[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Please approve update to xine-lib

Hi,

I have been approached by upstream (Darren Salt) that there are some bad
known crashers in xine-lib in testing. Therefore I prepared a very
focused new upload, which is in unstable for some time. These crashers
are "important" at least, so I personally think it was a good idea to
have them in testing.

The other change is the disabling of stack alignment. This change has
already been applied upstream, and got extensive testing in ubuntu and
unstable. Short: it might have made sense in the times of gcc 2.72 and
maybe gcc 2.95, but not with gcc-3.3. I also think this would be a
reasonable change to have in etch.


Here is the debdiff:

>> debdiff xine-lib_1.1.2+dfsg-3.dsc xine-lib_1.1.2+dfsg-4.dsc                                                                              :0.0
diff -u xine-lib-1.1.2+dfsg/debian/changelog xine-lib-1.1.2+dfsg/debian/changelog
--- xine-lib-1.1.2+dfsg/debian/changelog
+++ xine-lib-1.1.2+dfsg/debian/changelog
@@ -1,3 +1,14 @@
+xine-lib (1.1.2+dfsg-4) unstable; urgency=low
+
+  * Very focused patches from upstream:
+  * src/input/net_buf_ctrl.c: Fix a div-by-zero crash
+  * xine-lib/src/input/input_http.c: http parsing fix
+  * don't disable alignment of stack variables. Patch applied upstream,
+    got extensive testing in ubuntu, upstream and experimental. Does avoid
+    a confusing warning in the ffmpeg plugin.
+
+ -- Reinhard Tartler <siretart@tauware.de>  Sun, 18 Mar 2007 00:49:32 +0100
+
 xine-lib (1.1.2+dfsg-3) unstable; urgency=high
 
   * [CVE-2007-1246]: DMO decoder heap allocation overflow. Thanks for the
only in patch2:
unchanged:
--- xine-lib-1.1.2+dfsg.orig/src/input/input_http.c
+++ xine-lib-1.1.2+dfsg/src/input/input_http.c
@@ -790,18 +790,20 @@
 
       if (linenum == 1) {
         int httpver, httpsub;
-       char httpstatus[51];
+       char httpstatus[51] = { 0, };
 
-       if (sscanf(this->buf, "HTTP/%d.%d %d %50[^\015\012]", &httpver, &httpsub,
-                  &httpcode, httpstatus) != 4) {
-         
-         /* icecast 1 ? */
-         if (sscanf(this->buf, "ICY %d %50[^\015\012]", &httpcode, httpstatus) != 2)   {
+       if (
+           (sscanf(this->buf, "HTTP/%d.%d %d %50[^\015\012]", &httpver, &httpsub,
+                   &httpcode, httpstatus) != 4) &&
+           (sscanf(this->buf, "HTTP/%d.%d %d", &httpver, &httpsub,
+                   &httpcode) != 3) &&
+           (sscanf(this->buf, "ICY %d %50[^\015\012]", /* icecast 1 ? */
+                   &httpcode, httpstatus) != 2)
+          ) {
            _x_message(this->stream, XINE_MSG_CONNECTION_REFUSED, "invalid http answer", NULL);
            xine_log (this->stream->xine, XINE_LOG_MSG, 
                      _("input_http: invalid http answer\n"));
            return 0;
-         }
        }
 
        if (httpcode >= 300 && httpcode < 400) {
only in patch2:
unchanged:
--- xine-lib-1.1.2+dfsg.orig/src/input/net_buf_ctrl.c
+++ xine-lib-1.1.2+dfsg/src/input/net_buf_ctrl.c
@@ -149,7 +149,7 @@
                                     fifo_buffer_t *fifo,
                                     buf_element_t *buf,
                                     int action) {
-  int fifo_free, fifo_fill;
+  int fifo_free, fifo_fill, fifo_div;
   int64_t video_br, audio_br, diff;
   int has_video, has_audio;
 
@@ -160,10 +160,13 @@
 
   fifo_free = fifo->buffer_pool_num_free;
   fifo_fill = fifo->fifo_size;
+  fifo_div = fifo_fill + fifo_free - 1;
+  if (fifo_div == 0)
+    fifo_div = 1; /* avoid a possible divide-by-zero */
 
   if (fifo == this->video_fifo) {
     this->video_fifo_free = fifo_free;
-    this->video_fifo_fill = (100 * fifo_fill) / (fifo_fill + fifo_free - 1);
+    this->video_fifo_fill = (100 * fifo_fill) / fifo_div;
     this->video_fifo_size = fifo->fifo_data_size;
     
     if (buf->pts && (this->video_in_disc == 0)) {
@@ -196,7 +199,7 @@
 
   } else {
     this->audio_fifo_free = fifo_free;
-    this->audio_fifo_fill = (100 * fifo_fill) / (fifo_fill + fifo_free - 1);
+    this->audio_fifo_fill = (100 * fifo_fill) / fifo_div;
     this->audio_fifo_size = fifo->fifo_data_size;
     
     if (buf->pts && (this->audio_in_disc == 0)) {
only in patch2:
unchanged:
--- xine-lib-1.1.2+dfsg.orig/m4/optimizations.m4
+++ xine-lib-1.1.2+dfsg/m4/optimizations.m4
@@ -17,11 +17,6 @@
     if test "$GCC" = yes; then
         dnl
         dnl check cflags not supported by all gcc versions
-        dnl eg: -mpreferred-stack-boundary=2 and 2.91.66,
-        dnl and gcc-2.7.2.3 support a bit less options
-        dnl
-        AC_TRY_CFLAGS("-mpreferred-stack-boundary=2",
-            m_psb="-mpreferred-stack-boundary=2", m_psb="")
         AC_TRY_CFLAGS("-fschedule-insns2", f_si="-fschedule-insns2", f_si="")
         AC_TRY_CFLAGS("-mwide-multiply", m_wm="-mwide-multiply", m_wm="")
         dnl


-- 
Gruesse/greetings,
Reinhard Tartler, KeyID 945348A4
Reply to: