| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not
properly handle (a) negative and (b) zero values during unspecified
read function calls in input_file.c, input_net.c, input_smb.c, and
input_http.c, which allows remote attackers to cause a denial of
service (crash) or possibly execute arbitrary code via vectors such as
(1) a file or (2) an HTTP response, which triggers consequences such
as out-of-bounds reads and heap-based buffer overflows.
|
|
--HG--
extra : transplant_source : %3B%87%DA%89%F2.%1F%F4%F0L/%C4%A3%5B%5C3%1A%09%05g
|
|
Instead of passing through a temporary ui_title array on the stack,
use the array already allocated for the xine_ui_data_t element. Also
do that for ui_str_length.
--HG--
extra : transplant_source : %1A%B5e%8E%C0gQ%A9%BC%08%B2%0Bm%A9Ec%C1%9F%23%EF
|
|
Instead of calling sprintf or snprintf with a "%s" format string, use
the proper strcpy, strncpy, strdup or strndup function.
|
|
Using asprintf() instead of malloc() + sprintf() reduces the lines of
code in xine-lib (moving the allocation to the C library or asprintf
replacement), makes it safer to access the string and can also improve
performance whenever the value returned by a function was used as
parameter, as before it had to run the function twice in almost every
case (once for strlen(), once for sprintf()).
|
|
The xine_xmalloc() function is going to be deprecated, as its
behaviour is rarely needed as such, and it's thus misused.
With this, almost all uses of xine_xmalloc() with static size (for
instance the value returned by sizeof()) or with a size that is
guaranteed not to be zero (like strlen()+1) are replaced with calls to
either calloc(1, ...) or malloc().
malloc() is used whenever the allocated memory is going to be
immediately overwritten, while calloc() is used in every other case,
as it sets the whole memory area to zero.
--HG--
extra : transplant_source : %8F%98%EC%02%1E%83%F0s%06X%83C%205Y%80%B12%CC%E1
|
|
1.2 series.
|
|
elements by the size of the single element.
(transplanted from 512894f517c423fed0cadeca0d46c6d909403106)
--HG--
extra : transplant_source : Q%28%94%F5%17%C4%23%FE%D0%CA%DE%CA%0DF%C6%D9%09%401%06
|
|
--HG--
extra : transplant_source : %E0%D0%C5%8B%BEU%DD%24%5D7%1F%ADV%AD%EB%23%CBU%80%EB
|
|
For contributed code, leave whatever the version we last synced for is using
to make simpler future syncs.
|
|
|
|
|
|
|
|
|
|
the BSDs.
Thanks to Pascal S. de Kloe for pointing at this.
|
|
CVS patchset: 8616
CVS date: 2007/02/20 01:04:07
|
|
language & subtitle strings (given a buffer of >= XINE_LANG_MAX bytes).
Also fixes an off-by-one buffer termination in the TS code.
(Note: compile-tested only.)
CVS patchset: 8592
CVS date: 2007/02/08 02:40:22
|
|
CVS patchset: 8524
CVS date: 2007/01/19 01:05:24
|
|
*, so that 'return "something"' is valid. Note that _()/gettext() returns a char * but statically allocated, that the documentation considers constant.
CVS patchset: 8519
CVS date: 2007/01/18 23:02:18
|
|
strings or names of files, device nodes or directories. This information is
available to front ends (via .num_value) so that they can present
file/dir-open dialogue boxes if they so choose.
Subtitle font selection is split up due to this.
CVS patchset: 8425
CVS date: 2006/12/19 19:10:50
|
|
GNOME Bugzilla:
http://bugzilla.gnome.org/show_bug.cgi?id=344592
CVS patchset: 8354
CVS date: 2006/10/29 19:39:39
|
|
CVS patchset: 8131
CVS date: 2006/07/17 17:15:34
|
|
Benjamin Reed.
CVS patchset: 8109
CVS date: 2006/07/11 03:22:59
|
|
(through backports), to avoid exporting unneeded internal symbols, making plugins' loading faster and use of internal copies of libraries more solid. It should automatically fall back to the old way in GCCs that does not support -fvisibility=hidden, but has to be tested carefully. No issues were found in the months of testing in Gentoo, but this requires special attention anyway.
CVS patchset: 8101
CVS date: 2006/07/10 22:08:12
|
|
(Diego Pettenò)
CVS patchset: 7985
CVS date: 2006/05/03 19:46:06
|
|
hopefuly somebody will be able to help fixing the
mess i did in dvdnav ;)
CVS patchset: 7759
CVS date: 2005/10/14 21:02:16
|
|
Fixed config callback unregistration.
CVS patchset: 7731
CVS date: 2005/09/12 17:44:37
|
|
CVS patchset: 7722
CVS date: 2005/09/07 20:43:24
|
|
CVS patchset: 7716
CVS date: 2005/09/02 22:39:42
|
|
Windows ports fixes and improvements due to my current work on toxine:
- first experiments with external win32 pthreads,
more portable code (pthread_t may be a struct)
- headers refactored
- moved dirent win32 replacement to lib/, hide it for frontends,
used system version, if found, not used non-POSIX dirent->d_reclen
(this item doesn't work in MinGW), fix memleak in dvb
- separated settings for postproc and avcodec when using external ffmpeg
- check for malloc.h in public xine.m4, used it conditionally in xine headers
- replaced random() by POSIX more common rand()
- prevent one segfault in directx vo plugin, if fails
- M$VC port update
CVS patchset: 7709
CVS date: 2005/08/25 15:36:29
|
|
XINE_META_INFO_TITLE from the DVD name
CVS patchset: 7641
CVS date: 2005/07/11 11:35:41
|
|
patch by Jerome "poitch" Poichet
CVS patchset: 7637
CVS date: 2005/07/03 20:31:28
|
|
(i had this sitting on my tree for a while - i wrote it for extracting
the audio from specific tracks of a music dvd)
CVS patchset: 7537
CVS date: 2005/05/14 16:11:44
|
|
Added PLUGIN_NO_UNLOAD to the gnome_vfs plugin because unloading this plugins cause troubles (segfault).
Current plugin loader preloads all input and demuxer plugins, so adding these flags will not change the current behavior of the lib.
CVS patchset: 7390
CVS date: 2005/02/07 23:58:57
|
|
Incremented all input plugins API version.
CVS patchset: 7384
CVS date: 2005/02/06 15:00:34
|
|
fixed some memleaks reported by Jerome
CVS patchset: 7360
CVS date: 2005/01/18 21:58:19
|
|
and backwards compatible translation
Sorry, I got a litte tired proof-reading the patch, so their might be
bugs lurking around. I will give it some further examination and
(as necessary) fixing tomorrow.
CVS patchset: 7233
CVS date: 2004/12/12 22:00:47
|
|
Compilation fixes for cross-compiling with MinGW32.
CVS patchset: 7231
CVS date: 2004/12/12 13:51:28
|
|
CVS patchset: 7206
CVS date: 2004/12/08 18:24:21
|
|
CVS patchset: 7193
CVS date: 2004/12/05 22:41:12
|
|
easier extensible)
behaviour:
dvd:/ opens default device (this is a temporary special case)
dvd:/1.2 opens given title/part on default device (dito)
dvd:/path/ opens given device, directory or single-file image
dvd:/path same as above, so fully compatible with old behaviour
dvd:/path/1.2 tries to open /path/1.2, falling back to /path with title/part
CVS patchset: 6974
CVS date: 2004/09/16 13:10:09
|
|
CVS patchset: 6926
CVS date: 2004/09/01 16:17:39
|
|
This needs to be fixed in libdvdnav as well.
CVS patchset: 6916
CVS date: 2004/08/28 22:51:50
|
|
Works now for all types of MRL, and works in DVD Title mode as well.
Removes the requirement to have a "/" at the end of the MRL.
Eg.
xine dvd:/ <- plays a DVD from the default dvd device.
xine dvd://dev/sr0 <- plays a DVD from /dev/sr0
xine dvd:/dvd.img <- plays a DVD image from the current directory.
xine dvd://dvd/dvd.img <- plays a DVD from full path /dvd/dvd.img
xine dvd://dvd/dvd.img/ <- plays a DVD from full path /dvd/dvd.img. Having the last / makes no difference.
xine dvd://dvd/dvd.img:1.2 <- plays Title 1, Part 2 of DVD image.
CVS patchset: 6912
CVS date: 2004/08/28 15:06:26
|
|
(fixes crashes when changing the default language)
* fix a race that can lead to a memleak
CVS patchset: 6897
CVS date: 2004/08/19 10:30:04
|
|
CVS patchset: 6866
CVS date: 2004/08/01 16:18:43
|
|
is. Should protect against a plugin returning a malloc'd variable for
example.
CVS patchset: 6821
CVS date: 2004/07/20 00:50:10
|
