r791 - in /etch/vlc/debian: ./ patches/
sho at users.alioth.debian.org
sho at users.alioth.debian.org
Thu Jun 21 12:27:50 UTC 2007
Author: sho
Date: Thu Jun 21 12:27:49 2007
New Revision: 791
URL: http://svn.debian.org/wsvn/pkg-multimedia/?sc=1&rev=791
Log:
vlc (0.8.6-svn20061012.debian-5etch1) stable-security; urgency=high
* patch-formatstring-0.8.6debian-0.8.6c.diff:
+ Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726).
* patch-overflows-0.8.6debian-0.8.6c.diff:
+ Fix integer and buffer overflows.
* patch-memleak-0.8.6debian-0.8.6c.diff:
* patch-missingchecks-0.8.6debian-0.8.6c.diff:
* patch-uninitialised-0.8.6debian-0.8.6c.diff:
+ Fix memory leaks, missing checks and uninitialised variables that can
lead to denials of service.
Added:
etch/vlc/debian/patches/patch-formatstring-0.8.6debian-0.8.6c.diff
etch/vlc/debian/patches/patch-memleak-0.8.6debian-0.8.6c.diff
etch/vlc/debian/patches/patch-missingchecks-0.8.6debian-0.8.6c.diff
etch/vlc/debian/patches/patch-overflows-0.8.6debian-0.8.6c.diff
etch/vlc/debian/patches/patch-uninitialised-0.8.6debian-0.8.6c.diff
Modified:
etch/vlc/debian/changelog
etch/vlc/debian/patches/series
Modified: etch/vlc/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-multimedia/etch/vlc/debian/changelog?rev=791&op=diff
==============================================================================
--- etch/vlc/debian/changelog (original)
+++ etch/vlc/debian/changelog Thu Jun 21 12:27:49 2007
@@ -1,3 +1,17 @@
+vlc (0.8.6-svn20061012.debian-5etch1) stable-security; urgency=high
+
+ * patch-formatstring-0.8.6debian-0.8.6c.diff:
+ + Fix format string vulnerabilities (VideoLAN-SA-0702) (Closes: #429726).
+ * patch-overflows-0.8.6debian-0.8.6c.diff:
+ + Fix integer and buffer overflows.
+ * patch-memleak-0.8.6debian-0.8.6c.diff:
+ * patch-missingchecks-0.8.6debian-0.8.6c.diff:
+ * patch-uninitialised-0.8.6debian-0.8.6c.diff:
+ + Fix memory leaks, missing checks and uninitialised variables that can
+ lead to denials of service.
+
+ -- Sam Hocevar (Debian packages) <sam+deb at zoy.org> Wed, 20 Jun 2007 20:53:40 +0200
+
vlc (0.8.6-svn20061012.debian-5) testing-proposed-updates; urgency=high
* debian/control:
Added: etch/vlc/debian/patches/patch-formatstring-0.8.6debian-0.8.6c.diff
URL: http://svn.debian.org/wsvn/pkg-multimedia/etch/vlc/debian/patches/patch-formatstring-0.8.6debian-0.8.6c.diff?rev=791&op=file
==============================================================================
--- etch/vlc/debian/patches/patch-formatstring-0.8.6debian-0.8.6c.diff (added)
+++ etch/vlc/debian/patches/patch-formatstring-0.8.6debian-0.8.6c.diff Thu Jun 21 12:27:49 2007
@@ -1,0 +1,67 @@
+diff -puriN vlc-0.8.6b/modules/access/cdda.c vlc-0.8.6c/modules/access/cdda.c
+--- vlc-0.8.6b/modules/access/cdda.c 2007-04-17 23:45:05 +0200
++++ vlc-0.8.6c/modules/access/cdda.c 2007-06-16 16:25:11 +0200
+@@ -630,18 +630,17 @@ static int GetTracks( access_t *p_access
+ {
+ vlc_input_item_AddInfo( &p_item->input,
+ _(VLC_META_INFO_CAT),
+- _(VLC_META_TITLE),
++ _(VLC_META_TITLE), "%s",
+ cddb_track_get_title( t ) );
+ if( p_item->input.psz_name )
+ free( p_item->input.psz_name );
+- asprintf( &p_item->input.psz_name, "%s",
+- cddb_track_get_title( t ) );
++ p_item->input.psz_name = strdup( cddb_track_get_title( t ) );
+ }
+ psz_result = cddb_track_get_artist( t );
+ if( psz_result )
+ {
+ vlc_input_item_AddInfo( &p_item->input,
+- _(VLC_META_INFO_CAT),
++ _(VLC_META_INFO_CAT), "%s",
+ _(VLC_META_ARTIST), psz_result );
+ }
+ }
+diff -puriN vlc-0.8.6b/modules/codec/theora.c vlc-0.8.6c/modules/codec/theora.c
+--- vlc-0.8.6b/modules/codec/theora.c 2007-04-17 23:45:11 +0200
++++ vlc-0.8.6c/modules/codec/theora.c 2007-06-16 16:25:12 +0200
+@@ -510,7 +510,7 @@ static void ParseTheoraComments( decoder
+ *psz_value = '\0';
+ psz_value++;
+ input_Control( p_input, INPUT_ADD_INFO, _("Theora comment"),
+- psz_name, psz_value );
++ psz_name, "%s", psz_value );
+ }
+ free( psz_comment );
+ i++;
+diff -puriN vlc-0.8.6b/modules/codec/vorbis.c vlc-0.8.6c/modules/codec/vorbis.c
+--- vlc-0.8.6b/modules/codec/vorbis.c 2007-04-17 23:45:11 +0200
++++ vlc-0.8.6c/modules/codec/vorbis.c 2007-06-16 16:25:12 +0200
+@@ -623,7 +623,7 @@ static void ParseVorbisComments( decoder
+ *psz_value = '\0';
+ psz_value++;
+ input_Control( p_input, INPUT_ADD_INFO, _("Vorbis comment"),
+- psz_name, psz_value );
++ psz_name, "%s", psz_value );
+ if( strcasestr( psz_name, "artist" ) )
+ {
+ vlc_input_item_AddInfo( p_input->input.p_item,
+diff -puriN vlc-0.8.6b/modules/services_discovery/sap.c vlc-0.8.6c/modules/services_discovery/sap.c
+--- vlc-0.8.6b/modules/services_discovery/sap.c 2007-04-17 23:45:09 +0200
++++ vlc-0.8.6c/modules/services_discovery/sap.c 2007-06-16 16:25:12 +0200
+@@ -840,12 +840,12 @@ sap_announce_t *CreateAnnounce( services
+ if( psz_value != NULL )
+ {
+ vlc_input_item_AddInfo( &p_item->input, _("Session"),
+- _("Tool"), psz_value );
++ _("Tool"), "%s", psz_value );
+ }
+ if( strcmp( p_sdp->psz_username, "-" ) )
+ {
+ vlc_input_item_AddInfo( &p_item->input, _("Session"),
+- _("User"), p_sdp->psz_username );
++ _("User"), "%s", p_sdp->psz_username );
+ }
+
+ psz_value = GetAttribute( p_sap->p_sdp, "x-plgroup" );
Added: etch/vlc/debian/patches/patch-memleak-0.8.6debian-0.8.6c.diff
URL: http://svn.debian.org/wsvn/pkg-multimedia/etch/vlc/debian/patches/patch-memleak-0.8.6debian-0.8.6c.diff?rev=791&op=file
==============================================================================
--- etch/vlc/debian/patches/patch-memleak-0.8.6debian-0.8.6c.diff (added)
+++ etch/vlc/debian/patches/patch-memleak-0.8.6debian-0.8.6c.diff Thu Jun 21 12:27:49 2007
@@ -1,0 +1,22 @@
+diff -puriN vlc-0.8.6b/modules/misc/svg.c vlc-0.8.6c/modules/misc/svg.c
+--- vlc-0.8.6b/modules/misc/svg.c 2007-04-17 23:45:04 +0200
++++ vlc-0.8.6c/modules/misc/svg.c 2007-06-16 16:25:11 +0200
+@@ -137,6 +137,7 @@ static int Create( vlc_object_t *p_this
+ if( !p_sys->psz_template )
+ {
+ msg_Err( p_filter, "out of memory" );
++ free( p_sys );
+ return VLC_ENOMEM;
+ }
+
+diff -puriN vlc-0.8.6b/src/control/core.c vlc-0.8.6c/src/control/core.c
+--- vlc-0.8.6b/src/control/core.c 2007-04-17 23:44:52 +0200
++++ vlc-0.8.6c/src/control/core.c 2007-06-16 16:25:04 +0200
+@@ -118,6 +118,7 @@ void libvlc_destroy( libvlc_instance_t *
+ vlc_object_release( p_instance->p_vlc );
+ VLC_CleanUp( p_instance->i_vlc_id );
+ VLC_Destroy( p_instance->i_vlc_id );
++ free( p_instance );
+ }
+
+ int libvlc_get_vlc_id( libvlc_instance_t *p_instance )
Added: etch/vlc/debian/patches/patch-missingchecks-0.8.6debian-0.8.6c.diff
URL: http://svn.debian.org/wsvn/pkg-multimedia/etch/vlc/debian/patches/patch-missingchecks-0.8.6debian-0.8.6c.diff?rev=791&op=file
==============================================================================
--- etch/vlc/debian/patches/patch-missingchecks-0.8.6debian-0.8.6c.diff (added)
+++ etch/vlc/debian/patches/patch-missingchecks-0.8.6debian-0.8.6c.diff Thu Jun 21 12:27:49 2007
@@ -1,0 +1,253 @@
+diff -puriN vlc-0.8.6b/modules/codec/flac.c vlc-0.8.6c/modules/codec/flac.c
+--- vlc-0.8.6b/modules/codec/flac.c 2007-04-17 23:45:11 +0200
++++ vlc-0.8.6c/modules/codec/flac.c 2007-06-16 16:25:12 +0200
+@@ -1187,7 +1223,12 @@ static int OpenEncoder( vlc_object_t *p_
+ p_sys->i_samples_delay = 0;
+
+ /* Create flac encoder */
+- p_sys->p_flac = FLAC__stream_encoder_new();
++ if( !(p_sys->p_flac = FLAC__stream_encoder_new()) )
++ {
++ msg_Err( p_enc, "FLAC__stream_encoder_new() failed" );
++ free( p_sys );
++ return VLC_EGENERIC;
++ }
+
+ FLAC__stream_encoder_set_streamable_subset( p_sys->p_flac, 1 );
+ FLAC__stream_encoder_set_channels( p_sys->p_flac,
+diff -puriN vlc-0.8.6b/modules/demux/wav.c vlc-0.8.6c/modules/demux/wav.c
+--- vlc-0.8.6b/modules/demux/wav.c 2007-04-17 23:45:02 +0200
++++ vlc-0.8.6c/modules/demux/wav.c 2007-06-16 16:25:08 +0200
+@@ -106,8 +106,8 @@ static int Open( vlc_object_t * p_this )
+ unsigned int i_size, i_extended;
+ char *psz_name;
+
+- WAVEFORMATEXTENSIBLE *p_wf_ext;
+- WAVEFORMATEX *p_wf;
++ WAVEFORMATEXTENSIBLE *p_wf_ext = NULL;
++ WAVEFORMATEX *p_wf = NULL;
+
+ /* Is it a wav file ? */
+ if( stream_Peek( p_demux->s, &p_peek, 12 ) < 12 ) return VLC_EGENERIC;
+@@ -120,6 +120,9 @@ static int Open( vlc_object_t * p_this )
+ p_demux->pf_demux = Demux;
+ p_demux->pf_control = Control;
+ p_demux->p_sys = p_sys = malloc( sizeof( demux_sys_t ) );
++ if( p_sys == NULL )
++ return VLC_ENOMEM;
++
+ p_sys->p_es = NULL;
+ p_sys->b_chan_reorder = 0;
+ p_sys->i_channel_mask = 0;
+@@ -142,6 +145,9 @@ static int Open( vlc_object_t * p_this )
+
+ /* load waveformatex */
+ p_wf_ext = malloc( __EVEN( i_size ) + 2 );
++ if( p_wf_ext == NULL )
++ goto error;
++
+ p_wf = (WAVEFORMATEX *)p_wf_ext;
+ p_wf->cbSize = 0;
+ if( stream_Read( p_demux->s,
+@@ -224,6 +230,7 @@ static int Open( vlc_object_t * p_this )
+ p_sys->fmt.audio.i_bitspersample, p_sys->fmt.i_extra );
+
+ free( p_wf );
++ p_wf = NULL;
+
+ switch( p_sys->fmt.i_codec )
+ {
+@@ -284,6 +291,7 @@ static int Open( vlc_object_t * p_this )
+ return VLC_SUCCESS;
+
+ error:
++ free( p_wf );
+ relay:
+ free( p_sys );
+ return VLC_EGENERIC;
+diff -puriN vlc-0.8.6b/modules/misc/freetype.c vlc-0.8.6c/modules/misc/freetype.c
+--- vlc-0.8.6b/modules/misc/freetype.c 2007-04-17 23:45:04 +0200
++++ vlc-0.8.6c/modules/misc/freetype.c 2007-06-16 16:25:11 +0200
+@@ -252,6 +252,11 @@ static int Create( vlc_object_t *p_this
+ {
+ if( psz_fontfile ) free( psz_fontfile );
+ psz_fontfile = (char *)malloc( PATH_MAX + 1 );
++ if( !psz_fontfile )
++ {
++ msg_Err( p_filter, "out of memory" );
++ goto error;
++ }
+ #ifdef WIN32
+ GetWindowsDirectory( psz_fontfile, PATH_MAX + 1 );
+ strcat( psz_fontfile, "\\fonts\\arial.ttf" );
+@@ -782,6 +787,11 @@ static int RenderText( filter_t *p_filte
+ int start_pos, pos = 0;
+
+ p_fribidi_string = malloc( (i_string_length + 1) * sizeof(uint32_t) );
++ if( !p_fribidi_string )
++ {
++ msg_Err( p_filter, "out of memory" );
++ goto error;
++ }
+
+ /* Do bidi conversion line-by-line */
+ while(pos < i_string_length)
+diff -puriN vlc-0.8.6b/src/audio_output/dec.c vlc-0.8.6c/src/audio_output/dec.c
+--- vlc-0.8.6b/src/audio_output/dec.c 2007-04-17 23:44:53 +0200
++++ vlc-0.8.6c/src/audio_output/dec.c 2007-06-16 16:25:04 +0200
+@@ -51,6 +51,21 @@ static aout_input_t * DecNew( vlc_object
+ input_thread_t * p_input_thread;
+ vlc_value_t val;
+
++ /* Sanitize audio format */
++ if( p_format->i_channels > 32 )
++ {
++ msg_Err( p_aout, "too many audio channels (%u)",
++ p_format->i_channels );
++ goto error;
++ }
++
++ if( p_format->i_rate > 192000 )
++ {
++ msg_Err( p_aout, "excessive audio sample frequency (%u)",
++ p_format->i_rate );
++ goto error;
++ }
++
+ /* We can only be called by the decoder, so no need to lock
+ * p_input->lock. */
+ vlc_mutex_lock( &p_aout->mixer_lock );
+@@ -58,14 +73,14 @@ static aout_input_t * DecNew( vlc_object
+ if ( p_aout->i_nb_inputs >= AOUT_MAX_INPUTS )
+ {
+ msg_Err( p_aout, "too many inputs already (%d)", p_aout->i_nb_inputs );
+- return NULL;
++ goto error;
+ }
+
+ p_input = malloc(sizeof(aout_input_t));
+ if ( p_input == NULL )
+ {
+ msg_Err( p_aout, "out of memory" );
+- return NULL;
++ goto error;
+ }
+
+ vlc_mutex_init( p_aout, &p_input->lock );
+@@ -116,14 +131,12 @@ static aout_input_t * DecNew( vlc_object
+ if ( aout_MixerNew( p_aout ) == -1 )
+ {
+ aout_OutputDelete( p_aout );
+- vlc_mutex_unlock( &p_aout->mixer_lock );
+- return NULL;
++ goto error;
+ }
+
+ aout_InputNew( p_aout, p_input );
+
+ vlc_mutex_unlock( &p_aout->mixer_lock );
+-
+ var_Create( p_this, "audio-desync", VLC_VAR_INTEGER | VLC_VAR_DOINHERIT );
+ var_Get( p_this, "audio-desync", &val );
+ p_input->i_desync = val.i_int * 1000;
+@@ -145,6 +158,10 @@ static aout_input_t * DecNew( vlc_object
+ }
+
+ return p_input;
++
++error:
++ vlc_mutex_unlock( &p_aout->mixer_lock );
++ return NULL;
+ }
+
+ aout_input_t * __aout_DecNew( vlc_object_t * p_this,
+diff -puriN vlc-0.8.6b/src/misc/strings.c vlc-0.8.6c/src/misc/strings.c
+--- vlc-0.8.6b/src/misc/strings.c 2007-04-17 23:44:55 +0200
++++ vlc-0.8.6c/src/misc/strings.c 2007-06-16 16:25:04 +0200
+@@ -54,6 +54,8 @@ char *unescape_URI_duplicate( const char
+ void unescape_URI( char *psz )
+ {
+ unsigned char *in = (unsigned char *)psz, *out = in, c;
++ if( psz == NULL )
++ return;
+
+ while( ( c = *in++ ) != '\0' )
+ {
+@@ -135,6 +137,8 @@ char *decode_URI_duplicate( const char *
+ void decode_URI( char *psz )
+ {
+ unsigned char *in = (unsigned char *)psz, *out = in, c;
++ if( psz == NULL )
++ return;
+
+ while( ( c = *in++ ) != '\0' )
+ {
+diff -puriN vlc-0.8.6b/src/osd/osd.c vlc-0.8.6c/src/osd/osd.c
+--- vlc-0.8.6b/src/osd/osd.c 2007-04-17 23:44:53 +0200
++++ vlc-0.8.6c/src/osd/osd.c 2007-06-16 16:25:04 +0200
+@@ -88,10 +89,13 @@ osd_menu_t *__osd_MenuCreate( vlc_object
+ p_osd->i_width = p_osd->p_state->p_visible->p_current_state->p_pic->p[Y_PLANE].i_visible_pitch;
+ p_osd->i_height = p_osd->p_state->p_visible->p_current_state->p_pic->p[Y_PLANE].i_visible_lines;
+
++ if( p_osd->p_state->p_volume )
++ {
+ /* Update the volume state images to match the current volume */
+ i_volume = config_GetInt( p_this, "volume" );
+ i_steps = osd_VolumeStep( p_this, i_volume, p_osd->p_state->p_volume->i_ranges );
+ p_osd->p_state->p_volume->p_current_state = osd_VolumeStateChange( p_osd->p_state->p_volume->p_states, i_steps );
++ }
+
+ /* Initialize OSD state */
+ osd_UpdateState( p_osd->p_state, p_osd->i_x, p_osd->i_y,
+@@ -586,6 +596,8 @@ void __osd_Volume( vlc_object_t *p_this
+ return;
+ }
+
++ if( p_osd->p_state && p_osd->p_state->p_volume )
++ {
+ var_Get( p_this->p_libvlc, "osd_mutex", &lockval );
+ vlc_mutex_lock( lockval.p_address );
+
+@@ -606,4 +616,5 @@ void __osd_Volume( vlc_object_t *p_this
+ }
+ vlc_object_release( (vlc_object_t*) p_osd );
+ vlc_mutex_unlock( lockval.p_address );
++ }
+ }
+diff -puriN vlc-0.8.6b/src/osd/osd_parser.c vlc-0.8.6c/src/osd/osd_parser.c
+--- vlc-0.8.6b/src/osd/osd_parser.c 2007-04-17 23:44:53 +0200
++++ vlc-0.8.6c/src/osd/osd_parser.c 2007-06-16 16:25:04 +0200
+@@ -91,8 +88,12 @@ static osd_menu_t *osd_MenuNew( osd_menu
+
+ p_menu->p_state = (osd_menu_state_t *) malloc( sizeof( osd_menu_state_t ) );
+ if( !p_menu->p_state )
++ {
+ msg_Err( p_menu, "Memory allocation for OSD Menu state failed" );
++ return NULL;
++ }
+
++ memset(p_menu->p_state, 0, sizeof(osd_menu_state_t));
+ if( psz_path != NULL )
+ p_menu->psz_path = strdup( psz_path );
+ else
+diff -puriN vlc-0.8.6b/src/video_output/vout_subpictures.c vlc-0.8.6c/src/video_output/vout_subpictures.c
+--- vlc-0.8.6b/src/video_output/vout_subpictures.c 2007-04-17 23:44:53 +0200
++++ vlc-0.8.6c/src/video_output/vout_subpictures.c 2007-06-16 16:25:04 +0200
+@@ -251,6 +251,8 @@ subpicture_region_t *__spu_CreateRegion(
+ video_format_t *p_fmt )
+ {
+ subpicture_region_t *p_region = malloc( sizeof(subpicture_region_t) );
++ if( !p_region ) return NULL;
++
+ memset( p_region, 0, sizeof(subpicture_region_t) );
+ p_region->p_next = 0;
+ p_region->p_cache = 0;
+@@ -273,7 +275,7 @@ subpicture_region_t *__spu_CreateRegion(
+ if( !p_region->picture.i_planes )
+ {
+ free( p_region );
+- free( p_fmt->p_palette );
++ if( p_fmt->p_palette ) free( p_fmt->p_palette );
+ return NULL;
+ }
+
Added: etch/vlc/debian/patches/patch-overflows-0.8.6debian-0.8.6c.diff
URL: http://svn.debian.org/wsvn/pkg-multimedia/etch/vlc/debian/patches/patch-overflows-0.8.6debian-0.8.6c.diff?rev=791&op=file
==============================================================================
--- etch/vlc/debian/patches/patch-overflows-0.8.6debian-0.8.6c.diff (added)
+++ etch/vlc/debian/patches/patch-overflows-0.8.6debian-0.8.6c.diff Thu Jun 21 12:27:49 2007
@@ -1,0 +1,65 @@
+diff -puriN vlc-0.8.6b/include/vlc_es.h vlc-0.8.6c/include/vlc_es.h
+--- vlc-0.8.6b/include/vlc_es.h 2007-04-17 23:45:30 +0200
++++ vlc-0.8.6c/include/vlc_es.h 2007-06-16 16:25:18 +0200
+@@ -69,9 +69,9 @@ struct audio_format_t
+ */
+
+ /* FIXME ? (used by the codecs) */
+- int i_channels;
+- int i_blockalign;
+- int i_bitspersample;
++ unsigned i_channels;
++ unsigned i_blockalign;
++ unsigned i_bitspersample;
+ };
+
+ #ifdef WORDS_BIGENDIAN
+diff -puriN vlc-0.8.6b/modules/codec/ffmpeg/video.c vlc-0.8.6c/modules/codec/ffmpeg/video.c
+--- vlc-0.8.6b/modules/codec/ffmpeg/video.c 2007-04-17 23:45:10 +0200
++++ vlc-0.8.6c/modules/codec/ffmpeg/video.c 2007-06-16 16:25:12 +0200
+@@ -193,7 +193,7 @@ static inline picture_t *ffmpeg_NewPictB
+ p_dec->fmt_out.video.i_frame_rate =
+ p_dec->fmt_in.video.i_frame_rate;
+ p_dec->fmt_out.video.i_frame_rate_base =
+- p_dec->fmt_out.video.i_frame_rate_base;
++ p_dec->fmt_in.video.i_frame_rate_base;
+ }
+ else
+ #if LIBAVCODEC_BUILD >= 4754
+diff -puriN vlc-0.8.6b/modules/demux/aiff.c vlc-0.8.6c/modules/demux/aiff.c
+--- vlc-0.8.6b/modules/demux/aiff.c 2007-04-17 23:45:02 +0200
++++ vlc-0.8.6c/modules/demux/aiff.c 2007-06-16 16:25:08 +0200
+@@ -173,6 +173,8 @@ static int Open( vlc_object_t *p_this )
+
+ /* Skip this chunk */
+ i_size += 8;
++ if( (i_size % 2) != 0 )
++ i_size++;
+ if( stream_Read( p_demux->s, NULL, i_size ) != (int)i_size )
+ {
+ msg_Warn( p_demux, "incomplete file" );
+diff -puriN vlc-0.8.6b/modules/demux/avi/libavi.c vlc-0.8.6c/modules/demux/avi/libavi.c
+--- vlc-0.8.6b/modules/demux/avi/libavi.c 2007-04-17 23:44:59 +0200
++++ vlc-0.8.6c/modules/demux/avi/libavi.c 2007-06-16 16:25:07 +0200
+@@ -176,7 +176,7 @@ static int AVI_ChunkRead_list( stream_t
+ break;
+ }
+ if( p_chk->common.p_father->common.i_chunk_size > 0 &&
+- ( stream_Tell( s ) >=
++ ( stream_Tell( s ) >
+ (off_t)p_chk->common.p_father->common.i_chunk_pos +
+ (off_t)__EVEN( p_chk->common.p_father->common.i_chunk_size ) ) )
+ {
+diff -puriN vlc-0.8.6b/modules/video_filter/rss.c vlc-0.8.6c/modules/video_filter/rss.c
+--- vlc-0.8.6b/modules/video_filter/rss.c 2007-04-17 23:45:09 +0200
++++ vlc-0.8.6c/modules/video_filter/rss.c 2007-06-16 16:25:12 +0200
+@@ -229,7 +229,8 @@ static int CreateFilter( vlc_object_t *p
+ p_sys->i_length = var_CreateGetInteger( p_filter, "rss-length" );
+ p_sys->i_ttl = __MAX( 0, var_CreateGetInteger( p_filter, "rss-ttl" ) );
+ p_sys->b_images = var_CreateGetBool( p_filter, "rss-images" );
+- p_sys->psz_marquee = (char *)malloc( p_sys->i_length );
++ p_sys->psz_marquee = (char *)malloc( p_sys->i_length + 1 );
++ p_sys->psz_marquee[p_sys->i_length] = '\0';
+
+ p_sys->p_style = malloc( sizeof( text_style_t ));
+ memcpy( p_sys->p_style, &default_text_style, sizeof( text_style_t ));
Added: etch/vlc/debian/patches/patch-uninitialised-0.8.6debian-0.8.6c.diff
URL: http://svn.debian.org/wsvn/pkg-multimedia/etch/vlc/debian/patches/patch-uninitialised-0.8.6debian-0.8.6c.diff?rev=791&op=file
==============================================================================
--- etch/vlc/debian/patches/patch-uninitialised-0.8.6debian-0.8.6c.diff (added)
+++ etch/vlc/debian/patches/patch-uninitialised-0.8.6debian-0.8.6c.diff Thu Jun 21 12:27:49 2007
@@ -1,0 +1,12 @@
+diff -puriN vlc-0.8.6b/src/audio_output/input.c vlc-0.8.6c/src/audio_output/input.c
+--- vlc-0.8.6b/src/audio_output/input.c 2007-04-17 23:44:53 +0200
++++ vlc-0.8.6c/src/audio_output/input.c 2007-06-16 16:25:04 +0200
+@@ -56,7 +56,7 @@ int aout_InputNew( aout_instance_t * p_a
+
+ aout_FormatPrint( p_aout, "input", &p_input->input );
+
+- p_input->i_nb_filters = 0;
++ p_input->i_nb_resamplers = p_input->i_nb_filters = 0;
+
+ /* Prepare FIFO. */
+ aout_FifoInit( p_aout, &p_input->fifo, p_aout->mixer.mixer.i_rate );
Modified: etch/vlc/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-multimedia/etch/vlc/debian/patches/series?rev=791&op=diff
==============================================================================
--- etch/vlc/debian/patches/series (original)
+++ etch/vlc/debian/patches/series Thu Jun 21 12:27:49 2007
@@ -20,3 +20,8 @@
patch-playlist-crash-0.8.6debian-0.8.6a.diff
patch-sanity-checks-0.8.6debian-0.8.6a.diff
MOAB-02-01-2007-CVE-2007-0017.patch
+patch-formatstring-0.8.6debian-0.8.6c.diff
+patch-memleak-0.8.6debian-0.8.6c.diff
+patch-missingchecks-0.8.6debian-0.8.6c.diff
+patch-overflows-0.8.6debian-0.8.6c.diff
+patch-uninitialised-0.8.6debian-0.8.6c.diff
More information about the pkg-multimedia-commits
mailing list