| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not
properly handle (a) negative and (b) zero values during unspecified
read function calls in input_file.c, input_net.c, input_smb.c, and
input_http.c, which allows remote attackers to cause a denial of
service (crash) or possibly execute arbitrary code via vectors such as
(1) a file or (2) an HTTP response, which triggers consequences such
as out-of-bounds reads and heap-based buffer overflows.
|
|
The xine_xmalloc() function is going to be deprecated, as its
behaviour is rarely needed as such, and it's thus misused.
With this, almost all uses of xine_xmalloc() with static size (for
instance the value returned by sizeof()) or with a size that is
guaranteed not to be zero (like strlen()+1) are replaced with calls to
either calloc(1, ...) or malloc().
malloc() is used whenever the allocated memory is going to be
immediately overwritten, while calloc() is used in every other case,
as it sets the whole memory area to zero.
--HG--
extra : transplant_source : %8F%98%EC%02%1E%83%F0s%06X%83C%205Y%80%B12%CC%E1
|
|
--HG--
extra : transplant_source : %E0%D0%C5%8B%BEU%DD%24%5D7%1F%ADV%AD%EB%23%CBU%80%EB
|
|
For contributed code, leave whatever the version we last synced for is using
to make simpler future syncs.
|
|
CVS patchset: 8612
CVS date: 2007/02/20 00:51:39
|
|
CVS patchset: 8608
CVS date: 2007/02/20 00:34:55
|
|
CVS patchset: 8524
CVS date: 2007/01/19 01:05:24
|
|
*, so that 'return "something"' is valid. Note that _()/gettext() returns a char * but statically allocated, that the documentation considers constant.
CVS patchset: 8519
CVS date: 2007/01/18 23:02:18
|
|
CVS patchset: 8494
CVS date: 2007/01/09 20:50:59
|
|
Actually this is only implemented for the MMST protocol.
CVS patchset: 8484
CVS date: 2007/01/03 15:09:42
|
|
CVS patchset: 8349
CVS date: 2006/10/23 21:18:18
|
|
(through backports), to avoid exporting unneeded internal symbols, making plugins' loading faster and use of internal copies of libraries more solid. It should automatically fall back to the old way in GCCs that does not support -fvisibility=hidden, but has to be tested carefully. No issues were found in the months of testing in Gentoo, but this requires special attention anyway.
CVS patchset: 8101
CVS date: 2006/07/10 22:08:12
|
|
CVS patchset: 8065
CVS date: 2006/06/20 01:46:41
|
|
(Diego Pettenò)
CVS patchset: 7985
CVS date: 2006/05/03 19:46:06
|
|
2) [coverity] fixes:
- 279 (w32): test should be on input parametr type, not typeW
- 267 (aout): can be ignored but there was warning anyway
- 234 (w32): missing free on error & exit
- 152 (w32): missing free on error & exit
- 148 (w32): fixed bound of static array in test
- 101 (ffdec): defense code when avodec_encode_video will fail (just defense to the future,
should never happen with current ffmpeg in xine)
- 98, 99 (w32): check negative handle by _x_assert (it's used as index to array)
- 90 (w32): negate pointer check (+added check for size)
- 89 (w32): added NULL and size check
CVS patchset: 7959
CVS date: 2006/04/05 22:12:17
|
|
Thanks to Thibaut for pointing that out
CVS patchset: 7949
CVS date: 2006/03/25 11:59:29
|
|
cannot be unset:
- start up your xine-lib client
- garbage collect the plugins (mms will be unloaded)
- modify the media.network.bandwidth config entry (->callback points to
lala land), see it crash in flames
http://bugzilla.gnome.org/show_bug.cgi?id=334918
CVS patchset: 7944
CVS date: 2006/03/24 16:40:54
|
|
hopefuly somebody will be able to help fixing the
mess i did in dvdnav ;)
CVS patchset: 7759
CVS date: 2005/10/14 21:02:16
|
|
Added PLUGIN_NO_UNLOAD to the gnome_vfs plugin because unloading this plugins cause troubles (segfault).
Current plugin loader preloads all input and demuxer plugins, so adding these flags will not change the current behavior of the lib.
CVS patchset: 7390
CVS date: 2005/02/07 23:58:57
|
|
Incremented all input plugins API version.
CVS patchset: 7384
CVS date: 2005/02/06 15:00:34
|
|
and backwards compatible translation
Sorry, I got a litte tired proof-reading the patch, so their might be
bugs lurking around. I will give it some further examination and
(as necessary) fixing tomorrow.
CVS patchset: 7233
CVS date: 2004/12/12 22:00:47
|
|
is. Should protect against a plugin returning a malloc'd variable for
example.
CVS patchset: 6821
CVS date: 2004/07/20 00:50:10
|
|
http://article.gmane.org/gmane.comp.video.xine.devel/9532
it is now up to demuxers to decide what the 0..65535 position means.
demuxers tested: ogg, voc, flac, rm, asf, vqa, vob, avi, y4m, au, mov, ts, mp3, mpg, wav, ra, mve
CVS patchset: 6686
CVS date: 2004/06/13 21:28:52
|
|
CVS patchset: 6440
CVS date: 2004/04/26 15:05:04
|
|
No new feature, just a cleanup, less headache to maitain.
Might fix some issues.
This stream works fine:
mms://audio1.musicradio.com/Ad/BT.wma
CVS patchset: 6408
CVS date: 2004/04/15 22:10:55
|
|
CVS patchset: 6383
CVS date: 2004/04/10 15:45:10
|
|
CVS patchset: 6345
CVS date: 2004/04/07 19:44:29
|
|
- fix error correction handling.
- detect properly the end of the stream using packet_count (now that mms plugin handles correctly current_pos).
- rename some properties
mmst/mmsh:
- handle current stream pos correctly, based on packet sequence_id (needed for seeking).
mmsh:
- some reverse ingeneering to support for grouped ASF streams like mmst
(mmsh://wms03.nordicwebradio.com/chelsea)
- fix a potential crash at the end of stream
CVS patchset: 6334
CVS date: 2004/04/06 00:25:29
|
|
mms:// ... method (or probing) according to config option
mmst:// ... always only TCP
mmsh:// ... always only HTTP
This will speed up connection behind firewalls which block TCP.
Default behaviour is the same as current.
CVS patchset: 6168
CVS date: 2004/02/17 13:40:57
|
|
CVS patchset: 5912
CVS date: 2003/12/14 22:13:22
|
|
relevant too. Small other little fix (can't remember). Change few internal function prototype because it xine_t pointer need to be used if some xine's internal sections. NOTE: libdvd{nav,read} is still too noisy, i will take a look to made it quit, without invasive changes. To be continued...
CVS patchset: 5844
CVS date: 2003/12/05 15:54:56
|
|
scratch buffer enhancement (thanks Thibaut for the malloc tips), enlarge log buffer from 25 lines (very useless), to 150 (better).
CVS patchset: 5801
CVS date: 2003/11/26 23:44:08
|
|
CVS patchset: 5796
CVS date: 2003/11/26 19:43:26
|
|
CVS patchset: 5567
CVS date: 2003/10/22 12:04:42
|
|
CVS patchset: 4692
CVS date: 2003/04/26 22:34:31
|
|
old open() function replaced by :
*_class_get_instance() : return an instance if the plugin handles the mrl
*_plugin_open() : open the stream
CVS patchset: 4598
CVS date: 2003/04/13 16:02:53
|
|
All assert() function calls, with exceptions of libdvdread and libdvdnav, have been
replaced with XINE_ASSERT. Functionally XINE_ASSERT behaves just likes its predecesor but its
adding the ability to print out a stack trace at the point where the assertion fails.
So here are a few examples.
assert (0);
This use of assert was found in a couple locations most favorably being the default case of a switch
statement. This was the only thing there. So if the switch statement was unable to find a match
it would have defaulted to this and the user and the developers would be stuck wonder who died and where.
So it has been replaced with
XINE_ASSERT(0, "We have reach this point and don't have a default case");
It may seem a bit none descriptive but there is more going on behind the scene.
In addition to checking a condition is true/false, in this case '0', the XINE_ASSERT
prints out:
<filename>:<function name>:<line number> - assertion '<assertion expression>' failed. <description>
An example of this might be:
input_dvd.c:open_plugin:1178 - assertion '0' failed. xine_malloc failed!!! You have run out of memory
XINE_ASSERT and its helper function, print_trace, are found in src/xine-utils/xineutils.h
CVS patchset: 4301
CVS date: 2003/02/28 02:51:47
|
|
CVS patchset: 4279
CVS date: 2003/02/24 00:12:06
|
|
CVS patchset: 4274
CVS date: 2003/02/23 22:28:26
|
|
- new fb driver with zero copy
CVS patchset: 4058
CVS date: 2003/01/31 14:06:03
|
|
CVS patchset: 3959
CVS date: 2003/01/18 17:19:45
|
|
CVS patchset: 3923
CVS date: 2003/01/15 00:53:40
|
|
Now it works ;-)
CVS patchset: 3922
CVS date: 2003/01/15 00:18:23
|
|
Some explanantions about mms protocols in xine :
mms:/, mmst:/, mmsu:/, mmsh:/ mrls are handled by the mms input plugin
mmst:/ and mmsu:/ mrls point out the 'mms over tcp' protocol (mms.c)
mmsh:/ mrls point out the 'mms over http' protocol (mmsh.c)
When a mms:/ url is encountered, mmst is tried first, then mmsh is tried if mmst failed
To try the new mmsh support :
xine mmsh://wmp.tf1.coltfrance.com/wmetf1/cinema/hpotter/harry_potter_secrets_320.wmv
xine mmsh://wmp.tf1.coltfrance.com/wmetf1/clip/johnny/marie_320.wmv
CVS patchset: 3885
CVS date: 2003/01/13 01:11:57
|
|
(thanks Chris Rankin for noticing)
CVS patchset: 3693
CVS date: 2002/12/27 16:47:10
|
|
different sizeof than integer.
- add extra_info structure to pass informations from input/demuxers down
to the output frame. this can be used, for example, to pass the frame
number of a frame (when known by decoder). also, immediate benefict is
that we now have a slider which really shows the current position of
the playing stream. new fields can be added to extra_info keeping
binary compatibility
- bumpy everybody's api versions
CVS patchset: 3603
CVS date: 2002/12/21 12:56:44
|
|
CVS patchset: 3506
CVS date: 2002/12/13 08:56:53
|
|
- asf header parsing cleanup
- fixes a bug in asf header parsing when an invalid guid is encountered
- add a config entry "Network Bandwidth"
- choose the best stream for the specified network bandwidth
- disabled unused streams
Basically, it saves your bandwitdh when there is multiple video streams.
It needs more testing.
CVS patchset: 3502
CVS date: 2002/12/12 23:48:02
|
