head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.16
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.14
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.12
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.10
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2009Q4:1.2.0.8
	pkgsrc-2009Q4-base:1.2
	pkgsrc-2008Q4:1.2.0.6
	pkgsrc-2008Q4-base:1.2
	pkgsrc-2008Q3:1.2.0.4
	pkgsrc-2008Q3-base:1.2
	cube-native-xorg:1.2.0.2
	cube-native-xorg-base:1.2;
locks; strict;
comment	@# @;


1.2
date	2008.09.12.14.47.39;	author sborrill;	state dead;
branches;
next	1.1;

1.1
date	2008.09.08.18.42.21;	author ahoka;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update to 0.8.6i and fixes for CVE-2008-3732, CVE-2008-3794
@
text
@$NetBSD: patch-ae,v 1.1 2008/09/08 18:42:21 ahoka Exp $

--- modules/demux/wav.c.orig	2008-03-23 23:41:49.000000000 +0100
+++ modules/demux/wav.c
@@@@ -103,7 +103,8 @@@@ static int Open( vlc_object_t * p_this )
     demux_sys_t *p_sys;
 
     uint8_t     *p_peek;
-    unsigned int i_size, i_extended;
+    uint32_t	 i_size;
+    unsigned int i_extended;
     char        *psz_name;
 
     WAVEFORMATEXTENSIBLE *p_wf_ext = NULL;
@@@@ -136,7 +137,8 @@@@ static int Open( vlc_object_t * p_this )
         msg_Err( p_demux, "cannot find 'fmt ' chunk" );
         goto error;
     }
-    if( i_size < sizeof( WAVEFORMATEX ) - 2 )   /* XXX -2 isn't a typo */
+    i_size += 2;
+    if( i_size < sizeof( WAVEFORMATEX ) )
     {
         msg_Err( p_demux, "invalid 'fmt ' chunk" );
         goto error;
@@@@ -144,14 +146,15 @@@@ static int Open( vlc_object_t * p_this )
     stream_Read( p_demux->s, NULL, 8 );   /* Cannot fail */
 
     /* load waveformatex */
-    p_wf_ext = malloc( __EVEN( i_size ) + 2 );
+    p_wf_ext = malloc( i_size );
     if( p_wf_ext == NULL )
          goto error;
 
     p_wf = (WAVEFORMATEX *)p_wf_ext;
     p_wf->cbSize = 0;
-    if( stream_Read( p_demux->s,
-                     p_wf, __EVEN( i_size ) ) < (int)__EVEN( i_size ) )
+    i_size -= 2;
+    if( stream_Read( p_demux->s, p_wf, i_size ) != (int)i_size
+     || ( ( i_size & 1 ) && stream_Read( p_demux->s, NULL, 1 ) != 1 ) )
     {
         msg_Err( p_demux, "cannot load 'fmt ' chunk" );
         goto error;
@


1.1
log
@Revive vlc08 as vlc 0.9.1 is out and the vlc package will be updated.
@
text
@d1 1
a1 1
$NetBSD: patch-ae,v 1.5 2008/07/03 21:50:02 tonnerre Exp $
@