From e3ecd22f634360b397c35b923ce9e6cea297acf1 Mon Sep 17 00:00:00 2001 From: rtr Date: Wed, 17 Dec 2008 12:50:31 +0000 Subject: pullup ticket #2611 - requested by tron mplayer, gmplayer, mencoder: security and vcd support patches revisions pulled up: pkgsrc/multimedia/gmplayer/Makefile 1.72, 1.73 pkgsrc/multimedia/gmplayer/distinfo 1.58, 1.59 pkgsrc/multimedia/mencoder/Makefile 1.40, 1.41 pkgsrc/multimedia/mplayer-share/distinfo 1.55, 1.56 pkgsrc/multimedia/mplayer-share/patches/patch-an 1.1 pkgsrc/multimedia/mplayer-share/patches/patch-ca 1.1 pkgsrc/multimedia/mplayer/Makefile 1.62, 1.63 Module Name: pkgsrc Committed By: wiz Date: Mon Oct 20 07:40:00 UTC 2008 Modified Files: pkgsrc/multimedia/gmplayer: Makefile distinfo pkgsrc/multimedia/mencoder: Makefile pkgsrc/multimedia/mplayer: Makefile pkgsrc/multimedia/mplayer-share: distinfo Added Files: pkgsrc/multimedia/mplayer-share/patches: patch-an Log Message: Add a patch for better VCD support from Sergey Svishchev. Fixes PR 20549. ------------------------------------------------------------------------ Module Name: pkgsrc Committed By: tron Date: Mon Dec 15 15:37:59 UTC 2008 Modified Files: pkgsrc/multimedia/gmplayer: Makefile distinfo pkgsrc/multimedia/mencoder: Makefile pkgsrc/multimedia/mplayer: Makefile pkgsrc/multimedia/mplayer-share: distinfo Added Files: pkgsrc/multimedia/mplayer-share/patches: patch-ca Log Message: Add security patch from MPlayer SVN repository to fix a buffer overflow in the TwinVQ media file decoder. --- multimedia/gmplayer/Makefile | 4 +- multimedia/gmplayer/distinfo | 5 ++- multimedia/mencoder/Makefile | 5 +-- multimedia/mplayer-share/distinfo | 4 +- multimedia/mplayer-share/patches/patch-an | 37 +++++++++++++++++++ multimedia/mplayer-share/patches/patch-ca | 61 +++++++++++++++++++++++++++++++ multimedia/mplayer/Makefile | 4 +- 7 files changed, 111 insertions(+), 9 deletions(-) create mode 100644 multimedia/mplayer-share/patches/patch-an create mode 100644 multimedia/mplayer-share/patches/patch-ca diff --git a/multimedia/gmplayer/Makefile b/multimedia/gmplayer/Makefile index ff2aa63620b..6fb3f6072b9 100644 --- a/multimedia/gmplayer/Makefile +++ b/multimedia/gmplayer/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.71 2008/10/02 12:32:41 tron Exp $ +# $NetBSD: Makefile,v 1.71.2.1 2008/12/17 12:50:31 rtr Exp $ # # NOTE: if you are updating both mplayer and gmplayer, you must ensure @@ -9,7 +9,7 @@ # PKGNAME= gmplayer-${MPLAYER_PKG_VERSION} -PKGREVISION= 6 +PKGREVISION= 8 BROKEN_IN= pkgsrc-2006Q4 diff --git a/multimedia/gmplayer/distinfo b/multimedia/gmplayer/distinfo index 5399237ddad..f9f0369b974 100644 --- a/multimedia/gmplayer/distinfo +++ b/multimedia/gmplayer/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.57 2008/09/12 19:41:57 abs Exp $ +$NetBSD: distinfo,v 1.57.4.1 2008/12/17 12:50:31 rtr Exp $ SHA1 (gmplayer-1.0rc10-20060123/AlienMind-1.2.tar.bz2) = 34370da1e003e4accceae194a63483aa6eebc4dc RMD160 (gmplayer-1.0rc10-20060123/AlienMind-1.2.tar.bz2) = f3fda7d44a59f98097162f76d0a0d58840974998 @@ -75,10 +75,13 @@ SHA1 (patch-ai) = ec79d6a1b0c2790ca826a91a48040c64632ac988 SHA1 (patch-aj) = 772d083dfa5eac789abfd5e925eeeba400bbc527 SHA1 (patch-ak) = 072b4391e5fde58f6b01bd43133f1d017fc14d58 SHA1 (patch-al) = 9538b10cf5b3802381d7aabc798676b3cb9ef00d +SHA1 (patch-am) = bae1e03f7265cb6b07947f052f0774d1c17da88e +SHA1 (patch-an) = a967a47b0d0846fe89f91f9d3faa6055975a5a73 SHA1 (patch-ba) = 2683c414fed3a4a6d3b4d47287f43d822339bd4e SHA1 (patch-bb) = 26d000bcbc94b9139e6dbc79237fdb3a109c6057 SHA1 (patch-bc) = fd46ce3cd6d5f7525e210cf6d475b89573ca988d SHA1 (patch-bd) = 9132118a143758b6c9e9dffb713f7dadd29ce3c3 +SHA1 (patch-ca) = 68603a92b3dd8c7a33e6bc982f8ced1219fa419d SHA1 (patch-tc) = 89f802ff0ebfc14d6f2a4b17177915f66c9f9038 SHA1 (patch-va) = db69c373e78048924c536055c68c7de0feabc623 SHA1 (patch-vb) = 28b1dd82fb61a4fc0be4a4f4599f75823cae5f11 diff --git a/multimedia/mencoder/Makefile b/multimedia/mencoder/Makefile index 05de85c55a3..254f2f81aca 100644 --- a/multimedia/mencoder/Makefile +++ b/multimedia/mencoder/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.39 2008/10/02 12:32:42 tron Exp $ +# $NetBSD: Makefile,v 1.39.2.1 2008/12/17 12:50:32 rtr Exp $ PKGNAME= mencoder-${MPLAYER_PKG_VERSION} - -PKGREVISION= 3 +PKGREVISION= 5 COMMENT= Simple movie encoder for MPlayer-playable movies diff --git a/multimedia/mplayer-share/distinfo b/multimedia/mplayer-share/distinfo index be809912c37..8a66e0e4135 100644 --- a/multimedia/mplayer-share/distinfo +++ b/multimedia/mplayer-share/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.54 2008/10/02 12:32:41 tron Exp $ +$NetBSD: distinfo,v 1.54.2.1 2008/12/17 12:50:31 rtr Exp $ SHA1 (mplayer-1.0rc10/MPlayer-1.0rc2.tar.bz2) = e9b496f3527c552004ec6d01d6b43f196b43ce2d RMD160 (mplayer-1.0rc10/MPlayer-1.0rc2.tar.bz2) = 3b5cba1529856a177a5191e22f8dcc00b5a83c52 @@ -16,10 +16,12 @@ SHA1 (patch-aj) = 772d083dfa5eac789abfd5e925eeeba400bbc527 SHA1 (patch-ak) = 072b4391e5fde58f6b01bd43133f1d017fc14d58 SHA1 (patch-al) = 9538b10cf5b3802381d7aabc798676b3cb9ef00d SHA1 (patch-am) = bae1e03f7265cb6b07947f052f0774d1c17da88e +SHA1 (patch-an) = a967a47b0d0846fe89f91f9d3faa6055975a5a73 SHA1 (patch-ba) = 2683c414fed3a4a6d3b4d47287f43d822339bd4e SHA1 (patch-bb) = 26d000bcbc94b9139e6dbc79237fdb3a109c6057 SHA1 (patch-bc) = fd46ce3cd6d5f7525e210cf6d475b89573ca988d SHA1 (patch-bd) = 9132118a143758b6c9e9dffb713f7dadd29ce3c3 +SHA1 (patch-ca) = 68603a92b3dd8c7a33e6bc982f8ced1219fa419d SHA1 (patch-tc) = 89f802ff0ebfc14d6f2a4b17177915f66c9f9038 SHA1 (patch-va) = db69c373e78048924c536055c68c7de0feabc623 SHA1 (patch-vb) = 28b1dd82fb61a4fc0be4a4f4599f75823cae5f11 diff --git a/multimedia/mplayer-share/patches/patch-an b/multimedia/mplayer-share/patches/patch-an new file mode 100644 index 00000000000..2b332dda1a5 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-an @@ -0,0 +1,37 @@ +$NetBSD: patch-an,v 1.1.2.2 2008/12/17 12:50:31 rtr Exp $ + +--- stream/vcd_read_fbsd.h.orig 2007-10-07 19:49:26.000000000 +0000 ++++ stream/vcd_read_fbsd.h +@@ -37,9 +37,8 @@ typedef struct mp_vcd_priv_st { + vcd_tocentry entry; + #ifdef VCD_NETBSD + struct cd_toc_entry entry_data; +-#else +- cdsector_t buf; + #endif ++ cdsector_t buf; + } mp_vcd_priv_t; + + static inline void +@@ -208,8 +207,8 @@ vcd_read(mp_vcd_priv_t* vcd, char *mem) + sc.cmd[9] = 1 << 4; // user data only + sc.cmd[10] = 0; // no subchannel + sc.cmdlen = 12; +- sc.databuf = (caddr_t) mem; +- sc.datalen = 2328; ++ sc.databuf = (caddr_t) vcd->buf.data; ++ sc.datalen = VCD_SECTOR_DATA + 4; // MMC-3 spec says there are 4 extra bytes + sc.senselen = sizeof(sc.sense); + sc.flags = SCCMD_READ; + sc.timeout = 10000; +@@ -226,9 +225,9 @@ vcd_read(mp_vcd_priv_t* vcd, char *mem) + #else + if (pread(vcd->fd,&vcd->buf,VCD_SECTOR_SIZE,vcd_get_msf(vcd)*VCD_SECTOR_SIZE) + != VCD_SECTOR_SIZE) return 0; // EOF? ++#endif + + memcpy(mem,vcd->buf.data,VCD_SECTOR_DATA); +-#endif + vcd_inc_msf(vcd); + return VCD_SECTOR_DATA; + } diff --git a/multimedia/mplayer-share/patches/patch-ca b/multimedia/mplayer-share/patches/patch-ca new file mode 100644 index 00000000000..b51f97ac64e --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-ca @@ -0,0 +1,61 @@ +$NetBSD: patch-ca,v 1.1.2.2 2008/12/17 12:50:31 rtr Exp $ + +Security fix for vulnerability reported in TKADV2008-014 taken from: + +http://svn.mplayerhq.hu/mplayer/branches/1.0rc2/libmpdemux/demux_vqf.c?view=patch&r1=24723&r2=28150&pathrev=28150 + +--- libmpdemux/demux_vqf.c.orig 2007-10-07 20:49:33.000000000 +0100 ++++ libmpdemux/demux_vqf.c 2008-12-15 14:29:58.000000000 +0000 +@@ -50,11 +50,14 @@ + unsigned chunk_size; + hi->size=chunk_size=stream_read_dword(s); /* include itself */ + stream_read(s,chunk_id,4); ++ if (chunk_size < 8) return NULL; ++ chunk_size -= 8; + if(*((uint32_t *)&chunk_id[0])==mmioFOURCC('C','O','M','M')) + { +- char buf[chunk_size-8]; ++ char buf[BUFSIZ]; + unsigned i,subchunk_size; +- if(stream_read(s,buf,chunk_size-8)!=chunk_size-8) return NULL; ++ if (chunk_size > sizeof(buf) || chunk_size < 20) return NULL; ++ if(stream_read(s,buf,chunk_size)!=chunk_size) return NULL; + i=0; + subchunk_size=be2me_32(*((uint32_t *)&buf[0])); + hi->channelMode=be2me_32(*((uint32_t *)&buf[4])); +@@ -83,13 +86,15 @@ + sh_audio->samplesize = 4; + w->wBitsPerSample = 8*sh_audio->samplesize; + w->cbSize = 0; ++ if (subchunk_size > chunk_size - 4) continue; + i+=subchunk_size+4; +- while(i sizeof(sdata) - 1 || slen > chunk_size - i) break; + if(sid==mmioFOURCC('D','S','I','Z')) + { + hi->Dsiz=be2me_32(*((uint32_t *)&buf[i])); +@@ -141,7 +146,7 @@ + if(*((uint32_t *)&chunk_id[0])==mmioFOURCC('D','A','T','A')) + { + demuxer->movi_start=stream_tell(s); +- demuxer->movi_end=demuxer->movi_start+chunk_size-8; ++ demuxer->movi_end=demuxer->movi_start+chunk_size; + mp_msg(MSGT_DEMUX, MSGL_V, "Found data at %"PRIX64" size %"PRIu64"\n",demuxer->movi_start,demuxer->movi_end); + /* Done! play it */ + break; +@@ -149,7 +154,7 @@ + else + { + mp_msg(MSGT_DEMUX, MSGL_V, "Unhandled chunk '%c%c%c%c' %u bytes\n",((char *)&chunk_id)[0],((char *)&chunk_id)[1],((char *)&chunk_id)[2],((char *)&chunk_id)[3],chunk_size); +- stream_skip(s,chunk_size-8); /*unknown chunk type */ ++ stream_skip(s,chunk_size); /*unknown chunk type */ + } + } + diff --git a/multimedia/mplayer/Makefile b/multimedia/mplayer/Makefile index 6fc89ed6bc8..9addfbebbd9 100644 --- a/multimedia/mplayer/Makefile +++ b/multimedia/mplayer/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.61 2008/10/02 12:32:41 tron Exp $ +# $NetBSD: Makefile,v 1.61.2.1 2008/12/17 12:50:31 rtr Exp $ PKGNAME= mplayer-${MPLAYER_PKG_VERSION} -PKGREVISION= 8 +PKGREVISION= 10 COMMENT= Software-only MPEG-1/2/4 video decoder -- cgit v1.2.3