add limit check to real parser (identical to CVE-2006-6172)
from mplayer svn bump PKGREVISIONs
This commit is contained in:
drochner
parent
a9b8d97d09
commit
f412506948
8 changed files with 65 additions and 7 deletions
|
|
@ -1,4 +1,4 @@
|
|||
# $NetBSD: Makefile,v 1.57 2006/11/30 15:00:45 joerg Exp $
|
||||
# $NetBSD: Makefile,v 1.58 2007/01/09 14:49:33 drochner Exp $
|
||||
|
||||
#
|
||||
# NOTE: if you are updating both mplayer and gmplayer, you must ensure
|
||||
|
|
@ -9,6 +9,7 @@
|
|||
#
|
||||
|
||||
PKGNAME= gmplayer-${MPLAYER_PKG_VERSION}
|
||||
PKGREVISION= 1
|
||||
|
||||
SKIN_SITES= http://www1.mplayerhq.hu/MPlayer/skins/ \
|
||||
http://www2.mplayerhq.hu/MPlayer/skins/ \
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
$NetBSD: distinfo,v 1.43 2006/11/30 14:03:13 abs Exp $
|
||||
$NetBSD: distinfo,v 1.44 2007/01/09 14:49:33 drochner Exp $
|
||||
|
||||
SHA1 (gmplayer-1.0rc9-20060123/AlienMind-1.2.tar.bz2) = 34370da1e003e4accceae194a63483aa6eebc4dc
|
||||
RMD160 (gmplayer-1.0rc9-20060123/AlienMind-1.2.tar.bz2) = f3fda7d44a59f98097162f76d0a0d58840974998
|
||||
|
|
@ -68,4 +68,7 @@ SHA1 (patch-ab) = 29bf59ecb3d283708ae1c5002d1fa71cac627cc9
|
|||
SHA1 (patch-ac) = 6d0de4bd41d9842ea1bf46e9fbe60bf6a943b913
|
||||
SHA1 (patch-ad) = d0b72eaa5e63d2cfd7828ea1a9973f1728c607b5
|
||||
SHA1 (patch-ah) = 7aeb9f04d622fcad8c40dc9edbb0a58277fc622b
|
||||
SHA1 (patch-ba) = bdb20f4ead6f55c0847534b5b1f06ea865e438e6
|
||||
SHA1 (patch-bb) = 554ca2074716ada4f817f55be61e808e1dc5c93e
|
||||
SHA1 (patch-bc) = c073f6e5d2d71030346fda82ff3a1f474ad49c0f
|
||||
SHA1 (patch-tc) = e67443cec273d7aa168fb160e2409d2ce352a8bf
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
# $NetBSD: Makefile,v 1.30 2007/01/07 09:14:01 rillig Exp $
|
||||
# $NetBSD: Makefile,v 1.31 2007/01/09 14:49:33 drochner Exp $
|
||||
|
||||
PKGNAME= mencoder-${MPLAYER_PKG_VERSION}
|
||||
|
||||
PKGREVISION= 1
|
||||
PKGREVISION= 2
|
||||
|
||||
COMMENT= Simple movie encoder for MPlayer-playable movies
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
$NetBSD: distinfo,v 1.35 2006/11/30 14:03:13 abs Exp $
|
||||
$NetBSD: distinfo,v 1.36 2007/01/09 14:49:33 drochner Exp $
|
||||
|
||||
SHA1 (mplayer-1.0rc9/MPlayer-1.0rc1.tar.bz2) = a450c0b0749c343a8496ba7810363c9d46dfa73c
|
||||
RMD160 (mplayer-1.0rc9/MPlayer-1.0rc1.tar.bz2) = 8cea02e832aec5d9e090829d61d0f131dcc177a2
|
||||
|
|
@ -8,4 +8,7 @@ SHA1 (patch-ab) = 29bf59ecb3d283708ae1c5002d1fa71cac627cc9
|
|||
SHA1 (patch-ac) = 6d0de4bd41d9842ea1bf46e9fbe60bf6a943b913
|
||||
SHA1 (patch-ad) = d0b72eaa5e63d2cfd7828ea1a9973f1728c607b5
|
||||
SHA1 (patch-ah) = 7aeb9f04d622fcad8c40dc9edbb0a58277fc622b
|
||||
SHA1 (patch-ba) = bdb20f4ead6f55c0847534b5b1f06ea865e438e6
|
||||
SHA1 (patch-bb) = 554ca2074716ada4f817f55be61e808e1dc5c93e
|
||||
SHA1 (patch-bc) = c073f6e5d2d71030346fda82ff3a1f474ad49c0f
|
||||
SHA1 (patch-tc) = e67443cec273d7aa168fb160e2409d2ce352a8bf
|
||||
|
|
|
|||
25
multimedia/mplayer-share/patches/patch-ba
Normal file
25
multimedia/mplayer-share/patches/patch-ba
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
$NetBSD: patch-ba,v 1.5 2007/01/09 14:49:33 drochner Exp $
|
||||
|
||||
--- stream/realrtsp/asmrp.c.orig 2006-10-23 00:32:25.000000000 +0200
|
||||
+++ stream/realrtsp/asmrp.c
|
||||
@@ -40,6 +40,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
+#include "asmrp.h"
|
||||
|
||||
/*
|
||||
#define LOG
|
||||
@@ -645,8 +646,10 @@ static int asmrp_eval (asmrp_t *p, int *
|
||||
#ifdef LOG
|
||||
printf ("rule #%d is true\n", rule_num);
|
||||
#endif
|
||||
- matches[num_matches] = rule_num;
|
||||
- num_matches++;
|
||||
+ if(num_matches < MAX_RULEMATCHES - 1)
|
||||
+ matches[num_matches++] = rule_num;
|
||||
+ else
|
||||
+ printf("Ignoring matched asm rule %d, too many matched rules.\n", rule_num);
|
||||
}
|
||||
|
||||
rule_num++;
|
||||
13
multimedia/mplayer-share/patches/patch-bb
Normal file
13
multimedia/mplayer-share/patches/patch-bb
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
$NetBSD: patch-bb,v 1.5 2007/01/09 14:49:33 drochner Exp $
|
||||
|
||||
--- stream/realrtsp/real.c.orig 2006-10-23 00:32:25.000000000 +0200
|
||||
+++ stream/realrtsp/real.c
|
||||
@@ -271,7 +271,7 @@ static rmff_header_t *real_parse_sdp(cha
|
||||
int j=0;
|
||||
int n;
|
||||
char b[64];
|
||||
- int rulematches[16];
|
||||
+ int rulematches[MAX_RULEMATCHES];
|
||||
|
||||
#ifdef LOG
|
||||
printf("calling asmrp_match with:\n%s\n%u\n", desc->stream[i]->asm_rule_book, bandwidth);
|
||||
13
multimedia/mplayer-share/patches/patch-bc
Normal file
13
multimedia/mplayer-share/patches/patch-bc
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
$NetBSD: patch-bc,v 1.3 2007/01/09 14:49:33 drochner Exp $
|
||||
|
||||
--- stream/realrtsp/asmrp.h.orig 2006-10-23 00:32:25.000000000 +0200
|
||||
+++ stream/realrtsp/asmrp.h
|
||||
@@ -40,6 +40,8 @@
|
||||
#ifndef HAVE_ASMRP_H
|
||||
#define HAVE_ASMRP_H
|
||||
|
||||
+#define MAX_RULEMATCHES 16
|
||||
+
|
||||
int asmrp_match (const char *rules, int bandwidth, int *matches) ;
|
||||
|
||||
#endif
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
# $NetBSD: Makefile,v 1.37 2006/12/27 21:14:12 joerg Exp $
|
||||
# $NetBSD: Makefile,v 1.38 2007/01/09 14:49:34 drochner Exp $
|
||||
|
||||
PKGNAME= mplayer-${MPLAYER_PKG_VERSION}
|
||||
PKGREVISION= 2
|
||||
PKGREVISION= 3
|
||||
|
||||
COMMENT= Software-only MPEG-1/2/4 video decoder
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue