← Back to branch summary

~siretart/xine-lib/ubuntu

« back to all changes in this revision

Viewing changes to src/input/libreal/real.c

  • Committer: Bazaar Package Importer
  • Author(s): Martin Pitt
  • Date: 2005-12-15 13:13:45 UTC
  • mfrom: (0.1.2 upstream)
  • Revision ID: james.westby@ubuntu.com-20051215131345-8n4osv1j7fy9c1s1
* SECURITY UPDATE: Fix arbitrary code execution with crafted PNG images in
  embedded ffmpeg copy.
* src/libffmpeg/libavcodec/utils.c, avcodec_default_get_buffer(): Apply
  upstream patch to fix buffer overflow on decoding of small PIX_FMT_PAL8
  PNG files.
* References:
  CVE-2005-4048
  http://mplayerhq.hu/pipermail/ffmpeg-devel/2005-November/005333.html
  http://www1.mplayerhq.hu/cgi-bin/cvsweb.cgi/ffmpeg/libavcodec/
  utils.c.diff?r1=1.161&r2=1.162&cvsroot=FFMpeg

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/input/libreal/real.c
17
17
 * along with this program; if not, write to the Free Software
18
18
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA
19
19
 *
20
 
 * $Id: real.c,v 1.20 2004/12/15 12:53:46 miguelfreitas Exp $
 
20
 * $Id: real.c,v 1.21 2005/06/25 13:21:30 siggi Exp $
21
21
 *
22
22
 * special functions for real streams.
23
23
 * adopted from joschkas real tools.
489
489
      xine_buffer_strcat(*stream_rules, b);
490
490
    }
491
491
 
492
 
    if (!desc->stream[i]->mlti_data) return NULL;
493
 
 
494
 
    len=select_mlti_data(desc->stream[i]->mlti_data, desc->stream[i]->mlti_data_size, rulematches[0], &buf);
 
492
    if (!desc->stream[i]->mlti_data) {
 
493
     len = 0;
 
494
     buf = NULL;
 
495
    }
 
496
    else
 
497
      len=select_mlti_data(desc->stream[i]->mlti_data, desc->stream[i]->mlti_data_size, rulematches[0], &buf);
495
498
    
496
499
    header->streams[i]=rmff_new_mdpr(
497
500
        desc->stream[i]->stream_id,