extra/mplayer to 35920-3

This commit is contained in:
Kevin Mihelich 2013-05-15 01:16:27 +00:00
parent 253a40eb58
commit 772196ee74
2 changed files with 72 additions and 4 deletions

View file

@ -10,7 +10,7 @@
pkgbase=mplayer
pkgname=('mplayer' 'mencoder')
pkgver=35920
pkgrel=2
pkgrel=3
arch=('i686' 'x86_64')
makedepends=('libxxf86dga' 'libxxf86vm' 'libmad' 'cdparanoia' 'libxinerama' 'sdl' 'lame' 'libtheora' 'xvidcore' 'libmng' 'libxss' 'libgl' 'smbclient'
'aalib' 'jack' 'libcaca' 'x264' 'faac' 'faad2' 'lirc-utils' 'libxvmc' 'enca' 'libvdpau' 'opencore-amr' 'libdca' 'a52dec' 'schroedinger' 'libvpx'
@ -18,14 +18,22 @@ makedepends=('libxxf86dga' 'libxxf86vm' 'libmad' 'cdparanoia' 'libxinerama' 'sdl
license=('GPL')
url="http://www.mplayerhq.hu/"
options=(!emptydirs)
source=(ftp://mirrors.kernel.org/archlinux/other/$pkgbase/$pkgbase-$pkgver.tar.xz mplayer.desktop cdio-includes.patch)
source=(ftp://mirrors.kernel.org/archlinux/other/$pkgbase/$pkgbase-$pkgver.tar.xz mplayer.desktop cdio-includes.patch subreader-fix-srt-parsing.patch)
md5sums=('5f96e829d711e7d1ea65e324710dca50'
'c0d6ef795cf6de48e3b87ff7c23f0319'
'7b5be7191aafbea64218dc4916343bbc')
'7b5be7191aafbea64218dc4916343bbc'
'7cb6019018a95dcc3d1231e1aaa8bbdb')
prepare() {
cd "$srcdir/$pkgbase"
patch -Np0 -i ../cdio-includes.patch
# http://bugzilla.mplayerhq.hu/show_bug.cgi?id=2139
patch -Np1 -i ../subreader-fix-srt-parsing.patch
}
build() {
cd "$srcdir/$pkgbase"
patch -Np0 -i ../cdio-includes.patch
./configure --prefix=/usr \
--enable-armv5te \

View file

@ -0,0 +1,60 @@
From d98e61ea438db66323734ad1b6bea66411a3c97b Mon Sep 17 00:00:00 2001
From: wm4 <wm4@nowhere>
Date: Tue, 30 Apr 2013 00:09:31 +0200
Subject: [PATCH] subreader: fix out of bound write access when parsing .srt
This broke .srt subtitles on gcc-4.8. The breakage was relatively
subtle: it set all hour components to 0, while everything else was
parsed successfully.
But the problem is really that sscanf wrote 1 byte past the sep
variable (or more, for invalid/specially prepared input). The %[..]
format specifier is unbounded. Fix that by letting sscanf drop the
parsed contents with "*", and also make it skip only one input
character by adding "1" (=> "%*1[...").
The out of bound write could easily lead to security issues.
Also, this change makes .srt subtitle parsing slightly more strict.
Strictly speaking this is an unrelated change, but do it anyway. It's
more correct.
---
sub/subreader.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
(foutrelis: adjusted variable names in first hunk to apply to mplayer)
diff --git a/sub/subreader.c b/sub/subreader.c
index 23da4c7..0f1b6c9 100644
--- a/sub/subreader.c
+++ b/sub/subreader.c
@@ -386,14 +386,14 @@ static subtitle *sub_ass_read_line_subviewer(stream_t *st, subtitle *current,
int h1, m1, s1, ms1, h2, m2, s2, ms2, j = 0;
while (!current->text[0]) {
- char line[LINE_LEN + 1], full_line[LINE_LEN + 1], sep;
+ char line[LINE_LEN + 1], full_line[LINE_LEN + 1];
int i;
/* Parse SubRip header */
if (!stream_read_line(st, line, LINE_LEN, utf16))
return NULL;
- if (sscanf(line, "%d:%d:%d%[,.:]%d --> %d:%d:%d%[,.:]%d",
- &h1, &m1, &s1, &sep, &ms1, &h2, &m2, &s2, &sep, &ms2) < 10)
+ if (sscanf(line, "%d:%d:%d%*1[,.:]%d --> %d:%d:%d%*1[,.:]%d",
+ &h1, &m1, &s1, &ms1, &h2, &m2, &s2, &ms2) < 8)
continue;
current->start = a1 * 360000 + a2 * 6000 + a3 * 100 + a4 / 10;
@@ -450,7 +450,7 @@ static subtitle *sub_read_line_subviewer(stream_t *st,subtitle *current,
return sub_ass_read_line_subviewer(st, current, args);
while (!current->text[0]) {
if (!stream_read_line (st, line, LINE_LEN, utf16)) return NULL;
- if ((len=sscanf (line, "%d:%d:%d%[,.:]%d --> %d:%d:%d%[,.:]%d",&a1,&a2,&a3,(char *)&i,&a4,&b1,&b2,&b3,(char *)&i,&b4)) < 10)
+ if ((len=sscanf (line, "%d:%d:%d%*1[,.:]%d --> %d:%d:%d%*1[,.:]%d",&a1,&a2,&a3,&a4,&b1,&b2,&b3,&b4)) < 8)
continue;
current->start = a1*360000+a2*6000+a3*100+a4/10;
current->end = b1*360000+b2*6000+b3*100+b4/10;
--
1.8.1.6