Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:kernel-2.6.32
xine-lib
sec-010-notincludedyet.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File sec-010-notincludedyet.diff of Package xine-lib
diff -ur xine-lib-1.1.15-pre/src/demuxers/demux_matroska.c xine-lib-1.1.15-post/src/demuxers/demux_matroska.c --- xine-lib-1.1.15-pre/src/demuxers/demux_matroska.c 2009-01-23 17:30:19.000000000 +0100 +++ xine-lib-1.1.15-post/src/demuxers/demux_matroska.c 2009-01-23 17:25:48.000000000 +0100 @@ -1320,7 +1320,8 @@ _x_bmiheader_le2me(bih); /* add bih extra data */ - memcpy(bih + 1, track->codec_private, track->codec_private_len); + if (track->codec_private_len > 0) + memcpy(bih + 1, track->codec_private, track->codec_private_len); free(track->codec_private); track->codec_private = (uint8_t *)bih; track->codec_private_len = bih->biSize; @@ -1344,7 +1345,8 @@ _x_bmiheader_le2me(bih); /* add bih extra data */ - memcpy(bih + 1, track->codec_private, track->codec_private_len); + if (track->codec_private_len > 0) + memcpy(bih + 1, track->codec_private, track->codec_private_len); free(track->codec_private); track->codec_private = (uint8_t *)bih; track->codec_private_len = bih->biSize; diff -ur xine-lib-1.1.15-pre/src/demuxers/demux_real.c xine-lib-1.1.15-post/src/demuxers/demux_real.c --- xine-lib-1.1.15-pre/src/demuxers/demux_real.c 2009-01-23 17:30:19.000000000 +0100 +++ xine-lib-1.1.15-post/src/demuxers/demux_real.c 2009-01-23 17:25:48.000000000 +0100 @@ -785,7 +783,7 @@ * header giving bits per sample, sample rate and number of channels. * The second is the codec initialisation data found at the end of * the type specific data for the audio stream */ - if(buf->type == BUF_AUDIO_AAC) { + if(buf->type == BUF_AUDIO_AAC && mdpr->type_specific_len >= 79) { const uint16_t version = _X_BE_16(mdpr->type_specific_data + 4); if(version != 5) { @@ -814,8 +812,9 @@ buf->decoder_info_ptr[2] = buf->content; buf->size = 0; - memcpy(buf->content, mdpr->type_specific_data + 79, - buf->decoder_info[2]); + if (mdpr->type_specific_len >= 79 + buf->decoder_info[2]) + memcpy(buf->content, mdpr->type_specific_data + 79, + buf->decoder_info[2]); } else if(buf->type == BUF_AUDIO_MP3ADU) { buf->decoder_flags |= BUF_FLAG_STDHEADER | BUF_FLAG_FRAME_END; diff -ur xine-lib-1.1.15-pre/src/libmusepack/idtag.c xine-lib-1.1.15-post/src/libmusepack/idtag.c --- xine-lib-1.1.15-pre/src/libmusepack/idtag.c 2008-04-17 18:48:58.000000000 +0200 +++ xine-lib-1.1.15-post/src/libmusepack/idtag.c 2009-01-23 17:25:53.000000000 +0100 @@ -53,7 +53,8 @@ return 0; } - r->read(r->data, tmp, sizeof(tmp)); + if (r->read(r->data, tmp, sizeof(tmp)) != sizeof (tmp)) + return 0; // check id3-tag if ( 0 != memcmp ( tmp, "ID3", 3) ) diff -ur xine-lib-1.1.15-pre/src/libmusepack/mpc_decoder.c xine-lib-1.1.15-post/src/libmusepack/mpc_decoder.c --- xine-lib-1.1.15-pre/src/libmusepack/mpc_decoder.c 2008-04-17 18:48:58.000000000 +0200 +++ xine-lib-1.1.15-post/src/libmusepack/mpc_decoder.c 2009-01-23 17:25:53.000000000 +0100 @@ -69,7 +69,8 @@ //------------------------------------------------------------------------------ static mpc_int32_t f_read(mpc_decoder *d, void *ptr, size_t size) { - return d->r->read(d->r->data, ptr, size); + off_t res = d->r->read(d->r->data, ptr, size); + return res > 0 ? res : 0; }; static mpc_bool_t f_seek(mpc_decoder *d, mpc_int32_t offset) diff -ur xine-lib-1.1.15-pre/src/xine-engine/demux.c xine-lib-1.1.15-post/src/xine-engine/demux.c --- xine-lib-1.1.15-pre/src/xine-engine/demux.c 2008-06-15 01:15:00.000000000 +0200 +++ xine-lib-1.1.15-post/src/xine-engine/demux.c 2009-01-23 17:25:53.000000000 +0100 @@ -427,7 +427,7 @@ int read_size; unsigned char *buf; - if (!input || !size || size > MAX_PREVIEW_SIZE) + if (!input || size <= 0 || size > MAX_PREVIEW_SIZE) return 0; if (input->get_capabilities(input) & INPUT_CAP_SEEKABLE) { @@ -437,8 +437,10 @@ } else if (input->get_capabilities(input) & INPUT_CAP_PREVIEW) { buf = malloc(MAX_PREVIEW_SIZE); read_size = input->get_optional_data(input, buf, INPUT_OPTIONAL_DATA_PREVIEW); - read_size = MIN (read_size, size); - memcpy(buffer, buf, read_size); + if (read_size > 0) { + read_size = MIN (read_size, size); + memcpy(buffer, buf, read_size); + } free(buf); } else { return 0; diff -ur xine-lib-1.1.15-pre/src/xine-engine/input_cache.c xine-lib-1.1.15-post/src/xine-engine/input_cache.c --- xine-lib-1.1.15-pre/src/xine-engine/input_cache.c 2008-06-15 01:15:00.000000000 +0200 +++ xine-lib-1.1.15-post/src/xine-engine/input_cache.c 2009-01-23 17:25:53.000000000 +0100 @@ -69,6 +69,9 @@ lprintf("cache_plugin_read: len=%"PRId64"\n", len); this->read_call++; + if (len < 0) + return -1; + /* optimized for common cases */ if (len <= (this->buf_len - this->buf_pos)) { /* all bytes are in the buffer */ @@ -191,8 +194,15 @@ if (buf) { buf->type = BUF_DEMUX_BLOCK; - assert(todo <= buf->max_size); + if (todo > buf->max_size) { + buf->free_buffer (buf); + return NULL; + } read_len = cache_plugin_read (this_gen, buf->content, todo); + if (read_len < 0) { + buf->free_buffer (buf); + return NULL; + } buf->size = read_len; } } else { diff -ur xine-lib-1.1.15-pre/src/xine-engine/input_rip.c xine-lib-1.1.15-post/src/xine-engine/input_rip.c --- xine-lib-1.1.15-pre/src/xine-engine/input_rip.c 2008-06-15 01:15:00.000000000 +0200 +++ xine-lib-1.1.15-post/src/xine-engine/input_rip.c 2009-01-23 17:25:53.000000000 +0100 @@ -141,7 +141,7 @@ } /* really to read/catch */ - if (nread_orig + nwrite) { + if (nread_orig + nwrite > 0) { lprintf(" => read %"PRId64" bytes from input plugin\n", nread_orig + nwrite); /* read from main input plugin */ @@ -239,8 +239,12 @@ nread_orig = this->regular ? 0 : nread; /* create own block by RIP if needed */ - if (npreview + nread_file) { + if (npreview + nread_file > 0) { buf = fifo->buffer_pool_alloc(fifo); + if (npreview + nread_file > buf->size) { + buf->free_buffer (buf); + return NULL; + } buf->content = buf->mem; buf->type = BUF_DEMUX_BLOCK; @@ -263,7 +267,7 @@ } /* really to read/catch */ - if (nread_orig + nwrite) { + if (nread_orig + nwrite > 0) { /* read from main input plugin */ if (buf) { lprintf(" => read %"PRId64" bytes from input plugin (block)\n", nread_orig + nwrite); @@ -636,14 +640,21 @@ blocksize = main_plugin->get_blocksize(main_plugin); buf = main_plugin->read_block(main_plugin, stream->video_fifo, blocksize); - this->preview_size = buf->size; - this->preview = malloc(this->preview_size); - memcpy(this->preview, buf->content, this->preview_size); + if (buf) { + this->preview_size = buf->size; + this->preview = malloc(this->preview_size); + memcpy(this->preview, buf->content, this->preview_size); - buf->free_buffer(buf); + buf->free_buffer(buf); + } } else { this->preview = malloc(MAX_PREVIEW_SIZE); this->preview_size = main_plugin->read(main_plugin, this->preview, MAX_PREVIEW_SIZE); + if (this->preview_size <= 0) { + free (this->preview); + this->preview = NULL; + this->preview_size = 0; + } } } else { this->preview = NULL;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor