pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/multimedia/xine-lib Fix buffer overflow reported in CA...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/f38a04d0e111
branches:  trunk
changeset: 486978:f38a04d0e111
user:      tron <tron%pkgsrc.org@localhost>
date:      Thu Jan 06 12:04:08 2005 +0000

description:
Fix buffer overflow reported in CAN-2004-1300, bump package revision.

diffstat:

 multimedia/xine-lib/Makefile         |   5 ++---
 multimedia/xine-lib/buildlink3.mk    |   4 ++--
 multimedia/xine-lib/distinfo         |   3 ++-
 multimedia/xine-lib/patches/patch-aj |  14 ++++++++++++++
 4 files changed, 20 insertions(+), 6 deletions(-)

diffs (68 lines):

diff -r e209470d98e3 -r f38a04d0e111 multimedia/xine-lib/Makefile
--- a/multimedia/xine-lib/Makefile      Thu Jan 06 11:56:50 2005 +0000
+++ b/multimedia/xine-lib/Makefile      Thu Jan 06 12:04:08 2005 +0000
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.15 2004/12/23 03:05:53 xtraeme Exp $
-#
+# $NetBSD: Makefile,v 1.16 2005/01/06 12:04:08 tron Exp $
 
 .include "Makefile.common"
 
-PKGREVISION=           1
+PKGREVISION=           2
 
 .if ${MACHINE_ARCH} == "i386"
 DEPENDS+=              win32-codecs>=011227:../../multimedia/win32-codecs
diff -r e209470d98e3 -r f38a04d0e111 multimedia/xine-lib/buildlink3.mk
--- a/multimedia/xine-lib/buildlink3.mk Thu Jan 06 11:56:50 2005 +0000
+++ b/multimedia/xine-lib/buildlink3.mk Thu Jan 06 12:04:08 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.7 2004/10/03 00:13:03 tv Exp $
+# $NetBSD: buildlink3.mk,v 1.8 2005/01/06 12:04:08 tron Exp $
 
 BUILDLINK_DEPTH:=              ${BUILDLINK_DEPTH}+
 XINE_LIB_BUILDLINK3_MK:=       ${XINE_LIB_BUILDLINK3_MK}+
@@ -12,7 +12,7 @@
 
 .if !empty(XINE_LIB_BUILDLINK3_MK:M+)
 BUILDLINK_DEPENDS.xine-lib+=   xine-lib>=1rc3c
-BUILDLINK_RECOMMENDED.xine-lib+=xine-lib>=1rc5nb2
+BUILDLINK_RECOMMENDED.xine-lib+=xine-lib>=1rc8nb2
 BUILDLINK_PKGSRCDIR.xine-lib?= ../../multimedia/xine-lib
 .endif # XINE_LIB_BUILDLINK3_MK
 
diff -r e209470d98e3 -r f38a04d0e111 multimedia/xine-lib/distinfo
--- a/multimedia/xine-lib/distinfo      Thu Jan 06 11:56:50 2005 +0000
+++ b/multimedia/xine-lib/distinfo      Thu Jan 06 12:04:08 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.11 2004/12/23 03:05:53 xtraeme Exp $
+$NetBSD: distinfo,v 1.12 2005/01/06 12:04:08 tron Exp $
 
 SHA1 (xine-lib-1-rc8.tar.gz) = de130119fa177273e3c16186b24e347ebba8d7b6
 Size (xine-lib-1-rc8.tar.gz) = 7354157 bytes
@@ -10,6 +10,7 @@
 SHA1 (patch-ag) = 1a439f8025c07d183f054fea77a70ef86ff59217
 SHA1 (patch-ah) = 3f9b23c4a7994259056b73209a9e194db759f06d
 SHA1 (patch-ai) = f71e3cb57bf30cbf9653a469c040b6e3f717ba97
+SHA1 (patch-aj) = 2b3b086e24460eca0b611ea07b2ada11bfa5ce79
 SHA1 (patch-am) = 10f6433a8549bdce60ace5dcbd51df85eaa7ea16
 SHA1 (patch-ao) = 9df576ba11a393c3a8e886e7a9948b2adc5f2ba2
 SHA1 (patch-ap) = aaf63024c1049c1f2175d9974367a6b84ac3028f
diff -r e209470d98e3 -r f38a04d0e111 multimedia/xine-lib/patches/patch-aj
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/multimedia/xine-lib/patches/patch-aj      Thu Jan 06 12:04:08 2005 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-aj,v 1.3 2005/01/06 12:04:08 tron Exp $
+
+--- src/demuxers/demux_aiff.c.orig     2004-06-13 22:28:52.000000000 +0100
++++ src/demuxers/demux_aiff.c  2005-01-06 11:38:44.000000000 +0000
+@@ -122,7 +122,8 @@
+     chunk_size = BE_32(&preamble[4]);
+ 
+     if (chunk_type == COMM_TAG) {
+-      if (this->input->read(this->input, buffer, chunk_size) !=
++      if (chunk_size > sizeof (buffer) ||
++      this->input->read(this->input, buffer, chunk_size) !=
+         chunk_size) {
+         this->status = DEMUX_FINISHED;
+         return 0;



Home | Main Index | Thread Index | Old Index