From 69bc23d8b8ef1da3e611c2265a2d17227ab615d2 Mon Sep 17 00:00:00 2001 From: Jason Plum Date: Sun, 26 May 2013 14:05:01 -0400 Subject: [PATCH] community/mplayer-vaapi to 35107-8 --- community/mplayer-vaapi/PKGBUILD | 6 +- .../subreader-fix-srt-parsing.patch | 58 ++++++------------- 2 files changed, 22 insertions(+), 42 deletions(-) diff --git a/community/mplayer-vaapi/PKGBUILD b/community/mplayer-vaapi/PKGBUILD index 8848a3033..f252c6e09 100644 --- a/community/mplayer-vaapi/PKGBUILD +++ b/community/mplayer-vaapi/PKGBUILD @@ -8,7 +8,7 @@ pkgname=mplayer-vaapi pkgver=35107 -pkgrel=7 +pkgrel=8 pkgdesc="A movie player, compiled with vaapi support" arch=('i686' 'x86_64') url="http://gitorious.org/vaapi/mplayer" @@ -32,7 +32,7 @@ install=mplayer-vaapi.install sha256sums=('a6c645625cc2cd6ca48764db302c926049f831e757857ece351b37b674e05e56' '72e6c654f9733953ad2466d0ea1a52f23e753791d8232d90f13293eb1b358720' '5a09fb462729a4e573568f9e8c1f57dbe7f69c0b68cfa4f6d70b3e52c450d93b' - '69127a5576e4f1f62f688215bd2ec0e052ddcb36292c7a1766c146ff122cb092') + '8b6cd325d89ff8bce3662c6aaa9b61b8e6163c6574e09b575426a1eed02b8ad3') prepare() { cd "$srcdir/mplayer-vaapi-$pkgver" @@ -40,7 +40,7 @@ prepare() { patch -d etc -Np0 -i "$srcdir/tweak-desktop-file.patch" # http://bugzilla.mplayerhq.hu/show_bug.cgi?id=2139 - patch -Np1 -i "$srcdir/subreader-fix-srt-parsing.patch" + patch -Np0 -i "$srcdir/subreader-fix-srt-parsing.patch" } build() { diff --git a/community/mplayer-vaapi/subreader-fix-srt-parsing.patch b/community/mplayer-vaapi/subreader-fix-srt-parsing.patch index 84f2de4d9..f1c087377 100644 --- a/community/mplayer-vaapi/subreader-fix-srt-parsing.patch +++ b/community/mplayer-vaapi/subreader-fix-srt-parsing.patch @@ -1,34 +1,8 @@ -From d98e61ea438db66323734ad1b6bea66411a3c97b Mon Sep 17 00:00:00 2001 -From: wm4 -Date: Tue, 30 Apr 2013 00:09:31 +0200 -Subject: [PATCH] subreader: fix out of bound write access when parsing .srt - -This broke .srt subtitles on gcc-4.8. The breakage was relatively -subtle: it set all hour components to 0, while everything else was -parsed successfully. - -But the problem is really that sscanf wrote 1 byte past the sep -variable (or more, for invalid/specially prepared input). The %[..] -format specifier is unbounded. Fix that by letting sscanf drop the -parsed contents with "*", and also make it skip only one input -character by adding "1" (=> "%*1[..."). - -The out of bound write could easily lead to security issues. - -Also, this change makes .srt subtitle parsing slightly more strict. -Strictly speaking this is an unrelated change, but do it anyway. It's -more correct. ---- - sub/subreader.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - - (foutrelis: adjusted variable names in first hunk to apply to mplayer) - -diff --git a/sub/subreader.c b/sub/subreader.c -index 23da4c7..0f1b6c9 100644 ---- a/sub/subreader.c -+++ b/sub/subreader.c -@@ -386,14 +386,14 @@ static subtitle *sub_ass_read_line_subviewer(stream_t *st, subtitle *current, +Index: sub/subreader.c +=================================================================== +--- sub/subreader.c (revision 36284) ++++ sub/subreader.c (revision 36285) +@@ -378,14 +378,14 @@ int h1, m1, s1, ms1, h2, m2, s2, ms2, j = 0; while (!current->text[0]) { @@ -41,20 +15,26 @@ index 23da4c7..0f1b6c9 100644 return NULL; - if (sscanf(line, "%d:%d:%d%[,.:]%d --> %d:%d:%d%[,.:]%d", - &h1, &m1, &s1, &sep, &ms1, &h2, &m2, &s2, &sep, &ms2) < 10) -+ if (sscanf(line, "%d:%d:%d%*1[,.:]%d --> %d:%d:%d%*1[,.:]%d", ++ if (sscanf(line, "%d:%d:%d%*[,.:]%d --> %d:%d:%d%*[,.:]%d", + &h1, &m1, &s1, &ms1, &h2, &m2, &s2, &ms2) < 8) continue; - current->start = a1 * 360000 + a2 * 6000 + a3 * 100 + a4 / 10; -@@ -450,7 +450,7 @@ static subtitle *sub_read_line_subviewer(stream_t *st,subtitle *current, - return sub_ass_read_line_subviewer(st, current, args); + current->start = h1 * 360000 + m1 * 6000 + s1 * 100 + ms1 / 10; +@@ -442,7 +442,7 @@ + #endif while (!current->text[0]) { if (!stream_read_line (st, line, LINE_LEN, utf16)) return NULL; - if ((len=sscanf (line, "%d:%d:%d%[,.:]%d --> %d:%d:%d%[,.:]%d",&a1,&a2,&a3,(char *)&i,&a4,&b1,&b2,&b3,(char *)&i,&b4)) < 10) -+ if ((len=sscanf (line, "%d:%d:%d%*1[,.:]%d --> %d:%d:%d%*1[,.:]%d",&a1,&a2,&a3,&a4,&b1,&b2,&b3,&b4)) < 8) ++ if ((len=sscanf (line, "%d:%d:%d%*[,.:]%d --> %d:%d:%d%*[,.:]%d",&a1,&a2,&a3,&a4,&b1,&b2,&b3,&b4)) < 8) continue; current->start = a1*360000+a2*6000+a3*100+a4/10; current->end = b1*360000+b2*6000+b3*100+b4/10; --- -1.8.1.6 - +@@ -1123,7 +1123,7 @@ + {*uses_time=1;return SUB_MPL2;} + if (sscanf (line, "%d:%d:%d.%d,%d:%d:%d.%d", &i, &i, &i, &i, &i, &i, &i, &i)==8) + {*uses_time=1;return SUB_SUBRIP;} +- if (sscanf (line, "%d:%d:%d%[,.:]%d --> %d:%d:%d%[,.:]%d", &i, &i, &i, (char *)&i, &i, &i, &i, &i, (char *)&i, &i)==10) ++ if (sscanf (line, "%d:%d:%d%*[,.:]%d --> %d:%d:%d%*[,.:]%d", &i, &i, &i, &i, &i, &i, &i, &i)==8) + {*uses_time=1;return SUB_SUBVIEWER;} + if (sscanf (line, "{T %d:%d:%d:%d",&i, &i, &i, &i)==4) + {*uses_time=1;return SUB_SUBVIEWER2;}