diff options
author | miwi <miwi@FreeBSD.org> | 2009-01-07 02:57:27 +0800 |
---|---|---|
committer | miwi <miwi@FreeBSD.org> | 2009-01-07 02:57:27 +0800 |
commit | 2fa67d73695d03b6b1122d4f60352def920f023c (patch) | |
tree | 2107c4dd5f83bb4c8404cc44e2d4aef58c5a5037 | |
parent | 8e16b6909f5f509a68e3161f2f02d692646de84d (diff) | |
download | freebsd-ports-gnome-2fa67d73695d03b6b1122d4f60352def920f023c.tar.gz freebsd-ports-gnome-2fa67d73695d03b6b1122d4f60352def920f023c.tar.zst freebsd-ports-gnome-2fa67d73695d03b6b1122d4f60352def920f023c.zip |
- Use additional configure arguments that fix a build problem in ports/128085
- Small change of configure arguments also fixes ports/128074
- Fix a stack buffer overflow vulnerability while parsing malformed TwinVQ
media files.
- Bump PORTREVISION
PR: 129810
Submitted by: Thomas Zander <riggs@rrr.de> (maintainer)
Security: http://www.vuxml.org/freebsd/7c5bd5b8-d652-11dd-a765-0030843d3802.html
-rw-r--r-- | multimedia/mencoder/Makefile | 3 | ||||
-rw-r--r-- | multimedia/mplayer/Makefile | 1 | ||||
-rw-r--r-- | multimedia/mplayer/Makefile.shared | 3 | ||||
-rw-r--r-- | multimedia/mplayer/files/patch-CVE-2008-5616 | 55 |
4 files changed, 59 insertions, 3 deletions
diff --git a/multimedia/mencoder/Makefile b/multimedia/mencoder/Makefile index e3af4574dcd3..56fb5b8a3e48 100644 --- a/multimedia/mencoder/Makefile +++ b/multimedia/mencoder/Makefile @@ -6,7 +6,7 @@ PORTNAME= mencoder PORTVERSION= ${MPLAYER_PORT_VERSION} -PORTREVISION= 2 +PORTREVISION= 3 COMMENT= Convenient video file and movie encoder RESTRICTED= Port has restricted dependencies @@ -78,6 +78,7 @@ CONFIGURE_ARGS+= --disable-vidix-internal \ --disable-svga \ --disable-aa \ --disable-joystick \ + --disable-directfb \ --disable-ssse3 .include "${.CURDIR}/../mplayer/Makefile.options" diff --git a/multimedia/mplayer/Makefile b/multimedia/mplayer/Makefile index 5b9eb65d2bb7..0dc2134f874d 100644 --- a/multimedia/mplayer/Makefile +++ b/multimedia/mplayer/Makefile @@ -76,6 +76,7 @@ CONFFILES= example.conf input.conf menu.conf dvb-menu.conf .include <bsd.port.pre.mk> CONFIGURE_ARGS+= --disable-ssse3 \ + --disable-directfb \ --disable-faac \ --disable-twolame \ --disable-mencoder diff --git a/multimedia/mplayer/Makefile.shared b/multimedia/mplayer/Makefile.shared index 87f257167616..11252a4a7853 100644 --- a/multimedia/mplayer/Makefile.shared +++ b/multimedia/mplayer/Makefile.shared @@ -35,8 +35,7 @@ CONFIGURE_ARGS= --enable-png \ --disable-vidix-external \ --disable-tv-v4l1 \ --disable-tv-v4l2 \ - --disable-dvdnav \ - --disable-dvdread + --disable-dvdnav WANT_GNOME= yes WANT_SDL= yes diff --git a/multimedia/mplayer/files/patch-CVE-2008-5616 b/multimedia/mplayer/files/patch-CVE-2008-5616 new file mode 100644 index 000000000000..30626d496862 --- /dev/null +++ b/multimedia/mplayer/files/patch-CVE-2008-5616 @@ -0,0 +1,55 @@ +--- libmpdemux/demux_vqf.c.orig 2007-10-07 20:49:33.000000000 +0100 ++++ libmpdemux/demux_vqf.c 2008-12-15 14:29:58.000000000 +0000 +@@ -50,11 +50,14 @@ + unsigned chunk_size; + hi->size=chunk_size=stream_read_dword(s); /* include itself */ + stream_read(s,chunk_id,4); ++ if (chunk_size < 8) return NULL; ++ chunk_size -= 8; + if(*((uint32_t *)&chunk_id[0])==mmioFOURCC('C','O','M','M')) + { +- char buf[chunk_size-8]; ++ char buf[BUFSIZ]; + unsigned i,subchunk_size; +- if(stream_read(s,buf,chunk_size-8)!=chunk_size-8) return NULL; ++ if (chunk_size > sizeof(buf) || chunk_size < 20) return NULL; ++ if(stream_read(s,buf,chunk_size)!=chunk_size) return NULL; + i=0; + subchunk_size=be2me_32(*((uint32_t *)&buf[0])); + hi->channelMode=be2me_32(*((uint32_t *)&buf[4])); +@@ -83,13 +86,15 @@ + sh_audio->samplesize = 4; + w->wBitsPerSample = 8*sh_audio->samplesize; + w->cbSize = 0; ++ if (subchunk_size > chunk_size - 4) continue; + i+=subchunk_size+4; +- while(i<chunk_size-8) ++ while(i + 8 < chunk_size) + { + unsigned slen,sid; +- char sdata[chunk_size]; ++ char sdata[BUFSIZ]; + sid=*((uint32_t *)&buf[i]); i+=4; + slen=be2me_32(*((uint32_t *)&buf[i])); i+=4; ++ if (slen > sizeof(sdata) - 1 || slen > chunk_size - i) break; + if(sid==mmioFOURCC('D','S','I','Z')) + { + hi->Dsiz=be2me_32(*((uint32_t *)&buf[i])); +@@ -141,7 +146,7 @@ + if(*((uint32_t *)&chunk_id[0])==mmioFOURCC('D','A','T','A')) + { + demuxer->movi_start=stream_tell(s); +- demuxer->movi_end=demuxer->movi_start+chunk_size-8; ++ demuxer->movi_end=demuxer->movi_start+chunk_size; + mp_msg(MSGT_DEMUX, MSGL_V, "Found data at %"PRIX64" size %"PRIu64"\n",demuxer->movi_start,demuxer->movi_end); + /* Done! play it */ + break; +@@ -149,7 +154,7 @@ + else + { + mp_msg(MSGT_DEMUX, MSGL_V, "Unhandled chunk '%c%c%c%c' %u bytes\n",((char *)&chunk_id)[0],((char *)&chunk_id)[1],((char *)&chunk_id)[2],((char *)&chunk_id)[3],chunk_size); +- stream_skip(s,chunk_size-8); /*unknown chunk type */ ++ stream_skip(s,chunk_size); /*unknown chunk type */ + } + } + |