o Fix FFmpeg libavcodec Buffer Overflow Vulnerability advisory:

  http://secunia.com/advisories/17892/

o Patch can be found at:

  http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558

o Bump PORTREVISION

Submitted by:	Simon Kilvington <s.kilvington@eris.qinetiq.com> (patch)
Prompted by:	marcus

2 files changed, 20 insertions, 1 deletions

diff --git a/multimedia/ffmpeg/Makefile b/multimedia/ffmpeg/Makefile
index 19ad4a8b1443..2db71b511c60 100644
--- a/multimedia/ffmpeg/Makefile
+++ b/multimedia/ffmpeg/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	ffmpeg
 DISTVERSION=	0.4.9-pre1
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	multimedia audio net
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE_EXTENDED}
 MASTER_SITE_SUBDIR=	ffmpeg
diff --git a/multimedia/ffmpeg/files/patch-libavcodec__utils.c b/multimedia/ffmpeg/files/patch-libavcodec__utils.c
new file mode 100644
index 000000000000..aec320fbf281
--- /dev/null
+++ b/multimedia/ffmpeg/files/patch-libavcodec__utils.c
@@ -0,0 +1,19 @@
+--- libavcodec/utils.c.orig	Tue Dec  6 17:51:14 2005
++++ libavcodec/utils.c	Tue Dec  6 17:53:17 2005
+@@ -249,6 +249,16 @@
+             const int h_shift= i==0 ? 0 : h_chroma_shift;
+             const int v_shift= i==0 ? 0 : v_chroma_shift;
+ 
++	    if(s->pix_fmt == PIX_FMT_PAL8 && i == 1)
++		{
++		buf->base[i] = av_malloc(256 * 4);
++		if(buf->base[i] == NULL)
++		    return -1;
++		buf->data[i] = buf->base[i];
++		continue;
++		}
++
++
+             //FIXME next ensures that linesize= 2^x uvlinesize, thats needed because some MC code assumes it
+             buf->linesize[i]= ALIGN(pixel_size*w>>h_shift, s_align<<(h_chroma_shift-h_shift)); 
+