| Age | Commit message (Collapse) | Author |
|---|
|
xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not
properly handle (a) negative and (b) zero values during unspecified
read function calls in input_file.c, input_net.c, input_smb.c, and
input_http.c, which allows remote attackers to cause a denial of
service (crash) or possibly execute arbitrary code via vectors such as
(1) a file or (2) an HTTP response, which triggers consequences such
as out-of-bounds reads and heap-based buffer overflows.
|
|
Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and
earlier versions, allow remote attackers to cause a denial of service
(crash) or possibly execute arbitrary code via (1) crafted width and
height values that are not validated by the mymng_process_header
function in demux_mng.c before use in an allocation calculation or (2)
crafted current_atom_size and string_size values processed by the
parse_reference_atom function in demux_qt.c.
|
|
Multiple heap-based buffer overflows in xine-lib 1.1.12, and other
1.1.15 and earlier versions, allow remote attackers to execute
arbitrary code via vectors related to (1) a crafted EBML element
length processed by the parse_block_group function in
demux_matroska.c; (2) a certain combination of sps, w, and h values
processed by the real_parse_audio_specific_data and
demux_real_send_chunk functions in demux_real.c; and (3) an
unspecified combination of three values processed by the open_ra_file
function in demux_realaudio.c. NOTE: vector 2 reportedly exists
because of an incomplete fix in 1.1.15.
|
|
Multiple heap-based buffer overflows in xine-lib 1.1.12, and other
versions before 1.1.15, allow remote attackers to execute arbitrary
code via vectors related to (1) a crafted metadata atom size processed
by the parse_moov_atom function in demux_qt.c and (2) frame reading in
the id3v23_interp_frame function in id3.c. NOTE: as of 20081122, it is
possible that vector 1 has not been fixed in 1.1.15.
case ( FOURCC_TAG('C', 'O', 'M', 'M') ):
_x_meta_info_set_generic(stream, XINE_META_INFO_COMMENT, buf + 1 + 3, id3_encoding[enc]);
|
|
Currently, frame grabbing aborts when requested for accelerated image formats.
By using a vo_driver provided frame procedure to retrieve image data, frame
grabbing can be implemented for accelerated frames too. In case a vo_driver
doesn't provide this functionality, _x_get_current_frame_data() no longer
aborts when it is asked to provide image data. It will drop an error message
as before and return a "green" YV12 image.
|
|
standard format.
Frame grabbing didn't work for frame image formats besides YV12 and YUY2 as decoded data
is not stored in accelarated frames. Some acceleration APIs allow to read back decoded
image data in the common standard formats mentioned above. The new procedure allows the
vo_driver to provide a way for retrieving image data which can later be utilized by
_x_get_current_frame_data() to implement frame grabbing for accelerated frames.
|
|
|
|
|
|
--HG--
rename : src/libxineadec/Makefile.am => src/audio_dec/Makefile.am
rename : src/libxinevdec/Makefile.am => src/video_dec/Makefile.am
rename : src/libmpeg2/Makefile.am => src/video_dec/libmpeg2/Makefile.am
|
|
|
|
These are known to be present in some nvidia graphics hardware.
|
|
These drivers use "NV* Video Texture" instead of "* Textured Video".
|
|
|
|
|
|
--HG--
rename : po/libxine1.pot => po/libxine2.pot
|
|
--HG--
rename : src/combined/demux_flac.c => src/combined/flac_demuxer.c
rename : src/libspudvb/xine_spudvb_decoder.c => src/spu_dec/spudvb_decoder.c
|
|
|
|
|
|
|
|
|
|
--HG--
extra : transplant_source : %A0%EE%CC%FA%D3%AF2%8B%96%1F%B1%8E%00%01%96%8E%9E%AC%93Y
|
|
|
|
network byte order to match packet CRC
|
|
|
|
|
|
in our plugins (for now).
|
|
|
|
|
|
|
|
|
|
|
|
--HG--
rename : include/xine.h.in => include/xine.h
rename : src/xine-utils/attributes.h => include/xine/attributes.h
rename : src/xine-engine/buffer.h => include/xine/buffer.h
rename : m4/_xine.m4 => m4/types.m4
rename : po/libxine1.pot => po/libxine2.pot
rename : src/libfaad/xine_faad_decoder.c => src/audio_dec/xine_faad_decoder.c
rename : src/libspucc/cc_decoder.h => src/spu_dec/cc_decoder.h
rename : src/libspucmml/xine_cmml_decoder.c => src/spu_dec/cmml_decoder.c
rename : src/libspudec/xine_spu_decoder.c => src/spu_dec/spu_decoder.c
rename : src/libspudvb/xine_spudvb_decoder.c => src/spu_dec/spudvb_decoder.c
rename : src/libspucc/xine_cc_decoder.c => src/spu_dec/xine_cc_decoder.c
rename : src/libmpeg2/mpeg2.h => src/video_dec/libmpeg2/mpeg2.h
|
|
|
|
When it comes to FLAC audio files, seeking relies on seekpoints which are
not always present, and even when they are, sometimes it fails. Also, as far
as I can see, xine is unable to play a FLAC stream starting at an arbitrary
position.
Other players (namely mplayer) do not rely on seekpoints when they handle
FLAC files and they don't suffer from these problems.
With this patch, time-based seeking doesn't change, while position-based
seeking is completely independent from seekpoints.
|
|
|
|
- goom initialization
- matroska playing recent files with AAC
- replace free() by ffmpeg's av_free() in ff decoders
|
|
Add warning flags to the DEBUG_CFLAGS too.
|
|
|
|
On XINE_GUI_SEND_DRAWABLE_CHANGED, the clipping area is adjusted
to the new HWND and the frame shown again. This allows to switch
the window where the video is shown at runtime, simliar to the X11
drivers.
|
|
We don't want to have warnings conditional to extreme optimisations:
if the compiler supports them, they should be enabled.
The reason why they were conditional is that the code testing for GCC
presence enabled both warnings and optimisations, and the warnings
were carried over when the optimisations were made optional.
|
|
When passing CC="ccache gcc", we don't want to quote "$CC" calls,
otherwise the command won't be found.
|
|
former.
The CC_CHECK_CFLAGS macro is already present in attributes.m4, so no
need to keep the old version we had around, especially since the new
one caches its results too.
|
|
equivalent.
I wanted this because I'm going to reuse attribute.m4 with that macro
for a couple other projects.
This also removes AC_TRY_LDFLAGS since it's not used any longer
(replaced by CC_CHECK_LDFLAGS, which also caches results).
|
|
This should make it more readable, and avoid a few extra test. Also
check for the -Werror= style for GCC 4.3 instead of the old
-Werror-implicit-function-declaration.
|
|
This adds variants of CC_CHECK_CFLAGS that append the flags
automatically, and a few comments.
|
|
There is needed some ui<->lib interaction: used caca display is optionally delivered from ui to the caca vo plugin.
|
|
The lPitch setting of the offscreen buffer was not taken into account,
which let to a garbled image if the video card driver did support YV12 or
YUV2 color formats. This patch fixes bug #72.
|
|
|
|
|
|
|
