[prev in list] [next in list] [prev in thread] [next in thread]
List: xine-cvslog
Subject: [xine-cvs] HG: xine-lib: Merge.
From: Matthias Hopf <mat () mshopf ! de>
Date: 2008-08-08 13:42:10
Message-ID: 36a830cc4210cc5a8452.1218202777 () hg ! debian ! org
[Download RAW message or body]
# HG changeset patch
# User Matthias Hopf <mat@mshopf.de>
# Date 1218202777 -7200
# Node ID 36a830cc4210cc5a8452d4a917e48642313be259
# Parent 18b725243ce94e6fac19d6224ba6e9c3027f8f35
# Parent 9d66f1452739f6cd30f7d3f3853899e0fc121238
Merge.
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 .hgignore
--- a/.hgignore Fri Aug 08 15:39:37 2008 +0200
+++ b/.hgignore Fri Aug 01 20:06:33 2008 +0200
@@ -11,6 +11,7 @@ Makefile.in
Makefile.in
ABOUT-NLS
+INSTALL
aclocal.m4
compile
configure
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 ChangeLog
--- a/ChangeLog Fri Aug 08 15:39:37 2008 +0200
+++ b/ChangeLog Fri Aug 01 20:06:33 2008 +0200
@@ -1,8 +1,18 @@ xine-lib (1.1.15) 2008-??-??
xine-lib (1.1.15) 2008-??-??
+ * Security fixes:
+ - Fix crashes with corrupted Ogg files. (CVE-2008-3231)
+ - Fix crashes with fuzzed Windows Media files.
+ - Delay V4L video frame preallocation until we know how large they'll be.
* Use external ffmpeg by default.
- * V4L: Don't segfault if asked for an input that doesn't exist
+ * V4L: Don't segfault if asked for an input that doesn't exist.
* Recognise AMR audio (normally found in 3GP files).
* Recognise Snow video.
+ * Xv deinterlacing didn't take the size of the deinterlaced image into
+ account; on some chipsets, this would cause image corruption, while on
+ others, there would be no problem.
+ * V4L: only try and set the tuner if we're going to use it. Setting the tuner
+ when using baseband video (CVBS, S-Video) breaks the input.
+ * Fix crashes with MP3 files with metadata consisting only of separators.
xine-lib (1.1.14) 2008-06-29
* DVB changes:
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 m4/attributes.m4
--- a/m4/attributes.m4 Fri Aug 08 15:39:37 2008 +0200
+++ b/m4/attributes.m4 Fri Aug 01 20:06:33 2008 +0200
@@ -42,7 +42,7 @@ AC_DEFUN([CC_CHECK_CFLAGS_SILENT], [
CFLAGS="$ac_save_CFLAGS"
])
- AS_IF([test x$]AS_TR_SH([cc_cv_cflags_$1])[ = xyes],
+ AS_IF([eval test x$]AS_TR_SH([cc_cv_cflags_$1])[ = xyes],
[$2], [$3])
])
@@ -52,7 +52,7 @@ AC_DEFUN([CC_CHECK_CFLAGS], [
CC_CHECK_CFLAGS_SILENT([$1]) dnl Don't execute actions here!
)
- AS_IF([test x$]AS_TR_SH([cc_cv_cflags_$1])[ = xyes],
+ AS_IF([eval test x$]AS_TR_SH([cc_cv_cflags_$1])[ = xyes],
[$2], [$3])
])
@@ -67,7 +67,7 @@ AC_DEFUN([CC_CHECK_LDFLAGS], [
LDFLAGS="$ac_save_LDFLAGS"
])
- AS_IF([test x$]AS_TR_SH([cc_cv_ldflags_$1])[ = xyes],
+ AS_IF([eval test x$]AS_TR_SH([cc_cv_ldflags_$1])[ = xyes],
[$2], [$3])
])
@@ -100,7 +100,7 @@ AC_DEFUN([CC_CHECK_ATTRIBUTE], [
CFLAGS="$ac_save_CFLAGS"
])
- AS_IF([test x$]AS_TR_SH([cc_cv_attribute_$1])[ = xyes],
+ AS_IF([eval test x$]AS_TR_SH([cc_cv_attribute_$1])[ = xyes],
[AC_DEFINE(
AS_TR_CPP([SUPPORT_ATTRIBUTE_$1]), 1,
[Define this if the compiler supports __attribute__(( ifelse([$2], , [$1], \
[$2]) ))]
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 src/demuxers/demux_asf.c
--- a/src/demuxers/demux_asf.c Fri Aug 08 15:39:37 2008 +0200
+++ b/src/demuxers/demux_asf.c Fri Aug 01 20:06:33 2008 +0200
@@ -70,6 +70,7 @@
#define ASF_MODE_HTTP_REF 2
#define ASF_MODE_ASF_REF 3
#define ASF_MODE_ENCRYPTED_CONTENT 4
+#define ASF_MODE_NO_CONTENT 5
typedef struct {
int seq;
@@ -442,6 +443,17 @@ static int asf_read_header (demux_asf_t
for (i = 0; i < this->asf_header->stream_count; i++) {
asf_stream_t *asf_stream = this->asf_header->streams[i];
asf_demux_stream_t *demux_stream = &this->streams[i];
+
+ if (!asf_stream) {
+ if (this->mode != ASF_MODE_NO_CONTENT) {
+ xine_log(this->stream->xine, XINE_LOG_MSG,
+ _("demux_asf: warning: A stream appears to be missing.\n"));
+ _x_message(this->stream, XINE_MSG_READ_ERROR,
+ _("Media stream missing?"), NULL);
+ this->mode = ASF_MODE_NO_CONTENT;
+ }
+ return 0;
+ }
if (asf_stream->encrypted_flag) {
if (this->mode != ASF_MODE_ENCRYPTED_CONTENT) {
@@ -1679,6 +1691,7 @@ static int demux_asf_send_chunk (demux_p
return demux_asf_parse_asf_references(this);
case ASF_MODE_ENCRYPTED_CONTENT:
+ case ASF_MODE_NO_CONTENT:
this->status = DEMUX_FINISHED;
return this->status;
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 src/demuxers/demux_ogg.c
--- a/src/demuxers/demux_ogg.c Fri Aug 08 15:39:37 2008 +0200
+++ b/src/demuxers/demux_ogg.c Fri Aug 01 20:06:33 2008 +0200
@@ -1357,7 +1357,7 @@ static void send_header (demux_ogg_t *th
this->ignore_keyframes = 0;
while (!done) {
- if (!read_ogg_packet(this)) {
+ if (!read_ogg_packet(this) || !this->og.header || !this->og.body) {
return;
}
/* now we've got at least one new page */
@@ -1483,6 +1483,12 @@ static int demux_ogg_send_chunk (demux_p
return this->status;
}
+ if (!this->og.header || !this->og.body) {
+ this->status = DEMUX_FINISHED;
+ lprintf ("EOF\n");
+ return this->status;
+ }
+
/* now we've got one new page */
cur_serno = ogg_page_serialno (&this->og);
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 src/demuxers/iff.h
--- a/src/demuxers/iff.h Fri Aug 08 15:39:37 2008 +0200
+++ b/src/demuxers/iff.h Fri Aug 01 20:06:33 2008 +0200
@@ -27,8 +27,8 @@
#define IFFP_IFF_H
#define IFF_OKAY 0L
-#define CLIENT_ERROR 1L
-#define NOFILE 5L
+#define IFF_CLIENT_ERROR 1L
+#define IFF_NOFILE 5L
#define FOURCC_CHUNK BE_FOURCC
#define IFF_16SV_CHUNK FOURCC_CHUNK('1', '6', 'S', 'V')
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 src/input/input_dvb.c
--- a/src/input/input_dvb.c Fri Aug 08 15:39:37 2008 +0200
+++ b/src/input/input_dvb.c Fri Aug 01 20:06:33 2008 +0200
@@ -1664,21 +1664,22 @@ static void load_epg_data(dvb_input_plug
}
/* Prints text to an area, tries to cut the lines in between words. */
-static void render_text_area(osd_renderer_t* renderer, osd_object_t* osd, char* \
text, +static void render_text_area(osd_renderer_t* renderer, osd_object_t* osd, \
const char* text, int x, int y, int row_space,
int max_x, int max_y, int* height, int color_base) {
/* The position of the text to be printed. */
- char* cursor = text;
+ const char* cursor = text;
+ const char *const text_end = text + strlen(text);
/* The line to be printed next. */
char text_line[512];
int text_width, text_height;
size_t old_line_length, line_cursor;
- char* bound, *old_bound;
+ const char* bound, *old_bound;
*height = 0;
- while (cursor < text + strlen(text)) {
+ while (cursor < text_end) {
bound = cursor;
line_cursor = 0;
text_line[0] = '\0';
@@ -1735,7 +1736,7 @@ static void render_text_area(osd_rendere
}
/* OK, it did fit, let's try to fit some more. */
- } while (bound < text + strlen(text));
+ } while (bound < text_end);
if (y + text_height + row_space > max_y) {
break;
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 src/input/input_v4l.c
--- a/src/input/input_v4l.c Fri Aug 08 15:39:37 2008 +0200
+++ b/src/input/input_v4l.c Fri Aug 01 20:06:33 2008 +0200
@@ -549,6 +549,12 @@ static int set_frequency(v4l_input_plugi
fd = this->radio_fd;
if (frequency != 0) {
+ /* FIXME: Don't assume tuner 0 ? */
+ this->tuner = 0;
+ ret = ioctl(fd, VIDIOCSTUNER, &this->tuner);
+ lprintf("(%d) Response on set tuner to %d\n", ret, this->tuner);
+ this->video_tuner.tuner = this->tuner;
+
if (this->video_tuner.flags & VIDEO_TUNER_LOW) {
this->calc_frequency = frequency * 16;
} else {
@@ -683,16 +689,6 @@ static int search_by_channel(v4l_input_p
ret = ioctl(fd, VIDIOCSCHAN, &this->input);
lprintf("(%d) Set channel to %d\n", ret, this->input);
-
- /* FIXME: Don't assume tuner 0 ? */
-
- this->tuner = 0;
-
- ret = ioctl(fd, VIDIOCSTUNER, &this->tuner);
-
- lprintf("(%d) Response on set tuner to %d\n", ret, this->tuner);
-
- this->video_tuner.tuner = this->tuner;
} else {
xprintf(this->stream->xine, XINE_VERBOSITY_LOG,
"input_v4l: Not setting video source. No source given\n");
@@ -891,10 +887,6 @@ static int open_video_capture_device(v4l
_x_stream_info_set(this->stream, XINE_STREAM_INFO_HAS_AUDIO, 1);
_x_stream_info_set(this->stream, XINE_STREAM_INFO_HAS_VIDEO, 1);
-
- /* Pre-allocate some frames for audio and video so it doesn't have to be
- * done during capture */
- allocate_frames(this, 1);
/* Unmute audio off video capture device */
unmute_audio(this);
@@ -1004,7 +996,11 @@ static int open_video_capture_device(v4l
xine_set_param(this->stream, XINE_PARAM_VO_ZOOM_X, 103);
xine_set_param(this->stream, XINE_PARAM_VO_ZOOM_Y, 103);
-
+
+ /* Pre-allocate some frames for audio and video so it doesn't have to be
+ * done during capture */
+ allocate_frames(this, 1);
+
/* If we made it here, everything went ok */
this->audio_only = 0;
if (tuner_found)
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 src/input/libreal/sdpplin.c
--- a/src/input/libreal/sdpplin.c Fri Aug 08 15:39:37 2008 +0200
+++ b/src/input/libreal/sdpplin.c Fri Aug 01 20:06:33 2008 +0200
@@ -60,7 +60,8 @@ static char *b64_decode(const char *in,
k=0;
/*CONSTANTCONDITION*/
- for (j=0; j<strlen(in); j+=4)
+ const size_t in_len = strlen(in);
+ for (j=0; j<in_len; j+=4)
{
char a[4], b[4];
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 src/post/goom/convolve_fx.c
--- a/src/post/goom/convolve_fx.c Fri Aug 08 15:39:37 2008 +0200
+++ b/src/post/goom/convolve_fx.c Fri Aug 01 20:06:33 2008 +0200
@@ -20,7 +20,7 @@ typedef char Motif[CONV_MOTIF_W][CONV_MO
#define NB_THETA 512
-#define MAX 2.0f
+//#define MAX 2.0f
typedef struct _CONV_DATA{
PluginParam light;
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 src/video_out/video_out_xv.c
--- a/src/video_out/video_out_xv.c Fri Aug 08 15:39:37 2008 +0200
+++ b/src/video_out/video_out_xv.c Fri Aug 01 20:06:33 2008 +0200
@@ -524,7 +524,7 @@ static void xv_deinterlace_frame (xv_dri
for( i = 0; i < VO_NUM_RECENT_FRAMES; i++ )
if( this->recent_frames[i] && this->recent_frames[i]->width == frame->width &&
this->recent_frames[i]->height == frame->height )
- recent_bitmaps[i] = this->recent_frames[i]->image->data + \
frame->width*frame->height; + recent_bitmaps[i] = \
this->recent_frames[i]->image->data + \
this->deinterlace_frame.image->width*frame->height; else
recent_bitmaps[i] = NULL;
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 \
src/xine-engine/info_helper.c
--- a/src/xine-engine/info_helper.c Fri Aug 08 15:39:37 2008 +0200
+++ b/src/xine-engine/info_helper.c Fri Aug 01 20:06:33 2008 +0200
@@ -131,7 +131,7 @@ uint32_t _x_stream_info_get_public(xine_
* at the end of the string
*/
static void meta_info_chomp(char *str) {
- size_t i, len;
+ ssize_t i, len;
len = strlen(str);
if (!len)
diff -r 36a830cc4210cc5a8452d4a917e48642313be259 -r \
18b725243ce94e6fac19d6224ba6e9c3027f8f35 INSTALL
--- a/INSTALL Fri Aug 08 15:39:37 2008 +0200
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,234 +0,0 @@
-Installation Instructions
-*************************
-
-Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
-2006 Free Software Foundation, Inc.
-
-This file is free documentation; the Free Software Foundation gives
-unlimited permission to copy, distribute and modify it.
-
-Basic Installation
-==================
-
-Briefly, the shell commands `./configure; make; make install' should
-configure, build, and install this package. The following
-more-detailed instructions are generic; see the `README' file for
-instructions specific to this package.
-
- The `configure' shell script attempts to guess correct values for
-various system-dependent variables used during compilation. It uses
-those values to create a `Makefile' in each directory of the package.
-It may also create one or more `.h' files containing system-dependent
-definitions. Finally, it creates a shell script `config.status' that
-you can run in the future to recreate the current configuration, and a
-file `config.log' containing compiler output (useful mainly for
-debugging `configure').
-
- It can also use an optional file (typically called `config.cache'
-and enabled with `--cache-file=config.cache' or simply `-C') that saves
-the results of its tests to speed up reconfiguring. Caching is
-disabled by default to prevent problems with accidental use of stale
-cache files.
-
- If you need to do unusual things to compile the package, please try
-to figure out how `configure' could check whether to do them, and mail
-diffs or instructions to the address given in the `README' so they can
-be considered for the next release. If you are using the cache, and at
-some point `config.cache' contains results you don't want to keep, you
-may remove or edit it.
-
- The file `configure.ac' (or `configure.in') is used to create
-`configure' by a program called `autoconf'. You need `configure.ac' if
-you want to change it or regenerate `configure' using a newer version
-of `autoconf'.
-
-The simplest way to compile this package is:
-
- 1. `cd' to the directory containing the package's source code and type
- `./configure' to configure the package for your system.
-
- Running `configure' might take a while. While running, it prints
- some messages telling which features it is checking for.
-
- 2. Type `make' to compile the package.
-
- 3. Optionally, type `make check' to run any self-tests that come with
- the package.
-
- 4. Type `make install' to install the programs and any data files and
- documentation.
-
- 5. You can remove the program binaries and object files from the
- source code directory by typing `make clean'. To also remove the
- files that `configure' created (so you can compile the package for
- a different kind of computer), type `make distclean'. There is
- also a `make maintainer-clean' target, but that is intended mainly
- for the package's developers. If you use it, you may have to get
- all sorts of other programs in order to regenerate files that came
- with the distribution.
-
-Compilers and Options
-=====================
-
-Some systems require unusual options for compilation or linking that the
-`configure' script does not know about. Run `./configure --help' for
-details on some of the pertinent environment variables.
-
- You can give `configure' initial values for configuration parameters
-by setting variables in the command line or in the environment. Here
-is an example:
-
- ./configure CC=c99 CFLAGS=-g LIBS=-lposix
-
- *Note Defining Variables::, for more details.
-
-Compiling For Multiple Architectures
-====================================
-
-You can compile the package for more than one kind of computer at the
-same time, by placing the object files for each architecture in their
-own directory. To do this, you can use GNU `make'. `cd' to the
-directory where you want the object files and executables to go and run
-the `configure' script. `configure' automatically checks for the
-source code in the directory that `configure' is in and in `..'.
-
- With a non-GNU `make', it is safer to compile the package for one
-architecture at a time in the source code directory. After you have
-installed the package for one architecture, use `make distclean' before
-reconfiguring for another architecture.
-
-Installation Names
-==================
-
-By default, `make install' installs the package's commands under
-`/usr/local/bin', include files under `/usr/local/include', etc. You
-can specify an installation prefix other than `/usr/local' by giving
-`configure' the option `--prefix=PREFIX'.
-
- You can specify separate installation prefixes for
-architecture-specific files and architecture-independent files. If you
-pass the option `--exec-prefix=PREFIX' to `configure', the package uses
-PREFIX as the prefix for installing programs and libraries.
-Documentation and other data files still use the regular prefix.
-
- In addition, if you use an unusual directory layout you can give
-options like `--bindir=DIR' to specify different values for particular
-kinds of files. Run `configure --help' for a list of the directories
-you can set and what kinds of files go in them.
-
- If the package supports it, you can cause programs to be installed
-with an extra prefix or suffix on their names by giving `configure' the
-option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
-
-Optional Features
-=================
-
-Some packages pay attention to `--enable-FEATURE' options to
-`configure', where FEATURE indicates an optional part of the package.
-They may also pay attention to `--with-PACKAGE' options, where PACKAGE
-is something like `gnu-as' or `x' (for the X Window System). The
-`README' should mention any `--enable-' and `--with-' options that the
-package recognizes.
-
- For packages that use the X Window System, `configure' can usually
-find the X include and library files automatically, but if it doesn't,
-you can use the `configure' options `--x-includes=DIR' and
-`--x-libraries=DIR' to specify their locations.
-
-Specifying the System Type
-==========================
-
-There may be some features `configure' cannot figure out automatically,
-but needs to determine by the type of machine the package will run on.
-Usually, assuming the package is built to be run on the _same_
-architectures, `configure' can figure that out, but if it prints a
-message saying it cannot guess the machine type, give it the
-`--build=TYPE' option. TYPE can either be a short name for the system
-type, such as `sun4', or a canonical name which has the form:
-
- CPU-COMPANY-SYSTEM
-
-where SYSTEM can have one of these forms:
-
- OS KERNEL-OS
-
- See the file `config.sub' for the possible values of each field. If
-`config.sub' isn't included in this package, then this package doesn't
-need to know the machine type.
-
- If you are _building_ compiler tools for cross-compiling, you should
-use the option `--target=TYPE' to select the type of system they will
-produce code for.
-
- If you want to _use_ a cross compiler, that generates code for a
-platform different from the build platform, you should specify the
-"host" platform (i.e., that on which the generated programs will
-eventually be run) with `--host=TYPE'.
-
-Sharing Defaults
-================
-
-If you want to set default values for `configure' scripts to share, you
-can create a site shell script called `config.site' that gives default
-values for variables like `CC', `cache_file', and `prefix'.
-`configure' looks for `PREFIX/share/config.site' if it exists, then
-`PREFIX/etc/config.site' if it exists. Or, you can set the
-`CONFIG_SITE' environment variable to the location of the site script.
-A warning: not all `configure' scripts look for a site script.
-
-Defining Variables
-==================
-
-Variables not defined in a site shell script can be set in the
-environment passed to `configure'. However, some packages may run
-configure again during the build, and the customized values of these
-variables may be lost. In order to avoid this problem, you should set
-them in the `configure' command line, using `VAR=value'. For example:
-
- ./configure CC=/usr/local2/bin/gcc
-
-causes the specified `gcc' to be used as the C compiler (unless it is
-overridden in the site shell script).
-
-Unfortunately, this technique does not work for `CONFIG_SHELL' due to
-an Autoconf bug. Until the bug is fixed you can use this workaround:
-
- CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash
-
-`configure' Invocation
-======================
-
-`configure' recognizes the following options to control how it operates.
-
-`--help'
-`-h'
- Print a summary of the options to `configure', and exit.
-
-`--version'
-`-V'
- Print the version of Autoconf used to generate the `configure'
- script, and exit.
-
-`--cache-file=FILE'
- Enable the cache: use and save the results of the tests in FILE,
- traditionally `config.cache'. FILE defaults to `/dev/null' to
- disable caching.
-
-`--config-cache'
-`-C'
- Alias for `--cache-file=config.cache'.
-
-`--quiet'
-`--silent'
-`-q'
- Do not print messages saying which checks are being made. To
- suppress all normal output, redirect it to `/dev/null' (any error
- messages will still be shown).
-
-`--srcdir=DIR'
- Look for the package's source code in directory DIR. Usually
- `configure' can determine that directory automatically.
-
-`configure' also accepts some other, not widely useful, options. Run
-`configure --help' for more details.
-
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Xine-cvslog mailing list
Xine-cvslog@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xine-cvslog
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic