diff options
Diffstat (limited to 'multimedia/mplayer')
| -rw-r--r-- | multimedia/mplayer/Makefile | 2 | ||||
| -rw-r--r-- | multimedia/mplayer/Makefile.options | 2 | ||||
| -rw-r--r-- | multimedia/mplayer/files/patch-CVE-2008-3827 | 28 |
3 files changed, 30 insertions, 2 deletions
diff --git a/multimedia/mplayer/Makefile b/multimedia/mplayer/Makefile index 9a1f5301cf51..91f680f96568 100644 --- a/multimedia/mplayer/Makefile +++ b/multimedia/mplayer/Makefile @@ -7,7 +7,7 @@ PORTNAME= mplayer PORTVERSION= ${MPLAYER_PORT_VERSION} -PORTREVISION= 5 +PORTREVISION= 7 COMMENT= High performance media player supporting many formats diff --git a/multimedia/mplayer/Makefile.options b/multimedia/mplayer/Makefile.options index 19e20b0b7934..9c1279a87e88 100644 --- a/multimedia/mplayer/Makefile.options +++ b/multimedia/mplayer/Makefile.options @@ -227,7 +227,7 @@ CONFIGURE_ARGS+= --disable-ladspa .endif .if defined(WITH_LIBLZO) -LIB_DEPENDS+= lzo.1:${PORTSDIR}/archivers/lzo +LIB_DEPENDS+= lzo2.2:${PORTSDIR}/archivers/lzo2 .else CONFIGURE_ARGS+= --disable-liblzo .endif diff --git a/multimedia/mplayer/files/patch-CVE-2008-3827 b/multimedia/mplayer/files/patch-CVE-2008-3827 new file mode 100644 index 000000000000..88566fe0b010 --- /dev/null +++ b/multimedia/mplayer/files/patch-CVE-2008-3827 @@ -0,0 +1,28 @@ +Index: libmpdemux/demux_real.c +=================================================================== +--- libmpdemux/demux_real.c (revision 27605) ++++ libmpdemux/demux_real.c (working copy) +@@ -947,6 +947,7 @@ + // last fragment! + if(dp_hdr->len!=vpkg_length-vpkg_offset) + mp_msg(MSGT_DEMUX,MSGL_V,"warning! assembled.len=%d frag.len=%d total.len=%d \n",dp->len,vpkg_offset,vpkg_length-vpkg_offset); ++ if (vpkg_offset > dp->len - sizeof(dp_hdr_t) - dp_hdr->len) vpkg_offset = dp->len - sizeof(dp_hdr_t) - dp_hdr->len; + stream_read(demuxer->stream, dp_data+dp_hdr->len, vpkg_offset); + if((dp_data[dp_hdr->len]&0x20) && (sh_video->format==0x30335652)) --dp_hdr->chunks; else + dp_hdr->len+=vpkg_offset; +@@ -970,6 +971,7 @@ + // non-last fragment: + if(dp_hdr->len!=vpkg_offset) + mp_msg(MSGT_DEMUX,MSGL_V,"warning! assembled.len=%d offset=%d frag.len=%d total.len=%d \n",dp->len,vpkg_offset,len,vpkg_length); ++ if (len > dp->len - sizeof(dp_hdr_t) - dp_hdr->len) len = dp->len - sizeof(dp_hdr_t) - dp_hdr->len; + stream_read(demuxer->stream, dp_data+dp_hdr->len, len); + if((dp_data[dp_hdr->len]&0x20) && (sh_video->format==0x30335652)) --dp_hdr->chunks; else + dp_hdr->len+=len; +@@ -992,6 +994,7 @@ + extra[0]=1; extra[1]=0; // offset of the first chunk + if(0x00==(vpkg_header&0xc0)){ + // first fragment: ++ if (len > dp->len - sizeof(dp_hdr_t)) len = dp->len - sizeof(dp_hdr_t); + dp_hdr->len=len; + stream_read(demuxer->stream, dp_data, len); + ds->asf_packet=dp; |