Fix the buffer overflow vulnerability in the HTTP input plugin.

Submitted by:	Tijl Coosemans <tijl@ulyssis.org>
Security: 	http://secunia.com/advisories/20369
Security:	CVE-2006-2802

2 files changed, 16 insertions, 1 deletions

diff --git a/multimedia/libxine/Makefile b/multimedia/libxine/Makefile
index ca9081f8ddd2..7ddb78484e7c 100644
--- a/multimedia/libxine/Makefile
+++ b/multimedia/libxine/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	xine
 PORTVERSION=	1.1.1
-PORTREVISION=	5
+PORTREVISION=	6
 CATEGORIES=	multimedia ipv6
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	${PORTNAME}
diff --git a/multimedia/libxine/files/patch-src_input_input_http.c b/multimedia/libxine/files/patch-src_input_input_http.c
new file mode 100644
index 000000000000..16cba0bcd3f8
--- /dev/null
+++ b/multimedia/libxine/files/patch-src_input_input_http.c
@@ -0,0 +1,15 @@
+--- src/input/input_http.c.orig	Tue Jun  6 21:16:04 2006
++++ src/input/input_http.c	Tue Jun  6 21:22:34 2006
+@@ -895,6 +895,12 @@
+ 	len = 0;
+     } else
+       len ++;
++    if ( len >= BUFSIZE ) {
++       _x_message(this->stream, XINE_MSG_PERMISSION_ERROR, this->mrl, NULL);
++       xine_log (this->stream->xine, XINE_LOG_MSG,
++         _("input_http: buffer exhausted after %d bytes."), BUFSIZE);
++       return 0;
++    }
+   }
+ 
+   lprintf ("end of headers\n");