 @@ -1,17 +1,19 @@
-# $NetBSD: Makefile,v 1.96 2012/12/19 11:59:35 jperkin Exp $
+# $NetBSD: Makefile,v 1.97 2012/12/19 14:58:33 drochner Exp $
 PKGNAME=	ffmpeg-20121209.${DISTVERSION}
 PKGREVISION=	1
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	http://ffmpeg.mplayerhq.hu/
 COMMENT=	Decoding, encoding and streaming software
 CONFIGURE_ARGS+=	--enable-avfilter
 #CONFIGURE_ARGS+=	--enable-avfilter-lavf
 CONFIGURE_ARGS+=	--enable-postproc
 INSTALLATION_DIRS=	lib share/examples/ffmpeg share/doc/ffmpeg
 CONF_FILES+=	${PREFIX}/share/examples/ffmpeg/ffserver.conf \
 		${PKG_SYSCONFDIR}/ffserver.conf

 @@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.61 2012/12/16 13:43:10 wiz Exp $
+$NetBSD: distinfo,v 1.62 2012/12/19 14:58:33 drochner Exp $
 SHA1 (ffmpeg-1.0.1.tar.bz2) = 007465d01dcd4cae973285f89f5c6c500602a3ec
 RMD160 (ffmpeg-1.0.1.tar.bz2) = 363ba32002ed79def6d0f160975b751d15818c1e
 Size (ffmpeg-1.0.1.tar.bz2) = 6446587 bytes
 SHA1 (patch-SA51464) = ffafc874ef3313c1228d0bba1bae7f327bec7b9c
 SHA1 (patch-aa) = 43f68708e26723ec2e523578090d13bc79014066
 SHA1 (patch-ac) = 1c1c4f086328216f5d0cd9339171efa22065259a
 SHA1 (patch-ap) = 0ea32afb145b55f0186fb14b1b07568d7442ddf3
 SHA1 (patch-configure) = 7b89801bffb8d5e41c1c7f6bb5c69ed0cd1c1de4

$NetBSD: patch-SA51464,v 1.1 2012/12/19 14:58:33 drochner Exp $ see https://trac.videolan.org/vlc/ticket/7860 --- libavformat/swfdec.c.orig 2012-12-03 21:17:35.000000000 +0000 +++ libavformat/swfdec.c @@ -153,6 +153,10 @@ static int swf_read_packet(AVFormatConte tag = get_swf_tag(pb, &len); if (tag < 0) return tag; + if (len < 0) { + av_log(s, AV_LOG_ERROR, "invalid tag length: %d\n", len); + return AVERROR_INVALIDDATA; + } if (tag == TAG_VIDEOSTREAM) { int ch_id = avio_rl16(pb); len -= 2; @@ -208,7 +212,10 @@ static int swf_read_packet(AVFormatConte st = s->streams[i]; if (st->codec->codec_type == AVMEDIA_TYPE_VIDEO && st->id == ch_id) { frame = avio_rl16(pb); - if ((res = av_get_packet(pb, pkt, len-2)) < 0) + len -= 2; + if (len <= 0) + goto skip; + if ((res = av_get_packet(pb, pkt, len)) < 0) return res; pkt->pos = pos; pkt->pts = frame; @@ -220,17 +227,22 @@ static int swf_read_packet(AVFormatConte for (i = 0; i < s->nb_streams; i++) { st = s->streams[i]; if (st->codec->codec_type == AVMEDIA_TYPE_AUDIO && st->id == -1) { - if (st->codec->codec_id == AV_CODEC_ID_MP3) { - avio_skip(pb, 4); - if ((res = av_get_packet(pb, pkt, len-4)) < 0) - return res; - } else { // ADPCM, PCM - if ((res = av_get_packet(pb, pkt, len)) < 0) - return res; - } - pkt->pos = pos; - pkt->stream_index = st->index; - return pkt->size; + if (st->codec->codec_id == AV_CODEC_ID_MP3) { + avio_skip(pb, 4); + len -= 4; + if (len <= 0) + goto skip; + if ((res = av_get_packet(pb, pkt, len)) < 0) + return res; + } else { // ADPCM, PCM + if (len <= 0) + goto skip; + if ((res = av_get_packet(pb, pkt, len)) < 0) + return res; + } + pkt->pos = pos; + pkt->stream_index = st->index; + return pkt->size; } } } else if (tag == TAG_JPEG2) { @@ -250,7 +262,10 @@ static int swf_read_packet(AVFormatConte st = vst; } avio_rl16(pb); /* BITMAP_ID */ - if ((res = av_new_packet(pkt, len-2)) < 0) + len -= 2; + if (len < 4) + goto skip; + if ((res = av_new_packet(pkt, len)) < 0) return res; avio_read(pb, pkt->data, 4); if (AV_RB32(pkt->data) == 0xffd8ffd9 || @@ -267,6 +282,9 @@ static int swf_read_packet(AVFormatConte return pkt->size; } skip: + if(len<0) + av_log(s, AV_LOG_WARNING, "Cliping len %d\n", len); + len = FFMAX(0, len); avio_skip(pb, len); } }