head	1.3;
access;
symbols
	pkgsrc-2013Q2:1.3.0.8
	pkgsrc-2013Q2-base:1.3
	pkgsrc-2012Q4:1.3.0.6
	pkgsrc-2012Q4-base:1.3
	pkgsrc-2011Q4:1.3.0.4
	pkgsrc-2011Q4-base:1.3
	pkgsrc-2011Q2:1.3.0.2
	pkgsrc-2011Q2-base:1.3
	pkgsrc-2009Q4:1.2.0.44
	pkgsrc-2009Q4-base:1.2
	pkgsrc-2009Q3:1.2.0.42
	pkgsrc-2009Q3-base:1.2
	pkgsrc-2009Q2:1.2.0.40
	pkgsrc-2009Q2-base:1.2
	pkgsrc-2009Q1:1.2.0.38
	pkgsrc-2009Q1-base:1.2
	pkgsrc-2008Q4:1.2.0.36
	pkgsrc-2008Q4-base:1.2
	pkgsrc-2008Q3:1.2.0.34
	pkgsrc-2008Q3-base:1.2
	cube-native-xorg:1.2.0.32
	cube-native-xorg-base:1.2
	pkgsrc-2008Q2:1.2.0.30
	pkgsrc-2008Q2-base:1.2
	cwrapper:1.2.0.28
	pkgsrc-2008Q1:1.2.0.26
	pkgsrc-2008Q1-base:1.2
	pkgsrc-2007Q4:1.2.0.24
	pkgsrc-2007Q4-base:1.2
	pkgsrc-2007Q3:1.2.0.22
	pkgsrc-2007Q3-base:1.2
	pkgsrc-2007Q2:1.2.0.20
	pkgsrc-2007Q2-base:1.2
	pkgsrc-2007Q1:1.2.0.18
	pkgsrc-2007Q1-base:1.2
	pkgsrc-2006Q4:1.2.0.16
	pkgsrc-2006Q4-base:1.2
	pkgsrc-2006Q3:1.2.0.14
	pkgsrc-2006Q3-base:1.2
	pkgsrc-2006Q2:1.2.0.12
	pkgsrc-2006Q2-base:1.2
	pkgsrc-2006Q1:1.2.0.10
	pkgsrc-2006Q1-base:1.2
	pkgsrc-2005Q4:1.2.0.8
	pkgsrc-2005Q4-base:1.2
	pkgsrc-2005Q3:1.2.0.6
	pkgsrc-2005Q3-base:1.2
	pkgsrc-2005Q2:1.2.0.4
	pkgsrc-2005Q2-base:1.2
	pkgsrc-2005Q1:1.2.0.2
	pkgsrc-2005Q1-base:1.2
	pkgsrc-2004Q4:1.1.0.4
	pkgsrc-2004Q4-base:1.1
	pkgsrc-2004Q3:1.1.0.2
	pkgsrc-2004Q3-base:1.1;
locks; strict;
comment	@# @;


1.3
date	2010.03.14.14.19.19;	author martin;	state dead;
branches;
next	1.2;

1.2
date	2005.01.12.11.52.38;	author drochner;	state Exp;
branches;
next	1.1;

1.1
date	2004.09.07.22.14.09;	author salo;	state Exp;
branches
	1.1.4.1;
next	;

1.1.4.1
date	2005.01.15.07.00.18;	author snj;	state Exp;
branches;
next	;


desc
@@


1.3
log
@Update mpg123 to version 1.10.1.
Thanks to <wiz> for answering lots of stupid questions and general guidance.
@
text
@$NetBSD: patch-ar,v 1.2 2005/01/12 11:52:38 drochner Exp $

--- layer2.c.orig	1999-02-10 13:13:06.000000000 +0100
+++ layer2.c
@@@@ -240,7 +240,7 @@@@ static void II_select_table(struct frame
        { alloc_0, alloc_1, alloc_2, alloc_3 , alloc_4 };
   static int sblims[5] = { 27 , 30 , 8, 12 , 30 };
 
-  if(fr->lsf)
+  if(fr->sampling_frequency >= 3) /* Or equivalent: (fr->lsf == 1) */
     table = 4;
   else
     table = translate[fr->sampling_frequency][2-fr->stereo][fr->bitrate_index];
@@@@ -265,6 +265,12 @@@@ int do_layer2(struct frame *fr,int outmo
   fr->jsbound = (fr->mode == MPG_MD_JOINT_STEREO) ?
      (fr->mode_ext<<2)+4 : fr->II_sblimit;
 
+  if (fr->jsbound > fr->II_sblimit)
+  {
+    fprintf(stderr, "Truncating stereo boundary to sideband limit.\n");
+    fr->jsbound=fr->II_sblimit;
+  }
+
   if(stereo == 1 || single == 3)
     single = 0;
 
@


1.2
log
@another header valdation (CAN-2004-0991)
ride on recent PKGREVISION bump
@
text
@d1 1
a1 1
$NetBSD$
@


1.1
log
@PKGREVISION++

- fix a buffer overflow:

  "A malicious formatted mp3/2 causes mpg123 to fail header checks,
   this may allow arbitrary code to be executed with the privilege
   of the user trying to play the mp3."

- patch from Debian but retain code style.
@
text
@a2 2
CVE: CAN-2004-0805

d4 11
a14 2
+++ layer2.c	2004-09-08 00:00:06.000000000 +0200
@@@@ -265,6 +265,12 @@@@
@


1.1.4.1
log
@Pullup ticket 227 - requested by Matthias Drochner
security fix for mpg123

   Module Name:  pkgsrc
   Committed By: drochner
   Date:         Fri Jan  7 14:52:13 UTC 2005

   Modified Files:
         pkgsrc/audio/mpg123: Makefile distinfo
   Added Files:
         pkgsrc/audio/mpg123/patches: patch-as patch-at

   Log Message:
   Fix a buffer overflow by a malicous playlist (CAN-2004-1284).
   Being here, fix a possible problem which was mentioned in conjunction
   with CAN-2003-0577 - zero bitrate makes mpg123 assume a negative
   frame size.
   bump PKGREVISION
---
   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Wed Jan 12 11:52:38 UTC 2005

   Modified Files:
           pkgsrc/audio/mpg123: distinfo
           pkgsrc/audio/mpg123/patches: patch-ar

   Log Message:
   another header valdation (CAN-2004-0991)
   ride on recent PKGREVISION bump
---
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Wed Jan 12 14:17:44 UTC 2005

   Modified Files:
           pkgsrc/audio/mpg123: Makefile
           pkgsrc/audio/mpg123-esound: Makefile
           pkgsrc/audio/mpg123-nas: Makefile

   Log Message:
   PKGREVISION bump for security fix (previous bump was >4 days ago.
@
text
@d1 3
a3 1
$NetBSD: patch-ar,v 1.2 2005/01/12 11:52:38 drochner Exp $
d6 2
a7 11
+++ layer2.c
@@@@ -240,7 +240,7 @@@@ static void II_select_table(struct frame
        { alloc_0, alloc_1, alloc_2, alloc_3 , alloc_4 };
   static int sblims[5] = { 27 , 30 , 8, 12 , 30 };
 
-  if(fr->lsf)
+  if(fr->sampling_frequency >= 3) /* Or equivalent: (fr->lsf == 1) */
     table = 4;
   else
     table = translate[fr->sampling_frequency][2-fr->stereo][fr->bitrate_index];
@@@@ -265,6 +265,12 @@@@ int do_layer2(struct frame *fr,int outmo
@