cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Two fixes from upstream..

Browse Source 
- Fix crash with broken ASF files (SA-1302).
- Fix MKV behaviour with unknown or new EBML elements.

ok sthen@
This commit is contained in:
brad 2013-02-06 13:07:05 +00:00
parent 43d801d215
commit c04bb05ba3
4 changed files with 335 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
x11/vlc/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.163 2013/01/03 03:18:21 brad Exp $
# $OpenBSD: Makefile,v 1.164 2013/02/06 13:07:05 brad Exp $
SHARED_ONLY= Yes
@ -8,7 +8,7 @@ COMMENT-jack= JACK audio output module for VLC
V= 2.0.5
DISTNAME= vlc-${V}
PKGNAME-main= ${DISTNAME}
REVISION-main= 2
REVISION-main= 3
PKGNAME-jack= vlc-jack-${V}
REVISION-jack= 1
CATEGORIES= x11

159
x11/vlc/patches/patch-modules_demux_asf_asf_c Normal file
View File

@ -0,0 +1,159 @@
$OpenBSD: patch-modules_demux_asf_asf_c,v 1.1 2013/02/06 13:07:05 brad Exp $
Fix crash with broken ASF files (SA-1302).
--- modules/demux/asf/asf.c.orig Tue Aug 28 13:25:19 2012
+++ modules/demux/asf/asf.c Tue Feb 5 07:53:12 2013
@@ -383,15 +383,30 @@ static mtime_t GetMoviePTS( demux_sys_t *p_sys )
return i_time;
}
-#define GETVALUE2b( bits, var, def ) \
- switch( (bits)&0x03 ) \
- { \
- case 1: var = p_peek[i_skip]; i_skip++; break; \
- case 2: var = GetWLE( p_peek + i_skip ); i_skip+= 2; break; \
- case 3: var = GetDWLE( p_peek + i_skip ); i_skip+= 4; break; \
- case 0: \
- default: var = def; break;\
+static inline int GetValue2b(int *var, const uint8_t *p, int *skip, int left, int bits)
+{
+ switch(bits&0x03)
+ {
+ case 1:
+ if (left < 1)
+ return -1;
+ *var = p[*skip]; *skip += 1;
+ return 0;
+ case 2:
+ if (left < 2)
+ return -1;
+ *var = GetWLE(&p[*skip]); *skip += 2;
+ return 0;
+ case 3:
+ if (left < 4)
+ return -1;
+ *var = GetDWLE(&p[*skip]); *skip += 4;
+ return 0;
+ case 0:
+ default:
+ return 0;
}
+}
static int DemuxPacket( demux_t *p_demux )
{
@@ -405,15 +420,15 @@ static int DemuxPacket( demux_t *p_demux )
int i_packet_property;
int b_packet_multiple_payload;
- int i_packet_length;
- int i_packet_sequence;
- int i_packet_padding_length;
+ int i_packet_length = i_data_packet_min;
+ int i_packet_sequence = 0;
+ int i_packet_padding_length = 0;
uint32_t i_packet_send_time;
- uint16_t i_packet_duration;
int i_payload;
int i_payload_count;
int i_payload_length_type;
+ int peek_size;
if( stream_Peek( p_demux->s, &p_peek,i_data_packet_min)<i_data_packet_min )
@@ -421,6 +436,7 @@ static int DemuxPacket( demux_t *p_demux )
msg_Warn( p_demux, "cannot peek while getting new packet, EOF ?" );
return 0;
}
+ peek_size = i_data_packet_min;
i_skip = 0;
/* *** parse error correction if present *** */
@@ -461,9 +477,12 @@ static int DemuxPacket( demux_t *p_demux )
b_packet_multiple_payload = i_packet_flags&0x01;
/* read some value */
- GETVALUE2b( i_packet_flags >> 5, i_packet_length, i_data_packet_min );
- GETVALUE2b( i_packet_flags >> 1, i_packet_sequence, 0 );
- GETVALUE2b( i_packet_flags >> 3, i_packet_padding_length, 0 );
+ if (GetValue2b(&i_packet_length, p_peek, &i_skip, peek_size - i_skip, i_packet_flags >> 5) < 0)
+ goto loop_error_recovery;
+ if (GetValue2b(&i_packet_sequence, p_peek, &i_skip, peek_size - i_skip, i_packet_flags >> 1) < 0)
+ goto loop_error_recovery;
+ if (GetValue2b(&i_packet_padding_length, p_peek, &i_skip, peek_size - i_skip, i_packet_flags >> 3) < 0)
+ goto loop_error_recovery;
if( i_packet_padding_length > i_packet_length )
{
@@ -479,7 +498,7 @@ static int DemuxPacket( demux_t *p_demux )
}
i_packet_send_time = GetDWLE( p_peek + i_skip ); i_skip += 4;
- i_packet_duration = GetWLE( p_peek + i_skip ); i_skip += 2;
+ /* uint16_t i_packet_duration = GetWLE( p_peek + i_skip ); */ i_skip += 2;
i_packet_size_left = i_packet_length;
@@ -501,13 +520,13 @@ static int DemuxPacket( demux_t *p_demux )
int i_packet_keyframe;
unsigned int i_stream_number;
- int i_media_object_number;
+ int i_media_object_number = 0;
int i_media_object_offset;
- int i_replicated_data_length;
- int i_payload_data_length;
+ int i_replicated_data_length = 0;
+ int i_payload_data_length = 0;
int i_payload_data_pos;
int i_sub_payload_data_length;
- int i_tmp;
+ int i_tmp = 0;
mtime_t i_pts;
mtime_t i_pts_delta;
@@ -521,9 +540,12 @@ static int DemuxPacket( demux_t *p_demux )
i_packet_keyframe = p_peek[i_skip] >> 7;
i_stream_number = p_peek[i_skip++] & 0x7f;
- GETVALUE2b( i_packet_property >> 4, i_media_object_number, 0 );
- GETVALUE2b( i_packet_property >> 2, i_tmp, 0 );
- GETVALUE2b( i_packet_property, i_replicated_data_length, 0 );
+ if (GetValue2b(&i_media_object_number, p_peek, &i_skip, peek_size - i_skip, i_packet_property >> 4) < 0)
+ break;
+ if (GetValue2b(&i_tmp, p_peek, &i_skip, peek_size - i_skip, i_packet_property >> 2) < 0)
+ break;
+ if (GetValue2b(&i_replicated_data_length, p_peek, &i_skip, peek_size - i_skip, i_packet_property) < 0)
+ break;
if( i_replicated_data_length > 1 ) // should be at least 8 bytes
{
@@ -558,7 +580,9 @@ static int DemuxPacket( demux_t *p_demux )
i_pts = __MAX( i_pts - p_sys->p_fp->i_preroll * 1000, 0 );
if( b_packet_multiple_payload )
{
- GETVALUE2b( i_payload_length_type, i_payload_data_length, 0 );
+ i_payload_data_length = 0;
+ if (GetValue2b(&i_payload_data_length, p_peek, &i_skip, peek_size - i_skip, i_payload_length_type) < 0)
+ break;
}
else
{
@@ -645,6 +669,7 @@ static int DemuxPacket( demux_t *p_demux )
return 0;
}
i_packet_size_left -= i_read;
+ peek_size = 0;
p_frag->p_buffer += i_skip;
p_frag->i_buffer -= i_skip;
@@ -672,6 +697,7 @@ static int DemuxPacket( demux_t *p_demux )
msg_Warn( p_demux, "cannot peek, EOF ?" );
return 0;
}
+ peek_size = i_packet_size_left;
}
}
}

137
x11/vlc/patches/patch-modules_demux_mkv_Ebml_parser_cpp Normal file
View File

@ -0,0 +1,137 @@
$OpenBSD: patch-modules_demux_mkv_Ebml_parser_cpp,v 1.1 2013/02/06 13:07:05 brad Exp $
Fix MKV behaviour with unknown or new EBML elements.
--- modules/demux/mkv/Ebml_parser.cpp.orig Fri Dec 9 11:58:27 2011
+++ modules/demux/mkv/Ebml_parser.cpp Tue Feb 5 07:55:42 2013
@@ -30,6 +30,7 @@
* Ebml Stream parser
*****************************************************************************/
EbmlParser::EbmlParser( EbmlStream *es, EbmlElement *el_start, demux_t *p_demux ) :
+ p_demux( p_demux ),
m_es( es ),
mi_level( 1 ),
m_got( NULL ),
@@ -103,7 +104,7 @@ void EbmlParser::Up( void )
{
if( mi_user_level == mi_level )
{
- fprintf( stderr,"MKV/Ebml Parser: Up cannot escape itself\n" );
+ msg_Warn( p_demux, "MKV/Ebml Parser: Up cannot escape itself" );
}
mi_user_level--;
@@ -133,15 +134,17 @@ void EbmlParser::Reset( demux_t *p_demux )
m_el[mi_level] = NULL;
mi_level--;
}
+ this->p_demux = p_demux;
mi_user_level = mi_level = 1;
// a little faster and cleaner
m_es->I_O().setFilePointer( static_cast<KaxSegment*>(m_el[0])->GetGlobalPosition(0) );
mb_dummy = var_InheritBool( p_demux, "mkv-use-dummy" );
}
-EbmlElement *EbmlParser::Get( void )
+EbmlElement *EbmlParser::Get( int n_call )
{
int i_ulev = 0;
+ EbmlElement *p_prev = NULL;
if( mi_user_level != mi_level )
{
@@ -155,24 +158,29 @@ EbmlElement *EbmlParser::Get( void )
return ret;
}
+ p_prev = m_el[mi_level];
if( m_el[mi_level] )
{
m_el[mi_level]->SkipData( *m_es, EBML_CONTEXT(m_el[mi_level]) );
- if( !mb_keep )
- {
- if( MKV_IS_ID( m_el[mi_level], KaxBlockVirtual ) )
- static_cast<KaxBlockVirtualWorkaround*>(m_el[mi_level])->Fix();
- delete m_el[mi_level];
- }
- mb_keep = false;
+
}
vlc_stream_io_callback & io_stream = (vlc_stream_io_callback &) m_es->I_O();
uint64 i_size = io_stream.toRead();
m_el[mi_level] = m_es->FindNextElement( EBML_CONTEXT(m_el[mi_level - 1]),
- i_ulev, i_size, mb_dummy, 1 );
+ i_ulev, i_size, true, 1 );
// mi_remain_size[mi_level] = m_el[mi_level]->GetSize();
if( i_ulev > 0 )
{
+ if( p_prev )
+ {
+ if( !mb_keep )
+ {
+ if( MKV_IS_ID( p_prev, KaxBlockVirtual ) )
+ static_cast<KaxBlockVirtualWorkaround*>(p_prev)->Fix();
+ delete p_prev;
+ }
+ mb_keep = false;
+ }
while( i_ulev > 0 )
{
if( mi_level == 1 )
@@ -192,9 +200,55 @@ EbmlElement *EbmlParser::Get( void )
}
else if( m_el[mi_level] == NULL )
{
- fprintf( stderr,"MKV/Ebml Parser: m_el[mi_level] == NULL\n" );
+ msg_Warn( p_demux,"MKV/Ebml Parser: m_el[mi_level] == NULL\n" );
}
+ else if( m_el[mi_level]->IsDummy() && !mb_dummy )
+ {
+ bool b_bad_position = false;
+ /* We got a dummy element but don't want those...
+ * perform a sanity check */
+ if( !mi_level )
+ {
+ msg_Err(p_demux, "Got invalid lvl 0 element... Aborting");
+ return NULL;
+ }
+ if( p_prev && p_prev->IsFiniteSize() &&
+ p_prev->GetEndPosition() != m_el[mi_level]->GetElementPosition())
+ {
+ msg_Err( p_demux, "Dummy Element at unexpected position... corrupted file?" );
+ b_bad_position = true;
+ }
+
+ if( n_call < 10 && !b_bad_position && m_el[mi_level]->IsFiniteSize() &&
+ ( !m_el[mi_level-1]->IsFiniteSize() ||
+ m_el[mi_level]->GetEndPosition() <= m_el[mi_level-1]->GetEndPosition() ) )
+ {
+ /* The element fits inside its upper element */
+ msg_Warn( p_demux, "Dummy element found... skipping it" );
+ return Get( ++n_call );
+ }
+ else
+ {
+ /* Too large, misplaced or 10 successive dummy elements */
+ msg_Err( p_demux, "Dummy element too large or misplaced... skipping to next upper element" );
+ delete m_el[mi_level];
+ m_el[mi_level] = NULL;
+ m_el[mi_level - 1]->SkipData( *m_es, EBML_CONTEXT(m_el[mi_level - 1]) );
+ return Get();
+ }
+ }
+
+ if( p_prev )
+ {
+ if( !mb_keep )
+ {
+ if( MKV_IS_ID( p_prev, KaxBlockVirtual ) )
+ static_cast<KaxBlockVirtualWorkaround*>(p_prev)->Fix();
+ delete p_prev;
+ }
+ mb_keep = false;
+ }
return m_el[mi_level];
}

37
x11/vlc/patches/patch-modules_demux_mkv_Ebml_parser_hpp Normal file
View File

@ -0,0 +1,37 @@
$OpenBSD: patch-modules_demux_mkv_Ebml_parser_hpp,v 1.1 2013/02/06 13:07:05 brad Exp $
Fix MKV behaviour with unknown or new EBML elements.
--- modules/demux/mkv/Ebml_parser.hpp.orig Thu Dec 8 13:00:26 2011
+++ modules/demux/mkv/Ebml_parser.hpp Tue Feb 5 07:55:42 2013
@@ -39,7 +39,7 @@ class EbmlParser
void Up( void );
void Down( void );
void Reset( demux_t *p_demux );
- EbmlElement *Get( void );
+ EbmlElement *Get( int n_call = 0 );
void Keep( void );
EbmlElement *UnGet( uint64 i_block_pos, uint64 i_cluster_pos );
@@ -49,16 +49,17 @@ class EbmlParser
bool IsTopPresent( EbmlElement * ) const;
private:
+ demux_t *p_demux;
EbmlStream *m_es;
- int mi_level;
+ int mi_level;
EbmlElement *m_el[10];
int64_t mi_remain_size[10];
EbmlElement *m_got;
- int mi_user_level;
- bool mb_keep;
- bool mb_dummy;
+ int mi_user_level;
+ bool mb_keep;
+ bool mb_dummy;
};
/* This class works around a bug in KaxBlockVirtual implementation */