head 1.4; access; symbols pkgsrc-2026Q1:1.4.0.152 pkgsrc-2026Q1-base:1.4 pkgsrc-2025Q4:1.4.0.150 pkgsrc-2025Q4-base:1.4 pkgsrc-2025Q3:1.4.0.148 pkgsrc-2025Q3-base:1.4 pkgsrc-2025Q2:1.4.0.146 pkgsrc-2025Q2-base:1.4 pkgsrc-2025Q1:1.4.0.144 pkgsrc-2025Q1-base:1.4 pkgsrc-2024Q4:1.4.0.142 pkgsrc-2024Q4-base:1.4 pkgsrc-2024Q3:1.4.0.140 pkgsrc-2024Q3-base:1.4 pkgsrc-2024Q2:1.4.0.138 pkgsrc-2024Q2-base:1.4 pkgsrc-2024Q1:1.4.0.136 pkgsrc-2024Q1-base:1.4 pkgsrc-2023Q4:1.4.0.134 pkgsrc-2023Q4-base:1.4 pkgsrc-2023Q3:1.4.0.132 pkgsrc-2023Q3-base:1.4 pkgsrc-2023Q2:1.4.0.130 pkgsrc-2023Q2-base:1.4 pkgsrc-2023Q1:1.4.0.128 pkgsrc-2023Q1-base:1.4 pkgsrc-2022Q4:1.4.0.126 pkgsrc-2022Q4-base:1.4 pkgsrc-2022Q3:1.4.0.124 pkgsrc-2022Q3-base:1.4 pkgsrc-2022Q2:1.4.0.122 pkgsrc-2022Q2-base:1.4 pkgsrc-2022Q1:1.4.0.120 pkgsrc-2022Q1-base:1.4 pkgsrc-2021Q4:1.4.0.118 pkgsrc-2021Q4-base:1.4 pkgsrc-2021Q3:1.4.0.116 pkgsrc-2021Q3-base:1.4 pkgsrc-2021Q2:1.4.0.114 pkgsrc-2021Q2-base:1.4 pkgsrc-2021Q1:1.4.0.112 pkgsrc-2021Q1-base:1.4 pkgsrc-2020Q4:1.4.0.110 pkgsrc-2020Q4-base:1.4 pkgsrc-2020Q3:1.4.0.108 pkgsrc-2020Q3-base:1.4 pkgsrc-2020Q2:1.4.0.104 pkgsrc-2020Q2-base:1.4 pkgsrc-2020Q1:1.4.0.84 pkgsrc-2020Q1-base:1.4 pkgsrc-2019Q4:1.4.0.106 pkgsrc-2019Q4-base:1.4 pkgsrc-2019Q3:1.4.0.102 pkgsrc-2019Q3-base:1.4 pkgsrc-2019Q2:1.4.0.100 pkgsrc-2019Q2-base:1.4 pkgsrc-2019Q1:1.4.0.98 pkgsrc-2019Q1-base:1.4 pkgsrc-2018Q4:1.4.0.96 pkgsrc-2018Q4-base:1.4 pkgsrc-2018Q3:1.4.0.94 pkgsrc-2018Q3-base:1.4 pkgsrc-2018Q2:1.4.0.92 pkgsrc-2018Q2-base:1.4 pkgsrc-2018Q1:1.4.0.90 pkgsrc-2018Q1-base:1.4 pkgsrc-2017Q4:1.4.0.88 pkgsrc-2017Q4-base:1.4 pkgsrc-2017Q3:1.4.0.86 pkgsrc-2017Q3-base:1.4 pkgsrc-2017Q2:1.4.0.82 pkgsrc-2017Q2-base:1.4 pkgsrc-2017Q1:1.4.0.80 pkgsrc-2017Q1-base:1.4 pkgsrc-2016Q4:1.4.0.78 pkgsrc-2016Q4-base:1.4 pkgsrc-2016Q3:1.4.0.76 pkgsrc-2016Q3-base:1.4 pkgsrc-2016Q2:1.4.0.74 pkgsrc-2016Q2-base:1.4 pkgsrc-2016Q1:1.4.0.72 pkgsrc-2016Q1-base:1.4 pkgsrc-2015Q4:1.4.0.70 pkgsrc-2015Q4-base:1.4 pkgsrc-2015Q3:1.4.0.68 pkgsrc-2015Q3-base:1.4 pkgsrc-2015Q2:1.4.0.66 pkgsrc-2015Q2-base:1.4 pkgsrc-2015Q1:1.4.0.64 pkgsrc-2015Q1-base:1.4 pkgsrc-2014Q4:1.4.0.62 pkgsrc-2014Q4-base:1.4 pkgsrc-2014Q3:1.4.0.60 pkgsrc-2014Q3-base:1.4 pkgsrc-2014Q2:1.4.0.58 pkgsrc-2014Q2-base:1.4 pkgsrc-2014Q1:1.4.0.56 pkgsrc-2014Q1-base:1.4 pkgsrc-2013Q4:1.4.0.54 pkgsrc-2013Q4-base:1.4 pkgsrc-2013Q3:1.4.0.52 pkgsrc-2013Q3-base:1.4 pkgsrc-2013Q2:1.4.0.50 pkgsrc-2013Q2-base:1.4 pkgsrc-2013Q1:1.4.0.48 pkgsrc-2013Q1-base:1.4 pkgsrc-2012Q4:1.4.0.46 pkgsrc-2012Q4-base:1.4 pkgsrc-2012Q3:1.4.0.44 pkgsrc-2012Q3-base:1.4 pkgsrc-2012Q2:1.4.0.42 pkgsrc-2012Q2-base:1.4 pkgsrc-2012Q1:1.4.0.40 pkgsrc-2012Q1-base:1.4 pkgsrc-2011Q4:1.4.0.38 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q3:1.4.0.36 pkgsrc-2011Q3-base:1.4 pkgsrc-2011Q2:1.4.0.34 pkgsrc-2011Q2-base:1.4 pkgsrc-2011Q1:1.4.0.32 pkgsrc-2011Q1-base:1.4 pkgsrc-2010Q4:1.4.0.30 pkgsrc-2010Q4-base:1.4 pkgsrc-2010Q3:1.4.0.28 pkgsrc-2010Q3-base:1.4 pkgsrc-2010Q2:1.4.0.26 pkgsrc-2010Q2-base:1.4 pkgsrc-2010Q1:1.4.0.24 pkgsrc-2010Q1-base:1.4 pkgsrc-2009Q4:1.4.0.22 pkgsrc-2009Q4-base:1.4 pkgsrc-2009Q3:1.4.0.20 pkgsrc-2009Q3-base:1.4 pkgsrc-2009Q2:1.4.0.18 pkgsrc-2009Q2-base:1.4 pkgsrc-2009Q1:1.4.0.16 pkgsrc-2009Q1-base:1.4 pkgsrc-2008Q4:1.4.0.14 pkgsrc-2008Q4-base:1.4 pkgsrc-2008Q3:1.4.0.12 pkgsrc-2008Q3-base:1.4 cube-native-xorg:1.4.0.10 cube-native-xorg-base:1.4 pkgsrc-2008Q2:1.4.0.8 pkgsrc-2008Q2-base:1.4 cwrapper:1.4.0.6 pkgsrc-2008Q1:1.4.0.4 pkgsrc-2008Q1-base:1.4 pkgsrc-2007Q4:1.4.0.2 pkgsrc-2007Q4-base:1.4 pkgsrc-2007Q3:1.3.0.4 pkgsrc-2007Q3-base:1.3 pkgsrc-2007Q2:1.3.0.2 pkgsrc-2007Q2-base:1.3 pkgsrc-2007Q1:1.2.0.24 pkgsrc-2007Q1-base:1.2 pkgsrc-2006Q4:1.2.0.22 pkgsrc-2006Q4-base:1.2 pkgsrc-2006Q3:1.2.0.20 pkgsrc-2006Q3-base:1.2 pkgsrc-2006Q2:1.2.0.18 pkgsrc-2006Q2-base:1.2 pkgsrc-2006Q1:1.2.0.16 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.2.0.14 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.12 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.10 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.8 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.6 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.2.0.4 pkgsrc-2004Q3-base:1.2 pkgsrc-2004Q2:1.2.0.2 pkgsrc-2004Q2-base:1.2 pkgsrc-2004Q1:1.1.0.12 pkgsrc-2004Q1-base:1.1 pkgsrc-2003Q4:1.1.0.10 pkgsrc-2003Q4-base:1.1 netbsd-1-6-1:1.1.0.6 netbsd-1-6-1-base:1.1 netbsd-1-6:1.1.0.8 netbsd-1-6-RELEASE-base:1.1 pkgviews:1.1.0.4 pkgviews-base:1.1 buildlink2:1.1.0.2 buildlink2-base:1.1 netbsd-1-5-PATCH003:1.1; locks; strict; comment @# @; 1.4 date 2007.11.29.18.36.40; author wiz; state Exp; branches; next 1.3; 1.3 date 2007.04.10.12.19.40; author drochner; state Exp; branches; next 1.2; 1.2 date 2004.05.06.14.48.57; author drochner; state dead; branches; next 1.1; 1.1 date 2001.08.11.20.51.25; author fredb; state Exp; branches; next ; desc @@ 1.4 log @Update to 1.2.11: xmms 1.2.11 The '1211 days since last release' release. XMMS was 10 years old on 2007-11-15. * Make the --toggle switches take an optional value to either enable or disable the function. * New command line switches: --quit, --toggle-shuffle, --toggle-repeat, --toggle-advance, --queue * New remote commands: xmms_remote_playqueue_clear, xmms_remote_get_playqueue_pos_from_playlist_pos, xmms_remote_get_playlist_pos_from_playqueue_pos, xmms_remote_playqueue_add, xmms_remote_get_playqueue_length, xmms_remote_playqueue_remove. * Playqueue manager. Adds queue control enabling you to reorder the queue and a search like the jump to file dialog. OGG/Vorbis: * Save stream to disk adds -N if the file already exist * Don't apply the +6dB boost if replaygain information is missing Alsa: * Soft volume works without mixer Songchange: * Optional command to run at end of song. Diskwriter: * Effect plugins are applied on the saved file MPG123: * Enable shoutcast title streaming by default * CTRL-Q as default keybind to quit * Close dialogs with escape key Solaris: * Support OSS and AMD8111 @ text @$NetBSD$ --- xmms/bmp.c.orig 2006-07-16 13:40:04.000000000 +0000 +++ xmms/bmp.c @@@@ -19,6 +19,12 @@@@ */ #include "xmms.h" +#if HAVE_STDINT_H +#include +#elif !defined(UINT32_MAX) +#define UINT32_MAX 0xffffffffU +#endif + struct rgb_quad { guchar rgbBlue; @@@@ -183,7 +189,7 @@@@ GdkPixmap *read_bmp(gchar * filename) } else if (bitcount != 24 && bitcount != 16 && bitcount != 32) { - gint ncols, i; + guint32 ncols, i; ncols = offset - headSize - 14; if (headSize == 12) @@@@ -203,6 +209,13 @@@@ GdkPixmap *read_bmp(gchar * filename) fseek(file, offset, SEEK_SET); buffer = g_malloc(imgsize); fread(buffer, imgsize, 1, file); + /* verify buffer size */ + if (!h || !w || + w > (((UINT32_MAX - 3) / 3) / h) || + h > (((UINT32_MAX - 3) / 3) / w)) { + g_warning("read_bmp(): width(%u)*height(%u) too large", w, h); + goto failure; + } data = g_malloc0((w * 3 * h) + 3); /* +3 is just for safety */ if (bitcount == 1) @ 1.3 log @plug integer overflows in skin handling (CVE-2007-0653, CVE-2007-0654), patch from Debian @ text @d3 2 a4 2 --- ./xmms/bmp.c.orig 2002-02-12 00:15:56.000000000 +0100 +++ ./xmms/bmp.c d15 1 a15 1 typedef struct tagRGBQUAD d18 1 a18 1 @@@@ -184,7 +190,7 @@@@ GdkPixmap *read_bmp(gchar * filename) d27 1 a27 3 @@@@ -200,10 +206,18 @@@@ GdkPixmap *read_bmp(gchar * filename) } } d29 2 d36 1 a36 2 + fclose(file); + return NULL; d38 1 a38 5 + data = g_malloc0((w * 3 * h) + 3); /* +3 is just for safety */ buffer = g_malloc(imgsize); fread(buffer, imgsize, 1, file); fclose(file); - data = g_malloc0((w * 3 * h) + 3); /* +3 is just for safety */ a40 1 read_1b_rgb(buffer, imgsize, data, w, h, rgb_quads); @ 1.2 log @update to 1.2.10 changes: -bugfixes -IPv6 support integrated -new translations -minor feature additions @ text @d1 1 a1 1 $NetBSD: patch-aq,v 1.1 2001/08/11 20:51:25 fredb Exp $ d3 5 a7 3 --- wmxmms/getopt.c.orig Thu Jul 29 16:03:12 1999 +++ wmxmms/getopt.c @@@@ -64,7 +64,7 @@@@ d9 38 a46 16 /* This needs to come after some library #include to get __GNU_LIBRARY__ defined. */ -#ifdef __GNU_LIBRARY__ +#if defined(__GNU_LIBRARY__) || defined(__NetBSD__) /* Don't include stdlib.h for non-GNU C libraries because some of them contain conflicting prototypes for getopt. */ #include @@@@ -198,7 +198,7 @@@@ /* Value of POSIXLY_CORRECT environment variable. */ static char *posixly_correct; -#ifdef __GNU_LIBRARY__ +#if defined(__GNU_LIBRARY__) || defined(__NetBSD__) /* We want to avoid inclusion of string.h with non-GNU libraries because there are many ways it can cause trouble. On some systems, it contains special magic macros that don't work @ 1.1 log @Add include of for missing prototype for strlen(). Also, OK to include unistd.h on NetBSD, for getopt() prototype. @ text @d1 1 a1 1 $NetBSD$ @