Sun Apr 5 13:15:01 2009 UTC ()
add a patch from upstream CVS to fix an integer overflow in the
Quicktime demuxer, bump PKGREVISION


(drochner)
diff -r1.68 -r1.69 pkgsrc/multimedia/xine-lib/Makefile
diff -r1.62 -r1.63 pkgsrc/multimedia/xine-lib/distinfo
diff -r0 -r1.7 pkgsrc/multimedia/xine-lib/patches/patch-ay
cvs diff -r1.68 -r1.69 pkgsrc/multimedia/xine-lib/Makefile (expand / switch to unified diff)

--- pkgsrc/multimedia/xine-lib/Makefile 2009/02/19 12:58:03 1.68
+++ pkgsrc/multimedia/xine-lib/Makefile 2009/04/05 13:15:01 1.69
@@ -1,20 +1,20 @@ @@ -1,20 +1,20 @@
1# $NetBSD: Makefile,v 1.68 2009/02/19 12:58:03 drochner Exp $ 1# $NetBSD: Makefile,v 1.69 2009/04/05 13:15:01 drochner Exp $
2 2
3PKG_DESTDIR_SUPPORT= user-destdir 3PKG_DESTDIR_SUPPORT= user-destdir
4 4
5.include "Makefile.common" 5.include "Makefile.common"
6 6
7#PKGREVISION= 1 7PKGREVISION= 1
8 8
9COMMENT= Multimedia player library 9COMMENT= Multimedia player library
10 10
11BUILDLINK_API_DEPENDS.vcdimager+= vcdimager>=0.7.20nb1 11BUILDLINK_API_DEPENDS.vcdimager+= vcdimager>=0.7.20nb1
12 12
13SUBST_CLASSES+= oss 13SUBST_CLASSES+= oss
14SUBST_STAGE.oss= post-patch 14SUBST_STAGE.oss= post-patch
15SUBST_FILES.oss= src/audio_out/audio_oss_out.c 15SUBST_FILES.oss= src/audio_out/audio_oss_out.c
16SUBST_SED.oss= -e "s,/dev/dsp,${DEVOSSAUDIO},g" 16SUBST_SED.oss= -e "s,/dev/dsp,${DEVOSSAUDIO},g"
17.if ${OPSYS} == "NetBSD" || ${OPSYS} == "OpenBSD" 17.if ${OPSYS} == "NetBSD" || ${OPSYS} == "OpenBSD"
18SUBST_SED.oss+= -e "s,\"dsp\",\"audio\",g" 18SUBST_SED.oss+= -e "s,\"dsp\",\"audio\",g"
19.endif 19.endif
20SUBST_MESSAGE.oss= Fixing hardcoded audio device. 20SUBST_MESSAGE.oss= Fixing hardcoded audio device.
cvs diff -r1.62 -r1.63 pkgsrc/multimedia/xine-lib/distinfo (expand / switch to unified diff)

--- pkgsrc/multimedia/xine-lib/distinfo 2009/02/19 12:58:03 1.62
+++ pkgsrc/multimedia/xine-lib/distinfo 2009/04/05 13:15:01 1.63
@@ -1,33 +1,34 @@ @@ -1,33 +1,34 @@
1$NetBSD: distinfo,v 1.62 2009/02/19 12:58:03 drochner Exp $ 1$NetBSD: distinfo,v 1.63 2009/04/05 13:15:01 drochner Exp $
2 2
3SHA1 (xine-lib-1.1.16.2.tar.bz2) = faa3d9207d911a535161a3cd5660aa9e6b904c28 3SHA1 (xine-lib-1.1.16.2.tar.bz2) = faa3d9207d911a535161a3cd5660aa9e6b904c28
4RMD160 (xine-lib-1.1.16.2.tar.bz2) = 80da6bf2127bc349dbbc9da0f5529869110678b4 4RMD160 (xine-lib-1.1.16.2.tar.bz2) = 80da6bf2127bc349dbbc9da0f5529869110678b4
5Size (xine-lib-1.1.16.2.tar.bz2) = 7407399 bytes 5Size (xine-lib-1.1.16.2.tar.bz2) = 7407399 bytes
6SHA1 (patch-aa) = e09d34a121080b03bc67b2d8a3ca27463b771acc 6SHA1 (patch-aa) = e09d34a121080b03bc67b2d8a3ca27463b771acc
7SHA1 (patch-ab) = ef13b60c2bea54f354acf1b2d70c04594dac36c9 7SHA1 (patch-ab) = ef13b60c2bea54f354acf1b2d70c04594dac36c9
8SHA1 (patch-ad) = 94aaac03f74c72a1ca753d1320aac07d1bb8a846 8SHA1 (patch-ad) = 94aaac03f74c72a1ca753d1320aac07d1bb8a846
9SHA1 (patch-ae) = 417d730034cc4dbf3103e07afb8432822084c64b 9SHA1 (patch-ae) = 417d730034cc4dbf3103e07afb8432822084c64b
10SHA1 (patch-ag) = 066cc1f94d4d0ae6a24c4b6104ba05950db11972 10SHA1 (patch-ag) = 066cc1f94d4d0ae6a24c4b6104ba05950db11972
11SHA1 (patch-ah) = ba408237d4a717cc91b5d06ede425048914a9a1f 11SHA1 (patch-ah) = ba408237d4a717cc91b5d06ede425048914a9a1f
12SHA1 (patch-ai) = f0b33c1a36082445a86bcf71e07a6210aa21b7dc 12SHA1 (patch-ai) = f0b33c1a36082445a86bcf71e07a6210aa21b7dc
13SHA1 (patch-aj) = 4215c3bc37cf636e563a509f9a391081ed8e773b 13SHA1 (patch-aj) = 4215c3bc37cf636e563a509f9a391081ed8e773b
14SHA1 (patch-ak) = 744f59d1b9e40983f25bb532db1a5d4e92be6fbe 14SHA1 (patch-ak) = 744f59d1b9e40983f25bb532db1a5d4e92be6fbe
15SHA1 (patch-al) = b4bc97072b9615f026aee6ce3221dc97a045345a 15SHA1 (patch-al) = b4bc97072b9615f026aee6ce3221dc97a045345a
16SHA1 (patch-ao) = 0fa0c3969e2c3fd83e36db028d84bb7b8668c133 16SHA1 (patch-ao) = 0fa0c3969e2c3fd83e36db028d84bb7b8668c133
17SHA1 (patch-ap) = e4801863b0d4625fe6db9e4c51218f55b90c6100 17SHA1 (patch-ap) = e4801863b0d4625fe6db9e4c51218f55b90c6100
18SHA1 (patch-aq) = f6efa28ab1b9a24b79c18c181a5d309db53172e4 18SHA1 (patch-aq) = f6efa28ab1b9a24b79c18c181a5d309db53172e4
19SHA1 (patch-as) = a0a93a256589e87a66eef31494441aa1b200f834 19SHA1 (patch-as) = a0a93a256589e87a66eef31494441aa1b200f834
20SHA1 (patch-aw) = 78ab44197a6b9f85e4b272d522ce254de4d557dc 20SHA1 (patch-aw) = 78ab44197a6b9f85e4b272d522ce254de4d557dc
21SHA1 (patch-ax) = 683e2139b1075fc626719327de9e7621887c7332 21SHA1 (patch-ax) = 683e2139b1075fc626719327de9e7621887c7332
 22SHA1 (patch-ay) = 7bf4d476b7ca26566826355b626e95223c3c5567
22SHA1 (patch-be) = 966d057b118728ff509fd4e7f8005ab5b00b5633 23SHA1 (patch-be) = 966d057b118728ff509fd4e7f8005ab5b00b5633
23SHA1 (patch-bg) = 10eb076d087a40ac5f7920794ff7b34f2aa0495b 24SHA1 (patch-bg) = 10eb076d087a40ac5f7920794ff7b34f2aa0495b
24SHA1 (patch-cb) = 08d9920022988d2764d941cfa8b1aa5602a0ec81 25SHA1 (patch-cb) = 08d9920022988d2764d941cfa8b1aa5602a0ec81
25SHA1 (patch-cd) = a080c745d08ded46db7c1173fe55350c1eb9ff33 26SHA1 (patch-cd) = a080c745d08ded46db7c1173fe55350c1eb9ff33
26SHA1 (patch-da) = f79701d7c036e78d760c12119d88fe3f0dd1762d 27SHA1 (patch-da) = f79701d7c036e78d760c12119d88fe3f0dd1762d
27SHA1 (patch-db) = 3ad4ca6f43a379b251211477972cd6d34b1f821a 28SHA1 (patch-db) = 3ad4ca6f43a379b251211477972cd6d34b1f821a
28SHA1 (patch-dc) = 11c4212029e67f22796e57706b42400a0dbcac3a 29SHA1 (patch-dc) = 11c4212029e67f22796e57706b42400a0dbcac3a
29SHA1 (patch-eb) = b65e2c7c30fc04115d55da1ce1f6f65216ac1d23 30SHA1 (patch-eb) = b65e2c7c30fc04115d55da1ce1f6f65216ac1d23
30SHA1 (patch-fa) = 9312a3bab4ae8482a208948277f1d11fb7eaaf8c 31SHA1 (patch-fa) = 9312a3bab4ae8482a208948277f1d11fb7eaaf8c
31SHA1 (patch-fb) = 9d9fd6fee4f4dbb8f509117e07ab9248ea1625e2 32SHA1 (patch-fb) = 9d9fd6fee4f4dbb8f509117e07ab9248ea1625e2
32SHA1 (patch-ga) = 73b5aa8acbbdf27e0dea29722e6c4e2bfa3cf6fc 33SHA1 (patch-ga) = 73b5aa8acbbdf27e0dea29722e6c4e2bfa3cf6fc
33SHA1 (patch-gb) = bf66da95271a1ffade583bf3ec7848f24a658eb0 34SHA1 (patch-gb) = bf66da95271a1ffade583bf3ec7848f24a658eb0
File Added: pkgsrc/multimedia/xine-lib/patches/Attic/patch-ay
$NetBSD: patch-ay,v 1.7 2009/04/05 13:15:01 drochner Exp $

--- src/demuxers/demux_qt.c.orig	2009-04-05 11:28:05.000000000 +0200
+++ src/demuxers/demux_qt.c
@@ -1535,7 +1535,8 @@ static qt_error parse_trak_atom (qt_trak
     } else if (current_atom == STTS_ATOM) {
 
       /* there should only be one of these atoms */
-      if (trak->time_to_sample_table) {
+      if (trak->time_to_sample_table
+	  || current_atom_size < 12 || current_atom_size >= UINT_MAX) {
         last_error = QT_HEADER_TROUBLE;
         goto free_trak;
       }
@@ -1545,6 +1546,11 @@ static qt_error parse_trak_atom (qt_trak
       debug_atom_load("    qt stts atom (time-to-sample atom): %d entries\n",
         trak->time_to_sample_count);
 
+      if (trak->time_to_sample_count > (current_atom_size - 12) / 8) {
+	last_error = QT_HEADER_TROUBLE;
+	goto free_trak;
+      }
+
       trak->time_to_sample_table = (time_to_sample_table_t *)calloc(
         trak->time_to_sample_count+1, sizeof(time_to_sample_table_t));
       if (!trak->time_to_sample_table) {