summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'media-libs/xine-lib/files/xine-lib-1_rc6-XSA-2004-8.patch')
-rw-r--r--media-libs/xine-lib/files/xine-lib-1_rc6-XSA-2004-8.patch40
1 files changed, 40 insertions, 0 deletions
diff --git a/media-libs/xine-lib/files/xine-lib-1_rc6-XSA-2004-8.patch b/media-libs/xine-lib/files/xine-lib-1_rc6-XSA-2004-8.patch
new file mode 100644
index 000000000000..8d6f1e00227f
--- /dev/null
+++ b/media-libs/xine-lib/files/xine-lib-1_rc6-XSA-2004-8.patch
@@ -0,0 +1,40 @@
+diff -ur -x '*~' xine-lib-1-rc6a/src/input/librtsp/rtsp.c xine-lib-1-rc6a-XSA/src/input/librtsp/rtsp.c
+--- xine-lib-1-rc6a/src/input/librtsp/rtsp.c 2004-07-27 04:08:48.000000000 +0200
++++ xine-lib-1-rc6a-XSA/src/input/librtsp/rtsp.c 2005-04-25 17:59:21.392277328 +0200
+@@ -218,6 +218,7 @@
+ unsigned int answer_seq;
+ char **answer_ptr=s->answers;
+ int code;
++ int ans_count = 0;
+
+ answer=rtsp_get(s);
+ if (!answer)
+@@ -268,7 +269,7 @@
+ }
+ *answer_ptr=answer;
+ answer_ptr++;
+- } while (strlen(answer)!=0);
++ } while ((strlen(answer)!=0) && (++ans_count < MAX_FIELDS));
+
+ s->cseq++;
+
+diff -ur -x '*~' xine-lib-1-rc6a/src/input/mms.c xine-lib-1-rc6a-XSA/src/input/mms.c
+--- xine-lib-1-rc6a/src/input/mms.c 2004-07-27 04:08:47.000000000 +0200
++++ xine-lib-1-rc6a-XSA/src/input/mms.c 2005-04-25 18:01:59.677214360 +0200
+@@ -573,9 +573,13 @@
+ stream_id = LE_16(this->asf_header + i + 48);
+
+ lprintf ("stream object, stream id: %d\n", stream_id);
+- this->stream_types[stream_id] = type;
+- this->stream_ids[this->num_stream_ids] = stream_id;
+- this->num_stream_ids++;
++ if (this->num_stream_ids < ASF_MAX_NUM_STREAMS && stream_id < ASF_MAX_NUM_STREAMS) {
++ this->stream_types[stream_id] = type;
++ this->stream_ids[this->num_stream_ids] = stream_id;
++ this->num_stream_ids++;
++ } else {
++ lprintf ("too many streams, skipping\n");
++ }
+
+ }
+ break;