head 1.6; access; symbols pkgsrc-2013Q2:1.6.0.10 pkgsrc-2013Q2-base:1.6 pkgsrc-2012Q4:1.6.0.8 pkgsrc-2012Q4-base:1.6 pkgsrc-2011Q4:1.6.0.6 pkgsrc-2011Q4-base:1.6 pkgsrc-2011Q2:1.6.0.4 pkgsrc-2011Q2-base:1.6 pkgsrc-2009Q4:1.6.0.2 pkgsrc-2009Q4-base:1.6 pkgsrc-2009Q3:1.5.0.18 pkgsrc-2009Q3-base:1.5 pkgsrc-2009Q2:1.5.0.16 pkgsrc-2009Q2-base:1.5 pkgsrc-2009Q1:1.5.0.14 pkgsrc-2009Q1-base:1.5 pkgsrc-2008Q4:1.5.0.12 pkgsrc-2008Q4-base:1.5 pkgsrc-2008Q3:1.5.0.10 pkgsrc-2008Q3-base:1.5 cube-native-xorg:1.5.0.8 cube-native-xorg-base:1.5 pkgsrc-2008Q2:1.5.0.6 pkgsrc-2008Q2-base:1.5 cwrapper:1.5.0.4 pkgsrc-2008Q1:1.5.0.2 pkgsrc-2008Q1-base:1.5 pkgsrc-2007Q4:1.4.0.2 pkgsrc-2007Q4-base:1.4 pkgsrc-2007Q3:1.3.0.6 pkgsrc-2007Q3-base:1.3 pkgsrc-2007Q2:1.3.0.4 pkgsrc-2007Q2-base:1.3 pkgsrc-2007Q1:1.3.0.2 pkgsrc-2007Q1-base:1.3 pkgsrc-2006Q4:1.2.0.20 pkgsrc-2006Q4-base:1.2 pkgsrc-2006Q3:1.2.0.18 pkgsrc-2006Q3-base:1.2 pkgsrc-2006Q2:1.2.0.16 pkgsrc-2006Q2-base:1.2 pkgsrc-2006Q1:1.2.0.14 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.2.0.12 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.10 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.8 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.6 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.4 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.2.0.2 pkgsrc-2004Q3-base:1.2; locks; strict; comment @# @; 1.6 date 2009.10.18.22.22.10; author ahoka; state dead; branches; next 1.5; 1.5 date 2008.02.05.17.00.36; author drochner; state Exp; branches; next 1.4; 1.4 date 2007.12.21.11.31.25; author tron; state dead; branches 1.4.2.1; next 1.3; 1.3 date 2007.02.23.19.19.40; author drochner; state Exp; branches; next 1.2; 1.2 date 2004.07.17.19.06.36; author wiz; state dead; branches; next 1.1; 1.1 date 2004.07.02.17.07.21; author drochner; state Exp; branches; next ; 1.4.2.1 date 2008.02.11.12.04.15; author ghen; state Exp; branches; next ; desc @@ 1.6 log @Upgrade to the SVN snapshot as of 2009-10-17. The builtin libavcodec now uses yasm to assemble hand written h264 code. The older x264 we currently have in pkgsrc is not supported by mplayer, so I had to do some hand tweaking to make it work. It may contain bugs because of this, so report any fallouts with h264. @ text @$NetBSD: patch-bd,v 1.5 2008/02/05 17:00:36 drochner Exp $ --- stream/stream_cddb.c.orig 2007-10-07 21:49:26.000000000 +0200 +++ stream/stream_cddb.c @@@@ -53,6 +53,7 @@@@ #include "version.h" #include "stream.h" #include "network.h" +#include "libavutil/intreadwrite.h" #define DEFAULT_FREEDB_SERVER "freedb.freedb.org" #define DEFAULT_CACHE_DIR "/.cddb/" @@@@ -453,8 +454,9 @@@@ cddb_parse_matches_list(HTTP_header_t *h } else { len = ptr2-ptr+1; } + len = FFMIN(sizeof(album_title) - 1, len); strncpy(album_title, ptr, len); - album_title[len-2]='\0'; + album_title[len]='\0'; } mp_msg(MSGT_DEMUX, MSGL_STATUS, MSGTR_MPDEMUX_CDDB_ParseOKFoundAlbumTitle, album_title); return 0; @@@@ -490,8 +492,9 @@@@ cddb_query_parse(HTTP_header_t *http_hdr } else { len = ptr2-ptr+1; } + len = FFMIN(sizeof(album_title) - 1, len); strncpy(album_title, ptr, len); - album_title[len-2]='\0'; + album_title[len]='\0'; } mp_msg(MSGT_DEMUX, MSGL_STATUS, MSGTR_MPDEMUX_CDDB_ParseOKFoundAlbumTitle, album_title); return cddb_request_titles(cddb_data); @ 1.5 log @add some patches from upstream which fix CVE-2008-0485, CVE-2008-0486 and two unnamed buffer overflows, bump PKGREVISION of affected pkgs @ text @d1 1 a1 1 $NetBSD$ @ 1.4 log @Update "mplayer", "mplayer-share", "mencoder" and "gmplayer" packages to version 1.0rc2 (as 1.0rc10). Changes since version 1.0rc1 (known as 1.0rc9 in "pkgsrc"): - A lot of new audio and video decoders and other improvements - A large number of bug fixes - Updated documentation - Support for Mac OS X Intel Approved by Thomas Klausner (because it fixes the Darwin-i386 build). @ text @d1 1 a1 1 $NetBSD: patch-bd,v 1.3 2007/02/23 19:19:40 drochner Exp $ d3 7 a9 5 --- stream/udp.c.orig 2007-02-22 14:14:08.000000000 +0100 +++ stream/udp.c @@@@ -157,8 +157,8 @@@@ udp_open_socket (URL_t *url) } } d11 24 a34 7 - tv.tv_sec = 0; - tv.tv_usec = (1 * 1000000); /* 1 second timeout */ + tv.tv_sec = 1; + tv.tv_usec = 0; /* 1 second timeout */ FD_ZERO (&set); FD_SET (socket_server_fd, &set); @ 1.4.2.1 log @Pullup ticket 2287 - requested by drochner security fixes for mplayer and mencoder - pkgsrc/multimedia/gmplayer/Makefile 1.67 - pkgsrc/multimedia/mencoder/Makefile 1.37 - pkgsrc/multimedia/mplayer/Makefile 1.52 - pkgsrc/multimedia/mplayer-share/distinfo 1.47 - pkgsrc/multimedia/mplayer-share/patches/patch-ba 1.7 - pkgsrc/multimedia/mplayer-share/patches/patch-bb 1.7 - pkgsrc/multimedia/mplayer-share/patches/patch-bc 1.5 - pkgsrc/multimedia/mplayer-share/patches/patch-bd 1.5 Module Name: pkgsrc Committed By: drochner Date: Tue Feb 5 17:00:37 UTC 2008 Modified Files: pkgsrc/multimedia/gmplayer: Makefile pkgsrc/multimedia/mencoder: Makefile pkgsrc/multimedia/mplayer: Makefile pkgsrc/multimedia/mplayer-share: distinfo Added Files: pkgsrc/multimedia/mplayer-share/patches: patch-ba patch-bb patch-bc patch-bd Log Message: add some patches from upstream which fix CVE-2008-0485, CVE-2008-0486 and two unnamed buffer overflows, bump PKGREVISION of affected pkgs @ text @d1 1 a1 1 $NetBSD$ d3 5 a7 7 --- stream/stream_cddb.c.orig 2007-10-07 21:49:26.000000000 +0200 +++ stream/stream_cddb.c @@@@ -53,6 +53,7 @@@@ #include "version.h" #include "stream.h" #include "network.h" +#include "libavutil/intreadwrite.h" d9 7 a15 24 #define DEFAULT_FREEDB_SERVER "freedb.freedb.org" #define DEFAULT_CACHE_DIR "/.cddb/" @@@@ -453,8 +454,9 @@@@ cddb_parse_matches_list(HTTP_header_t *h } else { len = ptr2-ptr+1; } + len = FFMIN(sizeof(album_title) - 1, len); strncpy(album_title, ptr, len); - album_title[len-2]='\0'; + album_title[len]='\0'; } mp_msg(MSGT_DEMUX, MSGL_STATUS, MSGTR_MPDEMUX_CDDB_ParseOKFoundAlbumTitle, album_title); return 0; @@@@ -490,8 +492,9 @@@@ cddb_query_parse(HTTP_header_t *http_hdr } else { len = ptr2-ptr+1; } + len = FFMIN(sizeof(album_title) - 1, len); strncpy(album_title, ptr, len); - album_title[len-2]='\0'; + album_title[len]='\0'; } mp_msg(MSGT_DEMUX, MSGL_STATUS, MSGTR_MPDEMUX_CDDB_ParseOKFoundAlbumTitle, album_title); return cddb_request_titles(cddb_data); @ 1.3 log @normalize timeval for select() timeout in udp stream handler, from Mihai Chelaru per PR pkg/35444 bump PKGREVISIONs @ text @d1 1 a1 1 $NetBSD$ @ 1.2 log @Update to 1.0pre5: DOCS * small additions, corrections, updates all over the place * audio output driver section added to the man page * several bug fixes and improvements in the MEncoder documentation * DVD ripping guide extended and improved * AUTHORS file massively extended * German man page partially updated * Hungarian XML documentation translation started Ports * encrypted DVD playback on Windows fixed (again) * Cygwin and MinGW now accept the same -dvd-device syntax * LIVE.COM now works under MinGW * foundations for MinGW crosscompilation * disabled SSE on MinGW as it caused crashes * AC3 passthrough for ao_win32 * improved vo_quartz (YUV, multiple screens support) * vo_quartz made default on Mac OS X * ao_macosx fixed and made default again on Mac OS X * RealVideo binary codecs support on Mac OS X (still buggy) * bigendian fixes in vf.c, vo_tga * OpenBSD portability fixes * OpenBSD/VAX support * AMD64 support Drivers * support for more Radeons (9800 XT among them) in VIDIX * Radeon related bug fixes in VIDIX * vo_gl2 now supports GUI, fix for flickering borders in fullscreen * support 24 and 32 bit PCM files, bigendian fixes * ao_sdl now converts unsupported formats instead of quitting * ENCA support * merged ao_alsa9 and ao_alsa1x drivers into ao_alsa * NeoMagic TV-out support through VESA * JACK audio output driver * vo_sdl fixes (wrong flags and screensaver disabling) * vo_directx fixes Decoders * MSZH/ZLIB, FLI, QTRLE, RoQ video and RoQ audio support moved to FFmpeg * FFmpeg Cinepak and CYUV decoders preferred * audio format 0xff support (is AAC) * "raw" audio in MOV supported * Indeo audio (iac25) support via binary codec * upgrade libfaad2 to the FAAD 2.0 release * MPEG2 chroma422/444 support * Winnov WINX and WNV1 support via binary codec Demuxers * Ogg subtitle handling and other bug fixes * Matroska improvements * support seeking in Real files without -idx * support seeking in Real files without index with -forceidx Streaming * ASF, MMST streaming fixes * URL escaping fixed * NSA (Nullsoft audio) streaming support * embedded RAM playlist support * multibyte URL support * rtp:// now supported even with LIVE.COM compiled in * miscellaneous bug fixes Filters * vf_softskip: frame skipping filter for MEncoder * vf_harddup: frame duplication filter for MEncoder * vf_pullup minor fixes and improvements * AltiVec-optimized YUV to RGB converter * vf_spp memory corruption fix on reallocation FFmpeg/libavcodec * MPEG2 encoding with 8, 9, 10, 11 bit intra DC precision * DC clipping fix, intra_dc_precision > 0 support * Cinepak fixes and palette support * support skipping of MB rows during decoding * Vorbis in NUT fixed * NUT updated to latest specification * segfault and artifact fixes in SVQ3 decoder * motion estimation code: overflow and chroma fixes * change qscale -> lambda for the motion estimation * noise preserving sum of squares comparison function in ME code * fixed memory overwrite in truemotion decoder * clip input motion vectors, better error tolerance on bad vectors * FLAC decoder cleanup (partial demuxer/decoder separation) * memalign hack for SSE/SSE2 on that alternative OS :) * lots of AltiVec optimizations * qscale + qprd fix * QTrle4 support * H.261 decoder * coefficient saturation fix in H.263 * H.263 MCBPC fix * per line lowpass filter in MMX and faster C lowpass filter * SVQ1 encoder * as usual, lots of bug fixes and optimizations Others * fullscreen fixes for many window managers * fix crash on original Pentiums and older * dvd://start-end support * netstream (mpst://) support fixed * support comments in plaintext playlists * loader/ dependency removed * keepaspect option extended to all video output drivers * WMA to Ogg conversion and simple subtitle editing script added to TOOLS * support for more lame options * new set of GUI icons * memory conserving implementation of GUI potmeters * X11 code reindented * further gcc 3.4 support fixes * mixer API written for changing volume through libaf * -rtc-device option for specifying the RTC device * desktop/menu icon added * miscellaneous bug fixes and cleanups * multi-threaded encoding with lavc * fixed a bug with Real files introduced in pre4 * -use-stdin renamed to -noconsolecontrols @ text @d1 1 a1 1 $NetBSD: patch-bd,v 1.1 2004/07/02 17:07:21 drochner Exp $ d3 4 a6 89 --- Gui/skin/skin.c.orig 2003-06-03 19:36:25.000000000 +0200 +++ Gui/skin/skin.c @@@@ -116,7 +116,7 @@@@ int cmd_window( char * in ) { CHECKDEFLIST( "window" ); - strcpy( window_name,strlower( in ) ); + strlcpy( window_name,strlower( in ),sizeof( window_name ) ); if ( !strncmp( in,"main",4 ) ) { currSection=&skinAppMPlayer->main; currSubItem=&skinAppMPlayer->NumberOfItems; currSubItems=skinAppMPlayer->Items; } else if ( !strncmp( in,"sub",3 ) ) currSection=&skinAppMPlayer->sub; else if ( !strncmp( in,"playbar",7 ) ) { currSection=&skinAppMPlayer->bar; currSubItem=&skinAppMPlayer->NumberOfBarItems; currSubItems=skinAppMPlayer->barItems; } @@@@ -147,7 +147,7 @@@@ int cmd_base( char * in ) defList->main.x=x; defList->main.y=y; defList->main.type=itBase; - strcpy( tmp,path ); strcat( tmp,fname ); + strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); if ( skinBPRead( tmp,&defList->main.Bitmap ) ) return 1; defList->main.width=defList->main.Bitmap.Width; defList->main.height=defList->main.Bitmap.Height; @@@@ -162,7 +162,7 @@@@ int cmd_base( char * in ) if ( !strcmp( window_name,"sub" ) ) { defList->sub.type=itBase; - strcpy( tmp,path ); strcat( tmp,fname ); + strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); if ( skinBPRead( tmp,&defList->sub.Bitmap ) ) return 1; defList->sub.x=x; defList->sub.y=y; @@@@ -179,7 +179,7 @@@@ int cmd_base( char * in ) { defList->menuIsPresent=1; defList->menuBase.type=itBase; - strcpy( tmp,path ); strcat( tmp,fname ); + strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); if ( skinBPRead( tmp,&defList->menuBase.Bitmap ) ) return 1; defList->menuBase.width=defList->menuBase.Bitmap.Width; defList->menuBase.height=defList->menuBase.Bitmap.Height; @@@@ -197,7 +197,7 @@@@ int cmd_base( char * in ) defList->bar.x=x; defList->bar.y=y; defList->bar.type=itBase; - strcpy( tmp,path ); strcat( tmp,fname ); + strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); if ( skinBPRead( tmp,&defList->bar.Bitmap ) ) return 1; defList->bar.width=defList->bar.Bitmap.Width; defList->bar.height=defList->bar.Bitmap.Height; @@@@ -268,7 +268,7 @@@@ int cmd_button( char * in ) currSubItems[ *currSubItem ].Bitmap.Image=NULL; if ( strcmp( fname,"NULL" ) ) { - strcpy( tmp,path ); strcat( tmp,fname ); + strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); if ( skinBPRead( tmp,&currSubItems[ *currSubItem ].Bitmap ) ) return 1; } @@@@ -289,7 +289,7 @@@@ int cmd_selected( char * in ) cutItem( in,fname,',',0 ); defList->menuSelected.type=itBase; - strcpy( tmp,path ); strcat( tmp,fname ); + strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, fname, sizeof( tmp )); mp_dbg( MSGT_GPLAYER,MSGL_DBG2,"\n[skin] selected: %s\n",fname ); if ( skinBPRead( tmp,&defList->menuSelected.Bitmap ) ) return 1; defList->menuSelected.width=defList->menuSelected.Bitmap.Width; @@@@ -381,14 +381,14 @@@@ int cmd_hpotmeter( char * in ) item->Bitmap.Image=NULL; if ( strcmp( phfname,"NULL" ) ) { - strcpy( tmp,path ); strcat( tmp,phfname ); + strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, phfname, sizeof( tmp )); if ( skinBPRead( tmp,&item->Bitmap ) ) return 1; } item->Mask.Image=NULL; if ( strcmp( pfname,"NULL" ) ) { - strcpy( tmp,path ); strcat( tmp,pfname ); + strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, pfname, sizeof( tmp )); if ( skinBPRead( tmp,&item->Mask ) ) return 1; } return 0; @@@@ -445,7 +445,7 @@@@ int cmd_potmeter( char * in ) item->Bitmap.Image=NULL; if ( strcmp( phfname,"NULL" ) ) { - strcpy( tmp,path ); strcat( tmp,phfname ); + strlcpy(tmp, path, sizeof( tmp )); strlcat(tmp, phfname, sizeof( tmp )); if ( skinBPRead( tmp,&item->Bitmap ) ) return 1; a7 3 return 0; @@@@ -655,7 +655,12 @@@@ char * trim( char * in ) FILE * skinFile; d9 4 a12 8 void setname( char * item1, char * item2 ) -{ strcpy( fn,item1 ); strcat( fn,"/" ); strcat( fn,item2 ); strcpy( path,fn ); strcat( path,"/" ); strcat( fn,"/skin" ); } +{ + strlcpy(fn, item1, sizeof( fn )); + strlcat(fn, "/", sizeof( fn )); strlcat(fn, item2, sizeof( fn )); + strlcpy(path, fn, sizeof( path )); strlcat(path, "/", sizeof( path )); + strlcat(fn, "/skin", sizeof( fn )); +} d14 2 a15 2 int skinRead( char * dname ) { @ 1.1 log @apply the patch from the mplayer site to fix buffer overflow vulnerabilities in the GUI @ text @d1 1 a1 1 $NetBSD$ @