Date: Tue, 1 Feb 2011 20:39:19 GMT From: Ruslan Mahmatkhanov <cvs-src@yandex.ru> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/154451: [PATCH] multimedia/vlc: fix execution of arbitrary code [feature safe] Message-ID: <201102012039.p11KdJWf049604@red.freebsd.org> Resent-Message-ID: <201102012040.p11Ke9QD082411@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 154451 >Category: ports >Synopsis: [PATCH] multimedia/vlc: fix execution of arbitrary code [feature safe] >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Feb 01 20:40:09 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Ruslan Mahmatkhanov >Release: 8.2-PRERELEASE >Organization: >Environment: 8.2-PRERELEASE i386 >Description: - advisory: http://www.videolan.org/security/sa1102.html - patch is from there: http://git.videolan.org/?p=vlc.git;a=commit;h=59491dcedffbf97612d2c572943b56ee4289dd07 - bump PORTREVISION, because matroska is enabled by default >How-To-Repeat: >Fix: Patch attached with submission follows: diff -ruNa vlc.orig/Makefile vlc/Makefile --- vlc.orig/Makefile 2011-01-30 03:04:10.000000000 +0300 +++ vlc/Makefile 2011-02-01 23:33:07.000000000 +0300 @@ -8,6 +8,7 @@ PORTNAME= vlc DISTVERSION= 1.1.6 PORTEPOCH= 3 +PORTREVISION= 1 CATEGORIES= multimedia audio ipv6 net www MASTER_SITES= http://download.videolan.org/pub/videolan/${PORTNAME}/${DISTVERSION}/ \ http://ftp.snt.utwente.nl/pub/software/videolan/${PORTNAME}/${DISTVERSION}/ \ diff -ruNa vlc.orig/files/patch-modules-demux-mkv_mkv.hpp vlc/files/patch-modules-demux-mkv_mkv.hpp --- vlc.orig/files/patch-modules-demux-mkv_mkv.hpp 1970-01-01 03:00:00.000000000 +0300 +++ vlc/files/patch-modules-demux-mkv_mkv.hpp 2011-02-01 23:30:00.000000000 +0300 @@ -0,0 +1,13 @@ +diff --git a/modules/demux/mkv/mkv.hpp b/modules/demux/mkv/mkv.hpp +index f0e87c6..664cafa 100644 +--- a/modules/demux/mkv/mkv.hpp ++++ b/modules/demux/mkv/mkv.hpp +@@ -115,7 +115,7 @@ extern "C" { + + #define MKVD_TIMECODESCALE 1000000 + +-#define MKV_IS_ID( el, C ) ( EbmlId( (*el) ) == C::ClassInfos.GlobalId ) ++#define MKV_IS_ID( el, C ) ( el != NULL && typeid( *el ) == typeid( C ) ) + + + using namespace LIBMATROSKA_NAMESPACE; >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201102012039.p11KdJWf049604>