[pkgsrc/trunk]: pkgsrc/multimedia/ffmpeg Add fix for buffer overflow in 4xm m...

[tron <tron%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/8fbb7f9e444b
branches:  trunk
changeset: 553756:8fbb7f9e444b
user:      tron <tron%pkgsrc.org@localhost>
date:      Thu Jan 29 15:02:13 2009 +0000

description:
Add fix for buffer overflow in 4xm movie format decoder based on a
patch from "ffmpeg" SVN.

diffstat:

 multimedia/ffmpeg/Makefile          |   4 ++--
 multimedia/ffmpeg/distinfo          |   3 ++-
 multimedia/ffmpeg/patches/patch-4xm |  22 ++++++++++++++++++++++
 3 files changed, 26 insertions(+), 3 deletions(-)

diffs (54 lines):

diff -r 62178e15e6b8 -r 8fbb7f9e444b multimedia/ffmpeg/Makefile
--- a/multimedia/ffmpeg/Makefile        Thu Jan 29 14:43:02 2009 +0000
+++ b/multimedia/ffmpeg/Makefile        Thu Jan 29 15:02:13 2009 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.46 2008/12/18 16:31:53 bjs Exp $
+# $NetBSD: Makefile,v 1.47 2009/01/29 15:02:13 tron Exp $
 
 DISTNAME=      ffmpeg-${DISTVERSION}
 PKGNAME=       ffmpeg-${DISTVERSION:S/-//g}
-PKGREVISION=   6
+PKGREVISION=   7
 CATEGORIES=    multimedia
 MASTER_SITES=  ${MASTER_SITE_FREEBSD}
 EXTRACT_SUFX=  .tar.bz2
diff -r 62178e15e6b8 -r 8fbb7f9e444b multimedia/ffmpeg/distinfo
--- a/multimedia/ffmpeg/distinfo        Thu Jan 29 14:43:02 2009 +0000
+++ b/multimedia/ffmpeg/distinfo        Thu Jan 29 15:02:13 2009 +0000
@@ -1,8 +1,9 @@
-$NetBSD: distinfo,v 1.21 2008/12/18 16:31:53 bjs Exp $
+$NetBSD: distinfo,v 1.22 2009/01/29 15:02:13 tron Exp $
 
 SHA1 (ffmpeg-2008-07-27.tar.bz2) = 103acde7a0f02aa1c32d5dab5bf187c94441c479
 RMD160 (ffmpeg-2008-07-27.tar.bz2) = e69128fc034a3f8b0fd561f1e6ecc04dd118a977
 Size (ffmpeg-2008-07-27.tar.bz2) = 2581976 bytes
+SHA1 (patch-4xm) = 179f817eae8bb2ac122a2f451e13ddb22e4c23c5
 SHA1 (patch-bktr) = dddf7149810d227f531e5a198445fc0d1893bece
 SHA1 (patch-configure) = 747593b082f428ac1f79c6d9cad8773326351a83
 SHA1 (patch-imgconvert.c) = 3c0a9f98ddb767db6f46a02fc64451c0a79b1cbc
diff -r 62178e15e6b8 -r 8fbb7f9e444b multimedia/ffmpeg/patches/patch-4xm
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/multimedia/ffmpeg/patches/patch-4xm       Thu Jan 29 15:02:13 2009 +0000
@@ -0,0 +1,22 @@
+$NetBSD: patch-4xm,v 1.1 2009/01/29 15:02:13 tron Exp $
+
+Patch for buffer overflow based on this change:
+http://svn.ffmpeg.org/ffmpeg/trunk/libavformat/4xm.c?r1=16838&r2=16846
+
+--- libavformat/4xm.c.orig     2009-01-29 14:33:19.000000000 +0000
++++ libavformat/4xm.c  2009-01-29 14:37:44.000000000 +0000
+@@ -163,10 +163,12 @@
+                 return AVERROR_INVALIDDATA;
+             }
+             current_track = AV_RL32(&header[i + 8]);
++            if((unsigned)current_track >= UINT_MAX / sizeof(AudioTrack) - 1){
++                av_log(s, AV_LOG_ERROR, "current_track too large\n");
++                return -1;
++            }
+             if (current_track + 1 > fourxm->track_count) {
+                 fourxm->track_count = current_track + 1;
+-                if((unsigned)fourxm->track_count >= UINT_MAX / sizeof(AudioTrack))
+-                    return -1;
+                 fourxm->tracks = av_realloc(fourxm->tracks,
+                     fourxm->track_count * sizeof(AudioTrack));
+                 if (!fourxm->tracks) {