| Age | Commit message (Collapse) | Author |
|---|
|
if the atom size is shorter than the header size, do not try
to decompress anything, as this would lead to zlib reading
out of bound data.
|
|
Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and
earlier versions, allow remote attackers to cause a denial of service
(crash) or possibly execute arbitrary code via (1) crafted width and
height values that are not validated by the mymng_process_header
function in demux_mng.c before use in an allocation calculation or (2)
crafted current_atom_size and string_size values processed by the
parse_reference_atom function in demux_qt.c.
|
|
Multiple heap-based buffer overflows in xine-lib 1.1.12, and other
versions before 1.1.15, allow remote attackers to execute arbitrary
code via vectors related to (1) a crafted metadata atom size processed
by the parse_moov_atom function in demux_qt.c and (2) frame reading in
the id3v23_interp_frame function in id3.c. NOTE: as of 20081122, it is
possible that vector 1 has not been fixed in 1.1.15.
case ( FOURCC_TAG('C', 'O', 'M', 'M') ):
_x_meta_info_set_generic(stream, XINE_META_INFO_COMMENT, buf + 1 + 3, id3_encoding[enc]);
|
|
--HG--
rename : src/xine-utils/xineutils.h => include/xine/xineutils.h
rename : po/libxine1.pot => po/libxine2.pot
|
|
|
|
--HG--
rename : src/liba52/parse.c => contrib/a52dec/parse.c
rename : include/xine.h.in => include/xine.h
rename : src/xine-engine/alphablend.h => include/xine/alphablend.h
rename : src/xine-utils/attributes.h => include/xine/attributes.h
rename : src/xine-engine/buffer.h => include/xine/buffer.h
rename : src/input/input_plugin.h => include/xine/input_plugin.h
rename : src/xine-utils/xineutils.h => include/xine/xineutils.h
rename : src/libxineadec/fooaudio.c => src/audio_dec/fooaudio.c
rename : src/libxineadec/gsm610.c => src/audio_dec/gsm610.c
rename : src/liba52/xine_a52_decoder.c => src/audio_dec/xine_a52_decoder.c
rename : src/libdts/xine_dts_decoder.c => src/audio_dec/xine_dts_decoder.c
rename : src/libfaad/xine_faad_decoder.c => src/audio_dec/xine_faad_decoder.c
rename : src/libxineadec/xine_lpcm_decoder.c => src/audio_dec/xine_lpcm_decoder.c
rename : src/libmad/xine_mad_decoder.c => src/audio_dec/xine_mad_decoder.c
rename : src/libmusepack/xine_musepack_decoder.c => src/audio_dec/xine_musepack_decoder.c
rename : src/combined/decoder_flac.c => src/combined/flac_decoder.c
rename : src/combined/demux_flac.c => src/combined/flac_demuxer.c
rename : src/libxineadec/nsf.c => src/combined/nsf_decoder.c
rename : src/demuxers/demux_nsf.c => src/combined/nsf_demuxer.c
rename : src/combined/combined_wavpack.h => src/combined/wavpack_combined.h
rename : src/combined/decoder_wavpack.c => src/combined/wavpack_decoder.c
rename : src/combined/demux_wavpack.c => src/combined/wavpack_demuxer.c
rename : src/demuxers/demux_ogg.c => src/combined/xine_ogg_demuxer.c
rename : src/libxineadec/xine_speex_decoder.c => src/combined/xine_speex_decoder.c
rename : src/libxinevdec/xine_theora_decoder.c => src/combined/xine_theora_decoder.c
rename : src/libxineadec/xine_vorbis_decoder.c => src/combined/xine_vorbis_decoder.c
rename : src/libspucc/cc_decoder.c => src/spu_dec/cc_decoder.c
rename : src/libspucmml/xine_cmml_decoder.c => src/spu_dec/cmml_decoder.c
rename : src/libspudec/xine_spu_decoder.c => src/spu_dec/spu_decoder.c
rename : src/libspudec/spu.c => src/spu_dec/spudec.c
rename : src/libspudvb/xine_spudvb_decoder.c => src/spu_dec/spudvb_decoder.c
rename : src/libsputext/xine_sputext_decoder.c => src/spu_dec/sputext_decoder.c
rename : src/libsputext/demux_sputext.c => src/spu_dec/sputext_demuxer.c
rename : src/libspucc/xine_cc_decoder.c => src/spu_dec/xine_cc_decoder.c
rename : src/libxinevdec/bitplane.c => src/video_dec/bitplane.c
rename : src/libxinevdec/foovideo.c => src/video_dec/foovideo.c
rename : src/libxinevdec/gdkpixbuf.c => src/video_dec/gdkpixbuf.c
rename : src/libxinevdec/image.c => src/video_dec/image.c
rename : src/libmpeg2/xine_mpeg2_decoder.c => src/video_dec/libmpeg2/xine_mpeg2_decoder.c
rename : src/libxinevdec/rgb.c => src/video_dec/rgb.c
rename : src/libxinevdec/yuv.c => src/video_dec/yuv.c
|
|
If needed, use calloc() to allocate the area so that it's already
reset by the time it returns.
|
|
|
|
The xine_xmalloc() function is going to be deprecated, as its
behaviour is rarely needed as such, and it's thus misused.
With this, almost all uses of xine_xmalloc() with static size (for
instance the value returned by sizeof()) or with a size that is
guaranteed not to be zero (like strlen()+1) are replaced with calls to
either calloc(1, ...) or malloc().
malloc() is used whenever the allocated memory is going to be
immediately overwritten, while calloc() is used in every other case,
as it sets the whole memory area to zero.
--HG--
extra : transplant_source : %8F%98%EC%02%1E%83%F0s%06X%83C%205Y%80%B12%CC%E1
|
|
Functions and data structures that are not exported and are only ever
used in the same unit they are defined should be marked static to
improve compiler's ability to optimise them.
This applies to xine_dispose_internal() function for xine-lib, the
extended_to_int() function in the AIFF demuxer, the bandwidths array
in QuickTime demuxer, the wc_pal_lookup table in the WC3 movie
demuxer, and the rm_header and pnm_data_header arrays in pnm input
plugin.
|
|
--HG--
rename : debian/libxine1.install => debian/libxine2.install
rename : src/libxineadec/xine_speex_decoder.c => src/combined/xine_speex_decoder.c
rename : src/libsputext/demux_sputext.c => src/spu_dec/sputext_demuxer.c
|
|
|
|
On some m4a files I get a divide by zero.
bytes_per_packet in this case is zero. I'm not sure what the real problem is
but skipping the assignment in that case works fine.
|
|
--HG--
rename : src/combined/demux_wavpack.c => src/combined/wavpack_demuxer.c
|
|
|
|
--HG--
rename : src/libxineadec/xine_lpcm_decoder.c => src/audio_dec/xine_lpcm_decoder.c
|
|
|
|
|
|
|
|
Ref. http://aluigi.altervista.org/adv/xinehof-adv.txt
|
|
|
|
|
|
|
|
rather than memset().
|
|
size of an item for the number of items.
Also don't memset calloc()ed areas to zero.
|
|
|
|
value on the proper structure.
This way, parse_data_atom is inlined by GCC.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
remove warnings.
|
|
|
|
|
|
|
|
operations with it.
|
|
|
|
|
|
protocols too.
|
|
|
|
Please note that this commit temporarily breaks building.
|
|
|
|
called free().
|
|
This way the gettext code for description does not need to be repeated by every plugin.
|
|
_() where missing, for i18n.
|
|
--HG--
rename : src/libxineadec/nsf.c => src/combined/nsf_decoder.c
rename : src/demuxers/demux_nsf.c => src/combined/nsf_demuxer.c
rename : src/combined/combined_wavpack.c => src/combined/wavpack_combined.c
rename : src/combined/combined_wavpack.h => src/combined/wavpack_combined.h
rename : src/combined/decoder_wavpack.c => src/combined/wavpack_decoder.c
rename : src/combined/demux_wavpack.c => src/combined/wavpack_demuxer.c
rename : src/demuxers/demux_ogg.c => src/combined/xine_ogg_demuxer.c
rename : src/libxineadec/xine_speex_decoder.c => src/combined/xine_speex_decoder.c
rename : src/libxinevdec/xine_theora_decoder.c => src/combined/xine_theora_decoder.c
rename : src/libxineadec/xine_vorbis_decoder.c => src/combined/xine_vorbis_decoder.c
rename : src/liba52/xine_a52_decoder.c => src/libxineadec/xine_a52_decoder.c
rename : src/libdts/xine_dts_decoder.c => src/libxineadec/xine_dts_decoder.c
rename : src/libfaad/xine_faad_decoder.c => src/libxineadec/xine_faad_decoder.c
rename : src/libmad/xine_mad_decoder.c => src/libxineadec/xine_mad_decoder.c
rename : src/libmusepack/xine_musepack_decoder.c => src/libxineadec/xine_musepack_decoder.c
|
|
--HG--
extra : transplant_source : %E0%D0%C5%8B%BEU%DD%24%5D7%1F%ADV%AD%EB%23%CBU%80%EB
|
|
--HG--
rename : src/combined/decoder_flac.c => src/combined/flac_decoder.c
rename : src/combined/demux_flac.c => src/combined/flac_demuxer.c
rename : src/libxineadec/nsf.c => src/combined/nsf_decoder.c
rename : src/demuxers/demux_nsf.c => src/combined/nsf_demuxer.c
rename : src/combined/combined_wavpack.c => src/combined/wavpack_combined.c
rename : src/combined/combined_wavpack.h => src/combined/wavpack_combined.h
rename : src/combined/decoder_wavpack.c => src/combined/wavpack_decoder.c
rename : src/combined/demux_wavpack.c => src/combined/wavpack_demuxer.c
rename : src/demuxers/demux_ogg.c => src/combined/xine_ogg_demuxer.c
rename : src/libxineadec/xine_speex_decoder.c => src/combined/xine_speex_decoder.c
rename : src/libxinevdec/xine_theora_decoder.c => src/combined/xine_theora_decoder.c
rename : src/libxineadec/xine_vorbis_decoder.c => src/combined/xine_vorbis_decoder.c
rename : src/liba52/xine_a52_decoder.c => src/libxineadec/xine_a52_decoder.c
rename : src/libdts/xine_dts_decoder.c => src/libxineadec/xine_dts_decoder.c
rename : src/libfaad/xine_faad_decoder.c => src/libxineadec/xine_faad_decoder.c
rename : src/libmusepack/xine_musepack_decoder.c => src/libxineadec/xine_musepack_decoder.c
|
