summaryrefslogtreecommitdiff
path: root/src/demuxers/demux_real.c
AgeCommit message (Collapse)Author
2009-01-18Add allocation checks to the Real MDPR parsing code (ref. CVE-2008-5240).Darren Salt
2009-01-05Merge security fixes.Darren Salt
2009-01-01check for buffers smaller than headers in real demuxerThomas Viehmann
check buffer lengths to avoid out of bound access when decoding the header. Based on a patch by Matthias Hopf <mhopf@suse.de>.
2009-01-04Fix for CVE-2008-5243.Matthias Hopf
The real_parse_headers function in demux_real.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input length value to "reindex into an allocated buffer," which allows remote attackers to cause a denial of service (crash) via a crafted value, probably an array index error.
2009-01-04Fix for CVE-2008-5240Matthias Hopf
xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for (1) the MATROSKA_ID_TR_CODECPRIVATE track entry element processed by demux_matroska.c; and (2) PROP_TAG, (3) MDPR_TAG, and (4) CONT_TAG chunks processed by the real_parse_headers function in demux_real.c; which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) or possibly execute arbitrary code via a crafted value.
2009-01-04Fix for CVE-2008-5236.Matthias Hopf
Multiple heap-based buffer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to execute arbitrary code via vectors related to (1) a crafted EBML element length processed by the parse_block_group function in demux_matroska.c; (2) a certain combination of sps, w, and h values processed by the real_parse_audio_specific_data and demux_real_send_chunk functions in demux_real.c; and (3) an unspecified combination of three values processed by the open_ra_file function in demux_realaudio.c. NOTE: vector 2 reportedly exists because of an incomplete fix in 1.1.15.
2008-11-20Some warning fixes: XINE_FORMAT_SCANF, statics in headers, consts, ...František Dvořák
Add warning flags to the DEBUG_CFLAGS too.
2008-08-13Check for possible buffer overflow attempts in the Real demuxer.Darren Salt
2008-08-13Check for allocation failures.Darren Salt
2008-08-13Use size_t for data length variables.Darren Salt
2008-07-04Use the new _x_is_fourcc() funtion to check for FOURCC tags in files.Diego 'Flameeyes' Pettenò
--HG-- extra : transplant_source : %B5%96xd%99U%EC%7Cr%ABB%A8%26l%08%99L3o%F6
2008-07-03Rewrite demux_real and demux_realaudio for style.Diego 'Flameeyes' Pettenò
Also try to simplify frame buffer allocation. --HG-- extra : transplant_source : %B6%B5o%A8%24%E1%F5B%D2%D8%08%F8%DE%E7%9E%B6%B8C%A4j
2008-05-09Remove a new bunch of xine_malloc() calls.Diego 'Flameeyes' Pettenò
Also don't reset memory after it's allocated if we do that with calloc.
2008-05-07xine_xmalloc() deprecation: replace its use with static and non-zero size.Diego 'Flameeyes' Pettenò
The xine_xmalloc() function is going to be deprecated, as its behaviour is rarely needed as such, and it's thus misused. With this, almost all uses of xine_xmalloc() with static size (for instance the value returned by sizeof()) or with a size that is guaranteed not to be zero (like strlen()+1) are replaced with calls to either calloc(1, ...) or malloc(). malloc() is used whenever the allocated memory is going to be immediately overwritten, while calloc() is used in every other case, as it sets the whole memory area to zero. --HG-- extra : transplant_source : %8F%98%EC%02%1E%83%F0s%06X%83C%205Y%80%B12%CC%E1
2008-04-30Replace calloc (n, sizeof (char)) with malloc (n) where zero init isn't needed.Darren Salt
2008-04-19Replace xine_xcalloc usage with calloc, for the revisions transplanted from ↵Diego 'Flameeyes' Pettenò
1.2 series.
2007-12-18Use calloc() when allocating an array of elements.Diego 'Flameeyes' Pettenò
(transplanted from 3640d3cbe551f96df932b7d6218b071b910a237b) --HG-- extra : transplant_source : 6%40%D3%CB%E5Q%F9m%F92%B7%D6%21%8B%07%1B%91%0A%23%7B
2007-04-14Use xine_xcalloc instead of xine_xmalloc when mutiplying the number of ↵Diego 'Flameeyes' Pettenò
elements by the size of the single element. (transplanted from 512894f517c423fed0cadeca0d46c6d909403106) --HG-- extra : transplant_source : Q%28%94%F5%17%C4%23%FE%D0%CA%DE%CA%0DF%C6%D9%09%401%06
2008-04-07Implement support for "MPEG-3 adu".Jinghua Luo
2008-04-07Move the sipro codec swap data & code into a common header.Darren Salt
2008-04-07Use ffmpeg's cook decoder and fix Real decoder bugsJinghua Luo
This patch drops support for RV20.
2008-03-23Replace various malloc(x*sizeof(y)) with calloc(x,sizeof(y)).Darren Salt
2008-03-23Check for failure of various memory allocations. (SA29484)Darren Salt
Ref. http://aluigi.altervista.org/adv/xinehof-adv.txt
2008-01-06Tell the Real demuxer about lists of http references.Darren Salt
Such broken wrong-extension wrong-MIME-type lists exist in the wild...
2007-12-26Fix pls parsing (broken in cset e0819c1c624a).Darren Salt
(transplanted from c139cfe735874922208d936c8e49bbfa532ed2ec) --HG-- extra : transplant_source : %C19%CF%E75%87I%22%20%8D%93l%8EI%BB%FAS.%D2%EC
2007-12-16Tell the Real demuxer about http references.Darren Salt
2007-11-10Delete most of the CVS $Id$/$Log$ lines.Darren Salt
--HG-- extra : transplant_source : %E0%D0%C5%8B%BEU%DD%24%5D7%1F%ADV%AD%EB%23%CBU%80%EB
2007-11-09Update FSF address on non-contributed code and COPYING files.Diego 'Flameeyes' Pettenò
For contributed code, leave whatever the version we last synced for is using to make simpler future syncs.
2007-06-16Rename the BE/LE/ME macros with a _X_ prefix, so they don't clash with ↵Diego 'Flameeyes' Pettenò
Solaris definitions.
2007-02-20Fix a lot of format warnings in lprintf calls (mostly %ldd -> %"PRId64").Diego 'Flameeyes' Pettenò
CVS patchset: 8608 CVS date: 2007/02/20 00:34:55
2007-01-19Make get_description get_identifier get_extensions get_mimetypes return a ↵Diego 'Flameeyes' Pettenò
constant string, and make the extensions and mrl vaiables usually declared when testing extension demux strategy constants too. CVS patchset: 8523 CVS date: 2007/01/19 00:26:39
2006-12-22Check whether or not we are playing before calling input_plugin->seek_time().Claudio Ciccani
CVS patchset: 8434 CVS date: 2006/12/22 16:45:44
2006-12-18Partially implemented RTSP seekability:Claudio Ciccani
support starting the playback at an optional time by delaying the PLAY request upon the first call to rtsp_session_read() and setting the playback start time via input_plugin->seek_time(). CVS patchset: 8422 CVS date: 2006/12/18 21:31:47
2006-07-10Implement visibility support, available on GCC 4.0 and later and on some 3.4 ↵Diego 'Flameeyes' Pettenò
(through backports), to avoid exporting unneeded internal symbols, making plugins' loading faster and use of internal copies of libraries more solid. It should automatically fall back to the old way in GCCs that does not support -fvisibility=hidden, but has to be tested carefully. No issues were found in the months of testing in Gentoo, but this requires special attention anyway. CVS patchset: 8101 CVS date: 2006/07/10 22:08:12
2006-06-02Various static/const fixes from Gentoo.Darren Salt
CVS patchset: 8009 CVS date: 2006/06/02 22:18:56
2006-05-03Make various arrays and structures (mainly xine_plugin_info) const.Darren Salt
(Diego Pettenò) CVS patchset: 7985 CVS date: 2006/05/03 19:46:06
2005-07-17Improve ASX parsing.Darren Salt
Add an extended MRL reference event which includes the item title, start time and duration. (Both events are sent; front ends should only listen for one of them.) CVS patchset: 7656 CVS date: 2005/07/17 23:11:33
2005-06-04"rmvb" is a valid real file extension tooJames Stembridge
CVS patchset: 7603 CVS date: 2005/06/04 11:05:59
2005-02-06Added node_plugin_t pointer to the demux struct.Thibaut Mattern
Incremented demux API version. This is needed to unload plugins. CVS patchset: 7385 CVS date: 2005/02/06 15:26:00
2004-08-19Don't read past end of index when seeking to end of fileJames Stembridge
CVS patchset: 6901 CVS date: 2004/08/19 19:59:14
2004-08-17Show where error messages are coming fromJames Stembridge
CVS patchset: 6890 CVS date: 2004/08/17 19:49:51
2004-07-30possibly fix the sync problem recently reported on xine-develMiguel Freitas
CVS patchset: 6864 CVS date: 2004/07/30 19:08:47
2004-06-13implement steps 1, 2, 3 and 4 of the seeking proposal:Miguel Freitas
http://article.gmane.org/gmane.comp.video.xine.devel/9532 it is now up to demuxers to decide what the 0..65535 position means. demuxers tested: ogg, voc, flac, rm, asf, vqa, vob, avi, y4m, au, mov, ts, mp3, mpg, wav, ra, mve CVS patchset: 6686 CVS date: 2004/06/13 21:28:52
2004-05-27- fix avi->compressor not being set correctly (lack of parenthesis)Miguel Freitas
- workaround decoding bug (green blocks) for the xvid stream "test.avi" (i know, i know. it is a pretty generic name but some people know what i meant) - some lprintf's to real demuxer. helps debugging reference problems. CVS patchset: 6599 CVS date: 2004/05/27 11:10:11
2004-05-231) Simpler fragment skipping for RV30 and RV40James Stembridge
2) Fix timestamps for video with b-frames CVS patchset: 6579 CVS date: 2004/05/23 16:05:47
2004-05-16Priority support.Thibaut Mattern
0 for "raw" demuxers 10 for "normal" demuxers CVS patchset: 6553 CVS date: 2004/05/16 18:01:26
2004-05-13set the pts on all buffers so the binary codec can be fed with the correct ↵James Stembridge
timestamp for all frames CVS patchset: 6531 CVS date: 2004/05/13 21:17:09
2004-03-14Move real 14.4 and 28.8 header parsing to ffmpeg decoderJames Stembridge
CVS patchset: 6259 CVS date: 2004/03/14 21:37:52
2004-03-01Support for 14.4 codec in RealMedia filesJames Stembridge
CVS patchset: 6203 CVS date: 2004/03/01 22:33:52
2004-02-08Fix breakage from last commitJames Stembridge
CVS patchset: 6124 CVS date: 2004/02/08 18:39:50
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-21 22:23:54 +0000