[SCM] vlc/master: Drop patches included upstream

mati75-guest at users.alioth.debian.org mati75-guest at users.alioth.debian.org
Fri Feb 27 21:46:07 UTC 2015 

The following commit has been merged in the master branch:
commit 3a520467ddb17f8087c0aebd69131f5d38e3bb5a
Author: Mateusz Łukasik <mati75 at linuxmint.pl>
Date:   Fri Feb 27 22:46:37 2015 +0100

    Drop patches included upstream

diff --git a/debian/changelog b/debian/changelog
index 0b8bb5a..869c129 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,6 +6,9 @@ vlc (2.2.0-1) UNRELEASED; urgency=medium
 
   [ Mateusz Łukasik ]
   * New upstream release.
+  * Drop patches included upstream:
+    - demux-mp4-fix-buffer-overflow-in-parsing-of-string-b.patch
+    - stream_out-rtp-don-t-use-VLA-for-user-controlled-dat.patch
 
  -- Mateusz Łukasik <mati75 at linuxmint.pl>  Fri, 27 Feb 2015 22:41:49 +0100
 
diff --git a/debian/patches/demux-mp4-fix-buffer-overflow-in-parsing-of-string-b.patch b/debian/patches/demux-mp4-fix-buffer-overflow-in-parsing-of-string-b.patch
deleted file mode 100644
index 3ae498d..0000000
--- a/debian/patches/demux-mp4-fix-buffer-overflow-in-parsing-of-string-b.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From: Fabian Yamaguchi <fyamagu at gwdg.de>
-Subject: [PATCH] demux: mp4: fix buffer overflow in parsing of string boxes.
- We ensure that pbox->i_size is never smaller than 8 to avoid an
- integer underflow in the third argument of the subsequent call to
- memcpy. We also make sure no truncation occurs when passing values
- derived from the 64 bit integer p_box->i_size to arguments of malloc
- and memcpy that may be 32 bit integers on 32 bit platforms.
-Origin: upstream, http://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=914462405f8e90d9b2b1184ff047fdfb1f800b48
-Bug-Debian: https://bugs.debian.org/775866
-Last-Update: 2015-01-21
-
-diff --git a/modules/demux/mp4/libmp4.c b/modules/demux/mp4/libmp4.c
-index 19e84d3..3912e7e 100644
---- a/modules/demux/mp4/libmp4.c
-+++ b/modules/demux/mp4/libmp4.c
-@@ -2667,6 +2667,9 @@ static int MP4_ReadBox_name( stream_t *p_stream, MP4_Box_t *p_box )
- {
-     MP4_READBOX_ENTER( MP4_Box_data_name_t );
- 
-+    if( p_box->i_size < 8 || p_box->i_size > SIZE_MAX )
-+        MP4_READBOX_EXIT( 0 );
-+
-     p_box->data.p_name->psz_text = malloc( p_box->i_size + 1 - 8 ); /* +\0, -name, -size */
-     if( p_box->data.p_name->psz_text == NULL )
-         MP4_READBOX_EXIT( 0 );
--- 
-2.1.4
-
diff --git a/debian/patches/series b/debian/patches/series
index 80613b4..57e1e5f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1 @@
 codec-schroedinger-fix-potential-buffer-overflow.patch
-demux-mp4-fix-buffer-overflow-in-parsing-of-string-b.patch
-stream_out-rtp-don-t-use-VLA-for-user-controlled-dat.patch
diff --git a/debian/patches/stream_out-rtp-don-t-use-VLA-for-user-controlled-dat.patch b/debian/patches/stream_out-rtp-don-t-use-VLA-for-user-controlled-dat.patch
deleted file mode 100644
index 9148092..0000000
--- a/debian/patches/stream_out-rtp-don-t-use-VLA-for-user-controlled-dat.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From: Fabian Yamaguchi <fyamagu at gwdg.de>
-Subject: [PATCH] stream_out: rtp: don't use VLA for user controlled data
- It should fix a possible invalid memory access
- .
- When streaming ogg-files via rtp, an ogg-file can trigger an invalid
- write access using an overly long 'configuration' string.
- .
- The original code attemps to allocate space to hold the string on the stack
- and hence, cannot verify if allocation succeeds. Instead, we now allocate the
- buffer on the heap and return if allocation fails.
- .
- In detail, rtp_packetize_xiph_config allocates a buffer on the stack at (1) where
- the size depends on the local variable 'len'. The variable 'len' is
- calculated at (0) to be the length of a string contained in a specially
- crafted Ogg Vorbis file, and therefore, it is attacker-controlled.
-Origin: upstream, http://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=3199c5dd837bc641962e9c1c8d0cd2d7c9b8bb37
-Bug-Debian: https://bugs.debian.org/775866
-Last-Update: 2015-01-21
-
-diff --git a/modules/stream_out/rtpfmt.c b/modules/stream_out/rtpfmt.c
-index baee82a..ff7ea10 100644
---- a/modules/stream_out/rtpfmt.c
-+++ b/modules/stream_out/rtpfmt.c
-@@ -557,7 +557,11 @@ int rtp_packetize_xiph_config( sout_stream_id_sys_t *id, const char *fmtp,
-     char *end = strchr(start, ';');
-     assert(end != NULL);
-     size_t len = end - start;
--    char b64[len + 1];
-+
-+    char *b64 = malloc(len + 1);
-+    if(!b64)
-+        return VLC_EGENERIC;
-+
-     memcpy(b64, start, len);
-     b64[len] = '\0';
- 
-@@ -567,6 +571,7 @@ int rtp_packetize_xiph_config( sout_stream_id_sys_t *id, const char *fmtp,
-     int i_data;
- 
-     i_data = vlc_b64_decode_binary(&p_orig, b64);
-+    free(b64);
-     if (i_data <= 9)
-     {
-         free(p_orig);
--- 
-2.1.4
-

-- 
VLC media player packaging

More information about the pkg-multimedia-commits mailing list