multimedia/mplayer-share/patches/patch-bk new file mode 100644 index 00000000000..59ec4e14986 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-bk @@ -0,0 +1,13 @@ +$NetBSD: patch-bk,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- subreader.c.orig 2004-04-06 13:52:31.000000000 +0200 ++++ subreader.c +@@ -1109,7 +1109,7 @@ subtitle* subcp_recode1 (subtitle *sub) + while (l){ + char *ip = icbuffer; + char *op = sub->text[--l]; +- strcpy(ip, op); ++ strlcpy(ip, op, ICBUFFSIZE); + ileft = strlen(ip); + oleft = ICBUFFSIZE - 1; + diff --git a/multimedia/mplayer-share/patches/patch-bl b/multimedia/mplayer-share/patches/patch-bl new file mode 100644 index 00000000000..8094d6c4dc9 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-bl @@ -0,0 +1,26 @@ +$NetBSD: patch-bl,v 1.1 2004/07/02 17:07:21 drochner Exp $ + +--- vidix/vidixlib.c.orig 2003-10-02 17:33:12.000000000 +0200 ++++ vidix/vidixlib.c +@@ -122,8 +122,8 @@ static int vdl_probe_driver(VDL_HANDLE s + unsigned (*_ver)(void); + int (*_probe)(int,int); + int (*_cap)(vidix_capability_t*); +- strcpy(drv_name,path); +- strcat(drv_name,name); ++ strlcpy(drv_name,path, sizeof( drv_name )); ++ strlcat(drv_name,name, sizeof( drv_name )); + if(verbose) printf("vidixlib: PROBING: %s\n",drv_name); + if(!(t_vdl(stream)->handle = dlopen(drv_name,RTLD_LAZY|RTLD_GLOBAL))) + { +@@ -194,8 +194,8 @@ VDL_HANDLE vdlOpen(const char *path,cons + unsigned (*ver)(void); + int (*probe)(int,int); + unsigned version = 0; +- strcpy(drv_name,path); +- strcat(drv_name,name); ++ strlcpy(drv_name,path, sizeof( drv_name )); ++ strlcat(drv_name,name, sizeof( drv_name )); + if(!(t_vdl(stream)->handle = dlopen(drv_name,RTLD_NOW|RTLD_GLOBAL))) + { + if (verbose) |