From e6182c54338b01cc399cda2bd8e2a1bee2dc64f0193e2ac9c11b27f1e449874c Mon Sep 17 00:00:00 2001
From: OBS User unknown <null@suse.de>
Date: Thu, 27 Mar 2008 22:30:14 +0000
Subject: [PATCH] OBS-URL:
https://build.opensuse.org/package/show/openSUSE:Factory/xine-lib?expand=0&rev=4
---
vdr-xine-lib-0.8.1.diff.bz2 | 4 +-
xine-lib-1.1.10.1-crippled.tar.bz2 | 3 -
xine-lib-1.1.11-crippled.tar.bz2 | 3 +
xine-lib-1.1.7-install-plugins-helper.diff | 70 ++-
xine-lib-CVE-2008-1482.diff | 562 +++++++++++++++++++
xine-lib-assert.patch | 8 +-
xine-lib-crippled-LOCAL.diff | 21 +-
xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff | 13 +-
xine-lib-doc-fix-X11R6.diff | 16 +-
xine-lib-mjpegplugin.diff | 82 +--
xine-lib-various-noncrippled.diff | 11 +-
xine-lib.changes | 33 ++
xine-lib.spec | 39 +-
13 files changed, 762 insertions(+), 103 deletions(-)
delete mode 100644 xine-lib-1.1.10.1-crippled.tar.bz2
create mode 100644 xine-lib-1.1.11-crippled.tar.bz2
create mode 100644 xine-lib-CVE-2008-1482.diff
diff --git a/vdr-xine-lib-0.8.1.diff.bz2 b/vdr-xine-lib-0.8.1.diff.bz2
index 677e0a0..5d18286 100644
--- a/vdr-xine-lib-0.8.1.diff.bz2
+++ b/vdr-xine-lib-0.8.1.diff.bz2
@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
-oid sha256:8f5a180fd5e129330f9893e5a89e38577d347322d3fd3240f5683ab7bd4df3c9
-size 22308
+oid sha256:ab172925fb278e5953526435c3a6aad7b3969307051ed23db86ff1473c07aa0f
+size 21891
diff --git a/xine-lib-1.1.10.1-crippled.tar.bz2 b/xine-lib-1.1.10.1-crippled.tar.bz2
deleted file mode 100644
index 44b483d..0000000
--- a/xine-lib-1.1.10.1-crippled.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:897b552cce7c9b13e11263dfcb82111b64d6fa38b27c6d1adc85c0a88ea3b798
-size 5005675
diff --git a/xine-lib-1.1.11-crippled.tar.bz2 b/xine-lib-1.1.11-crippled.tar.bz2
new file mode 100644
index 0000000..60e9548
--- /dev/null
+++ b/xine-lib-1.1.11-crippled.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5ebbe7eac3eea9cdcea19cdc206343dcff301ee3b1947c789938f75e76783805
+size 5065527
diff --git a/xine-lib-1.1.7-install-plugins-helper.diff b/xine-lib-1.1.7-install-plugins-helper.diff
index bc42cff..0932708 100644
--- a/xine-lib-1.1.7-install-plugins-helper.diff
+++ b/xine-lib-1.1.7-install-plugins-helper.diff
@@ -1,6 +1,8 @@
---- xine-lib-1.1.7.org/configure.ac 2007-08-16 11:12:26.000000000 +0000
-+++ xine-lib-1.1.7/configure.ac 2007-08-16 11:12:25.000000000 +0000
-@@ -2509,6 +2509,28 @@
+Index: xine-lib-1.1.11/configure.ac
+===================================================================
+--- xine-lib-1.1.11.orig/configure.ac
++++ xine-lib-1.1.11/configure.ac
+@@ -2545,6 +2545,28 @@ fi
AM_CONDITIONAL(HAVE_W32DLL, test "x$enable_w32dll" != "xno")
@@ -29,9 +31,11 @@
dnl ---------------------------------------------
dnl some include paths ( !!! DO NOT REMOVE !!! )
---- xine-lib-1.1.7.org/src/xine-engine/xine.c 2007-08-16 11:12:25.000000000 +0000
-+++ xine-lib-1.1.7/src/xine-engine/xine.c 2007-08-16 11:12:21.000000000 +0000
-@@ -1643,6 +1643,15 @@
+Index: xine-lib-1.1.11/src/xine-engine/xine.c
+===================================================================
+--- xine-lib-1.1.11.orig/src/xine-engine/xine.c
++++ xine-lib-1.1.11/src/xine-engine/xine.c
+@@ -1780,6 +1780,15 @@ void xine_init (xine_t *this) {
0, NULL, this);
/*
@@ -47,9 +51,11 @@
* keep track of all opened streams
*/
this->streams = xine_list_new();
---- xine-lib-1.1.7.org/src/xine-engine/video_decoder.c 2007-08-16 11:12:25.000000000 +0000
-+++ xine-lib-1.1.7/src/xine-engine/video_decoder.c 2007-08-16 11:40:56.000000000 +0000
-@@ -39,6 +39,7 @@
+Index: xine-lib-1.1.11/src/xine-engine/video_decoder.c
+===================================================================
+--- xine-lib-1.1.11.orig/src/xine-engine/video_decoder.c
++++ xine-lib-1.1.11/src/xine-engine/video_decoder.c
+@@ -37,6 +37,7 @@
#include "xine_internal.h"
#include "xineutils.h"
@@ -57,20 +63,22 @@
#include <sched.h>
#define SPU_SLEEP_INTERVAL (90000/2)
-@@ -369,6 +370,10 @@
+@@ -376,6 +377,10 @@ static void *video_decoder_loop (void *s
stream->video_decoder_plugin = _x_get_video_decoder (stream, streamtype);
_x_stream_info_set(stream, XINE_STREAM_INFO_VIDEO_HANDLED, (stream->video_decoder_plugin != NULL));
+ if(buf->type != buftype_unknown && !stream->video_decoder_plugin)
-+ _x_install_plugins_helper(stream,"decoder-video", buf->type, _x_buf_video_name( buf->type ));
++ _x_install_plugins_helper(stream,"decoder-video", buf->type, _x_buf_video_name( buf->type ));
++
+
-+
}
if (stream->video_decoder_plugin)
---- xine-lib-1.1.7.org/src/xine-engine/audio_decoder.c 2007-08-16 11:12:25.000000000 +0000
-+++ xine-lib-1.1.7/src/xine-engine/audio_decoder.c 2007-08-16 11:41:24.000000000 +0000
-@@ -43,6 +43,7 @@
+Index: xine-lib-1.1.11/src/xine-engine/audio_decoder.c
+===================================================================
+--- xine-lib-1.1.11.orig/src/xine-engine/audio_decoder.c
++++ xine-lib-1.1.11/src/xine-engine/audio_decoder.c
+@@ -41,6 +41,7 @@
#include "xine_internal.h"
#include "xineutils.h"
@@ -78,7 +86,7 @@
static void *audio_decoder_loop (void *stream_gen) {
-@@ -340,6 +341,10 @@
+@@ -339,6 +340,10 @@ static void *audio_decoder_loop (void *s
_x_stream_info_set(stream, XINE_STREAM_INFO_AUDIO_HANDLED,
(stream->audio_decoder_plugin != NULL));
@@ -89,9 +97,11 @@
}
if (audio_type != stream->audio_type) {
---- xine-lib-1.1.7.org/src/xine-engine/Makefile.am 2007-08-16 11:12:25.000000000 +0000
-+++ xine-lib-1.1.7/src/xine-engine/Makefile.am 2007-08-16 11:12:21.000000000 +0000
-@@ -19,7 +19,7 @@
+Index: xine-lib-1.1.11/src/xine-engine/Makefile.am
+===================================================================
+--- xine-lib-1.1.11.orig/src/xine-engine/Makefile.am
++++ xine-lib-1.1.11/src/xine-engine/Makefile.am
+@@ -19,7 +19,7 @@ libxine_la_SOURCES = xine.c metronom.c c
video_overlay.c osd.c scratch.c demux.c vo_scale.c \
xine_interface.c post.c tvmode.c broadcaster.c io_helper.c \
input_rip.c input_cache.c info_helper.c refcounter.c \
@@ -100,7 +110,7 @@
# FIXME: these are currently unused:
EXTRA_DIST = lrb.c lrb.h accel_xvmc.h
-@@ -39,7 +39,8 @@
+@@ -39,7 +39,8 @@ xineinclude_HEADERS = buffer.h metronom
audio_out.h resample.h video_out.h xine_internal.h spu_decoder.h \
video_overlay.h osd.h scratch.h xine_plugin.h xineintl.h \
plugin_catalog.h audio_decoder.h video_decoder.h post.h \
@@ -110,11 +120,13 @@
noinst_HEADERS = bswap.h ffmpeg_bswap.h
---- /dev/null 2007-08-16 10:48:37.000000000 +0000
-+++ xine-lib-1.1.7/src/xine-engine/install_plugins_helper.h 2007-08-16 11:12:21.000000000 +0000
+Index: xine-lib-1.1.11/src/xine-engine/install_plugins_helper.h
+===================================================================
+--- /dev/null
++++ xine-lib-1.1.11/src/xine-engine/install_plugins_helper.h
@@ -0,0 +1,35 @@
+/*
-+ * Copyright (C) 2007 Sascha Sommer
++ * Copyright (C) 2007 Sascha Sommer
+ *
+ * This file is part of xine, a free video player.
+ *
@@ -142,14 +154,16 @@
+#include "xine_internal.h"
+
+/*
-+ * execute install plugins helper
++ * execute install plugins helper
+ */
+void _x_install_plugins_helper(xine_stream_t *stream, char* plugin_type, uint32_t type, char* plugin_desc) XINE_PROTECTED;
+
+
+#endif
---- /dev/null 2007-03-17 21:04:06.000000000 +0100
-+++ xine-lib-1.1.7/src/xine-engine/install_plugins_helper.c 2007-08-18 14:11:15.000000000 +0200
+Index: xine-lib-1.1.11/src/xine-engine/install_plugins_helper.c
+===================================================================
+--- /dev/null
++++ xine-lib-1.1.11/src/xine-engine/install_plugins_helper.c
@@ -0,0 +1,106 @@
+/*
+ * Copyright (C) 2007 Sascha Sommer
@@ -230,7 +244,7 @@
+ char* helper = get_helper(stream);
+ FILE* fp;
+
-+ if(helper && xine_config_lookup_entry(stream->xine, "media.plugins_helper", &cfgentry) && cfgentry.num_value
++ if(helper && xine_config_lookup_entry(stream->xine, "media.plugins_helper", &cfgentry) && cfgentry.num_value
+ && (fp = fopen(helper,"rb") )) {
+ char procname[PROCNAME_LEN];
+// char* procname = getenv("_"); /* might deliver /opt/kde3/bin/start_kdeinit_wrapper etc... */
@@ -254,6 +268,6 @@
+ }else{
+ waitpid(pid, NULL, 0);
+ }
-+ }
++ }
+}
+
diff --git a/xine-lib-CVE-2008-1482.diff b/xine-lib-CVE-2008-1482.diff
new file mode 100644
index 0000000..b40dccd
--- /dev/null
+++ b/xine-lib-CVE-2008-1482.diff
@@ -0,0 +1,562 @@
+# HG changeset patch
+# User Darren Salt <linux@youmustbejoking.demon.co.uk>
+# Date 1206237088 0
+# Node ID a3f2772fd14b57e0557ef45797ff04c768657a7e
+# Parent 65c1570fcf1dfcb8e5fc1d6b8ed8a296ab776e9d
+Check for failure of various memory allocations. (SA29484)
+Ref. http://aluigi.altervista.org/adv/xinehof-adv.txt
+
+diff --git a/src/demuxers/demux_film.c b/src/demuxers/demux_film.c
+--- a/src/demuxers/demux_film.c
++++ b/src/demuxers/demux_film.c
+@@ -257,6 +257,8 @@ static int open_film_file(demux_film_t *
+ film->sample_count = _X_BE_32(&film_header[i + 12]);
+ film->sample_table =
+ xine_xmalloc(film->sample_count * sizeof(film_sample_t));
++ if (!film->sample_table)
++ goto film_abort;
+ for (j = 0; j < film->sample_count; j++) {
+
+ film->sample_table[j].sample_offset =
+@@ -333,11 +335,14 @@ static int open_film_file(demux_film_t *
+ free(film->interleave_buffer);
+ film->interleave_buffer =
+ xine_xmalloc(film->sample_table[0].sample_size);
++ if (!film->interleave_buffer)
++ goto film_abort;
+ }
+ break;
+
+ default:
+ xine_log(film->stream->xine, XINE_LOG_MSG, _("unrecognized FILM chunk\n"));
++ film_abort:
+ free (film->interleave_buffer);
+ free (film->sample_table);
+ free (film_header);
+diff --git a/src/demuxers/demux_flv.c b/src/demuxers/demux_flv.c
+--- a/src/demuxers/demux_flv.c
++++ b/src/demuxers/demux_flv.c
+@@ -85,7 +85,7 @@ typedef struct {
+ off_t filesize;
+
+ flv_index_entry_t *index;
+- int num_indices;
++ unsigned int num_indices;
+
+ unsigned int cur_pts;
+
+@@ -209,7 +209,7 @@ static int parse_flv_var(demux_flv_t *th
+ unsigned char *end = buf + size;
+ char *str;
+ unsigned char type;
+- int len, num;
++ unsigned int len, num;
+
+ if (size < 1)
+ return 0;
+@@ -283,6 +283,8 @@ static int parse_flv_var(demux_flv_t *th
+ str = tmp + 2;
+ tmp += len + 2;
+ len = parse_flv_var(this, tmp, end-tmp, str, len);
++ if (!len)
++ return 0;
+ tmp += len;
+ }
+ if (*tmp++ != FLV_DATA_TYPE_ENDOBJECT)
+@@ -298,6 +300,8 @@ static int parse_flv_var(demux_flv_t *th
+ str = tmp + 2;
+ tmp += len + 2;
+ len = parse_flv_var(this, tmp, end-tmp, str, len);
++ if (!len)
++ return 0;
+ tmp += len;
+ }
+ break;
+@@ -310,6 +314,8 @@ static int parse_flv_var(demux_flv_t *th
+ if (this->index)
+ free(this->index);
+ this->index = xine_xmalloc(num*sizeof(flv_index_entry_t));
++ if (!this->index)
++ return 0;
+ this->num_indices = num;
+ }
+ for (num = 0; num < this->num_indices && tmp < end; num++) {
+@@ -326,6 +332,8 @@ static int parse_flv_var(demux_flv_t *th
+ if (this->index)
+ free(this->index);
+ this->index = xine_xmalloc(num*sizeof(flv_index_entry_t));
++ if (!this->index)
++ return 0;
+ this->num_indices = num;
+ }
+ for (num = 0; num < this->num_indices && tmp < end; num++) {
+@@ -339,6 +347,8 @@ static int parse_flv_var(demux_flv_t *th
+ }
+ while (num-- && tmp < end) {
+ len = parse_flv_var(this, tmp, end-tmp, NULL, 0);
++ if (!len)
++ return 0;
+ tmp += len;
+ }
+ break;
+@@ -360,7 +370,7 @@ static void parse_flv_script(demux_flv_t
+ unsigned char *end = buf + size;
+ int len;
+
+- if (this->input->read(this->input, buf, size ) != size) {
++ if (!buf || this->input->read(this->input, buf, size ) != size) {
+ this->status = DEMUX_FINISHED;
+ free(buf);
+ return;
+diff --git a/src/demuxers/demux_qt.c b/src/demuxers/demux_qt.c
+--- a/src/demuxers/demux_qt.c
++++ b/src/demuxers/demux_qt.c
+@@ -739,38 +739,52 @@ static void parse_meta_atom(qt_info *inf
+ if (current_atom == ART_ATOM) {
+ string_size = _X_BE_32(&meta_atom[i + 4]) - 16 + 1;
+ info->artist = xine_xmalloc(string_size);
+- strncpy(info->artist, &meta_atom[i + 20], string_size - 1);
+- info->artist[string_size - 1] = 0;
++ if (info->artist) {
++ strncpy(info->artist, &meta_atom[i + 20], string_size - 1);
++ info->artist[string_size - 1] = 0;
++ }
+ } else if (current_atom == NAM_ATOM) {
+ string_size = _X_BE_32(&meta_atom[i + 4]) - 16 + 1;
+ info->name = xine_xmalloc(string_size);
+- strncpy(info->name, &meta_atom[i + 20], string_size - 1);
+- info->name[string_size - 1] = 0;
++ if (info->name) {
++ strncpy(info->name, &meta_atom[i + 20], string_size - 1);
++ info->name[string_size - 1] = 0;
++ }
+ } else if (current_atom == ALB_ATOM) {
+ string_size = _X_BE_32(&meta_atom[i + 4]) - 16 + 1;
+ info->album = xine_xmalloc(string_size);
+- strncpy(info->album, &meta_atom[i + 20], string_size - 1);
+- info->album[string_size - 1] = 0;
++ if (info->album) {
++ strncpy(info->album, &meta_atom[i + 20], string_size - 1);
++ info->album[string_size - 1] = 0;
++ }
+ } else if (current_atom == GEN_ATOM) {
+ string_size = _X_BE_32(&meta_atom[i + 4]) - 16 + 1;
+ info->genre = xine_xmalloc(string_size);
+- strncpy(info->genre, &meta_atom[i + 20], string_size - 1);
+- info->genre[string_size - 1] = 0;
++ if (info->genre) {
++ strncpy(info->genre, &meta_atom[i + 20], string_size - 1);
++ info->genre[string_size - 1] = 0;
++ }
+ } else if (current_atom == TOO_ATOM) {
+ string_size = _X_BE_32(&meta_atom[i + 4]) - 16 + 1;
+ info->comment = xine_xmalloc(string_size);
+- strncpy(info->comment, &meta_atom[i + 20], string_size - 1);
+- info->comment[string_size - 1] = 0;
++ if (info->comment) {
++ strncpy(info->comment, &meta_atom[i + 20], string_size - 1);
++ info->comment[string_size - 1] = 0;
++ }
+ } else if (current_atom == WRT_ATOM) {
+ string_size = _X_BE_32(&meta_atom[i + 4]) - 16 + 1;
+ info->composer = xine_xmalloc(string_size);
+- strncpy(info->composer, &meta_atom[i + 20], string_size - 1);
+- info->composer[string_size - 1] = 0;
++ if (info->composer) {
++ strncpy(info->composer, &meta_atom[i + 20], string_size - 1);
++ info->composer[string_size - 1] = 0;
++ }
+ } else if (current_atom == DAY_ATOM) {
+ string_size = _X_BE_32(&meta_atom[i + 4]) - 16 + 1;
+ info->year = xine_xmalloc(string_size);
+- strncpy(info->year, &meta_atom[i + 20], string_size - 1);
+- info->year[string_size - 1] = 0;
++ if (info->year) {
++ strncpy(info->year, &meta_atom[i + 20], string_size - 1);
++ info->year[string_size - 1] = 0;
++ }
+ }
+ }
+
+@@ -1549,32 +1563,29 @@ static qt_error parse_reference_atom (re
+ current_atom = _X_BE_32(&ref_atom[i]);
+
+ if (current_atom == RDRF_ATOM) {
++ size_t string_size = _X_BE_32(&ref_atom[i + 12]);
++ size_t url_offset = 0;
++
++ if (string_size >= current_atom_size || i + string_size >= ref_atom_size)
++ return QT_NOT_A_VALID_FILE;
+
+ /* if the URL starts with "http://", copy it */
+- if (strncmp(&ref_atom[i + 16], "http://", 7) == 0
+- || strncmp(&ref_atom[i + 16], "rtsp://", 7) == 0) {
+-
+- /* URL is spec'd to terminate with a NULL; don't trust it */
+- ref->url = xine_xmalloc(_X_BE_32(&ref_atom[i + 12]) + 1);
+- strncpy(ref->url, &ref_atom[i + 16], _X_BE_32(&ref_atom[i + 12]));
+- ref->url[_X_BE_32(&ref_atom[i + 12]) - 1] = '\0';
+-
+- } else {
+-
+- int string_size;
+-
+- if (base_mrl)
+- string_size = strlen(base_mrl) + _X_BE_32(&ref_atom[i + 12]) + 1;
+- else
+- string_size = _X_BE_32(&ref_atom[i + 12]) + 1;
+-
+- /* otherwise, append relative URL to base MRL */
+- ref->url = xine_xmalloc(string_size);
+- if (base_mrl)
+- strcpy(ref->url, base_mrl);
+- strncat(ref->url, &ref_atom[i + 16], _X_BE_32(&ref_atom[i + 12]));
+- ref->url[string_size - 1] = '\0';
+- }
++ if ( memcmp(&ref_atom[i + 16], "http://", 7) &&
++ memcmp(&ref_atom[i + 16], "rtsp://", 7) &&
++ base_mrl )
++ url_offset = strlen(base_mrl);
++
++ /* otherwise, append relative URL to base MRL */
++ string_size += url_offset;
++
++ ref->url = xine_xmalloc(string_size + 1);
++
++ if ( url_offset )
++ strcpy(ref->url, base_mrl);
++
++ memcpy(ref->url + url_offset, &ref_atom[i + 16], _X_BE_32(&ref_atom[i + 12]));
++
++ ref->url[string_size] = '\0';
+
+ debug_atom_load(" qt rdrf URL reference:\n %s\n", ref->url);
+
+@@ -1993,8 +2004,12 @@ static void parse_moov_atom(qt_info *inf
+ info->references = (reference_t *)realloc(info->references,
+ info->reference_count * sizeof(reference_t));
+
+- parse_reference_atom(&info->references[info->reference_count - 1],
+- &moov_atom[i - 4], info->base_mrl);
++ error = parse_reference_atom(&info->references[info->reference_count - 1],
++ &moov_atom[i - 4], info->base_mrl);
++ if (error != QT_OK) {
++ info->last_error = error;
++ return;
++ }
+
+ } else {
+ debug_atom_load(" qt: unknown atom into the moov atom (0x%08X)\n", current_atom);
+diff --git a/src/demuxers/demux_real.c b/src/demuxers/demux_real.c
+--- a/src/demuxers/demux_real.c
++++ b/src/demuxers/demux_real.c
+@@ -175,7 +175,8 @@ static void real_parse_index(demux_real_
+ off_t original_pos = this->input->get_current_pos(this->input);
+ unsigned char index_chunk_header[INDEX_CHUNK_HEADER_SIZE];
+ unsigned char index_record[INDEX_RECORD_SIZE];
+- int i, entries, stream_num;
++ int i;
++ unsigned int entries, stream_num;
+ real_index_entry_t **index;
+
+ while(next_index_chunk) {
+@@ -230,10 +231,11 @@ static void real_parse_index(demux_real_
+ }
+ }
+
+- if(index && entries) {
++ if(index && entries)
+ /* Allocate memory for index */
+ *index = xine_xmalloc(entries * sizeof(real_index_entry_t));
+
++ if(index && entries && *index) {
+ /* Read index */
+ for(i = 0; i < entries; i++) {
+ if(this->input->read(this->input, index_record, INDEX_RECORD_SIZE)
+diff --git a/src/demuxers/demux_wc3movie.c b/src/demuxers/demux_wc3movie.c
+--- a/src/demuxers/demux_wc3movie.c
++++ b/src/demuxers/demux_wc3movie.c
+@@ -389,6 +389,12 @@ static int open_mve_file(demux_mve_t *th
+ /* load the palette chunks */
+ this->palettes = xine_xmalloc(this->number_of_shots * PALETTE_SIZE *
+ sizeof(palette_entry_t));
++
++ if (!this->shot_offsets || !this->palettes) {
++ free (this->shot_offsets);
++ return 0;
++ }
++
+ for (i = 0; i < this->number_of_shots; i++) {
+ /* make sure there was a valid palette chunk preamble */
+ if (this->input->read(this->input, preamble, PREAMBLE_SIZE) !=
+@@ -460,8 +466,9 @@ static int open_mve_file(demux_mve_t *th
+
+ case BNAM_TAG:
+ /* load the name into the stream attributes */
+- title = realloc (title, chunk_size);
+- if (this->input->read(this->input, title, chunk_size) != chunk_size) {
++ free (title);
++ title = malloc (chunk_size);
++ if (!title || this->input->read(this->input, title, chunk_size) != chunk_size) {
+ free (title);
+ free (this->palettes);
+ free (this->shot_offsets);
+diff --git a/src/demuxers/ebml.c b/src/demuxers/ebml.c
+--- a/src/demuxers/ebml.c
++++ b/src/demuxers/ebml.c
+@@ -424,10 +424,15 @@ int ebml_check_header(ebml_parser_t *ebm
+
+ case EBML_ID_DOCTYPE: {
+ char *text = malloc(elem.len + 1);
++ if (!text)
++ return 0;
+
+ text[elem.len] = '\0';
+ if (!ebml_read_ascii (ebml, &elem, text))
+- return 0;
++ {
++ free (text);
++ return 0;
++ }
+
+ lprintf("doctype: %s\n", text);
+ if (ebml->doctype)
+# HG changeset patch
+# User Darren Salt <linux@youmustbejoking.demon.co.uk>
+# Date 1206287553 0
+# Node ID 6f9e9feb84e595be0482395722bc784764713fb3
+# Parent a3f2772fd14b57e0557ef45797ff04c768657a7e
+Replace various malloc(x*sizeof(y)) with calloc(x,sizeof(y)).
+
+diff --git a/src/demuxers/demux_film.c b/src/demuxers/demux_film.c
+--- a/src/demuxers/demux_film.c
++++ b/src/demuxers/demux_film.c
+@@ -256,7 +256,7 @@ static int open_film_file(demux_film_t *
+ film->frequency = _X_BE_32(&film_header[i + 8]);
+ film->sample_count = _X_BE_32(&film_header[i + 12]);
+ film->sample_table =
+- xine_xmalloc(film->sample_count * sizeof(film_sample_t));
++ calloc(film->sample_count, sizeof(film_sample_t));
+ if (!film->sample_table)
+ goto film_abort;
+ for (j = 0; j < film->sample_count; j++) {
+diff --git a/src/demuxers/demux_flac.c b/src/demuxers/demux_flac.c
+--- a/src/demuxers/demux_flac.c
++++ b/src/demuxers/demux_flac.c
+@@ -164,7 +164,7 @@ static int open_flac_file(demux_flac_t *
+ case 3:
+ lprintf ("SEEKTABLE metadata, %d bytes\n", block_length);
+ flac->seekpoint_count = block_length / FLAC_SEEKPOINT_SIZE;
+- flac->seekpoints = xine_xmalloc(flac->seekpoint_count *
++ flac->seekpoints = calloc(flac->seekpoint_count,
+ sizeof(flac_seekpoint_t));
+ for (i = 0; i < flac->seekpoint_count; i++) {
+ if (flac->input->read(flac->input, buffer, FLAC_SEEKPOINT_SIZE) != FLAC_SEEKPOINT_SIZE)
+diff --git a/src/demuxers/demux_flv.c b/src/demuxers/demux_flv.c
+--- a/src/demuxers/demux_flv.c
++++ b/src/demuxers/demux_flv.c
+@@ -313,7 +313,7 @@ static int parse_flv_var(demux_flv_t *th
+ if (!this->index || this->num_indices != num) {
+ if (this->index)
+ free(this->index);
+- this->index = xine_xmalloc(num*sizeof(flv_index_entry_t));
++ this->index = calloc(num, sizeof(flv_index_entry_t));
+ if (!this->index)
+ return 0;
+ this->num_indices = num;
+@@ -331,7 +331,7 @@ static int parse_flv_var(demux_flv_t *th
+ if (!this->index || this->num_indices != num) {
+ if (this->index)
+ free(this->index);
+- this->index = xine_xmalloc(num*sizeof(flv_index_entry_t));
++ this->index = calloc(num, sizeof(flv_index_entry_t));
+ if (!this->index)
+ return 0;
+ this->num_indices = num;
+diff --git a/src/demuxers/demux_mpgaudio.c b/src/demuxers/demux_mpgaudio.c
+--- a/src/demuxers/demux_mpgaudio.c
++++ b/src/demuxers/demux_mpgaudio.c
+@@ -460,7 +460,7 @@ static vbri_header_t* parse_vbri_header(
+ lprintf("entry_frames: %d\n", vbri->entry_frames);
+
+ if ((ptr + (vbri->toc_entries + 1) * vbri->entry_size) >= (buf + bufsize)) return 0;
+- vbri->toc = xine_xmalloc (sizeof(int) * (vbri->toc_entries + 1));
++ vbri->toc = calloc (vbri->toc_entries + 1, sizeof (int));
+ if (!vbri->toc) {
+ free (vbri);
+ return NULL;
+diff --git a/src/demuxers/demux_qt.c b/src/demuxers/demux_qt.c
+--- a/src/demuxers/demux_qt.c
++++ b/src/demuxers/demux_qt.c
+@@ -911,8 +911,8 @@ static qt_error parse_trak_atom (qt_trak
+ debug_atom_load(" qt elst atom (edit list atom): %d entries\n",
+ trak->edit_list_count);
+
+- trak->edit_list_table = (edit_list_table_t *)xine_xmalloc(
+- trak->edit_list_count * sizeof(edit_list_table_t));
++ trak->edit_list_table = (edit_list_table_t *)calloc(
++ trak->edit_list_count, sizeof(edit_list_table_t));
+ if (!trak->edit_list_table) {
+ last_error = QT_NO_MEMORY;
+ goto free_trak;
+@@ -947,7 +947,7 @@ static qt_error parse_trak_atom (qt_trak
+
+ /* allocate space for each of the properties unions */
+ trak->stsd_atoms_count = _X_BE_32(&trak_atom[i + 8]);
+- trak->stsd_atoms = xine_xmalloc(trak->stsd_atoms_count * sizeof(properties_t));
++ trak->stsd_atoms = calloc(trak->stsd_atoms_count, sizeof(properties_t));
+ if (!trak->stsd_atoms) {
+ last_error = QT_NO_MEMORY;
+ goto free_trak;
+@@ -1345,8 +1345,8 @@ static qt_error parse_trak_atom (qt_trak
+
+ /* allocate space and load table only if sample size is 0 */
+ if (trak->sample_size == 0) {
+- trak->sample_size_table = (unsigned int *)malloc(
+- trak->sample_size_count * sizeof(unsigned int));
++ trak->sample_size_table = (unsigned int *)calloc(
++ trak->sample_size_count, sizeof(unsigned int));
+ if (!trak->sample_size_table) {
+ last_error = QT_NO_MEMORY;
+ goto free_trak;
+@@ -1376,8 +1376,8 @@ static qt_error parse_trak_atom (qt_trak
+ debug_atom_load(" qt stss atom (sample sync atom): %d sync samples\n",
+ trak->sync_sample_count);
+
+- trak->sync_sample_table = (unsigned int *)malloc(
+- trak->sync_sample_count * sizeof(unsigned int));
++ trak->sync_sample_table = (unsigned int *)calloc(
++ trak->sync_sample_count, sizeof(unsigned int));
+ if (!trak->sync_sample_table) {
+ last_error = QT_NO_MEMORY;
+ goto free_trak;
+@@ -1405,8 +1405,8 @@ static qt_error parse_trak_atom (qt_trak
+ debug_atom_load(" qt stco atom (32-bit chunk offset atom): %d chunk offsets\n",
+ trak->chunk_offset_count);
+
+- trak->chunk_offset_table = (int64_t *)malloc(
+- trak->chunk_offset_count * sizeof(int64_t));
++ trak->chunk_offset_table = (int64_t *)calloc(
++ trak->chunk_offset_count, sizeof(int64_t));
+ if (!trak->chunk_offset_table) {
+ last_error = QT_NO_MEMORY;
+ goto free_trak;
+@@ -1433,8 +1433,8 @@ static qt_error parse_trak_atom (qt_trak
+ debug_atom_load(" qt co64 atom (64-bit chunk offset atom): %d chunk offsets\n",
+ trak->chunk_offset_count);
+
+- trak->chunk_offset_table = (int64_t *)malloc(
+- trak->chunk_offset_count * sizeof(int64_t));
++ trak->chunk_offset_table = (int64_t *)calloc(
++ trak->chunk_offset_count, sizeof(int64_t));
+ if (!trak->chunk_offset_table) {
+ last_error = QT_NO_MEMORY;
+ goto free_trak;
+@@ -1464,8 +1464,8 @@ static qt_error parse_trak_atom (qt_trak
+ debug_atom_load(" qt stsc atom (sample-to-chunk atom): %d entries\n",
+ trak->sample_to_chunk_count);
+
+- trak->sample_to_chunk_table = (sample_to_chunk_table_t *)malloc(
+- trak->sample_to_chunk_count * sizeof(sample_to_chunk_table_t));
++ trak->sample_to_chunk_table = (sample_to_chunk_table_t *)calloc(
++ trak->sample_to_chunk_count, sizeof(sample_to_chunk_table_t));
+ if (!trak->sample_to_chunk_table) {
+ last_error = QT_NO_MEMORY;
+ goto free_trak;
+@@ -1499,8 +1499,8 @@ static qt_error parse_trak_atom (qt_trak
+ debug_atom_load(" qt stts atom (time-to-sample atom): %d entries\n",
+ trak->time_to_sample_count);
+
+- trak->time_to_sample_table = (time_to_sample_table_t *)malloc(
+- (trak->time_to_sample_count+1) * sizeof(time_to_sample_table_t));
++ trak->time_to_sample_table = (time_to_sample_table_t *)calloc(
++ trak->time_to_sample_count+1, sizeof(time_to_sample_table_t));
+ if (!trak->time_to_sample_table) {
+ last_error = QT_NO_MEMORY;
+ goto free_trak;
+@@ -1697,8 +1697,7 @@ static qt_error build_frame_table(qt_tra
+ /* in this case, the total number of frames is equal to the number of
+ * entries in the sample size table */
+ trak->frame_count = trak->sample_size_count;
+- trak->frames = (qt_frame *)malloc(
+- trak->frame_count * sizeof(qt_frame));
++ trak->frames = (qt_frame *)calloc(trak->frame_count, sizeof(qt_frame));
+ if (!trak->frames)
+ return QT_NO_MEMORY;
+ trak->current_frame = 0;
+@@ -1710,7 +1709,7 @@ static qt_error build_frame_table(qt_tra
+ pts_index_countdown =
+ trak->time_to_sample_table[pts_index].count;
+
+- media_id_counts = xine_xmalloc(trak->stsd_atoms_count * sizeof(int));
++ media_id_counts = calloc(trak->stsd_atoms_count, sizeof(int));
+ if (!media_id_counts)
+ return QT_NO_MEMORY;
+ memset(media_id_counts, 0, trak->stsd_atoms_count * sizeof(int));
+@@ -1848,8 +1847,7 @@ static qt_error build_frame_table(qt_tra
+ /* in this case, the total number of frames is equal to the number of
+ * chunks */
+ trak->frame_count = trak->chunk_offset_count;
+- trak->frames = (qt_frame *)malloc(
+- trak->frame_count * sizeof(qt_frame));
++ trak->frames = (qt_frame *)calloc(trak->frame_count, sizeof(qt_frame));
+ if (!trak->frames)
+ return QT_NO_MEMORY;
+
+diff --git a/src/demuxers/demux_real.c b/src/demuxers/demux_real.c
+--- a/src/demuxers/demux_real.c
++++ b/src/demuxers/demux_real.c
+@@ -233,7 +233,7 @@ static void real_parse_index(demux_real_
+
+ if(index && entries)
+ /* Allocate memory for index */
+- *index = xine_xmalloc(entries * sizeof(real_index_entry_t));
++ *index = calloc(entries, sizeof(real_index_entry_t));
+
+ if(index && entries && *index) {
+ /* Read index */
+diff --git a/src/demuxers/demux_tta.c b/src/demuxers/demux_tta.c
+--- a/src/demuxers/demux_tta.c
++++ b/src/demuxers/demux_tta.c
+@@ -87,7 +87,7 @@ static int open_tta_file(demux_tta_t *th
+ return 0;
+ }
+
+- this->seektable = xine_xmalloc(sizeof(uint32_t)*this->totalframes);
++ this->seektable = calloc(this->totalframes, sizeof(uint32_t));
+ this->input->read(this->input, this->seektable, sizeof(uint32_t)*this->totalframes);
+
+ /* Skip the CRC32 */
+diff --git a/src/demuxers/demux_vmd.c b/src/demuxers/demux_vmd.c
+--- a/src/demuxers/demux_vmd.c
++++ b/src/demuxers/demux_vmd.c
+@@ -168,7 +168,7 @@ static int open_vmd_file(demux_vmd_t *th
+ return 0;
+ }
+
+- this->frame_table = xine_xmalloc(this->frame_count * sizeof(vmd_frame_t));
++ this->frame_table = calloc(this->frame_count, sizeof(vmd_frame_t));
+
+ current_offset = this->data_start = _X_LE_32(&vmd_header[20]);
+ this->data_size = toc_offset - this->data_start;
+diff --git a/src/demuxers/demux_wc3movie.c b/src/demuxers/demux_wc3movie.c
+--- a/src/demuxers/demux_wc3movie.c
++++ b/src/demuxers/demux_wc3movie.c
+@@ -378,7 +378,7 @@ static int open_mve_file(demux_mve_t *th
+ this->number_of_shots = _X_LE_32(&preamble[0]);
+
+ /* allocate space for the shot offset index and set offsets to 0 */
+- this->shot_offsets = xine_xmalloc(this->number_of_shots * sizeof(off_t));
++ this->shot_offsets = calloc(this->number_of_shots, sizeof(off_t));
+ this->current_shot = 0;
+ for (i = 0; i < this->number_of_shots; i++)
+ this->shot_offsets[i] = 0;
+@@ -387,7 +387,7 @@ static int open_mve_file(demux_mve_t *th
+ this->input->seek(this->input, 12, SEEK_CUR);
+
+ /* load the palette chunks */
+- this->palettes = xine_xmalloc(this->number_of_shots * PALETTE_SIZE *
++ this->palettes = calloc(this->number_of_shots, PALETTE_SIZE *
+ sizeof(palette_entry_t));
+
+ if (!this->shot_offsets || !this->palettes) {
diff --git a/xine-lib-assert.patch b/xine-lib-assert.patch
index 7021242..4288609 100644
--- a/xine-lib-assert.patch
+++ b/xine-lib-assert.patch
@@ -1,6 +1,8 @@
---- xine-lib-1.1.8/src/audio_out/audio_alsa_out.c
-+++ xine-lib-1.1.8/src/audio_out/audio_alsa_out.c
-@@ -44,6 +44,7 @@
+Index: xine-lib-1.1.11/src/audio_out/audio_alsa_out.c
+===================================================================
+--- xine-lib-1.1.11.orig/src/audio_out/audio_alsa_out.c
++++ xine-lib-1.1.11/src/audio_out/audio_alsa_out.c
+@@ -41,6 +41,7 @@
#ifdef HAVE_ALLOCA_H
#include <alloca.h>
#endif
diff --git a/xine-lib-crippled-LOCAL.diff b/xine-lib-crippled-LOCAL.diff
index 32cc78a..81ae529 100644
--- a/xine-lib-crippled-LOCAL.diff
+++ b/xine-lib-crippled-LOCAL.diff
@@ -1,7 +1,8 @@
-diff -urp ../xine-lib-1.1.2.orig/src/input/input_dvd.c ./src/input/input_dvd.c
---- ../xine-lib-1.1.2.orig/src/input/input_dvd.c 2006-07-09 16:37:35.000000000 +0200
-+++ ./src/input/input_dvd.c 2006-10-11 14:19:43.000000000 +0200
-@@ -1391,7 +1391,12 @@ check_solaris_vold_device(dvd_input_clas
+Index: src/input/input_dvd.c
+===================================================================
+--- src/input/input_dvd.c.orig
++++ src/input/input_dvd.c
+@@ -1385,7 +1385,12 @@ check_solaris_vold_device(dvd_input_clas
static int dvd_parse_try_open(dvd_input_plugin_t *this, const char *locator)
{
@@ -15,7 +16,7 @@ diff -urp ../xine-lib-1.1.2.orig/src/input/input_dvd.c ./src/input/input_dvd.c
/* FIXME: we temporarily special-case "dvd:/" for compatibility;
* actually "dvd:/" should play a DVD image stored in /, but for
-@@ -1407,7 +1412,6 @@ static int dvd_parse_try_open(dvd_input_
+@@ -1401,7 +1406,6 @@ static int dvd_parse_try_open(dvd_input_
xine_setenv("DVDCSS_RAW_DEVICE", "", 1);
} else {
/* use default DVD device */
@@ -23,7 +24,7 @@ diff -urp ../xine-lib-1.1.2.orig/src/input/input_dvd.c ./src/input/input_dvd.c
xine_cfg_entry_t raw_device;
if (xine_config_lookup_entry(this->stream->xine,
"media.dvd.raw_device", &raw_device))
-@@ -1415,6 +1419,23 @@ static int dvd_parse_try_open(dvd_input_
+@@ -1409,6 +1413,23 @@ static int dvd_parse_try_open(dvd_input_
intended_dvd_device = class->dvd_device;
}
@@ -47,7 +48,7 @@ diff -urp ../xine-lib-1.1.2.orig/src/input/input_dvd.c ./src/input/input_dvd.c
/* attempt to open DVD */
if (this->opened) {
if (intended_dvd_device == this->current_dvd_device) {
-@@ -1477,8 +1498,11 @@ static int dvd_parse_mrl(dvd_input_plugi
+@@ -1471,8 +1492,11 @@ static int dvd_parse_mrl(dvd_input_plugi
}
static int dvd_plugin_open (input_plugin_t *this_gen) {
@@ -58,9 +59,9 @@ diff -urp ../xine-lib-1.1.2.orig/src/input/input_dvd.c ./src/input/input_dvd.c
+ plugin_node_t *node;
+ int i;
- char *locator;
+ char *locator, *locator_orig;
char *title_part;
-@@ -1487,6 +1511,23 @@ static int dvd_plugin_open (input_plugin
+@@ -1481,6 +1505,23 @@ static int dvd_plugin_open (input_plugin
trace_print("Called\n");
@@ -82,5 +83,5 @@ diff -urp ../xine-lib-1.1.2.orig/src/input/input_dvd.c ./src/input/input_dvd.c
+ }
+
/* we already checked the "dvd:/" MRL before */
- locator = this->mrl + (sizeof("dvd:") - 1);
+ locator_orig = locator = strdup (this->mrl + (sizeof("dvd:") - 1));
diff --git a/xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff b/xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff
index 2eca470..c9cc1d6 100644
--- a/xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff
+++ b/xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff
@@ -1,7 +1,8 @@
-diff -urp ../xine-lib-1.1.4.orig/src/xine-engine/load_plugins.c ./src/xine-engine/load_plugins.c
---- ../xine-lib-1.1.4.orig/src/xine-engine/load_plugins.c 2007-01-19 00:30:18.000000000 +0100
-+++ ./src/xine-engine/load_plugins.c 2007-01-30 19:04:56.000000000 +0100
-@@ -2366,9 +2366,19 @@ char *xine_get_file_extensions (xine_t *
+Index: src/xine-engine/load_plugins.c
+===================================================================
+--- src/xine-engine/load_plugins.c.orig
++++ src/xine-engine/load_plugins.c
+@@ -2401,9 +2401,19 @@ char *xine_get_file_extensions (xine_t *
plugin_node_t *node;
char *str;
int list_id, list_size;
@@ -21,7 +22,7 @@ diff -urp ../xine-lib-1.1.4.orig/src/xine-engine/load_plugins.c ./src/xine-engin
/* calc length of output */
len = 0;
-@@ -2382,7 +2392,8 @@ char *xine_get_file_extensions (xine_t *
+@@ -2417,7 +2427,8 @@ char *xine_get_file_extensions (xine_t *
cls = (demux_class_t *)node->plugin_class;
@@ -31,7 +32,7 @@ diff -urp ../xine-lib-1.1.4.orig/src/xine-engine/load_plugins.c ./src/xine-engin
len += strlen(exts) + 1;
}
}
-@@ -2402,7 +2413,8 @@ char *xine_get_file_extensions (xine_t *
+@@ -2437,7 +2448,8 @@ char *xine_get_file_extensions (xine_t *
cls = (demux_class_t *)node->plugin_class;
diff --git a/xine-lib-doc-fix-X11R6.diff b/xine-lib-doc-fix-X11R6.diff
index e9e21f1..37834e3 100644
--- a/xine-lib-doc-fix-X11R6.diff
+++ b/xine-lib-doc-fix-X11R6.diff
@@ -1,6 +1,7 @@
-diff -urp ../xine-lib-1.1.2-orig/doc/README_xxmc.html ./doc/README_xxmc.html
---- ../xine-lib-1.1.2-orig/doc/README_xxmc.html 2006-08-11 16:22:08.000000000 +0200
-+++ ./doc/README_xxmc.html 2006-08-11 16:22:42.000000000 +0200
+Index: doc/README_xxmc.html
+===================================================================
+--- doc/README_xxmc.html.orig
++++ doc/README_xxmc.html
@@ -70,7 +70,7 @@ installing</h2>
Make sure you have the XvMC wrapper installed. The wrapper will try to
figure out at run-time what xvmc-hardware specific driver to load. If
@@ -10,10 +11,11 @@ diff -urp ../xine-lib-1.1.2-orig/doc/README_xxmc.html ./doc/README_xxmc.html
and try to load the hardware-specific library mentioned in that file.
If you downloaded the XvMC wrapper from the unichrome site, the default
XvMCConfig will make the XvMC wrapper try to load the Nvidia XvMC
-diff -urp ../xine-lib-1.1.2-orig/doc/faq/faq.sgml ./doc/faq/faq.sgml
---- ../xine-lib-1.1.2-orig/doc/faq/faq.sgml 2006-08-11 16:22:08.000000000 +0200
-+++ ./doc/faq/faq.sgml 2006-08-11 16:24:58.000000000 +0200
-@@ -394,12 +394,12 @@
+Index: doc/faq/faq.sgml
+===================================================================
+--- doc/faq/faq.sgml.orig
++++ doc/faq/faq.sgml
+@@ -455,12 +455,12 @@
<para>
If you want to have Xv support compiled in, make sure you either have
a shared Xv library on your system, e.g.
diff --git a/xine-lib-mjpegplugin.diff b/xine-lib-mjpegplugin.diff
index ae07c3e..405f991 100644
--- a/xine-lib-mjpegplugin.diff
+++ b/xine-lib-mjpegplugin.diff
@@ -1,6 +1,8 @@
---- configure.ac 2007-06-27 18:29:50.000000000 +0200
-+++ configure.ac 2007-06-27 18:13:42.000000000 +0200
-@@ -1059,6 +1059,28 @@
+Index: configure.ac
+===================================================================
+--- configure.ac.orig
++++ configure.ac
+@@ -1070,6 +1070,28 @@ AC_SUBST([SDL_CFLAGS])
AC_SUBST([SDL_LIBS])
dnl ---------------------------------------------
@@ -29,7 +31,7 @@
dnl check for Libstk
dnl ---------------------------------------------
-@@ -2676,6 +2698,7 @@
+@@ -2731,6 +2753,7 @@ src/libxineadec/Makefile
src/libxineadec/gsm610/Makefile
src/libxineadec/nosefart/Makefile
src/libreal/Makefile
@@ -37,7 +39,7 @@
src/post/Makefile
src/post/planar/Makefile
src/post/goom/Makefile
-@@ -2854,6 +2877,9 @@
+@@ -2918,6 +2941,9 @@ echo ""
dnl audio decoders
echo " * audio decoder plugins:"
echo " - GSM 06.10 - linear PCM"
@@ -47,9 +49,11 @@
if test "x$with_external_ffmpeg" = "xyes"; then
echo " - ffmpeg (external library):"
else
---- src/Makefile.am 2007-06-27 18:29:50.000000000 +0200
-+++ src/Makefile.am 2007-06-27 17:33:56.000000000 +0200
-@@ -25,6 +25,7 @@
+Index: src/Makefile.am
+===================================================================
+--- src/Makefile.am.orig
++++ src/Makefile.am
+@@ -25,6 +25,7 @@ SUBDIRS = \
libreal \
libfaad \
libmusepack \
@@ -57,8 +61,10 @@
post \
combined \
vdr
---- src/mjpeg/Makefile.am 1970-01-01 01:00:00.000000000 +0100
-+++ src/mjpeg/Makefile.am 2007-06-27 18:25:54.000000000 +0200
+Index: src/mjpeg/Makefile.am
+===================================================================
+--- /dev/null
++++ src/mjpeg/Makefile.am
@@ -0,0 +1,9 @@
+include $(top_srcdir)/misc/Makefile.common
+
@@ -69,24 +75,26 @@
+xineplug_decode_mjpeg_la_CFLAGS = $(VISIBILITY_FLAG)
+xineplug_decode_mjpeg_la_LDFLAGS = $(xineplug_ldflags)
+endif
---- src/mjpeg/xine_mjpeg_decoder.c 1970-01-01 01:00:00.000000000 +0100
-+++ src/mjpeg/xine_mjpeg_decoder.c 2007-06-27 18:12:23.000000000 +0200
+Index: src/mjpeg/xine_mjpeg_decoder.c
+===================================================================
+--- /dev/null
++++ src/mjpeg/xine_mjpeg_decoder.c
@@ -0,0 +1,388 @@
-+/*
++/*
+ * Copyright (C) 2007 Marcus Meissner
-+ *
++ *
+ * This file is part of xine, a free video player.
-+ *
++ *
+ * xine is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
-+ *
++ *
+ * xine is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
-+ *
++ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
@@ -212,7 +220,7 @@
+
+static void mjpeg_discontinuity (video_decoder_t *this_gen) {
+ mjpeg_decoder_t *this = (mjpeg_decoder_t *) this_gen;
-+
++
+ this->bytes_in_buffer = 0;
+ this->pts = 0;
+}
@@ -266,7 +274,7 @@
+ this->maxbytes_in_buffer *= 2;
+ this->buffer = newbuf;
+ }
-+ xine_fast_memcpy (&this->buffer[this->bytes_in_buffer],
++ xine_fast_memcpy (&this->buffer[this->bytes_in_buffer],
+ buf->content, buf->size);
+ this->bytes_in_buffer += buf->size;
+
@@ -341,7 +349,7 @@
+ uint8_t *y,*u,*v;
+ int i;
+ int x = jpeg_read_scanlines(&this->jd,&cursamprow,1);
-+
++
+ if (x != 1) {
+ fprintf(stderr, "failed to read current scanline?\n");
+ break;
@@ -365,10 +373,10 @@
+}
+
+static void mjpeg_dispose (video_decoder_t *this_gen) {
-+ mjpeg_decoder_t *this = (mjpeg_decoder_t *) this_gen;
++ mjpeg_decoder_t *this = (mjpeg_decoder_t *) this_gen;
+
+ jpeg_destroy_decompress(&this->jd);
-+ if (this->output_open) {
++ if (this->output_open) {
+ this->xstream->video_out->close (this->xstream->video_out, this->xstream);
+ this->output_open = 0;
+ }
@@ -433,7 +441,7 @@
+static void *init_plugin (xine_t *xine, void *data) {
+
+ mjpeg_class_t *this;
-+
++
+ this = (mjpeg_class_t *) xine_xmalloc (sizeof (mjpeg_class_t));
+
+ this->decoder_class.open_plugin = open_plugin;
@@ -444,7 +452,7 @@
+ return this;
+}
+
-+static uint32_t video_types[] = {
++static uint32_t video_types[] = {
+ BUF_VIDEO_JPEG,
+ BUF_VIDEO_MJPEG,
+ 0
@@ -456,12 +464,14 @@
+};
+
+const plugin_info_t xine_plugin_info[] EXPORTED = {
-+ /* type, API, "name", version, special_info, init_function */
++ /* type, API, "name", version, special_info, init_function */
+ { PLUGIN_VIDEO_DECODER, 18, "mjpeg", XINE_VERSION_CODE, &dec_info_video, init_plugin },
+ { PLUGIN_NONE, 0, "", 0, NULL, NULL }
+};
---- src/mjpeg/Makefile.in 2006-11-25 20:28:17.000000000 +0100
-+++ src/mjpeg/Makefile.in 2007-06-28 13:29:11.000000000 +0200
+Index: src/mjpeg/Makefile.in
+===================================================================
+--- /dev/null
++++ src/mjpeg/Makefile.in
@@ -0,0 +1,751 @@
+# Makefile.in generated by automake 1.10 from Makefile.am.
+# @configure_input@
@@ -921,7 +931,7 @@
+ echo "rm -f \"$${dir}/so_locations\""; \
+ rm -f "$${dir}/so_locations"; \
+ done
-+xineplug_decode_mjpeg.la: $(xineplug_decode_mjpeg_la_OBJECTS) $(xineplug_decode_mjpeg_la_DEPENDENCIES)
++xineplug_decode_mjpeg.la: $(xineplug_decode_mjpeg_la_OBJECTS) $(xineplug_decode_mjpeg_la_DEPENDENCIES)
+ $(xineplug_decode_mjpeg_la_LINK) $(am_xineplug_decode_mjpeg_la_rpath) $(xineplug_decode_mjpeg_la_OBJECTS) $(xineplug_decode_mjpeg_la_LIBADD) $(LIBS)
+
+mostlyclean-compile:
@@ -1214,9 +1224,11 @@
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
---- configure
+Index: configure
+===================================================================
+--- configure.orig
+++ configure
-@@ -53416,6 +53416,7 @@
+@@ -53851,6 +53851,7 @@ echo ""
echo " * video decoder plugins:"
echo " - MPEG 1,2 - Amiga Bitplane"
echo " - Raw RGB - Raw YUV"
@@ -1224,13 +1236,15 @@
if test "x$with_external_ffmpeg" = "xyes"; then
echo " - ffmpeg (external library):"
else
---- src/Makefile.in
+Index: src/Makefile.in
+===================================================================
+--- src/Makefile.in.orig
+++ src/Makefile.in
-@@ -546,6 +546,7 @@
+@@ -399,6 +399,7 @@ SUBDIRS = \
libreal \
libfaad \
libmusepack \
+ mjpeg \
post \
- combined \
- vdr
+ combined
+
diff --git a/xine-lib-various-noncrippled.diff b/xine-lib-various-noncrippled.diff
index 4d300e4..9acd408 100644
--- a/xine-lib-various-noncrippled.diff
+++ b/xine-lib-various-noncrippled.diff
@@ -1,7 +1,8 @@
-diff -ur ../xine-lib-1.1.1-orig/src/libw32dll/wine/ldt_keeper.c ./src/libw32dll/wine/ldt_keeper.c
---- ../xine-lib-1.1.1-orig/src/libw32dll/wine/ldt_keeper.c 2006-01-02 12:43:47.000000000 +0100
-+++ ./src/libw32dll/wine/ldt_keeper.c 2006-01-02 12:43:51.000000000 +0100
-@@ -79,6 +79,10 @@
+Index: src/libw32dll/wine/ldt_keeper.c
+===================================================================
+--- src/libw32dll/wine/ldt_keeper.c.orig
++++ src/libw32dll/wine/ldt_keeper.c
+@@ -77,6 +77,10 @@ int modify_ldt(int func, void *ptr, unsi
#ifdef __cplusplus
}
#endif
@@ -10,5 +11,5 @@ diff -ur ../xine-lib-1.1.1-orig/src/libw32dll/wine/ldt_keeper.c ./src/libw32dll/
+#define modify_ldt_ldt_s user_desc
+#endif
#else
- #if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__OpenBSD__)
+ #if defined(__NetBSD__) || defined(__FreeBSD_kernel__) || defined(__OpenBSD__)
#include <machine/segments.h>
diff --git a/xine-lib.changes b/xine-lib.changes
index f1570b5..5daa762 100644
--- a/xine-lib.changes
+++ b/xine-lib.changes
@@ -1,3 +1,36 @@
+-------------------------------------------------------------------
+Tue Mar 25 19:26:50 CET 2008 - mhopf@suse.de
+
+- Security fix for bnc#372877: integer overflows in malloc
+ CVE-2008-1482
+- Added missing aalib-devel dependency.
+
+-------------------------------------------------------------------
+Wed Mar 19 16:42:18 CET 2008 - mhopf@suse.de
+
+- Update to 1.1.11:
+ * Security fixes:
+ - Array Indexing Vulnerability in sdpplin_parse(). (CVE-2008-0073)
+ * Reworked the plugin directory naming so that external plugins don't have
+ to be rebuilt for every release. We now use a naming scheme based on the
+ API/ABI versioning, checking older directories - with this release, the
+ plugin directory name is 1.20, and if this gets bumped to 1.21 in a
+ future release, 1.20 will still be available for external plugins.
+ (Any directories not 1.* won't be looked in.)
+ * Made the version parsing much more reliable; it wasn't properly coping
+ with four-part version numbers. This affects any program whose build
+ scripts use xine-lib's automake macros.
+ * Fixed an off-by-one in the FLAC security fix patch. This breakage was
+ causing failure to play some files.
+ * Support 16-bit big-endian DTS audio.
+ * Improved frame snapshot API. (ABI extension.)
+ * Re-add support for # (stream parameter separator) in raw filenames,
+ without the bugs found in the original implementation.
+ (This is a convenience feature for users only. Front ends which rely on
+ it for functions like subtitle file detection must instead use file://
+ MRLs; if they don't, we consider them to be buggy.)
+ * Fixed long delay when closing stream on dual core systems [Bug #33]
+
-------------------------------------------------------------------
Mon Mar 10 13:28:58 CET 2008 - lnussel@suse.de
diff --git a/xine-lib.spec b/xine-lib.spec
index f81f10c..828a5cc 100644
--- a/xine-lib.spec
+++ b/xine-lib.spec
@@ -1,5 +1,5 @@
#
-# spec file for package xine-lib (Version 1.1.10.1)
+# spec file for package xine-lib (Version 1.1.11)
#
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@@ -28,14 +28,14 @@ Name: xine-lib
# 0: Build all except xine-internal 1: Build only xine-internal 2: Build all
# 1+2 need uncrippled source
%define BUILD_XINE %{?_with_internal:2}%{!?_with_internal:%build_xine_default}
-BuildRequires: ImageMagick-devel SDL-devel arts-devel cdparanoia curl-devel esound-devel flac-devel giflib-devel glib2-devel gnome-common gnome-vfs2-devel gnutls-devel gtk2-devel imlib2-devel krb5-devel libcdio-devel libdrm-devel libmng-devel libsmbclient libsmbclient-devel libtheora-devel libvorbis-devel lirc readline-devel speex-devel update-desktop-files vcdimager-devel
+BuildRequires: ImageMagick-devel SDL-devel aalib-devel arts-devel cdparanoia curl-devel esound-devel flac-devel giflib-devel glib2-devel gnome-common gnome-vfs2-devel gnutls-devel gtk2-devel imlib2-devel krb5-devel libcdio-devel libdrm-devel libmng-devel libsmbclient libsmbclient-devel libtheora-devel libvorbis-devel lirc readline-devel speex-devel update-desktop-files vcdimager-devel
%if %BUILD_XINE > 0
BuildRequires: mad-devel
%endif
Recommends: opensuse-codecs-installer
-Version: 1.1.10.1
-Release: 10
-%define abiversion 1.1.10
+Version: 1.1.11
+Release: 2
+%define abiversion 1.20
Summary: Video Player with Plug-Ins
Group: Productivity/Multimedia/Video/Players
License: GPL v2 or later; Public Domain, Freeware
@@ -52,6 +52,7 @@ Source13: lcd.tar.bz2
Source99: precheckin_cripple_tarball.sh
# *** xine-lib: Bugfixes
Patch26: xine-lib-doc-fix-X11R6.diff
+Patch30: xine-lib-CVE-2008-1482.diff
# *** Addons
Patch50: vdr-xine-lib-0.8.1.diff.bz2
Patch51: vdr-xine-SUSE.diff
@@ -168,6 +169,7 @@ else
fi
cd xine-lib-%version
%patch26
+%patch30 -p1
%patch50 -p1
%patch51 -p1
%patch52 -p1
@@ -448,6 +450,33 @@ echo "/usr/share/xine/mad" >> files.internal
%endif
%changelog
+* Tue Mar 25 2008 mhopf@suse.de
+- Security fix for bnc#372877: integer overflows in malloc
+ CVE-2008-1482
+- Added missing aalib-devel dependency.
+* Wed Mar 19 2008 mhopf@suse.de
+- Update to 1.1.11:
+ * Security fixes:
+ - Array Indexing Vulnerability in sdpplin_parse(). (CVE-2008-0073)
+ * Reworked the plugin directory naming so that external plugins don't have
+ to be rebuilt for every release. We now use a naming scheme based on the
+ API/ABI versioning, checking older directories - with this release, the
+ plugin directory name is 1.20, and if this gets bumped to 1.21 in a
+ future release, 1.20 will still be available for external plugins.
+ (Any directories not 1.* won't be looked in.)
+ * Made the version parsing much more reliable; it wasn't properly coping
+ with four-part version numbers. This affects any program whose build
+ scripts use xine-lib's automake macros.
+ * Fixed an off-by-one in the FLAC security fix patch. This breakage was
+ causing failure to play some files.
+ * Support 16-bit big-endian DTS audio.
+ * Improved frame snapshot API. (ABI extension.)
+ * Re-add support for # (stream parameter separator) in raw filenames,
+ without the bugs found in the original implementation.
+ (This is a convenience feature for users only. Front ends which rely on
+ it for functions like subtitle file detection must instead use file://
+ MRLs; if they don't, we consider them to be buggy.)
+ * Fixed long delay when closing stream on dual core systems [Bug #33]
* Mon Mar 10 2008 lnussel@suse.de
- get rid of nosrc so a debuginfo package get created (bnc#284030)
* Fri Feb 15 2008 lnussel@suse.de