diff options
Diffstat (limited to 'source/xap/MPlayer')
| -rwxr-xr-x | source/xap/MPlayer/MPlayer.SlackBuild | 17 | ||||
| -rw-r--r-- | source/xap/MPlayer/subreader-fix-srt-parsing.patch | 60 |
2 files changed, 69 insertions, 8 deletions
diff --git a/source/xap/MPlayer/MPlayer.SlackBuild b/source/xap/MPlayer/MPlayer.SlackBuild index 663fe2f8..f7665207 100755 --- a/source/xap/MPlayer/MPlayer.SlackBuild +++ b/source/xap/MPlayer/MPlayer.SlackBuild @@ -1,6 +1,7 @@ #!/bin/sh # $Id: MPlayer.SlackBuild,v 1.27 2012/07/01 13:07:08 root Exp root $ # Copyright 2006, 2007, 2008, 2010, 2011, 2012 Eric Hameleers, Eindhoven, NL +# Copyright 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Permission to use, copy, modify, and distribute this software for @@ -80,6 +81,10 @@ # 1.1_20120701-1: 28/jun/2012 by alien@slackware.com # * Update to the 1.1 branch (essentially this is MPlayer-1.1 but # I like to check it out of SVN). +# 1.1_20130819-1: 19/aug/2013 by volkerdi@slackware.com +# * Update to the latest 1.1 branch, and the same ffmpeg that was +# shipped with the 1.1.1 tarball. The official 1.1.1 release +# did not start a new repo branch, so this is the latest. # # Run 'sh MPlayer.SlackBuild' to build a Slackware package. # The package (.txz) plus descriptive .txt file are created in /tmp . @@ -90,9 +95,9 @@ # Set initial variables: PRGNAM=MPlayer -VERSION=${VERSION:-20120701} +VERSION=${VERSION:-20130819} BRANCH=${BRANCH:-1.1} # leave empty if you want to build MPlayer trunk -FFMPEG=${FFMPEG:-20120514} +FFMPEG=${FFMPEG:-20130505} BUILD=${BUILD:-2} TAG=${TAG:-} @@ -345,12 +350,8 @@ chown -R root:root * chmod -R u+w,go+r-w,a+X-s * cd ${PRGNAM}-${VERSION} -# Prevent a compilation error: -# "libm.h:54:74: error: expected identifier or '(' before 'sizeof'" -# See also: -# http://lists.mplayerhq.hu/pipermail/mplayer-users/2012-June/084871.html -cat $SRCDIR/MPlayer_ffmpeg.patch | patch -p0 --verbose \ - 2>&1 | tee $OUTPUT/patch-${PRGNAM}.log +# Apply patch to fix subtitles: +zcat $SRCDIR/subreader-fix-srt-parsing.patch.gz | patch -p1 --verbose || exit 1 # Determine what X we're running (the modular X returns the prefix # in the next command, while older versions stay silent): diff --git a/source/xap/MPlayer/subreader-fix-srt-parsing.patch b/source/xap/MPlayer/subreader-fix-srt-parsing.patch new file mode 100644 index 00000000..84f2de4d --- /dev/null +++ b/source/xap/MPlayer/subreader-fix-srt-parsing.patch @@ -0,0 +1,60 @@ +From d98e61ea438db66323734ad1b6bea66411a3c97b Mon Sep 17 00:00:00 2001 +From: wm4 <wm4@nowhere> +Date: Tue, 30 Apr 2013 00:09:31 +0200 +Subject: [PATCH] subreader: fix out of bound write access when parsing .srt + +This broke .srt subtitles on gcc-4.8. The breakage was relatively +subtle: it set all hour components to 0, while everything else was +parsed successfully. + +But the problem is really that sscanf wrote 1 byte past the sep +variable (or more, for invalid/specially prepared input). The %[..] +format specifier is unbounded. Fix that by letting sscanf drop the +parsed contents with "*", and also make it skip only one input +character by adding "1" (=> "%*1[..."). + +The out of bound write could easily lead to security issues. + +Also, this change makes .srt subtitle parsing slightly more strict. +Strictly speaking this is an unrelated change, but do it anyway. It's +more correct. +--- + sub/subreader.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + + (foutrelis: adjusted variable names in first hunk to apply to mplayer) + +diff --git a/sub/subreader.c b/sub/subreader.c +index 23da4c7..0f1b6c9 100644 +--- a/sub/subreader.c ++++ b/sub/subreader.c +@@ -386,14 +386,14 @@ static subtitle *sub_ass_read_line_subviewer(stream_t *st, subtitle *current, + int h1, m1, s1, ms1, h2, m2, s2, ms2, j = 0; + + while (!current->text[0]) { +- char line[LINE_LEN + 1], full_line[LINE_LEN + 1], sep; ++ char line[LINE_LEN + 1], full_line[LINE_LEN + 1]; + int i; + + /* Parse SubRip header */ + if (!stream_read_line(st, line, LINE_LEN, utf16)) + return NULL; +- if (sscanf(line, "%d:%d:%d%[,.:]%d --> %d:%d:%d%[,.:]%d", +- &h1, &m1, &s1, &sep, &ms1, &h2, &m2, &s2, &sep, &ms2) < 10) ++ if (sscanf(line, "%d:%d:%d%*1[,.:]%d --> %d:%d:%d%*1[,.:]%d", ++ &h1, &m1, &s1, &ms1, &h2, &m2, &s2, &ms2) < 8) + continue; + + current->start = a1 * 360000 + a2 * 6000 + a3 * 100 + a4 / 10; +@@ -450,7 +450,7 @@ static subtitle *sub_read_line_subviewer(stream_t *st,subtitle *current, + return sub_ass_read_line_subviewer(st, current, args); + while (!current->text[0]) { + if (!stream_read_line (st, line, LINE_LEN, utf16)) return NULL; +- if ((len=sscanf (line, "%d:%d:%d%[,.:]%d --> %d:%d:%d%[,.:]%d",&a1,&a2,&a3,(char *)&i,&a4,&b1,&b2,&b3,(char *)&i,&b4)) < 10) ++ if ((len=sscanf (line, "%d:%d:%d%*1[,.:]%d --> %d:%d:%d%*1[,.:]%d",&a1,&a2,&a3,&a4,&b1,&b2,&b3,&b4)) < 8) + continue; + current->start = a1*360000+a2*6000+a3*100+a4/10; + current->end = b1*360000+b2*6000+b3*100+b4/10; +-- +1.8.1.6 + |